Expert Advice for Your Organization’s Cloud Management Plan
As we approach the end of 2022 and move into 2023, we consulted some of the industry’s top IT experts as well as company owners who had success using cloud platforms.
There was no disputing the fact that scalability, security, and effective business solutions are all provided by cloud computing. The best ways to use cloud computing, plan for migration, prepare personnel for changes, safeguard your data, and anticipate the future were all topics our experts were eager to discuss.
Prepare Yourself for an Effective Migration
There is work to be done if you haven’t already transitioned to a cloud platform. Tidal Migrations’ CEO, David Colebatch, summarises it in three main points:
1. Scale by an architect
Self-service requests for cloud accounts and subscriptions may be sent to your teams. You may give budgets to each project team by using accounts as a billing and security construct. Close the accounts after they have finished their job. This is how you can encourage teams to be self-service while while limiting sprawl.
2. Make a list of everything.
Create a single point of access for all of your apps, whether they are on-premises or in the cloud. Change is inevitable, but many businesses lack the data-driven insights to understand their applications and identify which parts need to be updated or replatformed for improved performance. Identify the owners of your applications, examine the architectures and source code, and push cloud-native designs.
3. Combine your IP addresses across on-premises and cloud services
If you don’t already have a consolidated inventory of your IT assets, sprawl is difficult to quantify. To generate a comprehensive inventory of all your IP addresses across AWS, Azure, Google, and on-premises, take into consideration using cutting-edge solutions like the Tidal LightMesh IPAM solution.
To begin your migration and business cloud plan, Sudhir Mehta, Global Vice President, Optra Engineering & Product Management at Lexmark, also provides the following steps:
“1. Determine the business benefits that will result from moving to the cloud.”
Unexpected difficulties may arise from a cloud migration that is performed only for the purpose of performing one. Without clear goals and boundaries, you run the danger of underestimating costs and stagnating before any logical migration can begin.
Before relocating anything, it is important to understand why you are moving it, the transition strategy, key stakeholder alignment, and the desired outcomes. A successful transfer requires measurable business results over a predetermined period with clear stages. Start by outlining feasible incremental responses to obstacles and probable issues. For instance, is it a challenge for your company to access and distribute data when necessary? Do you have the capacity to increase storage depending on demands and how safe are the application resources and the relevant data that is stored?
In summary, base the migration on your ability to increase efficiency, allow the roll-out of cloud apps, and have the flexibility to grow in response to the requirement to manage expenditures. With a specific goal in mind, you can put in place the structure and approach that will provide the greatest outcomes and reduce the likelihood that your cloud migration will go off course.
2. Use automation to support the migration
SaaS and IaaS automation may improve the cost, security, operations, performance, and availability of cloud systems. In light of the cloud’s flexible resources and the potential for quick updates, it is excellent. It makes it easier to use superior resources quickly, safely, and at the lowest possible cost of change.
3. Establish a centre of excellence for cloud solutions and engineering.
Keep your cloud migration on schedule with the help of engineering centres of excellence and cloud solutions. Greater visibility both throughout the migration and after the cloud is up and running may assist realign cloud and on-premises initiatives. It transforms the above-mentioned recommended practises into something concrete that you can follow.
The following advice from Contact Consumers’ Zhanna Sedrakyan, Director of Operations Management, may be among the most crucial ones to bear in mind while getting ready for any significant move:
Regard the implementation process with patience.
“You shouldn’t accelerate the implementation process just because you’re employing cloud computing to make your business more nimble. Rapid change implementation may raise the danger of overtaxing you and your team. It may be more reasonable to concentrate on just one or two parts of the organisation that might need some adjusting and see how they perform with the aid of cloud computing rather than making extensive changes everywhere.
Introduce strategy implementation at first, followed by appropriate change over time. As soon as you are at ease, you should turn your attention to other areas of your company where using these features and capabilities can be advantageous.
Instruction in Cloud Technology
Training is crucial to ensuring that you are fostering an atmosphere where workers feel at ease with your procedures (which will aid in buy-in and compliance).
Todd Graham, ScanSource’s vice president of IT operations, suggests an instructor-led strategy in addition to supporting your staff’s certification.
“The move to the cloud is well underway, and businesses are putting important IT plans into practise, ranging from hybrid to full cloud migrations. The cloud has changed how we approach IT, and the industry is still developing at a breakneck rate. Staff members need to be prepared for not just one cloud provider, but many since there are so many possibilities and they are changing quickly.
We need to be ready for the network to come and should be setting up our businesses to have a technological advantage, both personally and professionally, if IT departments are to be successful in helping their business partners. In order to be prepared, a thorough cloud training programme spanning security, virtualization, cloud networking, DevOps, and cost management was developed. Understanding the characteristics and operations of each cloud platform will be essential, particularly given the technological complexities. Each cloud platform is unique. We advise the following training routes:
The ideal method of instruction is instructor-led training, whether it be in person or online since it allows for genuine contact between the teacher and the students. Peer group conversations are another excellent learning tool where IT professionals can discuss their actual successes and failures with the cloud. Self-improvement and self-study should always be a component of the IT environment and ongoing education.
Certification: Cloud training should include certifications in areas like as security and cloud foundations. However, since everyone learns differently, a conversation about a worker’s career path should include the certification process.
Naturally, you must manage your company cloud strategy after it has been put into place. You have more data than you can efficiently monitor or manage, which is referred to as “cloud sprawl.” You should include avoiding it in your strategy.
Here is what AvePoint’s Chief Product Officer, John Peluso, had to say:
“SaaS collaboration platforms by definition support open, quick sharing and collaboration. With systems as dynamic as Microsoft 365, Google Workspace, Salesforce, and others, it is crucial that operations, security, and compliance teams to keep up with their oversight and management duties. This may accelerate and revolutionise productivity inside and across enterprises. Administration and governance are threatened by sprawl. Sprawl simply refers to more than the team can efficiently handle, to put it simply.
To ensure that the pace of innovation and transformation within organisations can advance without increasing risk, organisations should consider how they can apply tried-and-true and cutting-edge concepts like data ownership, workspace and content classification, access reviews, and automated lifecycle management. They should also pay close attention to how to take use of cross-organizational external collaboration capabilities, which may help to increase security and compliance while also accelerating business velocity. It is feasible but calls for careful preparation and a thorough knowledge of the benefits and constraints offered by first-party services.
According to Rick Vanover, Senior Director of Product Strategy at Veeam,
“The widespread movement of IT systems to the cloud has given the cloud computing sector the appearance of maturity. In fact, many firms are finding it difficult to keep up with this increased complexity and development. There are a few things to bear in mind if you want to be prepared for the cloud environment in 2022.
Think of the vertical clouds.
Verticalized clouds are growing as firms try to create ecosystems that are tailored to their own requirements in response to the market’s rapid change. Cloud corporate users have discovered that by using the cloud, they can cut down on the resources needed for certification and compliance while still enjoying brisk data transfers in open zones, expanding their business potential.
Develop your data protection offerings.
Though many, the advantages of vertical clouds do not in any way lessen a company’s obligations in terms of data security. A business that wants to use the cloud must continue to anticipate and meet changing and rising consumer expectations by providing services like modern data protection and multi-factor authentication. Additionally, this is a chance to carry out tasks that aren’t feasible within the building. Perhaps immutable storage is beyond your data center’s capabilities, but it is now more feasible on the cloud. The same is true for offline storage retrieval; cloud archive-class storage options make this simple. Compliance and recoverability shouldn’t ever have to be traded off against the price of a cloud solution.
Align your cloud ambitions with the capabilities of your providers.
Organizations should insist on a single platform or dashboard from their providers as they transition to a multi-cloud environment. Silos are the last thing you want to happen. To acquire a consistent perspective of the company, companies should try to monitor and report using a single dashboard.
In order to prevent cloud sprawl, waste, or service duplication, it’s important to manage how you utilise the cloud for your organisation. Security is affected by careful monitoring as well, and that has to be a shared duty. Co-Founder and CEO of Metrist, Inc. Jeff Martens explains:
Review your monitoring plan and make sure your cloud requirements are covered. Dependencies hosted by third parties in the cloud have emerged as a significant cause of outages. Teams often spend the first 10 to 20 minutes of an event attempting to determine “Is it us or is it them?” when direct monitoring of cloud dependencies is not included. Setting up your own monitoring is essential since status pages often only report on the most serious and widespread outages, while minor problems that affect consumers go unnoticed. Just today, several North American users were having issues with Github, and complaints about it appeared on Hacker News and other online forums, but their status page was never updated. Recent instances of dependency failures that affected their clients’ applications include Stripe, AWS, and CircleCI.
“Visibility and control go hand in hand with sprawl. You must be able to see into the sprawl. Distributed controls are necessary to prevent the tightly guarded areas from being impacted by sprawl. Automation is the last factor. By automatically grouping your cloud assets, you can meaningfully reason it out and remove sprawl. Assets that can organise themselves will be a major subject.
There is work to be done and errors to be made whenever a new CSP is implemented. When CSP refers to security as a shared duty, the customer bears the lion’s share of that obligation. In order to fulfil your shared obligations, it is crucial to introduce your own controls to any cloud.
Misconfiguration is the main security problem for clouds. Shared responsibility implies that it is entirely your obligation to set up the cloud in a secure manner. And all of that labour is never completed correctly. Automation assists individuals in maintaining excellent posture in this situation. Realizing that the cloud is as safe as you make it is the first step, however. It’s not necessarily safe; this is a shared obligation that many people are unaware they own. Cloud is brand-new, it moves quickly, and it is dynamic. Threats are handled and access restrictions are made in a totally different manner than individuals are accustomed to.
“Cloud transition has not been without challenges, despite the fact that it has been wonderful for company overall. The fact that data security has lagged behind data democratisation is one of the key drawbacks. One in two businesses have suffered a cloud data breach in the last two years, according to research from Laminar Security.
Amit Shaked, CEO and co-founder of Laminar, claims that since the data protection tools people are employing haven’t been updated for this new public cloud environment, their jobs are now more difficult than ever. Furthermore, the majority of data security teams aren’t aware of the private cloud storage that they have for critical information.
“Organizations must employ solutions that provide visibility, context, accountability, and warn data protection teams of data breaches in order to maintain cloud infrastructures and thwart cyber threats. The solution must be able to continually and automatically detect and classify data in order to provide complete visibility, security, and control over that data in order to lower data risk, find and rectify data breaches without halting data flow, and minimise data risk. Devastating breaches may be avoided in 2022 and beyond with the help of these straightforward strategies.
The following is provided by Patrick Kopins, COO of OvalEdge, on the significance of meticulous monitoring for security reasons:
Understanding who has access to the console or hypervisor that controls the cloud environments is probably the best place to start when learning about cloud security fundamentals. In many instances, businesses must link their cloud console to their identity and access management system (like Active Directory) in order to regulate who has access to what cloud services and how they are managed.
Another fundamental security procedure is deciding who may provide, utilise, or configure cloud storage. Everyone has heard about unprotected cloud storage endpoints whose data were exposed when someone discovered them. These endpoints were simply secured by a specific URL for privacy. The ability to clearly identify who can create these storage instances, who uses them, what access controls are necessary, and how to control data retention and disposal is essential for organisations. Additionally, given that anybody with a credit card may open a public cloud account and begin supplying their own storage, enterprises may very well require certain procedures to determine what qualifies as shadow IT (or other cloud resources).
Understanding how cloud resources get routine security protection is perhaps the other most important fundamental cloud security practise. You may still need to setup and patch the system in certain circumstances, such as when using a compute instance. You don’t for certain things, like database services. In terms of vulnerability assessments or penetration testing, cloud infrastructures also have certain unique characteristics (what constitutes internal vs. external in such a scenario?). An organization’s ongoing security procedures should change as it utilises cloud computing for its IT.
Senior DevOps Engineer at Schellman, Najeeb Saud, says the following:
“Cloud service use has skyrocketed during the previous ten years. Particularly now that businesses are undertaking a full digital transition to allow workers to work from home in the aftermath of the COVID-19 epidemic. Even though many of the native security features of these services can be strong and effective, others may not check all the boxes, leading many organisations to look for third party security tools to supplement their workforce. Securing these cloud services has become even more important in day-to-day operations. Tools include vulnerability management, static code analysis, and security information and event management (SIEM) tools, for instance.
The insight into system level activities across the various environments is crucial but not always the simplest to routinely monitor as firms continue to migrate to increasingly complicated cloud settings. Therefore, a careful balance between System Hardening (securing a system’s configuration and settings to reduce IT vulnerability and the possibility of being compromised), Defensive Security Posturing (which focuses on Reactive Measures, such as Patching Software and Finding and Fixing System Vulnerabilities), and Centralizing System Activity in a Way that Any Kind of Attacks or Anomalies Can Be Quickly Identified via SIEM These would be AWS technologies like CloudTrail, Detective, Security Hub, and GuardDuty.
Securing the cloud and maintaining cybersecurity will always be shifting targets, so businesses will need to regularly reassess and adjust their cybersecurity plans. The good news is that cloud service providers like AWS, Azure, GCP, and others are already making quick progress toward providing some very strong, native security solutions, enabling organisations to monitor for potential attacks with a variety of services, including a web application firewall, network-level firewall, and Denial of Service (DDoS) prevention defences to help protect endpoints hosted on their platforms.
As time passes, the built-in security measures of these cloud service providers and many other SaaS solutions will become more effective and practical. As with the ongoing automation and rotation of encryption keys, passwords, secret keys, etc., AI will undoubtedly play a critical part in the defence against assaults, both in alerting users to threats and in stopping them. Because, let’s face it, organisations would much rather concentrate on delivering features than spend all of their valuable time worrying about every security kink in the road, even though delivering a secure product is extremely important.
The necessity of visibility and tracking or monitoring is also emphasised by Ravi Ithal, CTO and Co-Founder of Normalyze:
“A common theme among the CISOs we speak with is a general lack of visibility around how customer data records are moving in their cloud environments, as well as how they are lacking a sound governance strategy for access to that data. Additionally, it is widely acknowledged that the current state of popular cloud security solutions generates a lot of busy labour that focuses on infrastructure security, which is important but insufficient to fulfil their true mission, which is information security. How can you use this knowledge?
Whether you want to increase your cloud footprint or are currently in the cloud, be sure you:
Recognize your digital assets
What you cannot see cannot be protected. Utilize a tool to identify all of your data assets and who has access to them. The moment has come to invest in an automated technology that can discover your most valuable data assets for you if you are currently doing this by hand.
Limit the spread of data and access
You should do this for two key reasons: reducing data proliferation, one of the highest priorities for security teams, and cloud cost management, which is currently on the minds of cloud engineering teams.
combine the tools
Your team will spend a lot of time focusing on integrating the three individual tools rather than utilising them to lower your total risk if you have three different tools to acquire your data visibility, access pathways, and dangers. You may do this to save costs, free up time, and enhance your data risk posture.
Cloud computing formerly included keywords like “private,” “public,” and “hybrid.” While they aren’t going away, they are becoming more polished. Industry-specific clouds are one of the major advances. Deloitte Consulting LLP Principal Brian Campbell explains:
Industry Clouds are firmly in focus as IT professionals look ahead to 2023. They provide you the freedom to use sector-specific solutions to meet business objectives without major platform changes or fundamental system overhauls, increasing time to value.
The secret to making the most of industrial clouds is to start by working closely with company leaders to discover where technology is most needed to provide more practical, scalable, and adaptable solutions to advance enterprise strategy. Next, make a short list of potential Industry Cloud solution providers (such as hyperscalers, SaaS providers, ISVs, GSIs, startups, etc.) to consider which is the best match for your company.
Once you’ve selected a choice, work in collaboration with the business to prioritise secure implementation, as well as customisation and technical resources, in the areas where there is the highest value in distinction. Finally, adopt a framework of open discussion and consistency for assessing future opportunities to use Industry Clouds.
Additionally, as we approach the end of the year, it’s critical to ensure that your cloud setup is prepared to meet future needs. The CEO and Co-Founder of Census, a platform for data integration, Boris Jabes, has some professional advice on how to maintain your cloud environment up to date:
1. Always update your software
Making sure that all of your software is up to date is one of the most crucial things you can do to maintain the health of your cloud environment. This applies to any software or resources you use in the cloud, including the operating system your virtual machines are running on. Keeping all software up to date is essential because outdated software can cause stability problems and security vulnerabilities. In order to make sure that all of your systems are maintained up to date on a regular basis, you need also have a strategy in place for patch management and updates.
2. Regularly create backups
Regular backups are essential for keeping a healthy cloud environment. This will assist you in resolving any potential issues, such as data loss or system failure. You must choose the backup solution that best suits your requirements from the several backup alternatives offered. Additionally, you have to have a recovery strategy in place so that you are prepared for any eventuality.
3. Be ready for emergencies
There’s always a danger that anything may go wrong in your cloud environment, despite your best efforts. Because of this, it’s critical to be ready for any potential calamities. Make sure you have a strategy in place to handle interruptions like network or power outages. Additionally, you want to keep a backup of your data and system configurations to ensure speedy recovery in case anything goes wrong.
The following advice is provided by Nerdio’s VP of Product, Amol Dalvi, on how readers should prepare their cloud environment for the future, especially with respect to protecting their data and systems:
While utilising Authenticator applications is far more secure, using your mobile phone to receive text messages for 2FA is critically essential. Excellent options are available from Google, Microsoft, and others. To improve your security, I highly advise you to look at auth apps. We can no longer presume utilising a text message for second factor authentication is hacker resistant since SIM swapping is a genuine problem.
Enhance a user’s access just when and for as long as that user need it. Utilize programmes such as Microsoft’s PIM. The majority of admin users don’t always require full admin rights. By enabling an admin to ask for elevated access when necessary, the attack surface is reduced.
Another strategy to strengthen your security posture is desktop virtualization. It is simple to encrypt the whole desktop (think registry entries, Outlook profiles, even desktop wallpaper settings), all the programmes, and therefore all the data users have access to since the desktop itself runs in the cloud. The cost of Desktop as a Service (DaaS) has significantly decreased over time, making it a feasible investment without requiring long-term commitments.
Vaclav Vincalek, founder and CEO of 555 vCTO, suggests that businesses take the following actions to make sure their infrastructure is future-proof:
Take a look at your cloud strategy
Take a step back and first of all review your overall cloud strategy. What was successful in 2022? What didn’t function very well? Do you need to make any adjustments for 2023? You may create a strategy for where you want to be in 2023 by evaluating where you are right now.
Migration of Older Applications
The moment has come to move any old apps that aren’t already operating on the cloud. This will not only save expenses but also guarantee that these applications can operate on subsequent platforms and continue to get vendor support in the future.
Use modern technology
Utilize all the fresh features and functionalities that have recently been accessible from major cloud providers, such as serverless computing, containerization, edge compute resources, etc. You will be well-positioned for an easy transition into full-fledged usage down the future when they evolve even more by integrating these technologies today (or at least getting started with them).
The last piece of advice comes from Corey Donovan, President of Alta Technologies Inc., on how to manage the extra IT brought on by cloud migrations while finding a means to pay expenses and prevent filling up the neighbourhood landfill.
It’s a wonderful opportunity to obtain cash back on your data centre assets to help cover your transition expenses from transferring workloads to the cloud since there are now severe supply chain constraints for IT gear.
Since many IT managers can’t wait months for back-ordered OEMs to deliver brand-new equipment, IT refurbishers have emerged as a crucial alternative supply chain. As a result, they are now in desperate need of inventory. Because of the scarcity of IT equipment, used IT asset prices are increasing, which helps individuals who are selling equipment by giving them a larger return on their trade-ins.