How To Bet On The Right Horse For Your Cloud Journey: The Pegasus Principle

This article used to be called "Horses For Courses In The Cloud", but I was told that this is an Australianism that means little to our North American friends. So, I had to change it to something more universally meaningful. :-)

As always, all views and opinions expressed are solely those of the author. Here is the article:

Recently, I have heard a variety of CIOs say that they want "to adopt a cloud-first strategy", or that they want to "just move everything into the public cloud". As plain and simple as that may at first seem, the reality is more complex, particularly in enterprise-scale organisations.

Here is why.

It is true that businesses of all shapes and sizes are embracing cloud computing to varying degrees and with varying rates of success. With influential companies like Intel having recommended to move "non-differentiating services” into the public cloud, it is no wonder that it all at times can still feel like a bit of experimentation, a toe in the water. No wonder then that it is initially often mainly small, non-mission critical apps that move into the public cloud.

In fact, research by McKinsey & Company indicates that most large organisations have on average only moved 20% of their workloads into the cloud so far. Not surprisingly, most have started with the simplest workloads first, but that means that the remaining 80% of workloads are still on-premises and that they will likely be more difficult and take longer to migrate into the cloud. Still, the good news is that it seems we have passed the era of early cloud adoption and that the move into the cloud has become mainstream.

Large organisations, such as financial services institutions are no exception, although their individual cloud maturity levels and risk appetites vary widely. Also, many are discovering that, in reality and at their scale, private cloud is often more cost-effective than public cloud. Palo Alto's threat intelligence division released a Threat Forecast Report, called "Cloudy with a Chance of Entropy". The report found 34 million vulnerabilities across AWS, Google Cloud and Azure. Imagine the cost of the resources to manage these vulnerabilities in your organisation.

The report found 34 million vulnerabilities across AWS, Google Cloud and Azure.

Further, many large organisations cite privacy, security, legislative, regulatory and governance factors as having held up the total and complete adoption of public cloud. Behind the scenes though, a lack of resources with the necessary specialist skills, practical hands-on expertise and historical experience is also holding organisations back.

So, it seems that the path from on-premise straight into the public cloud is not as easy, quick, convenient, or even sensible as first thought. So, where to from here, and what is the likely outcome?

The Business needs to decide on the best solution to deliver on three competing key factors: Productivity vs Risk vs Cost

IT vendors and advisory firms say that a form of Hybrid Cloud, in particular Hybrid Multi-Cloud, is for now offering the greatest flexibility, agility, risk mitigation and cost benefits. So, it seems that a decision on whether or not to move everything into the public cloud is not so much a technology decision, as more a business decision. The business needs to decide on the best solution to deliver on three competing key factors: Productivity vs Risk vs Cost.

 Let's explore these in more detail next.

1. Productivity

Productivity and agility are also strong contributors to value. Here, the trick is to consider the flow-on value that a particular solution provides to the business. E.g. if you can provision a new server in 6 hours vs in 6 weeks, then what impact does that have on the part of the business that consumes this service? If it is being deployed for a group of developers, say, then their productivity is enhanced by not having to wait weeks for that server to come online, which means they can build their new app more quickly, which, in turn, could mean that the app can add value to the organisation’s customers sooner and that its brand value goes up in line with a superior customer experience.

These consequential benefits are often overlooked in the business case but they should be an integral part of it, rather than focusing merely on the cost savings side of the equation.

So, there is a definitive flow-on effect of that productivity that IT enables for the business. I call them consequential benefits. These consequential benefits are often overlooked in the business case but they should be an integral part of it, rather than focusing merely on the cost savings side of the equation.

 2.Risk

On risk management, the question becomes: “How much risk are we willing to accept in return for the promised lower cost and higher convenience of public cloud?”

How much risk are we willing to accept in return for the promised lower cost and higher convenience of public cloud?

One thing to consider though is what a move into the public cloud(s) actually represents. Think about it: When you move into the public cloud, do you realise that you are actually trading lower cost and higher convenience for trust?

How so?

Moving into the public cloud you will have to give up a good portion of the trust that you currently put into your teams that are managing your workloads in-house today. You trade that trust in return for the promise of lower prices and higher convenience that public cloud can (but not always does) bring.

Firmly crossing your fingers, you entrust someone external to do the right thing with your workloads and your data, knowingly increasing your risk as you "are putting all your eggs into one basket".

In other words, firmly crossing your fingers you entrust someone external to do the right thing with your workloads and your data, knowingly increasing your risk as you "are putting all your eggs into one basket".

But what happens when something goes wrong? When that trust breaks down? When an incident occurs that impacts the trust you have traded? After all, the public cloud is not infallible. We have seen outages from all the big cloud providers in the recent past. Who is to say whether this situation will get better, or worse?

In summary, just as is the case with all risks in business, your cloud-related risks need to be carefully considered and managed also.

3. Cost

As for cost, the debate has been raging for some years now whether public or private cloud represents lower cost.

Network World did a good job examining the subject in an article, called "Which is cheaper: Public or private clouds?"

In the article they offered this diagram to illustrate the parameters that influence the answer to "Which is cheaper?". In the article Network World describes that it is the specific mix of manpower, efficiency and and utilisation that determines the real cost.

But, in my opinion, it is not so much a question of "Which is cheaper?", but that it should really be a question of: "What value do we receive in return for our dollars spent?"

It should be a question of: "What value do we receive in return for our dollars spent?"

Obviously, cost should never be considered in isolation from value. The tricky part is that value is perceived differently in different parts of the business. IT will look at value differently, compared to the finance team, or compared to a customer-facing part of the business. And then there is the matter of legacy infrastructure and applications. Some financial institutions have been around since before computers were invented. Often, they pioneered mainframe technology and, as a consequence, are now burdened with ageing infrastructure and ageing code that only an ever-shrinking number of experts can understand and manipulate. These workloads are notoriously difficult to move into, and are expensive to replicate in the cloud.

The corollary is that, while many corporates and financial services organisations nowadays are talking about moving 100% into the public cloud, the reality is that they are likely to end up with what many now call a “Hybrid Multi-Cloud” environment, i.e. a matrix of legacy on-premise hardware and apps, private cloud and multiple public clouds.

 It’s horses for courses in the cloud. That's why I call it The Pegasus Principle.

Large corporations and financial services organisations will no longer argue which of these options is the ideal, because the question will no longer be about which technology returns the best bang for their buck, but what environment is best suited for a particular workload to deliver the best business outcome in terms of productivity, risk and cost.

It’s horses for courses in the cloud. That's why I call it The Pegasus Principle.

That means that the allocation of workloads will ultimately not be governed by technology decision makers but by business rules, which are subsequently enforced by technologists.

The critical element will be the ability to actively and dynamically manage workloads to best deliver value to the business in business terms. I.e. a kind of “traffic cop” system that can manage workloads dynamically and automatically. For example, you may decide that a particular workload should remain on your mainframe, while another one should move into the public cloud. You may also decide that an application that runs only once a month, say for reporting purposes, can be pulled down for the remaining 29 days each month, and only be brought up for the one day to do its job and then go back to sleep again.

The critical element will be the ability to actively and dynamically manage workloads to best deliver value to the business in business terms.

Like it or not, it seems that the Hybrid Multi-Cloud is here to stay, at least for the time being, so big business and financial services institutions will have to make the most of this complex situation.

The underlying message is that, while the notion of taking legacy applications straight into the public cloud sounds simple, fair and reasonable initially, upon closer inspection the reality is that a workload mix of legacy, on-premise, private cloud and multiple public clouds is the far more likely outcome for quite some time to come.

It is an outcome that needs to be carefully planned for, and one that needs to be managed well, now and into the future. Some of the questions you should ask yourself are:

• How do you manage your workloads in a hybrid multi-cloud environment?
• How do you build in agility, security and resilience?
• How do you avoid duplication of roles, services, processes, operations and internal charge backs?
• How do you change your teams' focus from managing infrastructure to delivering value to the business?

CIOs and IT Leaders must be very clear about what they want to get out of their cloud journey. Do they want higher productivity, or lower cost, perhaps both? Leaders today are deeply challenged with getting this right.

Luckily, there is help available, all you need is ask. ;-)

 -   END - 

Note

All views and opinions expressed are solely those of the author.

Whether you agree with this article, or not, I welcome your thoughts and comments. Please leave them here for others to see.

I also encourage you to share this article.

Lastly, please feel free to also check out my other article, this one on getting your cloud journey right. It's called

About the Author

Peter Strohkorb is a highly experienced sales specialist in the IT, Tech and Services sector.

Contact Peter Strohkorb

mob /cell: +61 411 865 301

pstrohkorb@peterstrohkorb.com

peterstrohkorb.com