Six ways to avoid cloud missteps

Six ways to avoid cloud missteps

up
260 readers like this

on

January 12, 2015
CIO Cloud

As some companies enter into their first cloud engagements, other organizations already are looking back at 'legacy cloud' experiences and defining best practices based on what they might have missed or overlooked the first time around.

At JPL, we made the decision early on to create a cloud computing commodity board. Why? We already could see that we would need to align all our business functions as people started getting excited about cloud computing. If everyone had to create his or her own deals, it would become a disaster. Why? Because if you don’t know where your data is, or the contract terms, you’re much more susceptible to a security breach and data loss. And as many companies have discovered, one tiny security breach can bring the whole ship down. In addition, we had to ensure that we could always retrieve all our data, even if we ended the cloud computing contract with the vendor.

At JPL, the cloud computing commodity board is composed of key stakeholders from the entire organization. We meet monthly and entertain proposals from new cloud vendors; review new needs from JPLers; discuss current contracts; outline action plans for vendors where we don’t see the expected value; and discuss cloud computing-related future capabilities and needs. This helps JPL stay current with the evolution of cloud computing.

Looking to avoid problems with a cloud vendor? Here are a few tips based on experience: 

1. Use your cloud clout.

The more projects you have with one vendor, the more negotiating power you have. How? If you’ve set up your hosted projects the right way, you can move them from an under-performing vendor to a preferred one. It is a common mistake to over-react and take the workload back in house, even though this is the natural reaction. You will often experience a longer deployment time and higher costs, slower performance, or less flexibility than users have become accustomed to.

2. Closely monitor “experiments.”

Experimenting with cloud computing is a great thing to do.  You just need to monitor the experiments to make sure that you get value from them, learn from them, and don’t forget the experimental virtual machines running 24x7, racking up charges and being security risks. We found that periodic interactive discussion and training sessions are highly effective.

3. Know who’s paying for what.

Users only want to pay for what they used, so internal charge-backs become important. This is one example where perfection is the enemy of progress. We recommend starting by getting the large items right, such as compute time, storage, and network costs. How do you know what the large items are for your organization? Simply look at a few bills and focus on those that constitute 80-90% of the bill.  Then draft a memorandum of understanding with your users to share evenly in the remaining 10-20% of the bill. As long as you have a policy and people sign up, you are compliant for most audit purposes.  You don’t want to spend 10 cents an hour on cloud computing and over one dollar an hour responding to an audit.

4. Always know where your data is.

With Infrastructure as a Service, it’s important to keep track of the data, but it’s fairly straightforward. Software as a Service introduces additional challenges, because it’s not always clear that a procurement is a SaaS offering.  We knew that software-as-a-service might be a bit of a problem when our Procurement group said, “This contract doesn’t say SaaS, it says HR analytics. How do we know that it’s SaaS?” This led to discussions, checklists and training, and is one reason we took on Software as a Service as an issue for our Cloud Computing Commodity board. 

5. Your data is your data, period.

Consolidating to fewer cloud vendors does cut down on time dealing with lawyers, but you don’t want to limit yourself either. As you do line up your cloud vendors, make a few requirements mandatory. And primary among these is that you own the data. Whatever happens, your data is yours and you need a guaranteed a way of getting it back for any reason.  

6. Promote success.

At JPL we make a point of measuring success from our end users’ point of view. That means not only asking them “How it’s going?” but also “How can we help you tell your story?” If they are happy about using the cloud, we can promote their expertise and the business value they added, which promotes our success as an enabling department. As we make good collaborations visible, it helps to reduce independent cloud contracts that would divide our resources and make it much less secure.

At the end of the day we believe that that draconian IT would not set the right tone. It’s about IT enabling people and IT taking responsibility when things go wrong, not about taking control. To reduce strong push-backs from business users, clarify that the cloud is about the entire organization with implications beyond the business unit. Bring all the stakeholders together into a cloud partnership including Legal, IT, Procurement, Finance, vendor management, end users, and other departments. You’ll be glad you did.

Read Tom's article, "Dark data and other big data surprises," to learn about how JPL successfully used big data to solve problems closer to home.

Tom Soderstrom serves as Chief Technology Officer and Innovation Officer in the Office of the CIO at the Jet Propulsion Laboratory (JPL) in Los Angeles, CA, where his mission is to identify and infuse new IT technologies into JPL's environment. He has led remote teams and large scale IT best practices development and change efforts in both small startup and large commercial companies, in international venues, and in the US Government arena. Some of the companies he has worked for include Telos, enterWorks, User Technology Associates, Digital Island, Exodus, Cable & Wireless, and Raytheon.

Comments 0
Tom serves as the Chief Technology and Innovation Officer, in the Office of the CIO at NASA's Jet Propulsion Laboratory, where his mission is to identify and infuse new IT technologies into JPL's environment. He has led remote teams and large scale IT best practices development and change efforts in both small startup and large commercial companies, in international venues, and in the US Government arena. Some of the companies he has worked for include Telos, enterWorks, User Technology Associates, Digital Island, Exodus, Cable & Wireless, and Raytheon.

Harvard Business Review: IT Talent Crisis: Proven Advice from CIOs and HR Leaders

CIOs: We welcome you to join the conversation

Related Topics

Submitted By John Landy
August 17, 2018

Sovos CTO John Landy has to get - and keep - employee attention in the work of tax compliance. He says you must  respect individual motivators.

Submitted By Kevin Casey
August 16, 2018

Are you building a DevSecOps culture – one that bakes security into development from the start? Learn from your peers about the obstacles and routes to success

Submitted By Don Anderson
August 15, 2018

CIO Don Anderson shares how he's leading a change in the way people perceive security.

x

Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.