The Challenges of Moving Enterprise Workloads to the Public Cloud
April 21, 2017 | Industry trends
Jason Deck Vice President, Product Management, Hyperscale Cloud
Despite the public cloud’s many benefits, migrating enterprise workloads to it can be ominous. Whether you are considering the cloud, or have already moved multiple applications, you will inevitably have to tackle some of the same key tasks with each new workload – ensuring data stays protected, maintaining licensing and compliance, transferring access controls, preventing downtime and availability issues, minimizing transfer costs.
These tasks can be simplified into four categories: security, availability, cost optimization and governance. To succeed in the cloud, you must capably address all major challenges of each.
For any enterprise workload to be securely migrated to and managed in the cloud, CIOs and CISOs must consider critical factors like SLAs of the cloud provider (“Shared Security Responsibility”, “security of the cloud” vs. “security in the cloud”, etc.), the type of data or application being migrated, and the state of each component of your existing overall security infrastructure.
Aside from the obvious hurdles of moving an enterprise workload to the cloud – maintaining controls and compliance (SOX, HIPAA, etc.), preserving encryption and centralized identity management, and securely transferring network setup – there are a variety of less apparent challenges you may also face:
Reworking policies and protocols
Adjusting asset management processes
Implementing risk registers to identify and prioritize potential vulnerabilities
Remapping controls to owners to eliminate exploits
Replacing firewalls with security groups, and ensuring they are properly configured
The typically multi-tenant nature of the cloud tends to generate reservations when it comes to security. But for established providers like AWS, with robust native security services and best-of-breed third party tools, the public cloud allows for a far greater degree of security than traditional computing platforms.
Rather than relying on individual opinions, conduct internal audits of your entire security framework and build a list of key findings. Then, use those findings to determine which cloud security solutions make sense for your environments and the applications you plan to migrate.
Maintaining high availability of mission-critical applications is crucial for any enterprise. And with demanding uptime requirements to meet, moving to a cloud infrastructure you cannot see or touch can be a white-knuckled affair.
Enterprise applications are deeply complex. Many of them (Oracle E-Business Suite, SAP HANA, Microsoft SharePoint, etc.) are deployed across multiple networks, or are interconnected with other applications. Migrating such heavy workloads requires advanced traffic management, and should raise some pressing questions regarding availability:
What kind of automation needs to be in place to ensure proper backups and minimize unscheduled downtime?
What sort of failures might occur in the cloud at the network, compute, storage and geographic levels? How will they be tested?
What effects will new network topology have on existing monitoring capabilities?
How will network performance and latency be affected?
Anticipating failures, architecting for them in your cloud framework, and constantly mitigating risk, are all imperative to leveraging automation and achieving HA in the cloud.
Lower TCO is one of the primary benefits of the cloud – to gain the ability to spin up or tear down servers instantly, as needed, and take advantage of pay-as-you-go billing.
What some quickly discover, however, is that the tools public clouds like AWS provide are complex and require deep expertise to correctly deploy and manage.
When it comes to bottom lines, an OPEX model is not inherently more cost-efficient. It is easy to rack up transfer costs during migration, and high usage costs afterward. Your cloud infrastructure needs to be designed for efficiency to enable the real savings opportunities of the cloud.
All functions and efforts that will contribute to minimizing costs must be brainstormed and strategized, such as: archiving, mapping, DR and HA, testing, developing and evaluating POCs, and of course, automation.
This is just a small part of the front-end planning needed for an enterprise workload to be cost-efficiently migrated. Once in the cloud, strong automation and daily enforcement of desired state of your environment are what enable true cost optimization. And that only happens when you treat your entire cloud infrastructure as code.
Managing workloads in the cloud may happen post-migration, but it necessitates extensive forethought nonetheless. Without the right daily governance and controls, in an infinitely scalable computing platform cost overruns can quickly become a legitimate risk.
The paradigm shifts once you are in the cloud. Instead of servers, workloads run on instances. And manual input, in the case of automation, is replaced by API calls.
It’s critical that the operations – and culture – of your IT team shift, too
Two of the most recurring problems enterprises encounter once in the cloud are:
Not having the expertise needed to utilize its capabilities
Failure to stay within budget due to underestimations in cost, or poor governance
Expertise leads to great governance, and great governance enables success. Without the two, keeping up with the public cloud, and leveraging its manifold features will only grow more difficult over time.
Infrastructure as code and automation lie at the center of effective cloud ops – and should indelibly be at the center of your long-term plan. The enterprises who master them, or work with a managed service provider who already has, thrive in the cloud, reaping greater business gains each year.
Those who fail to are left treading water, never gaining the opportunity to tap into the cloud’s transformative potential.