It’s one of the most effective marketing terms. When I think of the word ‘cloud’ my mind creates powerful visualisations. Clouds are fluffy and friendly characters who have featured in our awareness since childhood. Their friendly image takes us back to warm summer days laying on the grass with friends without a care in the world.
Clouds are trustworthy, simple and safe.
What’s the main reason you can trust a cloud? Because they’re simple. A big, simple, fluffy, trustworthy cloud. Chances are a simple fluffy cloud even featured in your first finger-painted masterpiece of the perfect day.
The powerful narrative of clouds being trustworthy, safe, and simple (helped by billions of dollars of targeted marketing funds) has cumulated in the message that ‘things are easy in the cloud’. It’s probably the most successful aspect of the entire paradigm of ‘cloud’. Unfortunately, it’s also the most dangerous.
I hate to be the sad meteorologist sitting in the corner of the party harping on to anyone who’ll listen to my cloudy tales of woe. But I’m afraid clouds are not fun. They are not your friend. They are not secure and they are certainly not simple.
Right now, you might be thinking, “…hang on a second, isn’t this guy’s entire career built on the cloud? What on earth is he doing?”
Yes! Cloud is still the answer! And I don’t disguise my Azure and Hybrid biases, we should be doing more cloud, not less! But it’s not all sunshine and rainbows and you need to know what you’re dealing with before a storm hits.
Navigating trust. Appropriate cloud governance is essential to a successful transformation. The most essential task is ensuring that you have a clear understanding of your business objectives and a detailed budget aligned to your expected cloud usage. These objectives are translated to a centrally stored policy which translates to procedures. Where this usually fails is the implementation of your cloud governance model. What happens when a resource alert is triggered? Do you know what happens next?
Navigating security. We already understand that the cloud isn’t secure by nature. If anything, recent reports have shown how insecure public cloud infrastructure actually is (I’ll let you google that one). So what’s the answer? Some endpoint protection? Buying a SIEM? There’s a lot more to security than tools. Tools are a fraction of the cloud security challenge. And much like challenges with governance, do you know what to do when an incident is triggered? What’s your remediation plan? Do you have the necessary incident response and a team who understands not only your assets but also the value of the data contained within?
Navigating complexity. There’s only one really good answer for navigating complexity. Ensure you get your strategy right from day zero. Your business strategy should map to your cloud strategy, which maps to your governance policy, which maps to your cloud architecture. In 9/10 cases the customers I engage with have had what they call a ‘false start’ with the public cloud. Microsoft has developed some powerful guardrails for customers in the form of the Microsoft Cloud Adoption framework. You may baulk at the cost of some of the architectures recommended within, but I can promise you it’s a far most cost-effective model than the alternative.
Developing your internal skillset and progressing your team from ‘hand cranking’ your cloud deployments is critical. Humans are wonderful but they are inherently flawed and having the expectation that multiple discreet deployments will be delivered every time without fault is unrealistic and frankly unfair to the engineers delivering and maintaining those services.
A modern approach to cloud delivery and lifecycle management is a hard and fast requirement. There is a veritable smorgasbord of infrastructure as code tools available. You’ll have heard of the popular ones such as terraform and ansible, but at a small scale, the tools baked into some cloud providers are often enough. Microsoft’s approach to cloud templating, leveraging Azure’s resource manager with a free download of Visual Studio Code is incredibly powerful. You can even extend this same approach for your cloud governance with Azure blueprints. Cloud is only complex when you don’t have an informed plan.
So what is a cloud then?
If we look past the welcoming smile, what is a cloud? Well, I guess you could describe it as a ‘Single provider, multitenant, software abstracted user programmable infrastructure’.
SPMSAUPI. sspmmaupi…sppimmsssaupi…Spimsauuupi.
Catchy right?
It’s an acronym (and we know how I feel about acronyms, it’s complex, and through its complexity it’s opaque.
If while I was waiting for the train and someone next to me offered me a Spimsauuupi, I’d politely decline and smartly move at least fifteen paces away.
I don’t know what a Spimsauuupi is but I sure as hell don’t trust it.
Spimsauuupi is a synonym for cloud. Cloud providers have done such an incredible job of painting a crystal-clear visualisation in their customer’s mind’s eye that trying to modify the brand of ‘cloud’ is challenging. What happens when a company realises its cloud isn’t as trustworthy, safe, or simple as it had once thought?
Ok, a bit more serious now.
The coddling-infused positive messaging around cloud has led to countless problems and with changing economic conditions, our once-friendly clouds are coming sharply into focus.
I need both hands to count the number of times I’ve heard the words “Just chuck it all in the cloud mate, simple.”.
It’s that kind of gung-ho strategic planning that sees your business spending 200% more than your least conservative budget.
I’ve spoken with business leaders who exceeded their bandwidth costs by 20X due to a single misconfiguration on a data management policy. Naturally, they only realised three months later once their finance team politely alerted them (i.e. demanding why they owe some computer people thirty-seven thousand pounds).
Whoops! Clouds are our friends, they aren’t supposed to do that! Or perhaps they always were.
There’s a pretty niche but destructive type of cloud found in nature. It’s called a tornado.
