Define Your Cloud Vision

Make the most of cloud for your organization.

ANALYST PERSPECTIVE

Chart a clear course through cloudy skies.

"Cloud is all the rage nowadays. But just because it’s trendy, doesn’t make it right for every organization or every workload. The cloud has a defined set of characteristics. Successful organizations evaluate their workloads according to these characteristics to make sure they’re using the right tool for the job. If your push to cloud is all about getting out of the data center business or reducing I&O work on the back end, you might as well just outsource your infrastructure or hire an MSP. Before moving to the cloud, use a consistent framework to identify its true value." - Derek Shank, Research Analyst, Infrastructure Practice Info-Tech Research Group

Our understanding of the problem

This Research Is Designed For:

• CIOs
• Infrastructure managers
• Enterprise architects
• Cloud architects

This Research Will Help You:

• Identify workloads that are good candidates for the cloud.
• Outline and mitigate risks.
• Define your organization’s cloud archetype.
• Map initiatives on a roadmap.
• Communicate your cloud vision to stakeholders.

This Research Will Also Assist:

• Non-IT executives
• IT administrators

This Research Will Help Them:

• Understand the reasons behind a cloud decision.
• Differentiate between different cloud service and deployment models.

Executive summary

Situation

• The cloud market is exploding: 95% of organizations are experimenting with or running applications in Infrastructure-as-a-Service, and a slew of software vendors are pushing their customers toward Software-as-a-Service offerings.
• Executives are crying for cloud-first strategies and championing lofty digital transformation initiatives.

Complication

• Executives often see the cloud as an outsourcing opportunity, which doesn’t take into consideration its true value proposition.
• Cloud migration plans don’t anticipate common challenges.
• Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.

Resolution

• Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
• Codify risks tied to workloads’ cloud suitability and plan mitigations.
• Build a roadmap of initiatives for actions by workload and risk mitigation.
• Define a cloud vision to share with stakeholders.

Info-Tech Insight

1. Base migration decisions on cloud characteristics. If your justification for the migration is simply getting your workload out of the data center, think again.
2. Think before you drink. The cloud Kool-Aid is tasty. Address the risks up front in your migration plan.
3. NoOps is a big fat lie. The cloud changes roles and calls for different skill sets, but Ops is here to stay.

What is the cloud, how is it deployed, and how is service provided?

Cloud Characteristics

1. On-demand self-service: the ability to access resources instantly without vendor interaction
2. Broad network access: all services delivered over the network
3. Resource pooling: multi-tenant environment (shared)
4. Rapid elasticity: the ability to expand and retract capabilities as needed
5. Measured service: transparent metering

Service Model

1. Software-as-a-Service: all but the most minor configuration is done by the vendor
2. Platform-as-a-Service: customer builds the application using tools provided by the provider
3. Infrastructure-as-a-Service: the customer manages OS, storage, and the application

Delivery Model

1. Public cloud: accessible to anyone over the internet; multi-tenant environment
2. Private cloud: provisioned for a single organization with multiple units
3. Hybrid cloud: two or more connected clouds; data is portable across them
4. Community cloud: provisioned for a specific group of organizations

(Source: National Institute of Standards and Technology)

Info-Tech Best Practice

For more information on these definitions see “The NIST Definition of Cloud Computing” at the National Institute of Standards in Technology.

Develop a strategy to align your needs with the appropriate cloud (or non-cloud) solution

Info-Tech Insight

If an application you wish to put in the cloud is proprietary, it cannot, by definition, be delivered as a SaaS, since that would require another organization to build and provision it.

Delivery models, too, have different strengths – pick the one that’s right for you

Public cloud

• Potentially infinite scalability
• Vendor management of facilities
• Scale begets good value

Private cloud

• Control over existing infrastructure while still being scalable
• Resource pooling for efficiency
• Ability to take advantage of on-premises infrastructure

Hybrid cloud

• Dynamic bursting across clouds
• Most fully capitalize on the cloud’s elasticity
• Allows leveraging of existing infrastructure

Community cloud

• Similar organizations can capitalize on their similar needs
• Secure, certified environments
• Still able to capture economies of scale

Info-Tech Best Practice

Though it’s been touted as the future, the hybrid cloud is only recently becoming real. With VMware on AWS and Microsoft’s Azure Stack recently released, dynamic movement across workloads is possible. This has not historically been the case.

Base your cloud vision on organizational goals

Ensure that you move to the cloud for reasons that are right for you.

• Map organizational goals to cloud drivers.
• Map cloud drivers to cloud characteristics.
• Use Info-Tech’s Cloud Vision Presentation Template to communicate how your cloud vision supports your organizational goals.

Evaluate workloads using the 6Rs framework

Use the 6Rs framework to evaluate potential action plans for existing on-premises workloads.

No Migration

• Retain (Revisit) – “Keep and Reap”
  • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.
• Retire – “Stop and Lop”
  • Get rid of the application completely.

Cloud Migration

• Rehost – “Lift and Shift”
  • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.
• Replatform – “Lift, Tinker, and Shift”
  • Move the application to the cloud and perform a few changes for cloud optimizations.
• Refactor – “Cut and Gut”
  • Rewrite the application, taking advantage of cloud native architectures.
• Repurchase – “Drop and Shop”
  • Replace with an alternative, cloud-native application and migrate the data.

Cover your bases with the wheel of risk

Security and Compliance

• Can I meet my agreed-upon SLAs if I move to the cloud?

Availability & Reliability

• How much availability can my vendor offer?
• Do I have a big enough pipe to handle cloud traffic?

Enabling Infrastructure

• Will moving to SaaS break my calendar integration?

Integration

• Can my staff handle the change in the required skills?

Skills and Roles

• Do I have anyone on staff who knows how to handle vendors?
• Can my cloud provider put important documents under legal hold?

Data Criticality

• Is it legal to store my data in Redmond?

Execute your cloud vision with a concrete action plan

Follow Info-Tech’s methodology to produce an action plan for your cloud project, complete with initiatives, owners, and timelines.

A cloud strategy prevented a healthcare organization from making a costly shift to IaaS

CASE STUDY

Industry Healthcare

Source Info-Tech workshop

Cloud migration initiative built on previous success

The organization in question provides analytics services for healthcare plans in the United States. It was evaluating moving the systems that provide many of its analytics to a public cloud service delivery model. Cloud was not new to the organization. It had previously replaced many of its back-office systems, such as email, workforce management, and IT service management, with SaaS alternatives. This allowed it to concentrate the focus of its IT staff almost exclusively on running its core analytics platform.

Core systems were not cloud native

The platforms themselves were designed and built in an on-premises-based environment. The only appropriate cloud delivery model that would fit in the short term was a lift and shift of the systems into an IaaS offering. The run rate for this was quite costly and did not yield any tangible benefit over running the systems as they were on premises.

Outcomes

Having a strategy in place that clearly articulates that SaaS is the target state for undifferentiated workloads, when IaaS has value, and where PaaS could bring additional capability allowed the organization to better understand the nuances behind the decisions on when and where cloud could help it.

"We like cloud for the capabilities it can offer but we do not evangelize its use. In our research we aim to help organizations find the appropriate mix that works for them. Which workloads bring value by running in the cloud and which ones should be run on premises? Which should be hosted in IaaS and which consumed as SaaS? Your cloud vision will set the parameters through which you navigate these decisions." – Fred Chagnon, Senior Director, Core Infrastructure Practice Info-Tech Research Group

Info-Tech’s approach to cloud integrates tactical decisions with strategic vision to produce a concrete action plan

Phase 1: Determine the Value of Cloud for Your Organization

1.1a Organizational Goals

1.1b Cloud Drivers

1.1c Cloud Characteristics

Deliverables:

• Model that shows value of cloud for your organization

Phase 2: Determine Cloud Value and Action Plan for Workloads

2.1 Cloud Value

2.2 6Rs Assessment

2.3 Cloud Risk Assessment

Deliverables:

• Cloud value for each workload
• Action plan evaluation for each workload
• Cloud risks for each workload
• Prioritization matrix
• Service-level objectives

Phase 3: Address Risks and Roadblocks

3.1 Risk Register

3.2 Mitigations

Deliverables:

• Register of cloud risks
• Risk mitigation initiatives

Phase 4: Clarify Vision and Roadmap Initiatives

4.1 Cloud Archetype

4.2 Initiative Roadmap

4.3 Action Plan & Goal Statements

Deliverables:

• Cloud archetype
• Initiative roadmap
• Action plan statement
• Goal statement
• Cloud vision presentation

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Define Your Cloud Vision – project overview

Define Your Cloud Vision – workshop overview

Contact your account representative or email Workshops@InfoTech.com for more information.

Phase 1

Determine the Value of Cloud for Your Organization

Define Your Cloud Vision

Phase 1: Determine the Value of Cloud for Your Organization

Phase 1: Determine the Value of Cloud for Your Organization

1.1a Organizational Goals

1.1b Cloud Drivers

1.1c Cloud Characteristics

This phase will walk you through the following activities:

1.1a List and group organizational goals.

1.1.b Map organizational goals to cloud drivers.

1.1.c Map cloud drivers to cloud characteristics.

This phase involves the following participants:

• IT leaders
• Line of business representatives
• IT staff

Outcomes

Deliverables

• First part of the Cloud Vision Presentation Template

• Alignment of organizational goals with cloud drivers and cloud characteristics
• Documented understanding of where and how cloud can provide the most value for your organization

Dispel cloud myths by understanding the five key characteristics that distinguish cloud services

Where there is cloud, there is misinformation. Vague TV commercials don’t help. Use the information presented here to understand what separates a cloud service from colocation or a third-party host.

What the cloud is:

1. On-demand self-service: The ability to spin up new instances in an automated fashion (through a console).
2. Broad network access: The ability to access the service from anywhere on any network (no VPN required).
3. Resource pooling: Multitenancy means the cloud provider is servicing more than one client, and no particular client has control or awareness of the specific location of its data beyond broad abstractions (e.g. jurisdiction).
4. Rapid elasticity: The cloud provider can scale service up and down as needed and, from the client’s perspective, is functionally unlimited.
5. Measured service: The service provided is measured in a reasonable way (consistent with its nature) and is metered out to maximize transparency.

Info-Tech Insight

If none of these characteristics appeal to you, cloud might not make sense for you. Cloud services share characteristics with other delivery models (they are off premises like colocation services, externally managed like hosting services, etc.), but they often come with additional costs.

Outsourcing service models, including cloud services, are differentiated by the level of third-party control

Cloud services include IaaS, PaaS, and SaaS. Cloud services can be accessed across any one of these models.

In-House

• Organization has control:
  • Application
  • Database
  • Runtime/Middleware
  • OS
  • Hypervisor
  • Server, Network, Storage
  • Facilities

Co-Lo

• Organization has control:
  • Application
  • Database
  • Runtime/Middleware
  • OS
  • Hypervisor
  • Server, Network, Storage
• Vendor has control:
  • Facilities

MSP

• Organization or vendor may control
  • Application
  • Database
  • Runtime/Middleware
  • OS
  • Hypervisor
  • Server, Network, Storage
  • Facilities

IaaS

• Organization has control
  • Application
  • Database
  • Runtime/Middleware
• Organization or vendor may control
  • OS
  • Hypervisor
• Vendor has control
  • Server, Network, Storage
  • Facilities

PaaS

• Organization has control
  • Application
• Organization or vendor may control
  • Database
  • Runtime/Middleware
• Vendor has control
  • OS
  • Hypervisor
  • Server, Network, Storage
  • Facilities

SaaS

• Organization or vendor may control
  • Application
• Vendor has control
  • Database
  • Runtime/Middleware
  • OS
  • Hypervisor
  • Server, Network, Storage
  • Facilities

Cloud delivery models define the level to which the service has been abstracted

Third-party control increases higher up the stack, and service management becomes a shared responsibility between IT and the cloud provider.

• Infrastructure-as-a-Service (IaaS): The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.
• Platform-as-a-Service (PaaS): The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider.
• Software-as-a-Service (SaaS): The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g. web-based email), or a program interface.

Cloud Compute Stack

Software-as-a-Service (SaaS)

Platform-as-a-Service (PaaS)

Infrastructure-as-a-Service IaaS (Storage, Processing)

Network

Servers

Storage

Info-Tech Insight

It is generally accepted that the cloud will eventually become the norm in the enterprise world, but that day is still far off for most organizations. There is little doubt, however, that cloud services will continue to grow in importance.

Cloud deployment models define the location of the application – whether on premises or hosted elsewhere

“Cloud” doesn’t always mean “out there.” Cloud refers to an abstraction of details and can be deployed in-house as well.

Public Cloud: When IT practitioners talk about “cloud” in general, most often they are referring to public cloud services. In this deployment model a service provider is making resources, such as compute, storage, or even fully baked applications, available over the internet. Public cloud services are generally pay-per-use via a monthly or yearly subscription fee.

• Examples: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform

Private Cloud: This deployment model offers all the capabilities of a public cloud infrastructure (scalability, agility, metered services) but is owned by the organization internally as a single-tenant environment. Though most often the organization will own the data center facility, private cloud still applies to outsourced offerings where the infrastructure is provided exclusively to the organization.

• Examples: VMware vRealize Suite, Citrix CloudStack, OpenStack

Hybrid Cloud: This model includes a mix of on-premises cloud and public cloud models, with some type of orchestration system managing the migration of workloads between the environments.

• Examples: VMware on AWS, tiered backup and recovery solutions, Microsoft Azure Stack

Deployment Models

Public Cloud

Private Cloud

Hybrid Cloud

Community Cloud

Info-Tech Insight

Community clouds are useful for organizations with shared needs, a non-competitive relationship, and implicit trust, like hospital networks or governments.

Beware of hybrid cloud exaggerations

Hybridity is the dream! Being able to dynamically move workloads across environments is a fantastic value proposition, allowing consumers of cloud services to capitalize on the strengths of different delivery models.

• The key to the hybrid cloud is orchestration across multiple environments – not the existence of more than one environment. Such a state is better described by the term multi-cloud or bifurcated cloud.
• Hybrid cloud technology has not developed as quickly as vendors would like to admit. Only recently, with the advent of VMware on AWS and Microsoft’s Azure Stack, has hybridity become feasible for a large number of organizations.

"It's pretty much my favorite animal. It's like a lion and a tiger mixed... bred for its skills in magic." – Napoleon Dynamite

The liger, arguably the most majestic of the big cat species, is a real-world hybrid. A zoo that has both lions and tigers does not have a hybrid exhibit, even if the cats share a pavilion.

Develop a list of organizational goals: what is driving the cloud project?

A crucial part of creating a top-tier cloud vision is understanding the drivers behind the organizational push to evaluate cloud services. Why are we doing this?

According to ISACA, the minutiae of cloud governance and processes cascade out from high-level business goals:

• Business goals
  • IT goals
    • Governance requirements
      • IT processes
        • Control objectives and practices

Common benefits of cloud adoption

1. Faster access to infrastructure
2. Greater scalability
3. Higher availability
4. Faster time-to-market
5. Business continuity
6. Geographic reach
7. Higher performance
8. CapEx to OpEx
9. Cost savings
10. IT staff efficiency

(Source: RightScale, 2017)

Info-Tech Insight

Every process and minor objective should align with a broad organizational goal. If it’s not immediately obvious which goal a specific process or objective is tied to, question its inclusion. Is it a legacy process? Is it wildly inefficient?

List and group organizational goals

1.1a 60 minutes

Input

• Brainstorming

Output

• List of organizational goals
• Top five goals

Materials

• Markers
• Whiteboard
• Flip chart paper
• Sticky notes

Participants

• IT leaders (architecture, CIO)
• Line of business representatives
• IT staff

Without understanding “why” it is irresponsible to proceed to “how” and “when.”

Instructions

1. Distribute sticky notes to participants.
2. Have participants write down organizational goals.
3. Post the sticky notes and have participants present and discuss the organizational goals; ask questions and expand on any that are in need of clarification.
4. After completing the list and clarifying the goals, sort them: group the notes of similar goals together and converge any duplicates.
5. Group the goals into high-level categories that reflect the nature of their contribution to the organization (e.g. increasing efficiency, supporting growth, or reducing risk).
6. Select the top five goals and put them into the Cloud Vision Presentation Template.

Map organizational goals to cloud drivers

1.1b 30 minutes

Input

• Brainstorming

Output

• List of cloud drivers

Materials

• Markers
• Whiteboard
• Flip chart paper
• Sticky notes

Participants

• IT leaders (architecture, CIO)
• Line of business representatives
• IT staff

Instructions

1. Distribute sticky notes to participants.
2. Have participants brainstorm and write down cloud drivers.
• Drivers are factors that push or entice the organization to move to cloud. Instruct participants to write down all that they can think of – even those of which they are skeptical. The point of this stage is to get them all down – we’ll filter later.
3. Post all the sticky notes on a board. Order the sticky notes to group the drivers into broad categories and then label these categories.
4. Discuss the drivers and elaborate on those that need clarification.
5. Use this list of drivers for the next exercise

Map cloud drivers to cloud characteristics

1.1c 30 minutes

Input

• Organizational goals
• Cloud drivers
• Cloud characteristics

Output

• Mapping of goals to drivers to cloud characteristics

Materials

• Markers
• Whiteboard
• Flip chart paper
• Sticky notes

Participants

• IT leaders (architecture, CIO)
• Line of business representatives
• IT staff

Instructions

1. The essential cloud characteristics are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Map each of the cloud drivers (or broad categories of drivers) to one or more cloud characteristics that enable or support that driver.
• If a cloud driver doesn’t map to an essential cloud characteristic, it may not be a sensible cloud driver. Cost savings, for example, is frequently cited as a reason for moving to cloud – but it’s not an inherent characteristic of the cloud to be cheaper, and cost savings are not guaranteed.
2. At the end of this exercise, you should have a list of top five organizational goals, mapped to cloud drivers, which are mapped to cloud characteristics. Input these into the Cloud Vision Presentation Template.

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

1.1a List and group organizational goals.

An effective cloud vision is rooted in a sound conception of your organizational goals.

1.1c Map cloud drivers to cloud characteristics.

Realistic cloud drivers should align with the essential characteristics of the cloud.

Phase 2

Determine Cloud Value and Action Plan for Workloads

Define Your Cloud Vision

Step 2.1: Assess the value of cloud for each workload

Phase 2: Determine Cloud Value and Action Plan for Workloads

2.1 Cloud Value

2.2 6Rs Assessment

2.3 Cloud Risk Assessment

This step will walk you through the following activities:

2.1a Select 5-20 workloads to evaluate.

2.1b Assess the cloud value for each workload.

This phase involves the following participants:

• IT leaders
• IT staff

Outcomes

Deliverables

Cloud Vision Workbook

• Cloud value assessment for each workload

Select 5-20 workloads to evaluate

2.1a Cloud Vision Workbook & Workload Assessment Tool

To use the Workload Assessment Tool and Cloud Vision Workbook, you will need to input services to evaluate.

To gain a good overview and understanding of the process, select at least five unique services not running in the cloud to evaluate in the cloud vision development process.

Identify services that meet one of the following requirements:

• High potential for placement in the cloud
• Low potential for placement in the cloud
• Considered by management to be a potential cloud option (whether or not it is clear the service is a good cloud option)

Include up to 20 different workloads in the Cloud Vision Workbook.

Input the results into tab 2 of the Cloud Vision Workbook.

Netflix vs. Dropbox : Elasticity needs rule the day

CASE STUDY

Industry Online video, storage

Source Interview

Challenge

Netflix is one of the largest and most visible tech companies in the world. Its technical challenges include streaming hundreds of millions of hours of video to customers in the United States and internationally. Netflix was initially built on private infrastructure, but necessary elasticity presented a challenge.

Dropbox, a digital storage offering, is a child of the cloud – it began on AWS in 2007. But as it grew, cloud costs became prohibitive: vendors’ margins began to make them more expensive than a homegrown solution. The challenge for this unicorn was maintaining its service level while reining in costs.

Solution

The public cloud’s functionally infinite elasticity and the fluctuations inherent in Netflix’s business (who knows what’s going to be a hit?) made migration a logical choice. Beginning in 2008, Netflix began to move its operations to AWS, and as of 2016 everything is in the cloud.

Dropbox’s leadership chose to abandon the cloud over about three years leading up to 2016, building its own private cloud (developing custom hardware and software in the process). Its inability to benefit from the economies of scale of the larger public clouds, combined with its relatively predictable needs, made Dropbox a good candidate for private infrastructure.

Results

Netflix’s move has allowed it to provide its on-demand service to millions, without taking the capital hit of over/under-provisioning when projections about capacity don’t match reality.

Dropbox has successfully migrated most of its files to private infrastructure. This was the case everywhere but Europe, where the growth of the business is less predictable.

Assess the cloud value for each workload

2.1b 2 hours

Input

• List of workloads from the Cloud Vision Workbook

Output

• Cloud value assessment for each workload

Materials

• Markers
• Whiteboard

Participants

• IT leaders (architecture, CIO)
• IT staff

Instructions

1. Write each workload to be assessed in a single column on a whiteboard.
2. Along the top row, write the numbers 1 through 8, then draw lines to form a grid. See the following slide for an example.
3. Each number corresponds to an assessment statement. For each workload, you will consider a statement relating to cloud value.
4. Proceeding workload by workload (using the following slides as a guide), read each statement to the group and have participants rate how strongly they agree with it. Draw a bar in the box to reflect their response:
   1. Not at all – leave box blank
   2. Somewhat agree – small bar in box
   3. Agree – medium bar in box
   4. Strongly agree – full bar in the box
5. Review the results of the cloud value assessment for each workload and double check that responses have been consistent across all the workloads. This time, proceed by working through each assessment statement in order. Make any necessary adjustments.
6. You will refer to this chart when completing the Workload Assessment Tool.

Cloud value assessment example

Cloud value assessment statements

1. This workload results in a large number and/or frequency of service requests that require manual repetitive IT work and are infeasible to automate.
   • How much toil (manual respective work) is currently required on the part of the Infrastructure group to support this workload? It’s important to distinguish between an occasional annoyance (e.g. one four-hour service request twice per year) and a significant drain on resources.
2. Users of this workload would benefit from the ability to provision resources without requiring action on the part of the Infrastructure group.
   • Is Infrastructure lead time leaving users chomping at the bit? Are demands from users or project managers putting Infrastructure under the gun to deliver in compressed timelines?

Cloud value assessment statements

3. This workload would benefit from the ability to implement modifications, enhancements, and new features without action on the part of the Infrastructure group.
   • Would it be beneficial to remove friction by enabling enhanced self-service capabilities?
4. This workload benefits from being accessible over the public internet, outside the organization’s network.
   • Keep in mind that remote users (such as employees) can use VPN.

Cloud value assessment statements

5. This workload experiences significant fluctuations in demand.
   • Use your judgement to determine what counts as “significant.”
6. The capacity usage for this workload is significant relative to our on-premises resources.
   • The workload might experience significant demand fluctuations, but if it’s only taking up 0.001% of your capacity, then it probably doesn’t matter. Think about the size of the infrastructure footprint for this workload relative to your available pool of compute, storage, and memory.

Cloud value assessment statements

7. Demand for this workload fluctuates randomly/unpredictably (e.g. because of sudden business growth).
   • Proper capacity planning can deal with predictable spikes in demand. Where you run into problems is when you have sudden, unpredictable increases in usage. Does this workload ever spike such that it can’t be planned for in advance?
8. There is business value in granular unit costing for this workload (e.g. per user, per transaction).
   • Granular costing is almost always a “nice to have” if you have it. But the value of granular costing isn’t always high enough to justify the effort spent to get it or to be a significant value proposition on its own. Only “agree” or “strongly agree” if this is more than icing on the cake.

Step 2.2: Assess each workload with the 6Rs framework

Phase 2: Determine Cloud Value and Action Plan for Workloads

2.1 Cloud Value

2.2 6Rs Assessment

2.3 Cloud Risk Assessment

This phase will walk you through the following activities:

2.2a Evaluate each workload using the 6Rs framework.

This phase involves the following participants:

• IT leaders
• IT staff

Outcomes

Deliverables

Workload Assessment Tool (multiple copies)

• Evaluation of potential 6Rs action for each workload

Leverage the 6Rs framework to evaluate workloads

The 6Rs is a framework to consider options for delivery of existing non-cloud workloads.

No Migration

• Retain (Revisit) – “Keep and Reap”
  • Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.
• Retire – “Stop and Lop”
  • Get rid of the application completely.

Cloud Migration

• Rehost – “Lift and Shift”
  • Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.
• Replatform – “Lift, Tinker, and Shift”
  • Move the application to the cloud and perform a few changes for cloud optimizations.
• Refactor – “Cut and Gut”
  • Rewrite the application, taking advantage of cloud native architectures.
• Repurchase – “Drop and Shop”
  • Replace with an alternative, cloud-native application and migrate the data.

Grasp the implications of each migration path

Info-Tech Insight

Cloud value can come sans cloud native. Not every workload requires the ability to fully realize cloud value. Sometimes rehosting or replatforming is the best way to leverage cloud for a particular workload.

Evaluate each workload using the 6Rs framework

2.2a Workload Assessment Tool

• Using your list of workloads in the Cloud Vision Workbook, create a different copy of the Workload Assessment Tool for each workload to be evaluated.
• Indicate your level of agreement (on a scale of “Strongly Disagree” through to “Strongly Agree”) with the assessment statements for each workload.
• For the first statement, refer back to the evaluation you performed in the cloud value assessment and make a judgement about how important each value criterion is for each workload
• In the second statement, cloud nice-to-haves include anything that comes with cloud that is not an essential characteristic – for example, disaster recovery, georedundancy, geodiversity, and device agnosticism.

Responding to 14 assessment statements per workload may seem an onerous task, but it’s important to evaluate the characteristics of each workload in relation to your organizational goals. The exercise is well worth it!

Use tab 2 of the Workload Assessment Tool.

Cloud value is rooted in cloud characteristics, but the nice-to-haves can sweeten the deal

Cloud characteristics

1. On-demand self-service: The ability to access resources instantly without vendor interaction.
2. Broad network access: All services delivered over the network.
3. Resource pooling: Multi-tenant environment (shared).
4. Rapid elasticity: Expand and retract capabilities as needed.
5. Measured service: Transparent metering.

Nice-to-haves

• Backup
• Disaster recovery
• Geodiversity
• Georedundancy
• Device agnosticism

Info-Tech Insight

Cloud nice-to-haves are icing on the cake. Info-Tech calls these extras “nice-to-haves” because you can get these things without moving to the cloud. They are included as part of cloud offerings without your having to do them like you usually do – for example, backup and disaster recovery.

Interpret the results of the workload assessment tool

View the results on tab 3 of the Workload Assessment Tool.

• The tool generates a bar graph for the workload evaluated in the suitability assessment.
• Action plans with higher bars relative to the action plan have scored as more appropriate for that workload based on your responses to the assessment statements.
• Keep in mind that these results are recommendations of which action plans to consider. Completion of this tool is meant to be a helpful guide to your decision-making process, not a replacement for careful consideration of the implications of the action plans.
• Also, keep in mind that we have yet to evaluate and consider risks, which is a crucial step in your cloud migration decision-making process.

The bars indicate only how suitable the workload in question is for the cloud. They do not address how various risks (including those posed by security, data criticality, or enabling infrastructure) could complicate a potential migration.

Info-Tech Insight

Consider the results of the Workload Assessment Tool a guideline for further discussion about your action plan for each workload. Don’t feel obliged to select the highest-scoring action plan for each workload. Discuss with your working group why action plans scored well or poorly.

Step 2.3: Assess cloud risks for each workload

Phase 2: Determine Cloud Value and Action Plan for Workloads

2.1 Cloud Value

2.2 6Rs Assessment

2.3 Cloud Risk Assessment

This phase will walk you through the following activities:

2.3a Evaluate broad areas of risk for each workload.

2.3b Match workloads with action plans.

This phase involves the following participants:

• IT Leaders
• IT Staff

Outcomes

Deliverables

• First part of the Cloud Vision Presentation Template

• Risk assessment for each workload
• Action plan for each workload

Info-Tech has identified six key types of risks and roadblocks that can impede even the most well-intentioned cloud projects

The “wheel of risk” (visualized here in a decidedly non-wheel-like way) captures the broad categories that risks and roadblocks fall into.

Evaluate broad areas of risk for each workload

2.3a Tab 3 of the Cloud Vision Workbook

The cloud risk assessment is designed to highlight areas of concern for your organization.

Instructions

1. For each workload, select the best classification from the drop-down menu.
2. Share the assessment with colleagues. While it is ultimately a solo activity, some of the questions might spark healthy discussion among IT staff.
• Consider sharing copies of the file with senior IT staff and comparing results.
3. Ensure that you complete each question, as blank cells will prevent the results graph from populating.

The goal of the exercise is to highlight areas where your organization is currently deficient and where resources can be most effectively directed.

Info-Tech Insight

Risks and roadblocks should inform both your choice of action(s) and your execution of any migration plan(s) for your workloads. Remember that a high level of risk does not necessarily mean that the workload is not suitable for cloud – it just means that more work will be required.

Interpret the results of the cloud risk assessment and identify areas of concern

The output of interest is the radar diagram, available on the fourth tab of the Cloud Vision Workbook.

• Along with the results of the Workload Assessment Tool, the results of the cloud risk assessment can be used to inform decisions about where a particular workload belongs.
• If there are notable spikes in concern around data, security and compliance, or availability and reliability, consider a private cloud strategy that will allow for more control over data and tenancy (for example).
• As with the suitability assessment, evaluate whether or not the results align with the ideas your team had going into the exercise.
  • Did any areas seem surprising?
  • Are there areas of concern that were not captured in this assessment?
  • Why did the results turn out as they did?

The tool highlights areas of risk. In this example, security and compliance, integration, and skills and roles are the primary areas of risk. Of the three, integration is clearly the most significant.

Match workloads with action plans

2.3b 20 minutes per workload

Input

• Results from Workload Assessment Tool

Output

• Action plan for each workload

Materials

• Workload Assessment Tool
• Cloud Vision Template

Participants

• IT infrastructure staff
• Enterprise architecture

Hold a group discussion to serve as a check on the workload assessment results.

Instructions

1. Make a chart listing all the workloads. For each workload, assign one of the Rs as an action plan. In making your evaluation, refer to the results of the Workload Assessment Tool, the risk assessment in the Cloud Vision Workbook, and the chart showing the implications of each migration path (see the following slide).
2. For each workload, pose the following questions to the group:
• Does the assessment output by the tool make sense?
• Is there anything we missed during the initial evaluation?
• Which action plan is best for each workload?
• Ensure that the group is consistent in justifying their choices: why should one workload be rehosted and another should not, for example?
3. Document your decisions for the five highest-impact workloads in the Cloud Vision Presentation Template.

Grasp the implications of each action plan

Remember that retiring and retaining aren’t free: there are operational costs to retaining something and project costs for retiring something. There may also be an opportunity cost in retaining an application, because that means you’re unable to realize any cloud value for that application.

Info-Tech Insight

There’s no free lunch in IT. At first glance, the costs of continuing to run an existing application on premises may seem nominal. But in the long term, the total cost of ownership will include operational costs for infrastructure and applications personnel as well as hardware refresh costs.

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

2.1b Assess the cloud value for each workload.

2.2a Evaluate each workload using the 6Rs framework.

Phase 3

Address Risks and Roadblocks

Define Your Cloud Vision

Step 3.1: Create a risk register

Phase 3:

Address Risks and Roadblocks

3.1 - Risk Register

3.2 - Mitigations

In this step you’ll develop the following risk registers:

3.1a Data

3.1b Security and compliance

3.1c Availability and reliability

3.1d Integration

3.1d Enabling infrastructure

3.1d Skills and roles

This phase involves the following participants:

• IT leaders
• IT staff

Outcomes

Deliverables

• Cloud Vision Workbook

• Risk registers

Corporate IT departments have traditionally viewed the cloud with a skeptical eye

While general concerns about the cloud have diminished as it has become a more important part of most IT departments’ service delivery strategies, they still exist.

Each of these concerns is valid and resolvable. In the sections that follow, you will be given the tools necessary to identify specific risks and work to ameliorate them. These mitigations can be translated into initiatives, which can be mapped as part of the cloud migration project.

Evaluate data risk before making a decision about the cloud

Data breaches can end companies. Exceptionally critical data might not belong in the public cloud. Evaluate your practices and stay safe.

• Media reports are full of examples of data breaches, and some companies face existential crises as a result. The Equifax breach even resulted in testimony before Congress.
• Cloud vendors are security conscious (they are aware that many of their customers are skeptical of cloud services for security reasons, anyway), but data security is ultimately an IT responsibility. There is nothing any cloud provider can do about poor data-handling practices.
• For certain regulated industries (e.g. healthcare, finance) the consequences of a data breach could be regulatory (e.g. HIPAA violation), while for other industries (such as those that handle information about sensitive technologies) sanctions could include the loss of the ability to do business internationally.
• Data criticality is an important consideration when moving to the cloud. Highlight those risks.

Common risks

1. Personally identifiable information could be leaked, causing regulatory censure.
2. Necessary data could be corrupted or destroyed.
3. Proprietary information could be stolen and publicly released.
4. Deemed export status could be lost and business could be impacted.

$141 The average cost of each lost confidential record (IBM, 2017).

Accenture suffered a humiliating cloud data breach

CASE STUDY

Industry Professional services

Source Healthcare IT News

Challenge

Accenture, the consulting and professional services giant, is the operator of a cloud service accessed by many of its largest corporate clients. It used Amazon Web Services to host its databases, including more than 100 gigabytes of important information (including credentials, other customer information, security keys, and API data). Unfortunately, in late 2017, Accenture left four of its S3 buckets exposed, potentially allowing anyone to access sensitive content.

Solution

Accenture removed access to the servers after a security researcher informed them of the security breach. It appears that in this case, Accenture was lucky; nobody accessed the sensitive data other than the security firm, though a wave of bad press in the wake of the breach tempered its good fortune.

Results

Accenture drew significant negative attention in the technology press for its failure to secure client data along with its own encryption keys. Simply configuring the S3 buckets to require passwords would have addressed the problem, but IT’s failure to do that demonstrated a lack of concern that ultimately damaged the company’s reputation as an IT service provider.

Create a risk register: data

3.1a 20 minutes

Input

• Discussion

Output

• Data risks

Materials

• Cloud Vision Workbook
• Whiteboard

Participants

• IT leaders
• Enterprise architect
• Business app owners

Instructions

1. Gather a group of IT and business staff with knowledge about the type of data stored/accessed by each workload. As a group, discuss the following prompts:
• Which data is the most important to our business?
• Does this app store personally identifiable information, client information, intellectual property, or financial information?
• What is an example of the most important data this application touches? What about the least important?
• How are we securing the data now?
2. Think about specific workloads. What risks that impact a particular workload might impact others?
3. Go through the list the team has identified; remove any duplicates or risks that belong in a different category (security/compliance or availability/reliability, for example).
4. Record the results in the risk register in tab 5 of the Cloud Vision Workbook.

Security and compliance typically top lists of perceived cloud risks

Cloud service providers are not useful unless they can meet all of your existing security and compliance standards.

• For all of the hand-wringing about security in the cloud, odds are that large public cloud providers are better equipped to deal with intrusions than you are.
• Large cloud providers (Microsoft, Amazon, and Google especially) are also typically proactive in acquiring certifications that keep them compliant with industry standards. It can be daunting for an on-premises rollout to include an external certification, even if said certification is required for operations.
• Even so, in some circumstances the opaque nature of some cloud services (including potential subcontracting) can make any decision to adopt them questionable from a security/compliance perspective. For workloads that require very specific measures be taken, it can be advisable to keep their infrastructure on premises, either in a private cloud or in a more traditional data center.

Trust in the cloud

71% of organizations trust the public cloud with their data, but a sizeable minority (29%) do not (Columbus, 2017).

Common risks

1. DDoS
2. Lack of compliance with critical policies
3. Unauthorized access
4. Ransomware
5. Identity reuse
6. Lack of auditable controls

Create a risk register: security and compliance

3.1b 20 minutes

Input

• Discussion

Output

• Understanding of workloads

Materials

• Cloud Vision Workbook
• Whiteboard

Participants

• IT leaders
• Enterprise architect
• Business app owners

Instructions

1. On a whiteboard or piece of flip chart paper, write two headings: “Provider Infrastructure” and “Access.” Under each one, leave room to record specific risks, identified based on the following questions:
• What are the core security issues with cloud computing that you are concerned about?
• Which threats are of particular concern for your enterprise?
• How much of each perceived threat is real vs. dread?
• How can the threats be grouped into broader categories for discussion?
2. Think about specific workloads. What risks that impact a particular workload might impact others?
3. Go through the list the team has identified; remove any duplicates or risks that belong in a different category (e.g. data).
4. Record the results in the risk register in tab 5 of the Cloud Vision Workbook.

Availability and reliability are also typical concerns of cloud adopters

IT is, at its core, a service provider. In shifting some of that responsibility to third parties, IT does not lose accountability for the service.

• Vendors will promise the moon when it comes to “nines.” Some vendors even offer 100% uptime guarantees. (Penalties for outages are usually minimal, and guarantees don’t generally include scheduled downtime.) IT is ultimately accountable for the services that fall under its purview, including vendor-scheduled downtime.
• Performance is another concern. Vendors focus on uptime without provisions for how well the service is actually performing. Consider engaging with performance-monitoring tools to identify the source of performance degradation should it become a problem with your cloud service.
• While a move to the cloud can simplify many parts of service, a communication plan for dealing with the vendor when there is a major unscheduled disruption is a must, along with a vendor management team capable of extracting promised money from the vendor.

Common risks

1. Service availability won’t meet business expectations
2. Application performance won’t meet business needs
3. Potential loss of revenue
4. Poor DR capability
5. Lack of an exit strategy (especially from smaller vendors)
6. Vendor-driven development
7. Vendor management

Info-Tech Insight

If you haven’t already, consider documenting your recovery capabilities by service. Include information on your current techniques and their effectiveness.

Create a risk register: availability and reliability

3.1 c 20 minutes

Input

• Discussion

Output

• Understanding of workloads

Materials

• Cloud Vision Workbook
• Whiteboard

Participants

• IT leadership
• Enterprise architects
• Business representatives

Instructions

1. Use a whiteboard or a piece of flip chart paper to capture the group’s thoughts. Pursue a line of questioning based on the following questions:
• What potential risk is there from a lack of availability?
• Which workloads present the greatest availability risk?
• What happened the last time we lost access to this workload? Was anything important impacted? Did life go on?
• How long can we go without this service before it starts to become a problem? What does our financial picture look like after a long outage?
2. Think about specific workloads. What risks that impact a particular workload might impact others?
3. Go through the list the team has identified; remove any duplicates or risks that belong in a different category.
4. Record the results in the risk register in tab 5 of the Cloud Vision Workbook.

Clarify your integration situation before proceeding with a cloud migration

Most IT services don’t exist in a vacuum. Understanding and mitigating general integration challenges will be key to cloud success.

• The ability to effectively integrate cloud services with other services (including other applications and databases) is critical to the success of the cloud project. It can, however, be among the most challenging.
• Integration concerns typically fall into one of three subtypes:
  • Access: Investigate SSO and federated identity as a solution to credential issues; develop a governance plan to ensure that security concerns around the cloud are addressed.
  • Application: Develop an integration architecture blueprint to identify required capabilities. Avoid customization where commercially available software can do the integration work for you.
  • Data: Enforce a data governance policy and ensure that all data is accessed from a single source of truth (database) where possible.
• Evaluate integration concerns with your team to ensure they are covered.

Integration (n.): The process of using software to facilitate communication between two discrete services.

Common risks

1. Complexity for multiple connections
2. Data fragmentation
3. Compatibility and harmony
4. Vendor fixes and upgrades
5. Connection to disaster recovery (vendor and internal)
6. Managing vendor toolsets
7. Vendor documentation and integration requirements

Reflect on the changes to integration processes that must be considered for the cloud

Expect some subtle changes to crop up in the following areas:

Migration of data between on-premises and cloud services

• The ability to easily migrate data onto a cloud environment is equally important as the ability to easily pull it out of the cloud and back on premises. Data integration tools may be required for automation so that the cloud can act as a seamless extension to the on-premises infrastructure.

Data synchronization

• Moving from cloud to on premises is not the same as moving data from in-house database to in-house database; data structures between on premises and cloud and cloud-to-cloud differ, and each cloud provider will have its own rules for synchronizing data sets. The synchronization process may need to be streamlined using batch and real-time enterprise integration synchronization between cloud and on-premises systems.

Data quality maintenance

• Rather than cleanse and integrate data only when extract, transform, and load (ETL) is performed as an overnight batch process, outsourcing to the cloud enables constant data cleansing when migrating data back and forth. Therefore, data quality should be enhanced and consistently maintained by using cloud services. Utilizing the cloud for data integration also streamlines the process by taking it offsite, which frees up server and staff workloads.

Managing different API standards

• While the creation of application programming interfaces (APIs) is occurring at an astonishing rate, there is currently no standard process of creating or managing them. APIs are no longer for internal use – they must interconnect with cloud providers and cross-platform interfaces. Cloud provider cloud APIs have authentication mechanisms put in place to ensure that only authorized API calls are made to their systems.

Data translation

• Data translation can become tricky when moving data from cloud to cloud because different cloud systems use diverse data definitions and data formats. As a result, there is a greater variation in fields.

Create a risk register: Integration

3.1d 20 minutes

Input

• Discussion

Output

• Understanding of workloads

Materials

• Cloud Vision Workbook
• Whiteboard

Participants

• IT leaders
• Enterprise architects

Instructions

1. On the same whiteboard, begin to brainstorm particular integration risks with your group. Identify the sources of potential integration challenges. Select some representative workloads and address the following questions with those workloads in mind:
• What applications and databases does this workload integrate with?
• Can off-the-shelf integration tools be used in place of custom software?
• Does this application have open APIs for ease of integration?
• Are a lot of applications pulling from a single source of truth?
• Are applications tightly coupled?
2. Record the findings on the whiteboard and discuss them with the group.
3. Go through the list the team has identified; remove any duplicates or risks that belong in a different category.
4. Record the results in the risk register in tab 5 of the Cloud Vision Workbook.

A move to the cloud requires internal infrastructure capable of handling the change

While some services might be less important in the age of the cloud, others will ultimately become more important (like an internet connection).

• First things first: are you virtualized? Virtualization is a critical cloud enabler. A virtualized workload can be lifted and shifted to IaaS easily, while a bare metal workload will likely experience more difficulty in the transition.
• Infrastructure responsibilities will not simply disappear with the adoption of cloud services. To effectively transition to cloud services, discuss the nature of your requirements with the rest of the department.
• If this is an immature area, consider mapping it out (that is, recording the storage, processing, and network needs for each service). Such an activity may not be necessary, but it could highlight some problem areas.
• Create move bundles of applications, servers, and databases, and group them based on dependencies and migration strategies. The tool linked on this slide can help in this endeavor.

To guide you through every step of the detailed discovery process, use Info-Tech’s Data Center Relocation Data Collection and Bundling Workbook.

Common risks

1. Site A’s data center internet connection could become a bottleneck as network traffic travels through it (using Citrix).
2. Delays on the Site A Office 365 migration will hold up Site B.
3. Site A’s workstation support model has relied on a managed desktop. Site B users have adopted a BYOD model. Service Desk is not positioned to provide this level of support.

Create a risk register: enabling infrastructure

3.1 e 10 minutes per workload

Input

• Discussion

Output

• Understanding of workloads

Materials

• Cloud Vision Workbook
• Whiteboard

Participants

• Enterprise architects
• Network engineers
• Storage people

Instructions

1. Infrastructure is still a challenge, even in the cloud. With the group, work to answer some or all of the following questions about your organization’s infrastructure position.
• Has an audit of existing infrastructure capabilities identified any weaknesses we should be aware of?
• Is our network capable of handling the increased traffic that could come from the cloud?
• If a private cloud is on the table, what sort of infrastructure investments will we need to make?
2. Translate the results of this exercise into specific risks that could impact your organization.
3. Go through the list the team has identified; remove any duplicates or risks that belong in a different category.
4. Record the results in the risk register in tab 5 of the Cloud Vision Workbook.

Understand where you stand on skills and roles

The move to the cloud is one of the biggest disruptions many IT professionals will encounter in their careers.

• The cloud is not a synonym for outsourcing, even if some managers use it that way. That said, skills and roles are going to change with the cloud; that’s something worth exploring in detail.

Things that are likely to change:

• Integration will become more of a staff priority as more services move to the cloud.
• Hardware/software administration, including relationships with OEMs, will become less important.
• Administration of updates will be less important in a cloud-defined world.
• Business analysts, in the role as requirements gatherers and communicators, will likely increase in importance as requirements need to be communicated to vendors.
• Finally, some technical roles may change, requiring cloud specialty (solutions architect, engineers).

Common risks

1. Preparing resources for transition to cloud
2. Identifying approaches to redeploy people
3. Defining the organizational structure (of the future)
4. Training resources for new roles/skills
5. Ensuring right resources are available
6. Reassuring highly technical workforce who may fear losing tech skills
7. Preparing for risk of losing staff

Transition from “plan-build-run” to “enable-integrate-manage”

IT has traditionally been a cost center. A change in mind-set, enabled by the cloud, will alter IT’s value proposition.

Plan-Build-Run

Under PR, the IT department is the gatekeeper: all services go through IT, which forecasts demand for services that are implemented and managed internally.

• The perception that IT’s processes are unique drives a PR model, despite the fact that this is rarely true.
• IT’s involvement in every step of the process can result in a legacy of proprietary and customized solutions built on outdated technology.
• Many of these departments spend far too much time keeping the lights on at the expense of innovative, value-creating work.

Enable-Integrate-Manage

With the rise of the cloud, metered service allows for detailed dissection of service costs. Chargebacks and showbacks can relieve some of the cost pressure on IT.

• Taking full advantage of the à-la-carte nature of the cloud means that EIM departments will become effective at bundling services from third parties to optimize their business processes.
• According to the new model, IT should spend less time keeping the lights on and more time innovating and improving business processes.
• IT should become less of a cost center and more of a value driver.

Managing cloud providers will require enhancement of traditional vendor management practices

Relationship Management

Monitor Vendor Performance

Key Activity: Measure performance levels with an agreed-upon standard scorecard.

Manage Vendor Risk

Key Activity: Assess vendors periodically to ensure that they are meeting compliance standards.

Manage Vendor Contracts and Relationships

Key Activity: Manage contracts and renewal dates, the level of demand for the services/products provided, and the costs accrued.

Identify and Evaluate Vendors

Key Activity: Develop a plan with procurement and key internal stakeholders to define clear, consistent, and stable requirements.

Select Vendors

Key Activity: Develop a consistent and effective process for selecting the most appropriate vendor.

Manage Vendor Contracts and Relationships

Key Activity: Negotiate contracts consistently to ensure that the vendor and the client have a documented and reliable understanding of mutual expectations.

Vendor management was a challenge for a large manufacturing organization

CASE STUDY

Industry Manufacturing

Source Info-Tech

Challenge

A large manufacturer explored a move to the cloud as part of a general process improvement. The shift away from on-premises delivery and toward externally provided services – particularly the need to manage a vendor – emerged as a difficult challenge for an IT department heavy on technical skills but comparatively weak on the vendor management front.

Solution

The organization engaged Info-Tech to explore cloud options. Through the course of the workshop, the team identified strengths in their existing processes based on a successful ERP implementation. They were able to isolate several generalizable features of their ERP vendor management, including quarterly reviews and dedicated business analysts.

Results

The manufacturer’s IT department was able to identify the strengths developed during the ERP project and proposed a plan to extend it across the rest of the enterprise. This, the team felt, was ultimately palatable for their stakeholders.

Create a risk register: skills and roles

3.1f 10 minutes per workload

Input

• Discussion

Output

• Risks to the organization: skills and roles

Materials

• Cloud Vision Workbook
• Whiteboard

Participants

• Enterprise architect
• CIO

Instructions

1. Perhaps the most difficult of the risks and challenges outlined here, developing an effective approach to IT skills and roles is likely the number one potential roadblock. With the group, based on your broad cloud direction, highlight the skills you will need.
• Who will be responsible for securing the cloud service? Signing the contract? Evaluating vendors?
2. Based on your needs, identify gaps. What jobs need to be done that can’t be accomplished by anyone either within or outside the organization? Translate this list into risks: what happens if these skills and roles go unlearned and unfilled?
3. Go through the list the team has identified; remove any duplicates or risks that belong in a different category.
4. Record the results in the risk register in tab 5 of the Cloud Vision Workbook.

Step 3.2: Develop mitigations for risks

Phase 3: Address Risks and Roadblocks

3.1 Risk Register

3.2 Mitigations

This step will walk you through the following activities:

3.2a Develop a plan to mitigate risks.

This step involves the following participants:

• IT leaders
• IT staff

Outcomes

DELIVERABLES

• Cloud Vision Template

• Risk mitigation plan and initiatives for roadmap

Develop a plan to mitigate risks

3.2a 1 hour per risk area

Input

• Discussion

Output

• Mitigations

Materials

• Cloud Vision Workbook
• Whiteboard

Participants

• Enterprise architect
• CIO

Fortunately, the risks across all six areas can be mitigated. During this activity, address each risk in turn.

Instructions

1. Going through your list of specific risks identified in the previous exercises, begin brainstorming potential mitigations for each risk.
• How are we addressing this problem now?
• Does a workaround exist for this issue?
• Does a particular mitigation offer a permanent solution?
• In the cloud, how is this supposed to work?
2. Record the mitigations in tab 5 of the Cloud Vision Workbook with ID tags attaching them to the specific risks they address.
3. If a specific risk cannot be mitigated (as a result of a technical challenge, for example) flag it and move on.
4. Keep the list of mitigations handy – it will be necessary to create roadmap items in this project’s third phase.

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

3.1 f Create a risk register: Integration

Lead the group in identifying the risks posed to a cloud migration by integration.

3.2a Develop a plan to mitigate risks

Build risk mitigations into your cloud project roadmap.

Phase 4

Clarify Vision and Roadmap Initiatives

Define Your Cloud Vision

Step 4.1: Determine your cloud archetype

Phase 4: Clarify Vision and Roadmap Initiatives

4.1 Cloud Archetype

4.2 Initiative Roadmap

4.3 Action Plan & Goal Statements

This step will walk you through the following activities:

4.1a Determine your high-level cloud archetype.

4.1b Determine your cloud sub-archetype.

This step involves the following participants:

• IT leaders
• IT staff

Outcomes

DELIVERABLES

• Cloud Vision Presentation

• Cloud archetype

Organizations fall on a spectrum of cloud archetypes

Your organization’s cloud archetype is the strategic posture that IT adopts to best support the organization’s goals. Info-Tech’s model recognizes seven archetypes, divided into three high-level archetypes.

The high-level archetype describes strategic direction, while the sub-archetype explains the means of execution

At the high level, Info-Tech distinguishes three strategic cloud archetypes. An organization can choose to prioritize cloud, to avoid cloud, or to use it selectively (i.e. the organization chooses not to adopt a preference one way or the other).

Determine your high-level cloud archetype

4.1 a 30 minutes

Input

• Cloud Vision Workbook
• Cloud archetype framework

Output

• High-level cloud archetype

Materials

• Cloud Vision Template
• Paper and markers

Participants

• Enterprise architect
• CIO
• IT staff

Instructions

1. Review the three high-level archetypes and discuss where your organization best fits. Consider the following elements:
• The first page of the Cloud Vision Presentation Template (organization goals in relation to cloud drivers and cloud characteristics)
• Your determined 6Rs action plan for each workload
• The risks, roadblocks, and mitigations you have considered
2. Give each participant a piece of paper on which to write the high-level archetype they think is the best fit for the organization. Give everyone time to write down their response.
3. Have the participants reveal their responses to one another. See how these responses align, and discuss any differences of opinion that emerge.
4. Come to a consensus on a high-level archetype, which will frame the next activity.

Determine your cloud sub-archetype

4.1b 30 minutes

Input

• Cloud Vision Workbook
• Cloud archetype framework

Output

• Cloud sub-archetype

Materials

• Cloud Vision Template
• Papers & Markers

Participants

• Enterprise architect
• CIO
• IT staff

Instructions

1. Review and discuss the sub-archetypes that fall under the high-level archetype you’ve selected. Consider the following elements:
• The first page of the Cloud Vision Presentation Template (organization goals in relation to cloud drivers and cloud characteristics)
• Your determined 6Rs action plan for each workload
• The risks, roadblocks, and mitigations you have considered
2. Give each participant a piece of paper on which to write the cloud sub-archetype they think is the best fit for the organization. Give everyone time to write down their response.
3. Have the participants reveal their responses to one another. See how these responses align, and discuss any differences of opinion that emerge.
4. Come to a consensus on a sub-archetype. Input the sub-archetype and its corresponding definition into the Cloud Vision Presentation Template.

Step 4.2: Build a roadmap of cloud initiatives

Phase 4: Clarify Vision and Roadmap Initiatives

4.1 Cloud Archetype

4.2 Initiative Roadmap

4.3 Action Plan & Goal Statements

This step will walk you through the following activities:

4.2a Identify the initiatives required to execute the cloud vision.

4.2b Record the names of the individuals and groups required to get the cloud project done.

4.2c Attach dates to initiatives and plot them in a Gantt chart.

This step involves the following participants:

• IT leaders
• IT staff

Outcomes

DELIVERABLES

• Cloud Vision Workbook
• Cloud Vision Presentation

• Roadmap of cloud initiatives, complete with owners and timelines

Execute your cloud vision with a concrete action plan

To execute on your cloud vision, outline the initiatives and assign owners and timelines. Document this roadmap in a Gantt chart. See the following four slides for detailed instructions.

Info-Tech Best Practice

Focus on the endgame, which is execution. It doesn’t matter what you say you’re going to do if you don’t have a plan in place to act on it. This Gantt chart will help you identify the components of your project to stakeholders and assist with the challenge of buy-in.

Identify the initiatives required to execute the cloud vision

4.2a Cloud Vision Workbook

Initiatives are specific action items and should ultimately be tied to your broader goals.

Initiatives should come from the following areas:

• Improving maturity of the operational processes and governance in the cloud
• Mitigations identified as part of the risk process (particularly around skills and roles)
• Results of the workload assessment tool

Instructions

1. Go through the mitigations identified in Phase 2 of this project (and stored in tab 5 of the Cloud Vision Workbook). Reword each mitigation into a specific action item and record them on a whiteboard (or, if working alone, in a Word document or Excel spreadsheet).
2. Repeat the exercise, this time paying special attention to the service models identified in Phase 1 of the project. What specific actions would be required to transform cloud speculation into cloud reality?
3. Insofar as it is possible at this early stage, order the initiatives by completion date. Record the results of the exercise in the project task column of tab 7 of the Cloud Vision Workbook.

Use this list of common initiatives to jump-start discussions on the topic

• Complete a comprehensive list of cloud goals.
• Prioritize a full list of potential cloud initiatives.
• Identify business activities tied to all cloud initiatives.
• Complete an exhaustive infrastructure status review.
• Outline the value opportunities for each potential cloud initiative.
• Follow up with core stakeholders to identify areas of concern not discussed in the workshop.
• Complete the cloud appropriateness assessment for each potential initiative.
• Research potential compliance requirements coming down the pipe.
• Outline a detailed risk management plan covering security, compliance, reliability, and availability.
• Outline current recovery capabilities for all IT services.
• Complete an exhaustive list of application relationships.
• Develop a cloud integration implementation plan based on current data architecture.
• Complete a skills inventory to identify a staffing plan.
• Review potential impacted infrastructure.
• Review related technology/data components.
• Review infrastructure requirements for potential services.
• Identify unneeded infrastructure.
• Schedule team meetings with IT leaders to dispel staff concerns.
• Distribute the business change document to core stakeholders.
• Develop a vendor strategy for cloud services.
• Create a vendor management team.
• Build standard SLAs and contract terms for cloud services.
• Complete a vendor exit strategy.
• Identify success metrics for all potential cloud service initiatives.
• Identify hard and soft benefits for all potential cloud service initiatives.

Record the names of the individuals and groups required to get the cloud project done

4.2b Cloud Vision Workbook

Instructions

1. Each initiative identified in Activity 4.1c will require a team or individual to complete it. Using the master list of initiatives (depending on the strategy you used to put it all together this could be the ordered or non-ordered list), match each initiative to a project lead.
   1. Be exhaustive: ensure that every initiative has a personnel match.
   2. Remember, this activity is designed to capture the operational details of the exercise. The CIO, even if ultimately accountable, is probably not going to be on this list.
2. Record the list of task owners on tab 6 of the Cloud Vision Workbook. Use the drop-down menus on tab 7 to assign tasks to owners.

Consider including details about necessary project time off, including holidays. This is generally accepted as good project management practice.

Attach dates to initiatives and plot them in a Gantt chart

4.2c Cloud Vision Workbook

Instructions

• Assigning dates to initiatives is often more an art than a science. At (or close to) the top of the list, the initiatives should begin with the project itself. Include the project start date alongside the earliest initiatives.
• Estimate the amount of time required for each initiative (consider using priority poker) and use that information to estimate the end date of the early initiatives and the amount of time required to complete the other initiatives.
• Populate the project task start and end date tabs on tab 7 of the Cloud Vision Workbook.

Consider playing priority poker to assign lengths of time to initiatives.

Instructions

1. Distribute a deck of priority poker cards (with values ranging from “infinity” to 0.5 for endless and short tasks, respectively) to a small group of experienced IT employees.
2. Have the group vote on each initiative by placing a card face down. Flip each card simultaneously and repeat the exercise until the group agrees.
3. Do this for each initiative and record the results on tab 7 of the Cloud Vision Workbook.

Step 4.3: Document high-level cloud vision

Phase 4: Clarify Vision and Roadmap Initiatives

4.1 Cloud Archetype

4.2 Initiative Roadmap

4.3 Action Plan & Goal Statements

This step will walk you through the following activities:

4.3a Write action plan summary statement.

4.3b Write goal statement.

4.3c Document top risks and mitigations from the action plan.

This step involves the following participants:

• IT leaders
• IT staff

Outcomes

DELIVERABLES

• Cloud Vision Presentation Template

• Action plan summary statement & goal statement
• Top risks and mitigations
• Cloud vision presentation to share with stakeholders

Write action plan summary statement

4.3a 30 minutes

Input

• Cloud Vision Workbook
• Discussion

Output

• Action plan summary statement

Materials

• Whiteboard
• Cloud Vision Presentation Template

Participants

• Enterprise architect
• CIO
• IT staff

Instructions

1. Consider the initiatives on your roadmap. What’s the overall direction you’re trending in? Are there any patterns? What does the end goal seem to be? Ultimately you’re giving a brief answer to the question: “There’s this thing called the cloud – what are we doing about it?”
2. Write a brief tagline that summarizes the overall direction or trend. Keep it short. This should be one or at most two short sentences. It’s a high-level summary about your overall direction.
3. Discuss the tagline. Does it more or less capture the overall trend? Does it answer the question? Is it easily understandable and brief? Does it avoid going too much into the weeds?
4. Edit the tagline if necessary. Remember that the tagline doesn’t have to capture everything, and it’s more about the “what” than the “how.”
5. Enter the summary statement in the Cloud Vision Presentation Template.

Write goal statement

4.3b 30 minutes

Input

• Action plan summary statement

Output

• Goal statement

Materials

• Whiteboard
• Cloud Vision Presentation

Participants

• Enterprise architect
• CIO
• IT staff

Instructions

1. Consider the action summary statement about what you’re doing. Now think to answer the question: “What does success look like?”
2. Write a brief goal statement that summarizes what it would mean for your undertaking to succeed. Keep it short. This should be one or at most two short sentences. It’s a high-level summary.
3. Discuss the statement. Does it more or less capture what success looks like? Does it answer the question? Is it easily understandable and brief? Does it avoid going too much into the weeds?
4. Edit the summary if necessary. Remember that the summary doesn’t have to spell out the specifics: it’s more about the “what” than the “how.”
5. Enter the goal statement in the Cloud Vision Presentation Template.

Document top risks and mitigations from the action plan

4.3c Cloud Vision Presentation

• Consult the list of risks and mitigations you’ve compiled.
• Select the top 5-10 risks to include in the presentation. These should be the most significant risks (i.e. those with the largest potential impact and/or highest likelihood).
• Input the risks into the Cloud Vision Presentation Template and draw lines to the action plans to show how you’re planning on dealing with each of these risks.

Present your cloud vision to stakeholders and communicate the results of your cloud project widely

Buy-in is a crucial part of any project’s success. Use a document repository like SharePoint or an internal portal to communicate the results of your cloud vision efforts to a wide audience.

Iterate on the cloud project.

Incorporate new workloads using your cloud vision.

Info-Tech Insight

Communication is key. Share the results of your project widely and use that openness to convince even the most recalcitrant IT professionals to support it. Incorporate them into your discussions; don’t exclude them.

If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

Book a workshop with our Info-Tech analysts:

• To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
• Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
• Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

4.2a Identify initiatives required to execute the cloud vision

Use the information gathered in the Cloud Vision Workbook and through the course of the assessment steps to create a list of initiatives for the roadmap.

4.3a Write an action plan summary statement

The action plan summary statement tells your stakeholders – in a nutshell – exactly what you’re doing about cloud.

Insight breakdown

Base migration decisions on cloud characteristics.

The cloud is five specific things (broad network access, on-demand self-service, rapid elasticity, resource pooling, and measured service). If you’re not looking for these things – or don’t expect to benefit from them in any meaningful way – chances are the cloud isn’t right for you.

Think before you drink.

The cloud Kool-Aid is tasty. Address the risks up front in your migration plan.

NoOps is a big fat lie.

For many IT workers, the cloud is a scary proposition. The idea that the company will outsource jobs to external service providers understandably causes some consternation. Inversely, managers may expect to save money on staff based on a cloud transition. Neither idea is entirely accurate, however. The cloud changes roles and calls for different skill sets, but Ops is here to stay.

Summary of accomplishment

Knowledge Gained

• Understanding of the benefits of particular cloud models
• Features of the cloud
• Strengths of different service models
• Common cloud risks
• Mitigation strategies

Processes Optimized

• Cloud vendor selection
• Cloud suitability assessment
• Risk mitigation
• Communication of cloud project results

Deliverables Completed

• Workload assessment
• Cloud risk assessment
• List of mitigations
• Cloud roadmap
• Cloud vision presentation

Project step summary

Client Project: Define Your Cloud Vision

1. Determine the value of cloud for your organization.
2. Evaluate workloads with 6Rs framework.
3. Identify and mitigate risks.
4. Identify cloud archetype.
5. Plot initiatives on a roadmap.
6. Write action plan statement and goal statement.

Info-Tech Insight

This project has the ability to fit the following formats:

• Onsite workshop by Info-Tech Research Group consulting analysts
• Do-it-yourself with your team
• Remote delivery (Info-Tech Guided Implementation)

Research contributors and experts

Issy Ben-Shaul, CEO & Co-Founder Velostrata

A long career in technology, including stints at VMware and Cisco and founding several successful companies, has culminated for Issy in the founding of Velostrata. Velostrata helps enterprises migrate VMs to the cloud painlessly and at scale.

Vishal Ganeriwala, Senior Director, Product Marketing Citrix

Vishal’s responsibilities at Citrix include defining strategies around technology trends, customer needs, and competitive analysis. He oversees analyst briefings and has served as a spokesperson for Citrix, articulating corporate positioning when new products launch. He holds several degrees, including a master’s in Decision Information Science.

Kenneth Libutti, Chief Information Officer Palm Beach State College

An IT leader in the education sector for more than 20 years, Ken’s latest role at Palm Beach State College involves strategic leadership initiatives, including cloud strategy, as well as operational responsibility for ERP systems, academic computing, technical support, and more. Ken holds an MBA.

Eric Montagnino, Network Manager Palm Beach State College

Eric has served as a network manager/analyst in the education space for more than 20 years. As part of his current role, he is responsible for exploring and implementing cloud solutions. He holds bachelor’s and master’s degrees from Florida Atlantic University.

Carisa Stringer, Director, Product Marketing Citrix

In more than 15 years of employment at Citrix, Carisa has been responsible for overseeing the launch of XenApp and XenDesktop, overseen the creation of a web tool for providing customers with solution pricing/value information, and developed in-depth knowledge of virtualization products. Carisa holds a degree in industrial engineering from the Georgia Institute of Technology.

Nabeel Yousif, Executive Consultant

Nabeel is a strategic and award-winning authentic leader, combining a passion for what he does with rigor to ensure that commitment to drive value contributes to the bottom line.

Bibliography

Al Morsy, Mohamed, John Grundy, and Ingo Muller. “An Analysis of the Cloud Computing Security Problem.” Swinburne University of Technology. Web.

AWS. “The AWS Cloud Adoption Framework.” AWS Professional Services. n.d. Web.

BMG Research. “Factors in project success.” The Association for Project Management. Nov. 2014. Web.

Briggs, Barry, and Eduardo Kassner. Enterprise Cloud Strategy. Redmond: Microsoft Press, 2016.

Butler, Brandon. “What is hybrid cloud computing? The benefits of mixing private and public cloud services.” NetworkWorld. 17 Oct. 2017. Web. 30 Jan. 2018.

Cancila, Mindy et al. “2017 Planning Guide for Cloud Computing.” Gartner. 13 Oct. 2016. Web.

CITO Research. “Hybrid Cloud Myths.” CITO Research. n.d. Web.

Columbia University. “Columbia University Cloud Strategy.” Columbia University. July 2016. Web.

Columbus, Louis. “2017 State of Cloud Adoption and Security.” Forbes. 23 April 2017. Web. 30 Jan. 2018.

Davis, Jessica. “Accenture latest to breach client data due to misconfigured AWS server.” Healthcare IT News. 10 October 2017. Web.

Flynn, Des. “IoT considerations—cloud services—IaaS, PaaS, SaaS, build your own.” Lattice Research. 10 Dec. 2015. Web. 30 Jan. 2018.

Forni, Amy Ann, and Rob van der Meulen. “Gartner Says By 2020, a Corporate ‘No-Cloud’ Policy Will Be as Rare as a ‘No-Internet’ Policy Is Today.” Gartner. 22 June 2016. Web.

Gaska, Curtis. “4 Unexpected Benefits of Moving to the Cloud.” Symmetry. 22 Sept. 2015. Web. 30 Jan. 2018.

IBM. “Cost of Data Breach Study.” IBM Security. 2017. Web. 30 Jan. 2018.

ISACA.“IT Control Objectives for Cloud Computing.” ISACA. 2011. Web.

Ivan. “SaaS, PaaS, and IaaS: What are They?” The Cloud Infographic. 2 March 2012. Web. Jan. 30, 2018.

Lanich, Zach. “The Benefits of Moving To The Cloud.” Forbes. 19 May 2017. Web. 30 Jan. 2018.

LevelCloud. “Advantages and Disadvantages of Cloud Computing.” LevelCloud. n.d. Web. 1 Dec. 2018.

Liu, Sam. “6 Benefits of Moving to the Cloud.” MicroStrategy. 9 Nov. 2016. Web. 30 Jan. 2018.

Locklear, Mallory. “Accenture left four servers of sensitive data completely unprotected.” Engadget. 10 Oct. 2017. Web. 30 Jan. 2018.

Marks, Eric. “Designing and Implementing Cloud Governance: Cloud, and Cloud Governance, are Emerging Capabilities.” IDC and IDG Cloud Leadership Forum. n.d. Web.

Mell, Peter, and Timothy Grance. “The NIST Definition of Cloud Computing.” National Institute of Standards and Technology. Sept. 2011. Web.

Metz, Cade. “The Epic Story of Dropbox’s Exodus From the Amazon Cloud Empire.” Wired. 14 March 2016. Web. 30 Jan. 2018.

Napoleon Dynamite. Directed by Jared Hess. Fox Searchlight Pictures, 2004.

Peterson, Becky. “Companies waste $62 billion on the cloud by paying to capacity they don’t need, according to a report.” Business Insider. 1 Dec. 2017. Web. 30 Jan. 2018.

Prajogo, Himawan. “4 Reasons Your Business Should Move To The Cloud.” Digitalist Magazine. 7 Dec. 2016. Web. 30 Jan. 2018.

Rathnam, Lavanya. “Should Your Business Move to the Cloud?” Cloudwards. 11 May 2017. Web. 30 Jan. 2018.

Rebello, Oscar et al. “Empirical evaluation of a cloud computing information security governance framework.” Information and Software Technology, vol. 58, 2015, pp. 44-57.

RightScale. “2016 State of the Cloud Report.” RightScale. Feb 2016. Web.

RightScale. “2017 State of the Cloud Report.” RightScale. Feb. 2017. Web.

Rouse, Margaret. “Definition: colocation (colo).” TechTarget. Aug. 2015. Web. 30 Jan. 2018.

Ruparelia, Nayan B. Cloud Computing. Cambridge: The MIT Press, 2016.

Saade, Raafat George, Heilu Dong, and James Wan. “Factors of Project Manager Success.” Interdisciplinary Journal of Information, Knowledge, and Management, vol. 10, 2015, pp. 63-80.

Saidah, Ahmed Shaker. “New governance framework to secure cloud computing.” In Cloud Computing and Services Sciences International Conference in Cloud Computing and Services Sciences, CLOSER 2014 Barcelona Spain, April 3-5, 2014 Revised Selected Papers. Springer International Publishing, 2014.

Salesforce UK. “Why Move To The Cloud? 10 Benefits of Cloud Computing.” Salesforce. 17 Nov. 2015. Web. 30 Jan. 2018.

Sherif, Nabeel. “Private Cloud or Public Cloud? The Story of Dropbox and Netflix.” IT Canada Online. 16 May 2017. Web. 30 Jan. 2017.

Softchoice. “The State of Cloud Readiness.” Softchoice. 2016. Web.

Suicimezov, Natalia, and Mircea Radu Georgescu. “IT governance in Cloud.” Procedia Economics and Finance, vol. 15, 2014, pp. 830-835.

Techopedia. “Community Cloud.” Techopedia. n.d. Web. 30 Jan. 2018.

University of Glasgow. “IT Strategy.” University of Glasgow. April 2014. Web.

Waterford Technologies. “2017 Cloud Facts and Statistics.” Waterford Technologies. 1 Feb. 2017. Web.

Willis Towers Watson. “The great data myth: Is the Cloud really less secure than onsite?” Willis Towers Watson Wire. 6 Sept. 2017. Web. 30 Jan. 2018.

Wood, Susan. “5 Disadvantages of Cloud Computing.” The Balance. 27 Dec. 2017. Web. 30 Jan. 2018.