What we do
What we mean when we talk about cloud…
When we talk about multi-cloud, the mind often naturally goes to private cloud, and one or more of the major hyperscale public clouds. But in reality, there are a number of ‘hidden clouds’ that make the job of IT teams a lot more complex than it can appear from the outside.
In this article, we look to discover these hidden clouds, where they have come from, and what organisations can do to manage, control, and maximise their approaches.
Much of the ‘hidden cloud’ problem stems from the rise of SaaS applications and platforms. Not so long ago, nearly all enterprise applications were run on-premises, with administrators retaining control of the entire ecosystem, from base hardware right up to application layer. But more recently, we have seen the rise of SaaS, typically monthly subscription services wherein the underlying layers are controlled by the ISV or service provider. These models offer financial flexibility, and their consumption nature and control of the ecosystem allows rapid development and iteration cycles. It is easy to see why Salesforce and Workday have captured very large shares of their target markets, their structure and delivery model enabling them to out-innovate incumbent providers.
As customers navigate their application transitions through the 6 R’s, the choice to move to SaaS is very appealing, and the ‘instant on’ usage of SaaS has given rise to a whole new strain of shadow IT, particularly in specific Line of Business applications. The specialist needs of departments like Finance, HR and Marketing can often result in direct purchases of SaaS applications, without financial or technical oversight from IT.
Moreover, while these applications often run on the common hyperscale cloud platforms, the administration, monitoring and interchangeable capabilities are defined by the SaaS/ISV provider, offering a vastly different experience and range of functionality than you might get from the ‘vanilla’ platform option. With data and application so tightly coupled, organisations can often find it difficult to do everything they would like to, and find the ‘flexibility’ and ‘freedom’ of these platforms doesn’t live up to what was promised.
There is no doubt that SaaS brings a wide range of benefits, but like any technology selection decision, there are downsides and tradeoffs in play. Draconian policies that prevent choice and freedom can hamper performance, but a free for all can compromise administration, cost and security. IT functions need to strike a balance that maximises the benefits and minimises cost and risk.
The wages of a light-touch, highly enabled approach to Cloud and SaaS are robust policies, control frameworks, oversight and communication. Though SaaS by its nature devolves nearly all the responsibility for the feeding and watering of the application, this does not mean that the SaaS or cloud provider is responsible for successful usage or cost management. This integration step is not just in terms of technological integration, e.g SSO, API access etc, but also how these applications are used and adopted by users, how enablement is provided and how the ongoing process of ensuring business success is still the responsibility of the end user organisation. While many providers have robust customer success teams, they can never fully understand the organisation in the same way as internal teams. Understanding where best to align expertise is crucial to maximising benefits and minimising cost and complexity.
Organisations should understand the demarcation of expertise, allowing department and line of business groups to define the tools required for the job, based around a common-sense selection framework. In areas that IT have responsibility for, such as cybersecurity and managing data, these selections should be vetted against a common set of standards that all applications must adhere to. While it can be daunting and arduous to compile all this information in advance, the ongoing process in the long run will be greatly simplified. Typical areas of interest in SaaS application selection include:
· Procurement and governance responsibility
· Trust in third party data management
· SLAs and support
· Internal stakeholder management
· Data access and compliance
· Data protection and management
· API integration
· Security & authentication standards
· Integration layer and methods
· Connectivity layer and methods
As organisations increasingly look to maximise the power of data analytics, application flexibility, platform elasticity and other agile-derived ways of working, implementing a common layer of baseline standards can help prevent these ‘hidden clouds’ becoming islands of applications and data that place obstacles in the way of achieving strategic goals. Being able to bridge these areas together is part of the critical path where typical ways of routing, connecting and securing require thought and a new approach.
As SaaS apps have often been the first foray of an organisation into the world of public cloud, getting the lifecycle of selection, procurement, integration and operational management right at the outset not only prevents problems down the line, but sets the organisation up for success as their usage of Hybrid and Multi-Cloud accelerates. Generally speaking, it is far easier to set these standards in place sooner rather than later, minimising the amount of ‘clawing back’ of control etc that is required to reach a stable and responsible functional state.
First instalment: The future’s cloudy (but bright)
Final instalment: The sky's the limit
We would love to hear any comments you have about this article!