On October 13, 2021 Noord hosted a virtual boardroom in association with Sungard Availability Services. The event consisted of a presentation by Martin Davies, Lead Principal Consultant, and Will Owen, Principal Resilience Consultant, followed by a discussion among senior IT professionals on how organisations can gain momentum on their cloud journey.
Introduction to the topic
Martin kicked off the presentation by explaining that companies often feel overwhelmed by the number of cloud offerings on the market, which are not always easy to understand. However, while organisations should think hard about their choice of platform, there is no right or wrong answer: the main thing is to develop a strategy and get the ball rolling.
Will then explained that for cloud transformation to be successful, every employee across the business should be able to articulate their organisation’s cloud strategy in a couple of sentences. Moreover, the IT team needs to be a true cloud advocate, delivering support to the business, implementing a strategy and focusing on what only it can do.
Martin made the point that organisations should see their cloud journey as an evolution and adhere to the formula of “plan, execute, learn and repeat”. They therefore shouldn’t expect to know the end state at the beginning and should start small, gain confidence, evolve and scale up.
Sungard’s cloud principles can be summarised as follows:
Knowledge – invest in training in cloud technology, find trusted tech partners and educate non-tech leaders;
Clarity – narrow down your options, define your cloud position, establish key principles and update when required;
Advocacy – build a portfolio of services, promote your chosen position and enable services rather than merely delivering them;
Momentum – view the cloud journey as incremental and evolutionary, tailor your approach and start small, deliver and repeat.
Reasons for attending and key challenges
Attendees represented a range of sectors, including law, advertising, education and local government. They brought expertise in IT applications, digital strategy, business change and IT security. Key challenges included moving to the cloud with a limited budget, managing data sprawl across different systems and harmonising data sets in the cloud, simplifying the security wrap-around for multiple SaaS apps and making the business case for moving to the cloud, including gaining buy-in from employees.
Understanding your TCO model
One attendee representing a legal firm noted that while the cloud has the obvious benefits of innovation, it also presents a number of challenges. These include justifying the high initial investment to the board, managing the integration of multiple on premise and cloud solutions, and consolidating reporting. In response, Martin noted that an organisation’s move to the cloud needs to be based on a good understanding of its TCO model. Moving to the cloud and continuing to run applications in a similar fashion to how they are run on premise doesn’t offer any benefits. Organisations need to plan for how they can adapt their activities in line with a cloud-based model, which in turn brings long-term cost savings and efficiencies.
Balancing usability and compliance
One participant noted that in response to differing levels of security among cloud providers, they had implemented a robust third-party governance model outlining the criteria that cloud providers must meet. In that respect, Martin noted that some companies choose to tier this criteria based on the criticality of the app and the data it holds. He further noted that while companies could perhaps do with revisiting some of the older security assumptions when they move to large reputable vendors, they certainly need to ensure that smaller SaaS companies haven’t simply cut corners to reach the market as soon as possible.
Gaining business buy-in
Will raised the idea of giving internal teams their own budget to spend on SaaS applications, which could help get them engaged with such a big transformation. In response, one attendee noted that within their organisation the decision to grant such budgets sat with a small minority of high-level executives, who might be less keen on this idea. However, they stressed the importance of having a “change advocate” who truly believes in the cloud transition, especially as there is a lot of misinformation about what moving to the cloud means. It is crucial that employees are part of the solution, not the resistance, and have a stake in the consultation while being educated on its benefits.
Will reiterated an earlier point, which is that not enough people at board level generally understand the technology. He therefore underscored the importance of having a senior cloud practitioner on the board to educate non-tech leaders and steer the ship. Martin added that to raise confidence, companies can choose an app which is visible but not critical to the business and migrate it to a cloud service to prove that it can be done and use this as an advert to take to the board. This kind of outcome-focused approach was seen as key to converting people.
One attendee representing a local authority said that while their organisation knows it needs to move towards the cloud, the main resistance centres around the high cost of doing so and a lack of understanding about the benefits of using the cloud versus sticking to an on-premise data centre. A complicating factor is that the way cloud services are consumed runs counter to the way the public sector currently runs its finances (i.e., according to a capital-based model rather than a revenue-based one). Moreover, councils tend to be reluctant to work together and share services. Martin suggested that as a starting point, the organisation could try to understand what parts of the IT estate it wants to keep control of, what skills it currently has and what skills it hopes to have in future.
One participant noted that having a single pane of glass has become more complicated owing to privacy and geolocation issues. Faced with the emergence of various and often competing data protection regulations, such as GDPR and CCPA, organisations are rightly asking whether cloud providers can truly comply with data protection requirements when they span multiple jurisdictions. Will agreed that this is a complex area and suggested that organisations work with trusted partners to try and make sense of emerging challenges in this space.
Integrating multiple solutions
Lastly, one attendee representing a law firm said that while its vendors had come up with ways of integrating its various data systems on premise, moving to the cloud presents an unknown and the company found itself hoping for a master solution. Will noted that theoretically, the capabilities are out there to consolidate reporting from these data sets and create so-called matter balances, such as by tagging information assets with metadata so that they can exist and be found in different systems. In particular, Microsoft and Amazon offer a reference architecture approach to data lakes whereby companies can start small, do a proof of concept and scale up as they go along.