Flashback to March 2020.
Nearly every company was forced to shift overnight into reactionary mode due to the COVID-19 pandemic. Retail stores attempted to move to 100% online sales because their physical locations were forced to close. Schools pivoted to virtual classrooms. Businesses moved their entire workforce to a work-from-home model. Bold decisions were made to enable organizations to survive.
It’s worth noting, however, that the impact of the pandemic would have been far worse if it happened at any other time in history. Advancements in technology over the past decade, particularly the availability of cloud services, enabled businesses to more easily connect digitally and scale to meet the unexpected and unprecedented demand. For many organizations, 2020 was the year they rapidly accelerated their cloud adoption, launching new applications or migrating existing ones to the cloud to give customers and employees more reliable ways to access resources and avoid further impacts to revenue streams. Spend on cloud infrastructure services rose 37% to $29 billion during the first quarter of 2020.
It’s now March 2021 and we’re starting to see the light at the end of the tunnel (and we’re fairly confident the light isn’t an oncoming train). More than 365 days have passed since our lives were flipped upside down. New hiring methods have been implemented. Investments in new technology are seeing some payoff. Companies have a newfound confidence in their ability to work in a distributed fashion. Many of these accomplishments can be traced back to the acceleration of cloud adoption in response to the pandemic.
When in firefighting mode, however, we don’t always worry about making each step the best step. We look to put out the fire quickly. This approach takes care of the immediate need but, as time progresses, operational holes are exposed from these quick decisions, and triage is necessary. In the case of an expedited move to the cloud, organizations risk cost overruns and security and compliance risks. The sheer influx of cloud users presents challenges as well, as organizations look to swiftly and securely provision access so as not to impact productivity.
"Many companies don't understand the importance of governance until they feel it, when they are neck-deep in challenges from growing too quickly and not having a process or a framework that supports them."
As we begin to move past crisis mode, it’s time to assess and address all the quick fixes that weren’t built to stand the test of time. When it comes to the cloud, focusing on the fundamentals of cloud governance — automation, financial management, and compliance — can help organizations assess and improve their current cloud operations.
Cloud governance may be a new concept to many organizations that had to pivot quickly to migrate to the cloud when the pandemic hit.
“Many companies don’t understand the importance of governance until they feel it, when they are neck-deep in challenges from growing too quickly and not having a process or a framework that supports them,” said Joseph Spurrier, cloudtamer.io CTO and cofounder. Without a focus on cloud governance fundamentals, you not only introduce risk to your organization but you also make it harder to achieve the promise of the cloud: cost efficiencies, innovation, scalability and more.
Cloud governance goes beyond simply the day-to-day actions you take to manage your cloud. Cloud governance gives organizations next-level control with proactive safeguards on access, cost and compliance. Governance lets you set the rules for what can happen in your cloud.
To determine how a lack of governance is impacting a company, we like to start by asking potential customers a basic question: “What’s wild in your cloud?”
The answer typically involves stories of organizations forgetting to turn off cloud services and ending up with an unexpected, very expensive bill at the end of the month. Or finding out that sensitive data has been exposed via a misconfiguration like a public S3 bucket that should have been private. Or hearing that cloud has become the new shadow IT because the IT team simply can’t keep up with the business demand to get new cloud environments stood up in a timely manner. Rapid adoption may cause growing pains across automation, finances, and compliance. Providing point fixes in just one of these areas isn’t the solution and, before long, most organizations began to experience other symptoms of poor governance.
Runaway costs that result in blown budgets and wasted spend are two typical financial issues in the cloud: “Unused resources in the cloud are one of the main causes of overspending,” Spurrier said. “It’s so easy to spin up a new cloud resource and then forget about it. Similarly, it takes the same amount of effort to create a database that costs pennies an hour versus a database that costs $50 an hour. The only difference is which item you select in a dropdown.”
Compliance and security issues, whether malicious or due to human error, have only increased with greater cloud adoption.
To tackle a variety of financial management needs in the cloud, cloudtamer.io provides both proactive enforcements to allow automated actions to be taken when budgets are reached and reactive savings opportunities that can identify up to 30% in savings on your total cloud bill. Addressing both overspend and waste are necessary steps to achieve the cloud’s promise of cost efficiency.
Compliance and security issues, whether malicious or due to human error, have only increased with greater cloud adoption. A 2020 Sophos report found that 70% of organizations hosting data/workloads in the public cloud experienced a security incident.
Without a compliance approach that includes both proactive and reactive measures, you are leaving your organization more vulnerable to security breaches. Customizable compliance checks that are based on both best practices (for example, NIST) and an organization’s unique needs (for example, HIPAA, PCI) are key components of a robust compliance solution. By providing an easy way to establish and continuously monitor these compliance checks, we’ve seen organizations confirm their compliance posture in a few hours.
Applying old-school, manual IT processes to the cloud means you’ll miss out on the promise of speed and agility in the cloud. We often see manual processes introduced right at the start of cloud projects as organizations institute multiple steps to request, review, and approve access to the cloud. These delays in cloud account setup and provisioning, and duplicative and manual efforts to ensure the right access for users are just two of the signs of stalled adoption. It’s easy to feel overwhelmed by the number of accounts in your environment, and this is even more impactful if you’re operating in a multi-cloud environment. Automation can save hours of manual effort and give you confidence that your users are following both cost and compliance rules. We’ve seen organizations take cloud account setup and provisioning from weeks to minutes through automation.
In response to the pandemic, organizations have started building the foundation for cloud success and are positioned to experience the benefits of the cloud.
“Cloud providers today deliver so many different strategies and cloud-native technologies to help solve your business problems. And the cloud benefits of agility and scalability can help accelerate innovation for your business,” Spurrier notes.
As we move past the one-year mark of COVID-19, it’s time to check your cloud health and strengthen your foundation by focusing on governance in the cloud. cloudtamer.io can help you on this journey — reach out to us.