The same holds true for enterprise applications and IT services, but the timing is seldom set by a turn of the calendar and more likely the result of secular business or technological changes. Cloud services are one such change and present the greatest disruption to the way developers design and IT provisions enterprise applications in a generation. Thus, think of enterprise cloud adoption as a virtual New Year and consequent opportunity for resolutions that challenge the way you've always done things with business-enhancing improvements.
PaaS isn't a destination, it's the vehicle
I was reminded of the importance of cloud-native design while working on a report about cloud migration mistakes. Having just written a column on PaaS tools to watch in 2017, comments from someone I'd queried for the migration report made me realize that I'd gotten ahead of myself. Too many organizations don't internalize the fact that, to paraphrase Microsoft's Azure team, the cloud isn't a place, it's an architectural model. Namely, the cloud isn't just a co-location data center but a new design paradigm based on shared, on-demand infrastructure and application services.
I realized my oversight when I asked Loren Hudziak, a senior solution architect for Google Cloud what advice he would give CIOs moving applications, data or software development to the cloud and he focused on the seizing the disruptive nature of cloud services to do things differently. As Hudziak put it,
Many things about cloud technology represent a fundamental shift from how things have been done for so long that it can be difficult to get decision-makers to truly comprehend what it means to make the move to the cloud – or what's even possible. Often, CIOs we work with do not know where to start and there are many things to consider when making these kind of decisions.
As with many disruptive technologies, the natural tendency is to extrapolate existing applications, IT processes and infrastructure designs to the cloud, what Hudziak termed "lift and shift." Indeed, this is motivation for the AWS-VMware cloud partnership that allows organizations to move their entire VMware infrastructure to a hosted service. While this is an obvious first step and provides some financial benefit by substituting usage-based OpEx for sunk-cost CapEx, such moves are at best a tactical, short-term position and at worst a botched opportunity. According to Hudziak,
More strategically, making the move to the cloud should be taken as an opportunity to revisit the organization’s functional and business requirements. CIOs should ask: have we been doing things the way we have because the technology has historically forced us into that pattern?
The cloud gives organizations a unique opportunity to implement operational improvements and introduce efficiency as well as save a great deal of money in the process. Instead of just asking 'how can we use the cloud to make the way we're doing things now cheaper?', the question should also extend to 'what is the ideal or best way for us to work and deliver value to our stakeholders, customers, etc., and how can the cloud help us do that?'
Cloud-native design, not policy
Although moving to cloud services ideally entails many changes in application and infrastructure design, it shouldn't necessitate wholesale revisions to policy, nor does it negate IT's responsibility for enforcement, particularly in the areas of security, data protection and retention or application availability. As Hudziak notes,
Government and other regulated industries have no shortage of accreditation and certifications to consider, but to simply check the box of a cloud provider as meeting one of them isn't enough. Simply put, if you are an IT user, you are also in the security business…
Indeed, as Hudziak points out, most IT standards were created for a bygone era and couldn't anticipate capabilities such as application containerization, event-driven services or virtual network functions. Likewise, many internal rules or guidelines are built around business processes and associated applications that are likely to dramatically change with the proliferation of mobile devices, cloud backends and software-automated infrastructure.
The cloud offers an opportunity to rethink the implementation of security and data protection policies, not the policies themselves. Again, success in the cloud will come to those that exploit native services to implement layered defense in depth, multi-site data protection and DDoS mitigation and don't simply try and replicate existing on-premise software and systems onto cloud VMs.
I concluded last week's PaaS preview by noting that enterprise use of public cloud "has largely been hampered by application design philosophies or legacy infrastructure migrations that fail to exploit the abundance of native services that encapsulate sophisticated features," adding that I expected to see more cloud-native designs that exploit native platform services including advanced new offering for AI, machine learning and data analytics. Although I acknowledged that it would require a lot of work, I should have added the caveat that such cloud-native designs can't happen unless both IT and enterprise developers seize the opportunity of cloud migrations to, in the immortal words of Apple, "think different." Indeed, such cloud-first thinking needs to permeate the organization, it can't just be a top-down edict or a bottoms-up developer skunkworks.
Despite record attendance at AWS re:Invent again last year, there's reason to question the level of enterprise commitment to building cloud-centric IT using cloud-native applications and services. As Holger Mueller, VP and Principal Analyst at Constellation Research pointed out in his re:Invent retrospective,
AWS was not able to deliver a major ‘All in’ customer to the two keynotes, admittedly GE is a tough act to follow, but I would have expected to see more public traction. Instead we had repeat keynote presenters, e.g. FINRA. Nothing wrong with this, good to see an update.
That said, it's unrealistic for enterprises to rush into multiple, large, mission-critical cloud projects. Indeed, the cloud transformation should be a strategic effort built on a series of incremental successes that is well suited to a bimodal IT organizational structure that doesn't risk disrupting critical business operations while creating innovative cloud-native products. Indeed, browsing through AWS case studies, it's apparent most organizations select an opportune project such as a new PoS system, market data analytics software or HPC simulation cluster, not wholesale data center and application migrations.
As IT organizations and developers consider moving to the cloud, they should take a page from their personal life and use it as an opportunity to rethink stale old practices and designs and eschew encumbering new cloud deployments with years of IT baggage.