5 ways to screw up your cloud migration project

public://webform/writeforus/profile-pictures/toms_headshots-124.jpg
Thomas Wardle, Project Manager, Marisan Group

Cloud technology is infiltrating businesses across industries because of the enormous agility, flexibility, and economy it can deliver. Many organizations are understandably uncomfortable with the potential vulnerabilities of the public cloud (it is public, after all), and this is driving rapid growth in private, on-premises cloud implementations.

Despite the tremendous potential of private cloud deployments, cloud migration is not appropriate for all applications. Thorough planning is critical, as is careful cost-benefit analysis. Done successfully, cloud implementations can bring over 50 percent return on investment within two to three years, but there are myriad ways to miss that target, and some companies actually end up losing money through their private cloud implementations.

World Quality Report 2018-19: The State of QA and Testing

Five avoidable cloud fails

To save you the heartbreak, we sat down with some of the best experts in the field and collected their lessons learned from hundreds of implementations. We hope that by understanding how other companies have screwed it up, you will be able to save yourself the same trouble.

1. Treat your private cloud like any other internal system

Perhaps the biggest mistake our experts have seen is that many companies treat their private cloud platform like any other internal system. “Cloud computing represents a profound platform shift,” says Bernard Golden, CEO of Navica. He says that, to get full value out of the cloud migration and ensure a reasonable ROI, the whole organization must evolve to leverage the unique capabilities of the cloud.

Kief Morris, cloud practice lead at ThoughtWorks and author of the recently released book Infrastructure as Code, told me: “The value of cloud is empowering teams to define, provision, and evolve their own infrastructure and services. I’ve seen several teams install cloud technology but keep their ticket and project-based service models. Although the team could spin up a new server in minutes, the overall SLA for the team requesting the server was still several days.”

Regardless of the capabilities of your platform, your teams will only ever be able to move as fast as your slowest SLA. To leverage a private cloud successfully, users must be able to provision needed resources, use them, and then return those resources to the pool for allocation elsewhere. “Without that, you’re really just building a virtualization system,” says David Linthicum, senior vice president at Cloud Technology Partners and a columnist for InfoWorld. "That is what makes a private cloud effective."

Manual dependencies in a dynamic system aren’t the only challenge. As we will see below, implementing a private cloud has profound implications for security, operations, and staff also.

2. Ignore security in your cloud implementation

Security is one of the biggest problems in private cloud migrations. The widespread notion that public clouds are more vulnerable than private clouds often drives private cloud adoption, but the truth is more complicated. “The assumption is that since it’s on-premises in our data center, security isn’t much of an issue,” says Linthicum. “That’s always the battle cry for leveraging private clouds: Security isn’t an issue!” 

Public clouds are managed by large companies for which security is a central issue—they live in abject fear of getting hacked, and they are absolutely clear about their liability exposure. This has driven the development of a wide range of automated security tools that make the process of securing a public cloud inherent to the platform. In private cloud deployments, the onus is entirely on you to secure your own systems.

Linthicum often sees companies that haven’t taken full responsibility for the security of their private cloud deployments. “Most companies are undersecured, which I see about 90 percent of the time. It’s just an accident waiting to happen. In one project I worked on, the security was so bad that we basically showed them how to break into the system from their own boardroom. They assumed that everything would be secure because the system was in their data center, but because the system is connected to the open Internet, there are always ways to get at it. Just ask Sony or Home Depot.”

Sometimes, oversecuring is also a problem, something Linthicum sees about 10 percent of the time. “I’ve seen companies spend 20 times what they need on security. They were paying for things they just didn’t need.” This kind of overdoing it on security can look robust and appealing from an operational or liability standpoint, but it is also a surefire way to diminish your ROI.

[ Webinar: Agile Portfolio Management: Three best practices ]

3. Don’t plan your private cloud implementation properly

A cloud implementation represents a fundamental infrastructure paradigm shift, and it requires extensive planning to succeed. Too many companies pursue cloud strategies without fully grasping what it takes to make the cloud effective. “A lot of companies do it [a cloud migration] just to do it, just to get the tick mark. They think that cloud technology will take care of itself and do magic things for them,” says Linthicum. “That just isn’t the case. The technology is there, but you have to take advantage of it.”

The first step is to determine what workloads to migrate, and not everything is appropriate to run on the cloud. “Lift-and-shift” strategies miss a lot of the value points, and companies need to study each application carefully to see if it is a good fit for cloud migration. The next step is to seek out a platform analogue on the cloud that will support the application, but that alone isn’t enough. Each app needs to be optimized for the cloud and modified to leverage the cloud’s native capabilities.

Linthicum’s best advice is to be utterly selfish in the planning stage: “Before you start talking to providers, look at your workloads, where they need to be moved, their requirements and performance expectations. Then match that up to the capabilities of a private cloud provider. Pick one, and then make a conscious decision to migrate those applications in a meaningful way. The target system should enhance the abilities of the application in some way.”

Keep in mind that not all workloads are appropriate for cloud migration. The economics of the cloud are half the point; unless you can achieve an ROI of 50 percent or more in the first two to three years, the migration probably isn’t worth doing. 

4. Change your technology, but not your operations and personnel

As noted above, migration to cloud represents a fundamental paradigm shift, and implementing the technology alone isn’t enough. Operational processes must change to support and leverage the cloud’s capabilities while staffing needs will invariably evolve. The entire IT organization needs to redefine itself around the concept of CloudOps, and these changes are where many cloud deployments fall down.

“You have to change your organization, change your skill sets, change your culture even,” says Linthicum. “You have to change your processes.” Many of the core functions of IT will remain the same, but the execution of those functions will invariably change. For example, you will need to monitor the cloud system. Monitoring a system is standard practice for IT, but your cloud platform will require you to use new tools and change how you monitor the system. This is where the human factor comes in.

Change of any kind is always challenging for an organization, but personnel changes can can be particularly difficult to navigate. “If I run into any real pushback in this environment, it’s the fact that things have to change, and that includes people,” says Linthicum. “You might as well get to that conclusion very quickly.” He advises making your organization flatter and removing some of the bureaucracy to reduce latency in IT operations. If these changes are accepted early in the process and planned for appropriately, it is possible to avoid the stagnation that can result from delaying the inevitable. “You might as well pull off the Band-Aid now,” says Linthicum.

5. Don’t bother communicating the changes

While planning is key to implementing a private cloud solution, many companies fail to do the communication necessary to deliver an effective product. Kief Morris has seen many teams invest enormous resources in building platforms without spending enough time talking to those who will use it. “I know of one team that spent nearly two years implementing a self-service server provision system. When I spoke with development teams in the same organization, they had no idea a new system was being developed. When they tried to use the platform, they found they couldn’t create the types of services they needed. The project was scrapped a few months later.”

A failure to understand your users and their needs is just part of the problem. Linthicum routinely finds that 10 to 15 percent of applications being maintained by IT aren’t in use, and he has actually seen companies migrate apps that no one uses. “We looked at the logs, and for the life of us, we couldn’t find anyone had used these apps in the last three or four years.” The issue is usually that the old apps have been replaced with new ones, but IT was never told, so it continued to maintain the old ones. “That’s occurred a couple of times, and we were able to save the company 10 to 15 percent of their IT budget right there by just killing those apps. It was obviously embarrassing, because I don’t know how many millions of dollars went into maintaining those applications over time.”

But DO evolve with the new technology

Cloud computing represents a fundamental paradigm shift in how companies run IT, and, despite the horror stories above, private cloud deployments offer many appealing advantages—if they are executed properly. When treated like just another piece of data center infrastructure, private cloud deployments will almost inevitably fail to realize their potential. However, in organizations that are prepared to evolve with their new technology investments, private clouds can open up worlds of new possibility for both IT departments and the businesses they serve.