We recently hosted a virtual roundtable in partnership with HashiCorp on ‘Unlocking the Cloud Operating Model: People, Process, Tools’ which looked at the Cloud operating model which many organisations are working with.
The session was led by Field CTO at HashiCorp, Ray Ploski, a renowned technologist and expert on the enterprise journey to unlock a Cloud operating model. The conversation was insightful and engaging with a variety of opinions and experiences around an organisation's Cloud operating model.
By way of introduction, our hosts and attendees looked at where they were retrospectively in the Cloud operating model, whilst looking at the three major milestones of the Cloud operating model. Given the nature of Cloud, the management of secrets (and data) is pretty key, but in a landscape that is ever-changing, how can we trust the network in the move to Cloud? There’s a heterogeneity to the Cloud landscape, even though everyone is at different levels of establishment, and for people to actively embrace it there are a variety of different forms of implementation and execution needed.
The key takeaways from the conversation appear below.
The reasons for embracing the Cloud are tenfold.
The paradigm of modern business (particularly in the last 6 months) has shifted from how we used to work and solve problems, to where we are today and how it needs to be in the future. To meet this, organisations need to become Cloud-native, but to do that, we first need to recognise where we sit currently.
As many organisations in attendance found, historically, the approach to data and security was like that of a ‘castle’, where everything within its walls is assumed to be ‘good’ and everything external is assumed to be ‘bad’. However, with organisations working more remotely, it means that the walls of your ‘castle’ are split with various different openings, making it harder to operate and protect from one location, driving the need for Cloud further.
Centralised Cloud strategies are harder to implement in real-life scenarios
Although many people are making the move to Cloud, the definition of ‘Cloud-native’ was questioned amongst participants. Many attendees concluded that they have made the move to Cloud, but are not yet functioning in a Cloud-native capacity.
Our attendees acknowledged that from the discussion they recognised that all of their Cloud operating models and their associated journeys were different and, therefore, required different approaches, understanding and criteria. There is no one-size-fits-all approach and when advising on this, you have to take in all the individual considerations each set of circumstances need.
Another major issue faced by attendees was that of alignment between their different Clouds (Private, public and hybrid) and the service providers for each. Ideally, there would be a shared strategy across all the technology, Cloud platforms included, and the business, however, attendees were finding that only 30-35% of organisations have a complex, centralised Cloud strategy. It is easier said than done when it comes to operating on a centralised strategy, as not all of their technology is aligned, and it costs a significant amount of time and resources to drive a clean, data-driven model. In addition to this, alignment continues to be difficult when regulations and customer needs vary greatly based on their geographical location.
The connections between Cloud and cybersecurity are integral
With a return to the castle analogy, attendees considered the risk associated with the move to Cloud and the security required for a safe operating environment. It was widely agreed that everything in the move to Cloud is about risk, and ultimately the control you have over these risks in a Cloud environment. When considering the risk, a critical analysis needs to be conducted of the applications/services being moved to Cloud to understand what the cost would be to the bottom line if they were to be compromised in any way, shape or form.
In addition to this, employees still need to trust the environment within which they are working (in this case a remote, Cloud environment) and Cloud is driven by trust. A key way to ensure that trust remains is by building a base set of securities that everyone is aware of and implementing them with the right set of policies and guidelines. Transparency is integral to building trust. Sustaining the move to Cloud and the security that runs alongside it is in the mindset of the people. Ultimately, if the people don’t support the system, it will struggle to be sustainable in the long-term, even if the technology and infrastructure are present.
Changing the social cost of Cloud
We are all aware that Cloud isn’t just about technology, it’s about the workflows and the people, as well, which makes the people aspect imperative to success. In the move to Cloud, many organisations are decomposing micro-services which, in turn, means that the culture and the relationships within the organisation need to change to support a new operating style.
Furthermore, as a result of technological developments, some roles are becoming redundant. In most of these cases, organisations need to look into training and development that will help upskill their people to the new climate and way of operating.
The discussion concluded with attendees agreeing that the Cloud operating model isn’t straight forward and requires a number of considerations as each journey is different. Some of the main considerations, however, are around trust and risk, the upskilling and management of employees in the Cloud journey and the way in which the business integrates with the technology.
HashiCorp is the leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organisations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp’s open-source tools Vagrant™, Packer™, Terraform, Vault, Consul, and Nomad™ are downloaded tens of millions of times each year and are broadly adopted by the Global 2000. Enterprise versions of these products enhance the open-source tools with features that promote collaboration, operations, governance, and multi-data centre functionality.