Not so long ago, moving server workloads to the cloud sounded risky. That has changed as cloud technology continues to mature. Still, when business leaders talk with us about moving their server workloads to the cloud, security remains a concern. This is not always clearly voiced, because people may feel awkward about having an emotional resistance to the cloud. Some might fear losing control when they hand over their wealth of data to a service and infrastructure that is outside their control.
How we articulate and address cloud security concerns is an example of a technology decision that could unfold in several ways. There may be no right and or wrong decisions that apply to all companies. Let’s start by considering the security of your data and software systems in the cloud.
Cloud Security and Companies’ Resources
Could it be that your data is more at risk when it is stored and managed in your own data center, where it is protected by such routine measures as firewalls, antivirus software, and regular backups? The industry’s leading cloud service providers are spending millions of dollars on research to stay ahead of emerging data theft and security threats, and on creating technologies to secure the public cloud.
Microsoft and other public cloud providers also ensure multilevel compliance in the cloud. Their cloud infrastructures comply with regulatory frameworks like HIPAA or PCI, which enforce certain data protection and management practices. These public clouds meet applicable industry standards for handling and storing sensitive information. In addition, they incorporate the most current protocols established by cloud consortia, where otherwise competing companies collaborate on best practices and standards for managing data and applications in the cloud securely.
Many companies that aren’t large enterprises would find it impossible to build the same secure cloud environments on their own. Of course, you can be at par with the large cloud providers and create a secure environment with reliable intrusion protection and effective risk mitigation, but doing so consumes significant IT budget. That may be hard to justify when you could access the same level of security through a cloud subscription.
Gaining Nimbleness and Practically Unlimited Resources in the Cloud
For some larger companies, delaying the move to the cloud is less of a security risk than a potential loss of nimbleness and opportunity. In the cloud, it’s easy to scale resources at short notice when you need to accommodate greater numbers of transactions, support more customers, or incorporate a newly acquired company into your own organization. You can also scale down if needs diminish. Your subscription costs adjust flexibly, based on actual resource usage. Outside of a cloud environment, that kind of scalability is much harder and more costly to achieve.
Generally, the more you take advantage of what’s available in the cloud, the more business sense the cloud is likely to make. On the Microsoft Azure cloud, for instance, you can access Power BI and an arsenal of business analytics resources that can help move the company forward. If your ERP is in the cloud with Microsoft Dynamics 365, standard integrations make it easy to benefit from advanced business insight. Once your teams are comfortable with cloud applications like Office 365 or Skype for Business, working in the cloud becomes as normal as using traditional desktop applications. It’s also what users are likely to expect and ask for if they want to make effective use of mobility.
Tech Decisions and Budgets Align with IT Operational Maturity
How you budget for IT—including data and application protection—and where you stand regarding the cloud depends very much on the value IT has in your business. That, in turn, is reflected in your IT operational maturity, which we discussed in a previous blog post. If IT is a strategic, enabling element in your business, decisions and budgets will align differently than if you manage IT more reactively—resolving issues as they come up.
The transition from reactive to strategic IT and from on-premise to cloud computing in most companies is an evolution, not a sudden step into a new world. Maybe a server refresh is due and purchasing new hardware is not the optimal way to use your budget. Or, a company needs updated software systems to keep business processes going and serve its customers, and it makes sense to compare the costs of software licensing and data center management to those of cloud subscriptions.
Planning IT and Creating Your Budget with Compliance and Demand in Mind
Sikich consultants know how to assess the expected ROI, and project the business outcomes of IT and cloud decisions that happen as a company grows and changes. Two key points in this are budget and compliance, already mentioned. A third one, demand, is not always as top-of-mind as the other two, but is becoming an important consideration. End user demand is part of this; it also happens more frequently that customers are asking a vendor or business partner to adopt the cloud and thereby evolve their IT practices for more reliable compliance or provide greater transparency.
For all our managed services clients and some other organizations, we help them create effective, strategically sound budgets once we understand their IT operational maturity and understand the trajectory of the business. Typically, the last quarter of every fiscal year is an intense period of defining and presenting budgets and recommendations.
We aim to be the best possible stewards of companies’ funds, so they achieve the results they look for from their IT spending. If you want to make sure your IT planning and budgets are in alignment with your operational maturity and company objectives, we can help you avoid some common pitfalls and improve your outcomes. To discuss and explore this, please send me a note at Ryan.Overtoom@sikich.com.