Define Your Cloud Vision

Define your cloud vision before it defines you

Analyst perspective

Use the cloud’s strengths. Mitigate its weaknesses.

The cloud isn’t magic. It’s not necessarily cheaper, better, or even available for the thing you want it to do. It’s not mysterious or a cure-all, and it does take a bit of effort to systematize your approach and make consistent, defensible decisions about your cloud services. That’s where this blueprint comes in.

Your cloud vision is the culmination of this effort all boiled down into a single statement: “This is how we want to use the cloud.” That simple statement should, of course, be representative of – and built from – a broader, contextual strategy discussion that answers the following questions: What should go to the cloud? What kind of cloud makes sense? Should the cloud deployment be public, private, or hybrid? What does a migration look like? What risks and roadblocks need to be considered when exploring your cloud migration options? What are the “day 2” activities that you will need to undertake after you’ve gotten the ball rolling?

Taken as a whole, answering these questions is difficult task. But with the framework provided here, it’s as easy as – well, let’s just say it’s easier.

Jeremy Roberts

Research Director, Infrastructure and Operations

Info-Tech Research Group

Executive Summary

Your Challenge

• You are both extrinsically motivated to move to the cloud (e.g. by vendors) and intrinsically motivated by internal digital transformation initiatives.
• You need to define the cloud’s true value proposition for your organization without assuming it is an outsourcing opportunity or will save you money.
• Your industry, once cloud-averse, is now normalizing the use of cloud services, but you have not established a basic cloud vision from which to develop a strategy at a later point.

Common Obstacles

• Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
• Many organizations have a foot in the cloud already, but these decisions have been made in an ad hoc rather than systematic fashion.
• You lack a consistent framework to assess your workloads’ suitability for the cloud.

Info-Tech's Approach

• Evaluate workloads’ suitability for the cloud using Info-Tech’s methodology to select the optimal migration (or non-migration) path based on the value of cloud characteristics.
• Codify risks tied to workloads’ cloud suitability and plan mitigations.
• Build a roadmap of initiatives for actions by workload and risk mitigation.
• Define a cloud vision to share with stakeholders.

Info-Tech Insight: 1) Base migration decisions on cloud characteristics. If your justification for the migration is simply getting your workload out of the data center, think again. 2) Address the risks up front in your migration plan. 3) The cloud changes roles and calls for different skill sets, but Ops is here to stay.

Your challenge

This research is designed to help organizations who need to:

• Identify workloads that are good candidates for the cloud.
• Develop a consistent, cost-effective approach to cloud services.
• Outline and mitigate risks.
• Define your organization’s cloud archetype.
• Map initiatives on a roadmap.
• Communicate your cloud vision to stakeholders so they can understand the reasons behind a cloud decision and differentiate between different cloud service and deployment models.
• Understand the risks, roadblocks, and limitations of the cloud.

“Now we’re moving from a world where companies like Oracle and Microsoft and HP and Dell are all critically important to a world where Microsoft is still important, but Amazon is really important. Google is important. So not just the technology changed, but all the major vendors they’re betting their business on have also changed. And that’s super hard for people.” –David Chappell, Author and Speaker

Common obstacles

These barriers make this challenge difficult to address for many organizations:

• Organizations jump to the cloud before defining their cloud vision and without any clear plan for realizing the cloud’s benefits.
• Many organizations already have a foot in the cloud, but the choice to explore these solutions was made in an ad hoc rather than systematic fashion. The cloud just sort of happened.
• The lack of a consistent assessment framework means that some workloads that probably belong in the cloud are kept on premises or with hosted services providers – and vice versa.
• Securing cloud expertise is remarkably difficult – especially in a labor market roiled by the global pandemic and the increasing importance of cloud services.

Standard cloud challenges

30% of all cloud spend is self-reported as waste. Many workloads that end up in the cloud don’t belong there. Many workloads that do belong in the cloud aren’t properly migrated. (Flexera, 2021)

44% of respondents report themselves as under-skilled in the cloud management space. (Pluralsight, 2021)

Info-Tech’s approach

Goals and drivers

• Service model
  • What type of cloud makes the most sense for workload archetypes? When does it make sense to pick SaaS over IaaS, for example?
• Delivery model
  • Will services be delivered over the public cloud, a private cloud, or a hybrid cloud? What challenges accompany this decision?

• Migration Path
  • What does the migration path look like? What does the transition to the cloud look like, and how much effort will be required? Amazon’s 6Rs framework captures migration options: rehosting, repurchasing, replatforming, and refactoring, along with retaining and retiring. Each workload should be assessed for its suitability for one or more of these paths.

• Support model
  • How will services be provided? Will staff be trained, new staff hired, a service provider retained for ongoing operations, or will a consultant with cloud expertise be brought on board for a defined period? The appropriate support model is highly dependent on goals along with expected outcomes for different workloads.

Highlight risks and roadblocks

Formalize cloud vision

Document your cloud strategy

The Info-Tech difference:

1. Determine the hypothesized value of cloud for your organization.
2. Evaluate workloads with 6Rs framework.
3. Identify and mitigate risks.
4. Identify cloud archetype.
5. Plot initiatives on a roadmap.
6. Write action plan statement and goal statement.

What is the cloud, how is it deployed, and how is service provided?

Cloud Characteristics

1. On-demand self-service: the ability to access reosurces instantly without vendor interaction
2. Broad network access: all services delivered over the network
3. Resource pooling: multi-tenant environment (shared)
4. Rapid elasticity: the ability to expand and retract capabilities as needed
5. Measured service: transparent metering

Service Model:

1. Software-as-a-Service: all but the most minor configuration is done by the vendor
2. Platform-as-a-Service: customer builds the application using tools provided by the provider
3. Infrastructure-as-a-Service: the customer manages OS, storage, and the application

Delivery Model

1. Public cloud: accessible to anyone over the internet; multi-tenant environment
2. Private cloud: provisioned for a single organization with multiple units
3. Hybrid cloud: two or more connected clouds; data is portage across them
4. Community cloud: provisioned for a specific group of organizations

(National Institute of Standards and Technology)

A workload-first approach will allow you to take full advantage of the cloud’s strengths

• Under all but the most exceptional circumstances, good cloud strategies will incorporate different service models. Very few organizations are “IaaS shops” or “SaaS shops,” even if they lean heavily in one direction.
• These different service models (including non-cloud options like colocation and on-premises infrastructure) each have different strengths. Part of your cloud strategy should involve determining which of the services makes the most sense for you.
• Own the cloud by understanding which cloud (or non-cloud!) offering makes the most sense for you given your unique context.

Migration paths

In a 2016 blog post, Amazon introduced a framework for understanding cloud migration strategies. The framework presented here is slightly modified – including a “relocate” component rather than a “retire” component – but otherwise hews close to the standard.

These migration paths reflect organizational capabilities and desired outcomes in terms of service models – cloud or otherwise. Retention means keeping the workload where it is, in a datacenter or a colocation service, or relocating to a colocation or hosted software environment. These represent the “non-cloud” migration paths.

In the graphic on the right, the paths within the red box lead to the cloud. Rehosting means lifting and shifting to an infrastructure environment. Migrating a virtual machine from your VMware environment on premises to Azure Virtual machines is a quick way to realize some benefits from the cloud. Migrating from SQL Server on premises to a cloud-based SQL solution looks a bit more like changing platforms (replatforming). It involves basic infrastructure modification without a substantial architectural component.

Refactoring is the most expensive of the options and involves engaging the software development lifecycle to build a custom solution, fundamentally rewriting the solution to be cloud native and take advantage of cloud-native architectures. This can result in a PaaS or an IaaS solution.

Finally, repurchasing means simply going to market and procuring a new solution. This may involve migrating data, but it does not require the migration of components.

Migration Paths

Retain (Revisit)

• Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

Relocate

• Move the workload between datacenters or to a hosted software/colocation provider.

Rehost

• Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

Replatform

• Move the application to the cloud and perform a few changes for cloud optimizations.

Refactor

• Rewrite the application, taking advantage of cloud-native architectures.

Repurchase

• Replace with an alternative, cloud-native application and migrate the data.

Support model

Support models by characteristic

IT services, including cloud services, can be delivered and managed in multiple ways depending on the nature of the workload and the organization’s intended path forward. Three high-level options are presented here and may be more or less valuable based on the duration of the expected engagement with the service (temporary or permanent), the skills specialization required, and the flexibility necessary to complete the job.

By way of example, a highly technical, short-term project with significant flexibility requirements might be a good fit for an expensive consultant, whereas post-implementation maintenance of a cloud email system requires relatively little specialization and flexibility and would therefore be a better fit for internal management.

There is no universally applicable rule here, but there are some workloads that are generally a good fit for the cloud and others that are not as effective, with that fit being conditional on the appropriate support model being employed.

Risks, roadblocks, and strategy components

No two cloud strategies are exactly alike, but all should address 14 key areas. A key step in defining your cloud vision is an assessment of these strategy components. Lower maturity does not preclude an aggressive cloud strategy, but it does indicate that higher effort will be required to make the transition.

Cloud archetypes – a cloud vision component

Once you understand the value of the cloud, your workloads’ general suitability for cloud, and your proposed risks and mitigations, the next step is to define your cloud archetype.

Your organization’s cloud archetype is the strategic posture that IT adopts to best support the organization’s goals. Info-Tech’s model recognizes seven archetypes, divided into three high-level archetypes.

After consultation with your stakeholders, and based on the results of the suitability and risk assessment activities, define your archetype. The archetype feeds into the overall cloud vision and provides simple insight into the cloud future state for all stakeholders.

The cloud vision itself is captured in a “vision statement,” a short summary of the overall approach that includes the overall cloud archetype.

Info-Tech’s methodology for defining your cloud vision

Insight summary

The cloud may not be right for you – and that’s okay!

Don’t think about the cloud as an inevitable next step for all workloads. The cloud is merely another tool in the toolbox, ready to be used when appropriate and put away when it’s not needed. Cloud first isn’t always the way to go.

Not all clouds are equal

It’s not “should I go to the cloud?” but “what service and delivery models make sense based on my needs and risk tolerance?” Thinking about the cloud as a binary can force workloads into the cloud that don’t belong (and vice versa).

Bottom-up is best

A workload assessment is the only way to truly understand the cloud’s value. Work from the bottom up, not the top down, understand what characteristics make a workload cloud suitable, and strategize on that basis.

Your accountability doesn’t change

You are still accountable for maintaining available, secure, functional applications and services. Cloud providers share some responsibility, but the buck stops where it always has: with you.

Don’t customize for the sake of customization

SaaS providers make money selling the same thing to everyone. When migrating a workload to SaaS, work with stakeholders to pursue standardization around a selected platform and avoid customization where possible.

Best of both worlds, worst of both worlds

Hybrid clouds are in fashion, but true hybridity comes with additional cost, administration, and other constraints. A convoy moves at the speed of its slowest member.

The journey matters as much as the destination

How you get there is as important as what “there” actually is. Any strategy that focuses solely on the destination misses out on a key part of the value conversation: the migration strategy.

Blueprint benefits

Cloud Vision Executive Presentation

This presentation captures the results of the exercises and presents a complete vision to stakeholders including a desired target state, a rubric for decision making, the results of the workload assessments, and an overall risk profile.

Cloud Vision Workbook

This workbook includes the standard cloud workload assessment questionnaire along with the results of the assessment. It also includes the milestone timeline for the implementation of the cloud vision.

Blueprint benefits

IT Benefits

• A consistent approach to the cloud takes the guesswork out of deployment decisions and makes it easier for IT to move on to the execution stage.
• When properly incorporated, cloud services come with many benefits, including automation, elasticity, and alternative architectures (micro-services, containers). The cloud vision project will help IT readers articulate expected benefits and work towards achieving them.
• A clear framework for incorporating organizational goals into cloud plans.

Business benefits

• Simple, well-governed access to high-quality IT resources.
• Access to the latest and greatest in technology to facilitate remote work.
• Framework for cost management in the cloud that incorporates OpEx and chargebacks/showbacks. A clear understanding of expected changes to cost modeling is also a benefit of a cloud vision.
• Clarity for stakeholders about IT’s response (and contribution to) IT strategic initiatives.

Measure the value of this blueprint

Don’t take our word for it:

• The cloud vision material in various forms has been offered for several years, and members have generally benefited substantially, both from cloud vision workshops and from guided implementations led by analysts.
• After each engagement, we send a survey that asks members how they benefited from the experience. Of 30 responses, the cloud vision research has received an average score of 9.8/10. Real members have found significant value in the process.
• Additionally, members reported saving between 2 and 120 days (for an average of 17), and financial savings ranged from $1,920 all the way up to $1.27 million, for an average of $170,577.90! If we drop outliers on both ends, the average reported value of a cloud vision engagement is $37, 613.
• Measure the value by calculating the time saved from using Info-Tech’s framework vs. a home-brewed cloud strategy alternative and by comparing the overall cost of a guided implementation or workshop with the equivalent offering from another firm. We’re confident you’ll come out ahead.

9.8/10 Average reported satisfaction

17 Days Average reported time savings

$37, 613 Average cost savings (adj.)

Executive Brief Case Study

Industry: Financial

Source: Info-Tech workshop

Anonymous financial institution

A small East Coast financial institution was required to develop a cloud strategy. This strategy had to meet several important requirements, including alignment with strategic priorities and best practices, along with regulatory compliance, including with the Office of the Comptroller of the Currency.

The bank already had a significant cloud footprint and was looking to organize and formalize the strategy going forward.

Leadership needed a comprehensive strategy that touched on key areas including the delivery model, service models, individual workload assessments, cost management, risk management and governance. The output had to be consumable by a variety of audiences with varying levels of technical expertise and had to speak to IT’s role in the broader strategic goals articulated earlier in the year.

Results

The bank engaged Info-Tech for a cloud vision workshop and worked through four days of exercises with various IT team members. The bank ultimately decided on a multi-cloud strategy that prioritized SaaS while also allowing for PaaS and IaaS solutions, along with some non-cloud hosted solutions, based on organizational circumstances.

Bank cloud vision

[Bank] will provide innovative financial and related services by taking advantage of the multiplicity of best-of-breed solutions available in the cloud. These solutions make it possible to benefit from industry-level innovations, while ensuring efficiency, redundancy, and enhanced security.

Bank cloud decision workflow

• SaaS
  • Platform?
    • Yes
      • PaaS
    • No
      • Hosted
    • IaaS
      • Other

Non-cloud

Cloud

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this crticial project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off imediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge the take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks are used throughout all four options.

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

Phase 1

• Call #1: Discuss current state, challenges, etc.
• Call #2: Goals, drivers, and current state.

Phase 2

• Call #3: Conduct cloud suitability assessment for selected workloads.

Phase 3

• Call #4: Generate and categorize risks.
• Call #5: Begin the risk mitigation conversation.

Phase 4

• Call #6: Complete the risk mitigation process
• Call #7: Finalize vision statement and cloud decision framework.

Workshop Overview

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Understand the cloud

Build the foundations of your cloud vision

Phase 1

Phase 1

Understand the Cloud

Phase 1

1.1 Generate goals and drivers

1.2 Explore cloud characteristics

1.3 Create a current state summary

1.4 Select workloads for analysis

Phase 2

2.1 Conduct workload assessments

2.2 Determine workload future states

Phase 3

3.1 Generate risks and roadblocks

3.2 Mitigate risks and roadblocks

3.3 Define roadmap initiatives

Phase 4

4.1 Review and assign work items

4.2 Finalize cloud decision framework

4.3 Create cloud vision

This phase will walk you through the following activities:

1.1.1 Generate organizational goals

1.1.2 Define cloud drivers

1.1.3 Define success indicators

1.3.1 Record your current state

1.4.1 Select workloads for further assessment

This phase involves the following participants:

IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders.

It starts with shared understanding

Stakeholders must agree on overall goals and what “cloud” means

The cloud is a nebulous term that can reasonably describe services ranging from infrastructure as a service as delivered by providers like Amazon Web Services and Microsoft through its Azure platform, right up to software as a service solutions like Jira or Salesforce. These solutions solve different problems – just because your CRM would be a good fit for a migration to Salesforce doesn’t mean the same system would make sense in Azure or AWS.

This is important because the language we use to talk about the cloud can color our approach to cloud services. A “cloud-first” strategy will mean something different to a CEO with a concept of the cloud rooted in Salesforce than it will to a system administrator who interprets it to mean a transition to cloud-hosted virtual machines.

Add to this the fact that not all cloud services are hosted externally by providers (public clouds) and the fact that multiple delivery models can be engaged at once through hybrid or multi-cloud approaches, and it’s apparent that a shared understanding of the cloud is necessary for a coherent strategy to take form.

This phase proceeds in four steps, each governed by the principle of shared understanding. The first requires a shared understanding of corporate goals and drivers. Step 2 involves coming to a shared understanding of the cloud’s unique characteristics. Step 3 requires a review of the current state. Finally, in Step 4, participants will identify workloads that are suitable for analysis as candidates for the cloud.

Step 1.1

Generate goals and drivers

Activities

1.1.1 Define organizational goals

1.1.2 Define cloud drivers

1.1.3 Define success indicators

Generate goals and drivers

Explore cloud characteristics

Create a current state summary

Select workloads for analysis

This step involves the following participants:

• IT management
• Core working group
• Security
• Applications
• Infrastructure
• Service management
• Leadership

Outcomes of this step

• List of organizational goals
• List of cloud drivers
• Defined success indicators

What can the cloud do for you?

The cloud is not valuable for its own sake, and not all users derive the same value

• The cloud is characterized by on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Any or all of those characteristics might be enough to make the cloud appealing, but in most cases, there is an overriding driver.
• Multiple paths may lead to the cloud. Consider an organization with a need to control costs by showing back to business units, or perhaps by reducing capital expenditure – the cloud may be the most appropriate way to effect these changes. Conversely, an organization expanding rapidly and with a need to access the latest and greatest technology might benefit from the elasticity and pooled resources that major cloud providers can offer.
• In these cases, the destination might be the same (a cloud solution) but the delivery model – public, private, or hybrid – and the decisions made around the key strategy components, including architecture, provisioning, and cost management, will almost certainly be different.
• Defining goals, understanding cloud drivers, and – crucially – understanding what success means, are all therefore essential elements of the cloud vision process.

1.1.1 Generate organizational goals

1-3 hours

Input

• Strategy documentation

Output

• Organizational goals

Materials

• Whiteboard (digital/physical)

Participants

• IT leadership
• Infrastructure
• Applications
• Security

1. As a group, brainstorm organizational goals, ideally based on existing documentation
• Review relevant corporate and IT strategies.
• If you do not have access to internal documentation, review the standard goals on the next slide and select those that are most relevant for you.
2. Record the most important business goals in the Cloud Vision Executive Presentation. Include descriptions where possible to ensure wide readability.
3. Make note of these goals. They should inform the answers to prompts offered in the Cloud Vision Workbook and should be a consistent presence in the remainder of the visioning exercise. If you’re conducting the session in person, leave the goals up on a whiteboard and make reference to them throughout the workshop.

Cloud Vision Executive Presentation

Standard COBIT 19 enterprise goals

1. Portfolio of competitive products and services
2. Managed business risk
3. Compliance with external laws and regulations
4. Quality of financial information
5. Customer-oriented service culture
6. Business service continuity and availability
7. Quality of management information
8. Optimization of internal business process functionality
9. Optimization of business process costs
10. Staff skills, motivation, and productivity
11. Compliance with internal policies
12. Managed digital transformation programs
13. Product and business innovation

1.1.2 Define cloud drivers

30-60 minutes

Input

• Organizational goals
• Strategy documentation
• Management/staff perspective

Output

• List of cloud drivers

Materials

• Sticky notes
• Whiteboard
• Markers

Participants

• IT leadership
• Infrastructure
• Applications
• Security

1. Cloud drivers sit at a level of abstraction below organizational goals. Keeping your organizational goals in mind, have each participant in the session write down how they expect to benefit from the cloud on a sticky note.
2. Solicit input one at a time and group similar responses. Encourage participants to bring forward their cloud goals even if similar goals have been mentioned previously. The number of mentions is a useful way to gauge the relative weight of the drivers.
3. Once this is done, you should have a few groups of similar drivers. Work with the group to name each category. This name will be the driver reported in the documentation.
4. Input the results of the exercise into the Cloud Vision Executive Presentation, and include descriptions based on the constituent drivers. For example, if a driver is titled “do more valuable work,” the constituent drivers might be “build cloud skills,” “focus on core products,” and “avoid administration work where possible.” The description would be based on these components.

Cloud Vision Executive Presentation

1.1.3 Define success indicators

1 hour

Input

• Cloud drivers
• Organizational goals

Output

• List of cloud driver success indicators

Materials

• Whiteboard
• Markers

Participants

• IT leadership
• Infrastructure
• Applications
• Security

1. On a whiteboard, draw a table with each of the cloud drivers (identified in 1.1.2) across the top.
2. Work collectively to generate success indicators for each cloud driver. In this case, a success indicator is some way you can report your progress with the stated driver. It is a real-world proxy for the sometimes abstract phenomena that make up your drivers. Think about what would be true if your driver was realized.
   1. For example, if your driver is “faster access to resources,” you might consider indicators like developer satisfaction, project completion time, average time to provision, etc.
3. Once you are satisfied with your list of indicators, populate the slide in the Cloud Vision Executive Presentation for validation from stakeholders.

Cloud Vision Executive Presentation

Step 1.2

Explore cloud characteristics

Activities

Understand the value of the cloud:

• Review delivery models
• Review support models
• Review service models
• Review migration paths

Understand the Cloud

Generate goals and drivers

Explore cloud characteristics

Create a current state summary

Select workloads for analysis

This step involves the following participants:

• Core working group
• Architecture
• Engineering
• Security

Outcomes of this step

• Understanding of cloud service models and value

Defining the cloud

Per NIST, the cloud has five fundamental characteristics. All clouds have these characteristics, even if they are executed in somewhat different ways between delivery models, service models, and even individual providers.

Cloud characteristics

On-demand self-service

Cloud customers are capable of provisioning cloud resources without human interaction (e.g. contacting sales), generally through a web console.

Broad network access

Capabilities are designed to be delivered over a network and are generally intended for access by a wide variety of platform types (cloud services are generally device-agnostic).

Resource pooling

Multiple customers (internal, in the case of private clouds) make use of a highly abstracted shared infrastructure managed by the cloud provider.

Rapid elasticity

Customers are capable of provisioning additional resources as required, pulling from a functionally infinite pool of capacity. Cloud resources can be spun-down when no longer needed.

Measured service

Consumption is metered based on an appropriate unit of analysis (number of licenses, storage used, compute cycles, etc.) and billing is transparent and granular.

Cloud delivery models

The NIST definition of cloud computing outlines four cloud delivery models: public, private, hybrid, and community clouds. A community cloud is like a private cloud, but it is provisioned for the exclusive use of a like-minded group of organizations, usually in a mutually beneficial, non-competitive arrangement. Universities and hospitals are examples of organizations that can pool their resources in this way without impacting competitiveness. The Info-Tech model covers three key delivery models – public, private, and hybrid, and an overarching model (multi-cloud) that can comprise more than one of the other models – public + public, public + hybrid, etc.

Public

The cloud service is provisioned for access by the general public (customers).

Private

A private cloud has the five key characteristics, but is provisioned for use by a single entity, like a company or organization.

Hybrid

Hybridity essentially refers to interoperability between multiple cloud delivery models (public +private).

Multi

A multi-cloud deployment requires only that multiple clouds are used without any necessary interoperability (Nutanix, 2019).

Public cloud

This is what people generally think about when they talk about cloud

• The public cloud is, well, public! Anyone can make use of its resources, and in the case of the major providers, capacity is functionally unlimited. Need to store exabytes of data in the cloud? No problem! Amazon will drive a modified shipping container to your datacenter, load it up, and “migrate” it to a datacenter.
• Public clouds offer significant variety on the infrastructure side. Major IaaS providers, like Microsoft and Amazon, offer dozens of services across many different categories including compute, networking, and storage, but also identity, containers, machine learning, virtual desktops, and much, much more. (See a list from Microsoft here, and Amazon here)
• There are undoubtedly strengths to the public cloud model. Providers offer the “latest and greatest” and customers need not worry about the details, including managing infrastructure and physical locations. Providers offer built-in redundancy, multi-regional deployments, automation tools, management and governance solutions, and a variety of leading-edge technologies that would not be feasible for organizations to run in-house, like high performance compute, blockchain, or quantum computing.
• Of course, the public cloud is not all sunshine and rainbows – there are downsides as well. It can be expensive; it can introduce regulatory complications to have to trust another entity with your key information. Additionally, there can be performance hiccups, and with SaaS products, it can be difficult to monitor at the appropriate (per-transaction) level.

Prominent examples include:

AWS

Microsoft

Azure

Salesforce.com

Workday

SAP

Private cloud

A lower-risk cloud for cloud-averse customers?

• A cloud is a cloud, no matter how small. Some IT shops deploy private clouds that make use of the five key cloud characteristics but provisioned for the exclusive use of a single entity, like a corporation.
• Private clouds have numerous benefits. Some potential cloud customers might be uncomfortable with the shared responsibility that is inherent in the public cloud. Private clouds allow customers to deliver flexible, measured services without having to surrender control, but they require significant overhead, capital expenditure, administrative effort, and technical expertise.
• According to the 2021 State of the Cloud Report, private cloud use is common, and the most frequently cited toolset is VMware vSphere, followed by Azure Stack, OpenStack, and AWS Outposts. Private cloud deployments are more common in larger organizations, which makes sense given the overhead required to manage such an environment.

Private cloud adoption

VMware and Microsoft lead the pack among private cloud customers, with Amazon and Red Hat also substantially present across private cloud environments.

Hybrid cloud

The best of both worlds?

Hybrid cloud architectures combine multiple cloud delivery models and facilitate some level of interoperability. NIST suggests bursting and load balancing as examples of hybrid cloud use cases. Note: it is not sufficient to simply have multiple clouds running in parallel – there must be a toolset that allows for an element of cross-cloud functionality.

This delivery model is attractive because it allows users to take advantage of the strengths of multiple service models using a single management pane. Bursting across clouds to take advantage of additional capacity or disaster recovery capabilities are two obvious use cases that appeal to hybrid cloud users.

But while hybridity is all the rage (especially given the impact Covid-19 has had on the workplace), the reality is that any hybrid cloud user must take the good with the bad. Multiple clouds and a management layer can be technically complex, expensive, and require maintaining a physical infrastructure that is not especially valuable (“I thought we were moving to the cloud to get out of the datacenter!”).

Before selecting a hybrid approach through services like VMware Cloud on AWS or Microsoft’s Azure Stack, consider the cost, complexity, and actual expected benefit.

Amazon, Microsoft, and Google dominate public cloud IaaS, but IBM is betting big on hybrid cloud:

With its acquisition of Red Hat in 2019 for $34 billion, Big Blue put its money where its mouth is and acquired a substantial hybrid cloud business. At the time of the acquisition, Red Hat’s CEO, Jim Whitehurst, spoke about the benefit IBM expected to receive:

“Joining forces with IBM gives Red Hat the opportunity to bring more open source innovation to an even broader range of organizations and will enable us to scale to meet the need for hybrid cloud solutions that deliver true choice and agility” (Red Hat, 2019).

Multi-cloud

For most organizations, the multi-cloud is the most realistic option.

Multi-cloud is popular!

Multi-cloud solutions exist at a different layer of abstraction from public, private, and even hybrid cloud delivery models. A multi-cloud architecture, as the name suggests, requires the user to be a customer of more than one cloud provider, and it can certainly include a hybrid cloud deployment, but it is not bound by the same rules of interoperability.

Many organizations – especially those with fewer resources or a lack of a use case for a private cloud – rely on a multi-cloud architecture to build applications where they belong, and they manage each environment separately (or occasionally with the help of cloud management platforms).

If your data team wants to work in AWS and your enterprise services run on basic virtual machines in Azure, that might be the most effective architecture. As the Flexera 2021 State of the Cloud Report suggests, this architecture is far more common than the more complicated bursting or brokering architectures characteristic of hybrid clouds.

NIST cloud service models

Software as a service

SaaS has exploded in popularity with consumers who wish to avail themselves of the cloud’s benefits without having to manage underlying infrastructure components. SaaS is simple, generally billed per-user per-month, and is almost entirely provider-managed.

Platform as a service

PaaS providers offer a toolset for their customers to run custom applications and services without the requirement to manage underlying infrastructure components. This service model is ideal for custom applications/services that don’t benefit from highly granular infrastructure control.

Infrastructure as a service

IaaS represents the sale of components. Instead of a service, IaaS providers sell access to components, like compute, storage, and networking, allowing for customers to build anything they want on top of the providers’ infrastructure.

Cloud service models

• This research focuses on five key service models, each of which has its own strengths and weaknesses. Moving right from “on-prem,” customers gradually give up more control over their environments to cloud service providers.
• An entirely premises-based environment means that the customer is responsible for everything ranging from the dirt under the datacenter to application-level configurations. Conversely, in a SaaS environment, the provider is responsible for everything but those top-level application configurations.
• A managed service provider or other third party can manage any or of the components of the infrastructure stack. A service provider may, for example, build a SaaS solution on top of another provider’s IaaS, or might offer configuration assistance with a commercially available SaaS.

Info-Tech Insight

Not all workloads fit well in the cloud. Many environments will mix service models (e.g. SaaS for some workloads, some in IaaS, some on-premises), and this can be perfectly effective. It must be consistent and intentional, however.

Organization has control

Organization or vendor may control

Vendor has control

Analytics folly

SaaS is good, but it’s not a panacea

Industry: Healthcare

Source: Info-Tech workshop

Situation

A healthcare analytics provider had already moved a significant number of “non-core workloads” to the cloud, including email, HRIS, and related services.

The company CEO was satisfied with the reduced effort required by IT to manage SaaS-based workloads and sought to extend the same benefits to the core analytics platform where there was an opportunity to reduce overhead.

Complication

Many components of the health analytics service were designed to run specifically in a datacenter and were not ready to be migrated to the cloud without significant effort/refactoring. SaaS was not an option because this was a core platform – a SaaS provider would have been the competition.

That left IaaS, which was expensive and would not bring the expected benefits (reduced overhead).

Results

The organization determined that there were no short-term gains from migrating to the cloud. Due to the nature of the application (its extensive customization, the fact that it was a core product sold by the company) any steps to reduce operational overhead were not feasible.

The CEO recognized that the analytics platform was not a good candidate for the cloud and what distinguished the analytics platform from more suitable workloads.

Migration paths

In a 2016 blog post, Amazon Web Services articulated a framework for cloud migration that incorporates elements of the journey as well as the destination. If workload owners do not choose to retain or retire their workloads, there are four alternatives. These alternatives all stack up differently along five key dimensions:

1. Value: does the workload stand to benefit from unique cloud characteristics? To what degree?
2. Effort: how much work would be required to make the transition?
3. Cost: how much money is the migration expected to cost?
4. Time: how long will the migration take?
5. Skills: what skills must be brought to bear to complete the migration?

Not all migration paths can lead to all destinations. Rehosting generally means IaaS, while repurchasing leads to SaaS. Refactoring and replatforming have some variety of outcomes, and it becomes possible to take advantage of new IaaS architectures or migrate workloads over fully to SaaS.

As part of the workload assessment process, use the five dimensions (expanded upon on the next slide) to determine what migration path makes sense. Preferred migration paths form an important part of the overall cloud vision process.

Retain (Revisit)

• Keep the application in its current form, at least for now. This doesn’t preclude revisiting it in the future.

Retire

• Get rid of the application completely.

Rehost

• Move the application to the cloud (IaaS) and continue to run it in more or less the same form as it currently runs.

Replatform

• Move the application to the cloud and perform a few changes for cloud optimizations.

Refactor

• Rewrite the application, taking advantage of cloud native architectures.

Repurchase

• Replace with an alternative, cloud-native application and migrate the data.

Migration paths – relative value

Where should you get your cloud skills?

Cloud skills are certainly top of mind right now. With the great upheaval in both work patterns and in the labor market more generally, expertise in cloud-related areas is simultaneously more valuable and more difficult to procure. According to Pluralsight’s 2021 “State of Upskilling” report, 44% of respondents report themselves under-skilled in the cloud management area, making cloud management the most significant skill gap reported on the survey.

Everyone left the office. Work as we know it is fundamentally altered for a generation or more. Cloud services shot up in popularity by enabling the transition. And yet there is a gap – a prominent gap – in skilling up for this critically important future. What is the cloud manager to do?

Per the framework presented here, that manager has three essential options. They may take somewhat different forms depending on specific requirements and the quirks of the local market, but the options are:

1. Train or hire internal resources: This might be easier said than done, especially for more niche skills, but makes sense for workloads that are critical to operations for the long term.
2. Engage a managed service provider: MSPs are often engaged to manage services where internal IT lacks bandwidth or expertise.
3. Hire a consultant: Consultants are great for time-bound implementation projects where highly specific expertise is required, such as a migration or implementation project.

Each model makes sense to some degree. When evaluating individual workloads for cloud suitability, it is critical to consider the support model – both immediate and long term. What makes sense from a value perspective?

Cloud decisions – summary

A key component of the Info-Tech cloud vision model is that it is multi-layered. Not every decision must be made at every level. At the workload level, it makes sense to select service models that make sense, but each workload does not need its own defined vision. Workload-level decisions should be guided by an overall strategy but applied tactically, based on individual workload characteristics and circumstances.

Conversely, some decisions will inevitably be applied at the environment level. With some exceptions, it is unlikely that cloud customers will build an entire private/hybrid cloud environment around a single solution; instead, they will define a broader strategy and fit individual workloads into that strategy.

Some considerations exist at both the workload and environment levels. Risks and roadblocks, as well as the preferred support model, are concerns that exist at both the environment level and at the workload level.

Step 1.3

Create a current state summary

Activities

1.3.1 Record your current state

Understand the Cloud

Generate goals and drivers

Explore cloud characteristics

Create a current state summary

Select workloads for analysis

This step involves the following participants: Core working group

Outcomes of this step

• Current state summary of cloud solutions

1.3.1 Record your current state

30 minutes

Input

• Knowledge of existing cloud workloads

Output

• Current state cloud summary for service, delivery, and support models

Materials

• Whiteboard

Participants

• Core working group
• Infrastructure team
• Service owners

1. On a whiteboard (real or virtual) draw a table with each of the cloud service models across the top. Leave a cell below each to list examples.
2. Under each service model, record examples present in your environment. The purpose of the exercise is to illustrate the existence of cloud services in your environment or the lack thereof, so there is no need to be exhaustive. Complete this in turn for each service model until you are satisfied that you have created an effective picture of your current cloud SaaS state, IaaS state, etc.
3. Input the results into their own slide titled “current state summary” in the Cloud Vision Executive Presentation.
4. Repeat for the cloud delivery models and support models and include the results of those exercises as well.
5. Create a short summary statement (“We are primarily a public cloud consumer with a large SaaS footprint and minimal presence in PaaS and IaaS. We retain an MSP to manage our hosted telephony solution; otherwise, everything is handled in house.”

Cloud Vision Executive Presentation

Step 1.4

Select workloads for current analysis

Activities

1.4.1 Select workloads for assessment

This step involves the following participants:

• Core working group

Outcomes of this step

• List of workloads for assessment

Understand the cloud

Generate goals and drivers

Explore cloud characteristics

Create a current state summary

Select workloads for analysis

1.4.1 Select workloads for assessment

30 minutes

Input

• Knowledge of existing cloud workloads

Output

• List of workloads to be assessed

Materials

• Whiteboard
• Cloud Vision Workbook

Participants

• Core working group
• IT management

1. In many cases, the cloud project is inspired by a desire to move a particular workload or set of workloads. Solicit feedback from the core working group about what these workloads might be. Ask everyone in the meeting to suggest a workload and record each one on a sticky note or white board (virtual or physical).
2. Discuss the results with the group and begin grouping similar workloads together. They will be subject to the assessments in the Cloud Vision Workbook, so try to avoid selecting too many workloads that will produce similar answers. It might not be obvious, but try to think about workloads that have similar usage patterns, risk levels, and performance requirements, and select a representative group.
3. You should embrace counterintuition by selecting a workload that you think is unlikely to be a good fit for the cloud if you can and subjecting it to the assessment as well for validation purposes.
4. When you have a list of 4-6 workloads, record them on tab 2 of the Cloud Vision Workbook.

Cloud Vision Workbook

Assess your cloud workloads

Build the foundations of your cloud vision

Phase 2

Phase 2

Evaluate Cloud Workloads

Phase 1

1.1 Generate goals and drivers

1.2 Explore cloud characteristics

1.3 Create a current state summary

1.4 Select workloads for analysis

Phase 2

2.1 Conduct workload assessments

2.2 Determine workload future states

Phase 3

3.1 Generate risks and roadblocks

3.2 Mitigate risks and roadblocks

3.3 Define roadmap initiatives

Phase 4

4.1 Review and assign work items

4.2 Finalize cloud decision framework

4.3 Create cloud vision

This phase will walk you through the following activities:

• Conduct workload assessments
• Determine workload future state

This phase involves the following participants:

• Subject matter experts
• Core working group
• IT management

Define Your Cloud Vision

Work from the bottom up and assess your workloads

A workload-first approach will help you create a realistic vision.

The concept of a cloud vision should unquestionably be informed by the nature of the workloads that IT is expected to provide for the wider organization. The overall cloud vision is no greater than the sum of its parts. You cannot migrate to the cloud in the abstract. Workloads need to go – and not all workloads are equally suitable for the transition.

It is therefore imperative to understand which workloads are a good fit for the cloud, which cloud service models make the most sense, how to execute the migration, what support should look like, and what risks and roadblocks you are likely to encounter as part of the process.

That’s where the Cloud Vision Workbook comes into play. You can use this tool to assess as many workloads as you’d like – most people get the idea after about four – and by the end of the exercise, you should have a pretty good idea about where your workloads belong, and you’ll have a tool to assess any net new or previously unconsidered workloads.

It’s not so much about the results of the assessment – though these are undeniably important – but about the learnings gleaned from the collaborative assessment exercise. While you can certainly fill out the assessment without any additional input, this exercise is most effective when completed as part of a group.

Introducing the Cloud Vision Workbook

• The Cloud Vision Workbook is an Excel tool that answers the age old question: “What should I do with my workloads?”
• It is divided into eight tabs, each of which offers unique value. Start by reading the introduction and inputting your list of workloads. Work your way through tabs 3-6, completing the suitability, migration, management, and risk and roadblock assessments, and review the results on tab 7.
• If you choose to go through the full battery of assessments for each workload, expect to answer and weight 111 unique questions across the four assessments. This is an intensive exercise, so carefully consider which assessments are valuable to you, and what workloads you have time to assess.
• Tab 8 hosts the milestone timeline and captures the results of the phase 3 risk and mitigation exercise.

Understand Cloud Vision Workbook outputs

Step 2.1

Conduct workload assessments

Activities

2.1.1 Conduct workload assessments

2.1.2 Interpret your results

Phase Title

Conduct workload assessments

Determine workload future state

This step involves the following participants:

• Core working group
• Workload subject matter experts

Outcomes of this step

• Completed workload assessments

2.1.1 Conduct workload assessments

2 hours per workload

Input

• List of workloads to be assessed

Output

• Completed cloud vision assessments

Materials

• Cloud Vision Workbook

Participants

• Core working group
• Service owners/workload SMEs

1. The Cloud Vision Workbook is your one stop shop for all things workload assessment. Open the tool to tab 2 and review the workloads you identified at the end of phase 1. Ensure that these are correct. Once satisfied, project the tool (virtually, if necessary) so that all participants can see the assessment questions.
2. Work through tabs 3-6, answering the questions and assigning a multiplier for each one. A higher multiplier increases the relative weight of the question, giving it a greater impact on the overall outcome.
3. Do your best to induce participants to offer opinions. Consensus is not absolutely necessary, but it is a good goal. Ask your participants if they agree with initial responses and occasionally take the opposite position (“I’m surprised you said agree – I would have thought we didn’t care about CapEx vs. OpEx”). Stimulate discussion.
4. Highlight any questions that you will need to return to or run by someone not present. Include a placeholder answer, as the tool requires all cells to be filled for computation.

Cloud Vision Workbook

2.1.2 Interpret your results

10 minutes

Input

• Completed cloud vision assessments

Output

• Shared understanding of implications

Materials

• Cloud Vision Workbook

Participants

• Core working group
• Service owners/workload SMEs

1. Once you’ve completed all 111 questions for each workload, you can review your results on tab 7. On tab 7, you will see four populated graphics: cloud suitability, migration path, “where should skills be procured?”, and risks and roadblocks. These represent the components of the overall cloud vision that you will present to stakeholders.
2. The “cloud suitability” chart captures the service model that the assessment judges to be most suitable for the workload. Ask those present if any are surprised by the output. If there is any disagreement, discuss the source of the surprise and what a more realistic outcome would be. Revisit the assessment if necessary.
3. Conduct a similar exercise with each of the other outputs. Does it make sense to refactor the workload based on its cloud suitability? Does the fact that we scored so highly on the “consultant” support model indicate something about how we handle upskilling internally? Does the profile of risks and roadblocks identified here align with expectations? What should be ranked higher? What about lower?
4. Once everyone is generally satisfied with the results, close the tool and take a break! You’ve earned it.

Cloud Vision Workbook

Understand the cloud strategy components

Each cloud strategy will take a slightly different form, but all should contain echoes of each of these components. This process will help you define your vision and direction, but you will need to take steps to execute on that vision. The remainder of the cloud strategy, covered in the related blueprint Document Your Cloud Strategy comprises these fourteen topics divided across three categories: people, governance, and technology. The workload assessment covers these under risks and roadblocks and highlights areas that may require specific additional attention. When interpreting the results, think of these areas as comprising things that you will need to do to make your vision a reality.

People

• Skills and roles
• Culture and adoption
• Governing bodies

Governance

• Architecture
• Integration and interoperability
• Operations management
• Cloud portfolio management
• Cloud vendor management
• Finance management
• Security
• Data controls

Technology

• Monitoring
• Provisioning
• Migration

Strategy component: People

People form the core of any good strategy. As part of your cloud vision, you will need to understand the implications a cloud transition will have on your staff and users, whether those users are internal or external.

Strategy component: Governance

Without guardrails, the cloud deployment will grow organically. This has strengths (people tend to adopt solutions that they select and deploy themselves), but these are more than balanced out by the drawbacks that come with inconsistency, poor administration, duplication of services, suboptimal costing, and any number of other unique challenges. The solution is to develop and deploy governance. The following list captures some of the necessary governance-related components of a cloud strategy.

Strategy component: Governance (cont.)

Strategy component: Technology

Good technology will never replace good people and effective process, but it remains important in its own right. A migration that neglects the undeniable technical components of a solid cloud strategy is doomed to mediocrity at best and failure at worst. Understanding the technical implications of the cloud vision – particularly in terms of monitoring, provisioning, and migration – makes all the difference. You can interpret the results of the cloud workload assessments by reviewing the details presented here.

Step 2.2

Determine workload future state

Activities

2.2.1 Determine workload future state

Conduct workload assessments

Determine workload future state

This step involves the following participants:

• IT management
• Core working group

Outcomes of this step

• Completed workload assessments
• Defined workload future state

2.2.1 Determine workload future state

1-3 hours

Input

• Completed workload assessments

Output

• Preliminary future state outputs

Materials

• Cloud Vision Workbook
• Cloud Vision Executive Presentation

Participants

• Core working group
• Service owners
• IT management

1. After you’ve had a chance to validate your results, refer to tab 7 of the tool, where you will find a blank notes section.
2. With the working group, capture your answers to each of the following questions:
   1. What service model is the most suitable for the workload? Why?
   2. How will we conduct the migration? Which of the six models makes the most sense? Do we have a backup plan if our primary plan doesn’t work out?
   3. What should the support model look like?
   4. What are some workload-specific risks and considerations that must be taken into account for the workload?
3. Once you’ve got answers to each of these questions for each of the workloads, include your summary in the “notes” section of tab 7.

Cloud Vision Executive Presentation

Paste the output into the Cloud Vision Executive Presentation

• The Cloud Vision Workbook output is a compact, consumable summary of each workload’s planned future state. Paste each assessment in as necessary.
• There is no absolutely correct way to present the information, but the output is a good place to start. Do note that, while the presentation is designed to lead with the vision statement, because the process is workload-first, the assessments are populated prior to the overall vision in a bottom-up manner.
• Be sure to anticipate the questions you are likely to receive from any stakeholders. You may consider preparing for questions like: “What other workloads fit this profile?” “What do we expect the impact on the budget to be?” “How long will this take?” Keep these and other questions in mind as you progress through the vision definition process.

Info-Tech Insight

Keep your audience in mind. You may want to include some additional context in the presentation if the results are going to be presented to non-technical stakeholders or those who are not familiar with the terms or how to interpret the outputs.

Identify and Mitigate Risks

Build the foundations of your cloud vision

PHASE 3

Phase 3

Identify and Mitigate Risks

Phase 1

1.1 Generate goals and drivers

1.2 Explore cloud characteristics

1.3 Create a current state summary

1.4 Select workloads for analysis

Phase 2

2.1 Conduct workload assessments

2.2 Determine workload future states

Phase 3

3.1 Generate risks and roadblocks

3.2 Mitigate risks and roadblocks

3.3 Define roadmap initiatives

Phase 4

4.1 Review and assign work items

4.2 Finalize cloud decision framework

4.3 Create cloud vision

This phase will walk you through the following activities:

• Generate risks and roadblocks
• Mitigate risks and roadblocks
• Define roadmap initiatives

This phase involves the following participants:

• Core working group
• Workload subject matter experts

You know what you want to do, but what do you have to do?

What questions remain unanswered?

There are workload-level risks and roadblocks, and there are environment-level risks. This phase is focused primarily on environment-level risks and roadblocks, or those that are likely to span multiple workloads (but this is not hard and fast rule – anything that you deem worth discussing is worth discussing). The framework here calls for an open forum where all stakeholders – technical and non-technical, pro-cloud and anti-cloud, management and individual contributor – have an opportunity to articulate their concerns, however specific or general, and receive feedback and possible mitigation.

Start by soliciting feedback. You can do this over time or in a single session. Encourage anyone with an opinion to share it. Focus on those who are likely to have a perspective that will become relevant at some point during the creation of the cloud strategy and the execution of any migration. Explain the preliminary direction; highlight any major changes that you foresee. Remind participants that you are not looking for solutions (yet), but that you want to make sure you hear any and every concern as early as possible. You will get feedback and it will all be valuable.

Before cutting your participants loose, remind them that, as with all business decisions, the cloud comes with trade-offs. Not everyone will have every wish fulfilled, and in some cases, significant effort may be needed to get around a roadblock, risks may need to be accepted, and workloads that looked like promising candidates for one service model or another may not be able to realize that potential. This is a normal and expected part of the cloud vision process.

Once the risks and roadblocks conversation is complete, it is the core working group’s job to propose and validate mitigations. Not every risk can be completely resolved, but the cloud has been around for decades – chances are someone else has faced a similar challenge and made it through relatively unscathed. That work will inevitably result in initiatives for immediate execution. Those initiatives will form the core of the initiative roadmap that accompanies the completed Cloud Vision Executive Presentation.

Step 3.1

Generate risks and roadblocks

Activities

3.1.1 Generate risks and roadblocks

3.1.2 Generate mitigations

Identify and mitigate risks

Generate risks and roadblocks

Mitigate risks and roadblocks

Define roadmap initiatives

This step involves the following participants:

• Core working group
• IT management
• Infrastructure
• Applications
• Security
• Architecture

Outcomes of this step

• List of risks and roadblocks

Understand risks and roadblocks

Risk

• Something that could potentially go wrong.
• You can respond to risks by mitigating them:
  • Eliminate: take action to prevent the risk from causing issues.
  • Reduce: take action to minimize the likelihood/severity of the risk.
  • Transfer: shift responsibility for the risk away from IT, towards another division of the company.
  • Accept: where the likelihood or severity is low, it may be prudent to accept that the risk could come to fruition.

Roadblock

• There are things that aren’t “risks” that we care about when migrating to the cloud.
• We know, for example, that a complicated integration situation will create work items for any migration – this is not an “unknown.”
• We respond to roadblocks by generating work items.

3.1.1 Generate risks and roadblocks

1.5 hours

Input

• Completed cloud vision assessments

Output

• List of risks and roadblocks

Materials

• Whiteboard
• Sticky notes

Participants

• Core working group
• Service owners/workload SMEs
• Anyone with concerns about the cloud

1. Gather your core working group – and really anyone with an intelligent opinion on the cloud – into a single meeting space. Give the group 5-10 minutes to list anything they think could present a difficulty in transitioning workloads to the cloud. Write each risk/roadblock on its own sticky note. You will never be 100% exhaustive, but don’t let anything your users care about go unaddressed.
2. Once everyone has had time to write down their risks and roadblocks, have everyone share one by one. Make sure you get them all. Overlap in risks and roadblocks is okay! Group similar concerns together to give a sort of heat map of what your participants are concerned about. (This is called “affinity diagramming.”)
3. Assign names to these categories. Many of these categories will align with the strategy components discussed in the previous phase (governance, security, etc.) but some will be specific whether by nature or by degree.
4. Sort each of the individual risks into its respective category, collapsing any exact duplicates, and leaving room for notes and mitigations (see the next slide for a visual).

Understand risks and roadblocks

Step 3.2

Mitigate risks and roadblocks

Activities

3.2.1 Generate mitigations

Identify and mitigate risks

Generate risks and roadblocks

Mitigate risks and roadblocks

Define roadmap initiatives

This step involves the following participants:

• Core working group

Outcomes of this step

• List of mitigations

Is the public cloud less secure?

This is the key risk-related question that most cloud customers will have to answer at some point: does migrating to the cloud for some services increase their exposure and create a security problem?

As with all good questions, the answer is “it depends.” But what does it depend on? Consider these cloud risks and potential mitigations:

1. Misconfiguration: An error grants access to unauthorized parties (as happened to Capital One in 2019). This can be mitigated by careful configuration management and third-party tooling.
2. Unauthorized access by cloud provider/partner employees: Though rare, it is possible that a cloud provider or partner can be a vector for a breach. Careful contract language, choosing to own your own encryption keys, and a hybrid approach (storing data on-premises) are some possible ways to address this problem.
3. Unauthorized access to systems: Cloud services are designed to be accessed from anywhere and may be accessed by malicious actors. Possible mitigations include risk-based conditional access, careful identity access management, and logging and detection.

“The cloud is definitely more secure in that you have much more control, you have much more security tooling, much more visibility, and much more automation. So it is more secure. The caveat is that there is more risk. It is easier to accidentally expose data in the cloud than it is on-premises, but, especially for security, the amount of tooling and visibility you get in cloud is much more than anything we’ve had in our careers on-premises, and that’s why I think cloud in general is more secure.” –Abdul Kittana, Founder, ASecureCloud

Breach bests bank

No cloud provider can protect against every misconfiguration

Industry: Finance

Source: The New York Times, CNET

Background

Capital One is a major Amazon Web Services customer and is even featured on Amazon’s site as a case study. That case study emphasizes the bank’s commitment to the cloud and highlights how central security and compliance were. From the CTO: “Before we moved a single workload, we engaged groups from across the company to build a risk framework for the cloud that met the same high bar for security and compliance that we meet in our on-premises environments. AWS worked with us every step of the way.”

Complication

The cloud migration was humming along until July 2019, when the bank suffered a serious breach at the hands of a hacker. That hacker was able to steal millions of credit card applications and hundreds of thousands of Social Security numbers, bank account numbers, and Canadian social insurance numbers.

According to investigators and to AWS, the breach was caused by an open reverse proxy attack against a misconfigured web app firewall, not by an underlying vulnerability in the cloud infrastructure.

Results

Capital One reported that the breach was expected to cost it $150 million, and AWS fervently denied any blame. The US Senate got involved, as did national media, and Capital One’s CEO issued a public apology, writing, “I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”

It was a bad few months for IT at Capital One.

3.2.1 Generate mitigations

3-4.5 hours

Input

• Completed cloud vision assessments

Output

• List of risks and roadblocks

Materials

• Whiteboard
• Sticky notes

Participants

• Core working group
• Service owners/workload SMEs
• Anyone with concerns about the cloud

1. Recall the four mitigation strategies: eliminate, reduce, transfer, or accept. Keep these in mind as you work through the list of risks and roadblocks with the core working group. For every individual risk or roadblock raised in the initial generation session, suggest a specific mitigation. If the concern is “SaaS providers having access to confidential information,” a mitigation might be encryption, specific contract language, or proof of certifications (or all the above).
2. Work through this for each of the risks and roadblocks, identifying the steps you need to take that would satisfy your requirements as you understand them.
3. Once you have gone through the whole list – ideally with input from SMEs in particular areas like security, engineering, and compliance/legal – populate the Cloud Vision Workbook (tab 8) with the risks, roadblocks, and mitigations (sorted by category). Review tab 8 for an example of the output of this exercise.

Cloud Vision Workbook

Cloud Vision Workbook – mitigations

Step 3.3

Define roadmap initiatives

Activities

3.3.1 Generate roadmap initiatives

Identify and mitigate risks

Generate risks and roadblocks

Mitigate risks and roadblocks

Define roadmap initiatives

This step involves the following participants:

• Core working group

Outcomes of this step

• Defined roadmap initiatives

3.3.1 Generate roadmap initiatives

1 hour

Input

• List of risk and roadblock mitigations

Output

• List of cloud initiatives

Materials

• Cloud Vision Workbook

Participants

• Core working group

1. Executing on your cloud vision will likely require you to undertake some key initiatives, many of which have already been identified as part of your mitigation exercise. On tab 8 of the Cloud Vision Workbook, review the mitigations you created in response to the risks and roadblocks identified. Initiatives should generally be assignable to a party and should have a defined scope/duration. For example, “assess all net new applications for cloud suitability” might not be counted as an initiative, but “design a cloud application assessment” would likely be.
2. Design a timeline appropriate for your specific needs. Generally short-term (less than 3 months), medium-term (3-6 months), and long-term (greater than 6 months) will work, but this is entirely based on preference.
3. Review and validate the parameters with the working group. Consider creating additional color-coding (highlighting certain tasks that might be dependent on a decision or have ongoing components).

Cloud Vision Workbook

Bridge the gap and create the vision

Build the foundations of your cloud vision

Phase 4

Phase 4

Bridge the Gap and Create the Vision

Phase 1

1.1 Generate goals and drivers

1.2 Explore cloud characteristics

1.3 Create a current state summary

1.4 Select workloads for analysis

Phase 2

2.1 Conduct workload assessments

2.2 Determine workload future states

Phase 3

3.1 Generate risks and roadblocks

3.2 Mitigate risks and roadblocks

3.3 Define roadmap initiatives

Phase 4

4.1 Review and assign work items

4.2 Finalize cloud decision framework

4.3 Create cloud vision

This phase will walk you through the following activities:

• Assign initiatives and propose timelines
• Build a delivery model rubric
• Build a service model rubric
• Built a support model rubric
• Create a cloud vision statement
• Map cloud workloads
• Complete the Cloud Vision presentation

This phase involves the following participants:

• IT management, the core working group, security, infrastructure, operations, architecture, engineering, applications, non-IT stakeholders

Step 4.1

Review and assign work items

Activities

4.1.1 Assign initiatives and propose timelines

Bridge the gap and create the vision

Review and assign work items

Finalize cloud decision framework

Create cloud vision

This step involves the following participants:

• Core working group
• IT management

Outcomes of this step

• Populated cloud vision roadmap

4.1.1 Assign initiatives and propose timelines

1 hour

Input

• List of cloud initiatives

Output

• Initiatives assigned by responsibility and timeline

Materials

• Cloud Vision Workbook

Participants

• Core working group

1. Once the list is populated, begin assigning responsibility for execution. This is not a RACI exercise, so focus on the functional responsibility. Once you have determined who is responsible, assign a timeline and include any notes. This will form the basis of a more formal project plan.
2. To assign the initiative to a party, consider 1) who will be responsible for execution and 2) if that responsibility will be shared. Be as specific as possible, but be sure to be consistent to make it easier for you to sort responsibility later on.
3. When assigning timelines, we suggest including the end date (when you expect the project to be complete) rather than the start date, though whatever you choose, be sure to be consistent. Make use of the notes column to record anything that you think any other readers will need to be aware of in the future, or details that may not be possible to commit to memory.

Cloud Vision Workbook

Step 4.2

Finalize cloud decision framework

Activities

4.2.1 Build a delivery model rubric

4.2.2 Build a service model rubric

4.2.3 Build a support model rubric

Bridge the gap and create the vision

Review and assign work items

Finalize cloud decision framework

Create cloud vision

This step involves the following participants:

• Core working group

Outcomes of this step

• Cloud decision framework

4.2.1 Build a delivery model rubric

1 hour

Input

• List of cloud initiatives

Output

• Initiatives assigned by responsibility and timeline

Materials

• Cloud Vision Executive Presentation

Participants

• Core working group

1. Now that we have a good understanding of the cloud’s key characteristics, the relative suitability of different workloads for the cloud, and a good understanding of some of the risks and roadblocks that may need to be overcome if a cloud transition is to take place, it is time to formalize a delivery model rubric. Start by listing the delivery models on a white board vertically – public, private, hybrid, and multi-cloud. Include a community cloud option as well if that is feasible for you. Strike any models that do not figure into your vision.
2. Create a table style rubric for each delivery model. Confer with the working group to determine what characteristics best define workloads suitable for each model. If you have a hybrid cloud option, you may consider workloads that are highly dynamic; a private cloud hosted on-premises may be more suitable for workloads that have extensive regulatory requirements.
3. Once the table is complete, include it in the Cloud Vision Executive Presentation.

Cloud Vision Executive Presentation

Vision for the cloud future state (example)

Summary statement: Everything must go! Public cloud is a top priority. Anything that is not compatible (for whatever reason) with a public cloud deployment will be retained in a premises-based server closet (downgraded from a full datacenter). The private cloud does not align with the overall organizational vision, nor does a hybrid solution.

4.2.2 Build a service model rubric

1 hour

Input

• Output of workload assessments
• Output of risk and mitigation exercise

Output

• Service model rubric

Materials

• Whiteboard
• Cloud Vision Executive Presentation

Participants

• Core working group

1. This next activity is like the delivery model activity, but covers the relevant cloud service models. On a whiteboard, make a vertical list of the cloud service models (SaaS, PaaS, IaaS, etc.) that will be considered for workloads. If you have an order of preference, place your most preferred at the top, your least preferred at the bottom.
2. Describe the circumstances under which you would select each service model. Do your best to focus on differentiators. If a decision criterion appears for multiple service models, consider refining or excluding it. (For additional information, check out Info-Tech’s Reimagine IT Operations for a Cloud-First World blueprint.)
3. Create a summary statement to capture your overall service model position. See the next slide for an example. Note: this can be incorporated into your cloud vision statement, so be sure that it reflects your genuine cloud preferences.
4. Record the results in the Cloud Vision Executive Presentation.

Cloud Vision Executive Presentation

Vision for the cloud future state (example)

Summary statement: SaaS will be the primary service model. All workloads will migrate to the public cloud where possible. Anything that cannot be migrated to SaaS will be migrated to PaaS. IaaS is a transitory step.

4.2.3 Build a support model rubric

1 hour

Input

• Results of the cloud workload assessments

Output

• Support model rubric

Materials

• Whiteboard
• Cloud Vision Executive Presentation

Participants

• Core working group

1. The final rubric covered here is that for the support model. Where will you procure the skills necessary to ensure the vision’s proper execution? Much like the other rubric activities, write the three support models vertically (in order of preference, if you have one) on a whiteboard.
2. Next to each model, describe the circumstances under which you would select each support model. Focus on the dimensions: the duration of the engagement, specialization required, and flexibility required. If you have existing rules/practices around hiring consultants/MSPs, consider those as well.
3. Once you have a good list of decision criteria, form a summary statement. This should encapsulate your position on support models and should mention any notable criteria that will contribute to most decisions.
4. Record the results in the Cloud Vision Executive Presentation.

Cloud Vision Executive Presentation

Vision for the cloud future state (example)

Summary statement: Most workloads will be managed in house. A consultant will be employed to facilitate the transition to micro-services in a cloud container environment, but this will be transitioned to in-house staff. An MSP will continue to manage backups and telephony.

Step 4.3

Create cloud vision

Activities

4.3.1 Create a cloud vision statement

4.3.2 Map cloud workloads

4.3.3 Complete the Cloud Vision Presentation

Review and assign work items

Finalize cloud decision framework

Create cloud vision

This step involves the following participants:

• Core working group
• IT management

Outcomes of this step

Completed Cloud Vision Executive Presentation

4.3.1 Create a cloud vision statement

1 hour

Input

• List of cloud initiatives

Output

• Initiatives assigned by responsibility and timeline

Materials

• Cloud Vision Workbook

Participants

• Core working group

1. Now that you know what service models are appropriate, it’s time to summarize your cloud vision in a succinct, consumable way. A good vision statement should have three components:
• Scope: Which parts of the organization will the strategy impact?
• Goal: What is the strategy intended to accomplish?
• Key differentiator: What makes the new strategy special?
2. On a whiteboard, make a chart with three columns (one column for each of the features of a good mission statement). Have the group generate a list of words to describe each of the categories. Ideally, the group will produce multiple answers for each category.
3. Once you’ve gathered a few different responses for each category, have the team put their heads down and generate pithy mission statements that capture the sentiments underlying each category.
4. Have participants read their vision statements in front of the group. Use the rest of the session to produce a final statement. Record the results in the Cloud Strategy Executive Presentation.

Example vision statement outputs

“IT at ACME Corp. hereby commits to providing clients and end users with an unparalleled, productivity-enabling technology experience, leveraging, insofar as it is possible and practical, cloud-based services.”

“At ACME Corp. our employees and customers are our first priority. Using new, agile cloud services, IT is devoted to eliminating inefficiency, providing cutting-edge solutions for a fast-paced world, and making a positive difference in the lives of our colleagues and the people we serve.”

“As a global leader in technology, ACME Corp. is committed to taking full advantage of new cloud services, looking first to agile cloud options to optimize internal processes wherever efficiency gaps exist. Improved efficiency will allow associates to spend more time on ACME’s core mission: providing an unrivalled customer experience.”

Scope

Goal

Key differentiator

4.3.2 Map cloud workloads

1 hour

Input

• List of workloads
• List of acceptable service models
• List of acceptable migration paths

Output

• Workloads mapped by service model/migration path

Materials

• Whiteboard
• Sticky notes

Participants

• Core working group

1. Now that you have defined your overall cloud vision as well as your service model options, consider aligning your service model preferences with your migration path preferences. Draw a table with your expected migration strategies across the top (retain, retire, rehost, replatform, refactor, repurchase, or some of these) and your expected service models across the side.
2. On individual sticky notes, write a list of workloads in your environment. In a smaller environment, this list can be exhaustive. Otherwise take advantage of the list you created as part of phase 1 along with any additional workloads that warrant discussion.
3. As a group, go through the list, placing the sticky notes first in the appropriate row based on their characteristics and the decision criteria that have already been defined, and then in the appropriate column based on the appropriate migration path. (See the next slide for an example of what this looks like.)
4. Record the results in the Cloud Vision Executive Presentation. Note: not every cell will be filled; some migration path/service model combinations are impossible or otherwise undesirable.

Cloud Vision Executive Presentation

Example cloud workload map

4.3.3 Complete the Cloud Vision Presentation

1 hour

Input

• List of cloud initiatives

Output

• Initiatives assigned by responsibility and timeline

Materials

• Cloud Vision Workbook

Participants

• Core working group

1. Open the Cloud Vision Executive Presentation to the second slide and review the templated executive brief. This comprises several sections (see the next slide). Populate each one:
• Summary of the exercise
• The cloud vision statement
• Key cloud drivers
• Risks and roadblocks
• Top initiatives and next steps
2. Review the remainder of the presentation. Be sure to elaborate on any significant initiatives and changes (where applicable) and to delete any slides that you no longer require.

Cloud Vision Workbook

Sample cloud vision executive summary

• From [date to date], a cross-functional group representing IT and its constituents met to discuss the cloud.
• Over the course of the week, the group identified drivers for cloud computing and developed a shared vision, evaluated several workloads through an assessment framework, identified risks, roadblocks, and mitigations, and finally generated initiatives and next steps.
• From the process, the group produced a summary and a cloud suitability assessment framework that can be applied at the level of the workload.

Cloud Vision Statement

[Organization] will leverage public cloud solutions and retire existing datacenter and colocation facilities. This transition will simplify infrastructure administration, support, and security, while modernizing legacy infrastructure and reducing the need for additional capital expenditure.

Initiatives and next steps

• Close the datacenter and colocation site in favor of a SaaS-first cloud approach.
• Some workloads will migrate to infrastructure-as-a-service in the short term with the assistance of third-party consultants.

Document your cloud strategy

You did it!

Congratulations! If you’ve made it this far, you’ve successfully articulated a cloud vision, assessed workloads, developed an understanding (shared with your team and stakeholders) of cloud concepts, and mitigated risks and roadblocks that you may encounter along your cloud journey. From this exercise, you should understand your mission and vision, how your cloud plans will interact with any other relevant strategic plans, and what successful execution looks like, as well as developing a good understanding of overall guiding principles. These are several components of your overall strategy, but they do not comprise the strategy in its entirety.

How do you fix this?

First, validate the results of the vision exercise with your stakeholders. Socialize it and collect feedback. Make changes where you think changes should be made. This will become a key foundational piece. The next step is to formally document your cloud strategy. This is a separate project and is covered in the Info-Tech blueprint Document Your Cloud Strategy.

The vision exercise tells you where you want to go and offers some clues as to how to get there. The formal strategy exercise is a formal documentation of the target state, but also captures in detail the steps you’ll need to take, the processes you’ll need to refine, and the people you’ll need to hire.

A cloud strategy should comprise your organizational stance on how the cloud will change your approach to people and human resources, technology, and governance. Once you are confident that you can make and enforce decisions in these areas, you should consider moving on to Document Your Cloud Strategy. This blueprint, Define Your Cloud Vision, often serves as a prerequisite for the strategy documentation conversation(s).

Appendix

Summary of Accomplishment

Additional Support

Research Contributors

Related Info-Tech Research

Vendor Resources

Bibliography

Summary of Accomplishment

Problem Solved

You have now documented what you want from the cloud, what you mean when you say “cloud,” and some preliminary steps you can take to make your vision a reality.

You now have at your disposal a framework for identifying and evaluating candidates for their cloud suitability, as well as a series of techniques for generating risks and mitigations associated with your cloud journey. The next step is to formalize your cloud strategy using the takeaways from this exercise. You’re well on your way to a completed cloud strategy!

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com

1-888-670-8889

Additional Support

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

Generate drivers for cloud adoption

Work with stakeholders to understand the expected benefits of the cloud migration and how these drivers will impact the overall vision.

Conduct workload assessments

Assess your individual cloud workloads for their suitability as candidates for the cloud migration.

Bibliography

“2021 State of the Cloud Report.” Flexera, 2021. Web.

“2021 State of Upskilling Report.” Pluralsight, 2021. Web.

“AWS Snowmobile.” Amazon Web Services, n.d. Web.

“Azure products.” Microsoft, n.d. Web.

“Azure Migrate Documentation.” Microsoft, n.d. Web.

Bell, Harold. “Multi-Cloud vs. Hybrid Cloud: What’s the Difference?” Nutanix, 2019. Web.

“Cloud Products.” Amazon Web Services, n.d. Web.

“COBIT 2019 Framework: Introduction and Methodology.” ISACA, 2019. Web.

Edmead, Mark T. “Using COBIT 2019 to Plan and Execute an Organization’s Transformation Strategy.” ISACA, 2020. Web.

Flitter, Emily, and Karen Weise. “Capital One Data Breach Compromises Data of Over 100 Million.” The New York Times, 29 July 2019. Web.

Gillis, Alexander S. “Cloud Security Posture Management (CSPM).” TechTarget, 2021. Web.

“’How to Cloud’ with Capital One.” Amazon Web Services, n.d. Web.

“IBM Closes Landmark Acquisition of Red Hat for $34 Billion; Defines Open, Hybrid Cloud Future.” Red Hat, 9 July 2019. Web.

Mell, Peter, and Timothy Grance. “The NIST Definition of Cloud Computing.” National Institute of Standards and Technology, Sept. 2011. Web.

Ng, Alfred. “Amazon Tells Senators it Isn't to Blame for Capital One Breach.” CNET, 2019. Web.

Orban, Stephen. “6 Strategies for Migrating Applications to the Cloud.” Amazon Web Services, 2016. Web.

Sullivan, Dan. “Cloud Access Security Broker (CASB).” TechTarget, 2021. Web.

“What Is Secure Access Service Edge (SASE)?” Cisco, n.d. Web.