Before overhauling your cloud estate management, consider these questions:
How should the operating model change?
Whatever type of cloud environment you choose, the responsibility of managing your IT still falls to you, not the cloud provider.
Part of managing IT well is ensuring your cloud operating model focuses on optimizing the cloud estate, including consumption, application performance and business innovation. You need to leverage the right mix of cloud services to maximize application performance while onboarding innovative new capabilities. It’s also important to get the most out of your data, using cloud services to gain new insights.
What new skills do I need?
The skillsets necessary for cloud estate management require constant reassessment. Skills that appear foundational one day can be obsolete the next.
Some aspects of cloud require greater specialization, while other areas necessitate multidisciplinary “full stack” roles. The needs also go beyond technical skills: design thinking, business strategy and industry-specific skills should be bundled into the same operating model.
But finding people with the right cloud skills can be challenging, as companies compete for talent and grapple with continuous reskilling. For many, turning to a third party for help is the solution.
How should I use automation?
Greater standardization in a cloud environment means rules and policies—ranging from infrastructure provisioning to security measures—can be expressed and enforced through code, leading to a streamlined “as code” environment.
However, done wrong, automation in areas like network configuration can unintentionally expose corporate data to the outside world. That's why a robust enterprise automation approach is essential.
How can I enforce governance through code?
Automation can take the knowledge that otherwise exists only in your best engineers' heads and convert it into a set of digital rules. These rules, expressed in code, can help an enterprise significantly reduce its risk exposure.
This is easier to achieve in a greenfield cloud native environment than a complex brownfield one. Trying to build new guardrails in a brownfield environment that was lifted and shifted from a data center risks breaking as many controls as you create.
Who’s responsible for security?
The cloud hyperscalers can only do so much: the security of what you put onto their clouds is still your responsibility. The good news is that cloud can significantly improve your security posture. The hyperscalers provide a range of tools and capabilities to help harden security.
A managed service can also help, enabling the application of DevSecOps best practices. For example, Accenture helped a large mining company assess security risks as workloads were migrated to cloud. In doing so, we discovered thousands of vulnerabilities within the company’s infrastructure, which were remediated quickly. Today, the company’s cloud environment is running securely.