Blog
Tags:
Why you're not in control in the cloud right now, and how to fix it.
You think you have your cloud environment totally under control, but reality is most likely different. Without you realizing it, countless risks and vulnerabilities hide in your cloud setup that endanger your entire digital presence.
From unwanted access to sensitive information to unexpected service disruptions, the illusion of control can have catastrophic consequences. And lets not forget cost that rises unseen. In this blog we reveal the painful truth about how little grip you have on your cloud environment and we offer you a starting point on how to win back full control.
Disclaimer: dit blog is written from experience, not assumptions.
Complexity
One of our customers had built up 100 networks (subnets for the technical among us) in the cloud, most of the landing zones. And they're far from done migrating, so the total may run up to 200 or 300. When the VPN threw in the towel a lot of cloud services became unreachable every few hours. That makes your company grind to a halt. The complexity introduced by the large number of subnets seriously complicated the root cause diagnosis and greatly delayed the resolution. Think in weeks. You really don't want week long interruptions that cripple parts of your company. Estimated unneeded cost for this company: € 50.000 (per day!).
The complexity of your cloud environment increases rapidly, this happens unnoticed. New application? Quickly create a new landing zone because that properly separates the application from the rest. Good for security. But that application needs to talk to others. To printers, to DNS, to Active Directory to the backup environment. If you have 100 landing zones there are 10.000 possible communication paths between your landing zones. Your firewall rules explode to keep it all in check. And your VPN connections between from office locations and your applications still 'on prem' to the cloud become more complicated and hence more vulnerable.
Did I mention I see such situations weekly?
Do know what it's all for? And if it still serves a purpose?
You moved to the cloud to be flexible. And probably to save some money. But in the flexibility a danger lurks that is often overlooked. Of course it's nice that when you need something new, you can realize it with the click of a button. But to clean something up you first need to know it exists and that it's no longer used. On premise that means an unused virtual machine that hardly uses any resources and isn't in anybodies way; in the cloud you pay for all the resources, whether you use them or not. Expanding is very easy in the cloud, cleaning up is very difficult. And that costs money, more than your IT manager initially signed for.
It's not jus cost that causes headaches. If you have unused, probably unpatched serves and applications in your cloud presence, that causes risks for security, maintainability, manageability and reliability. This is not jus any list to think about, this list can keep you awake at night.
Incomprehensible invoices with the wrong details
Many cloud suppliers send you invoices at book volume. And every month the total amount rises again. It has lines like '8GiB performance tier P2 SRV0721' and then the price. Which application is that for? And what business goal does it serve? For that one line you can make inquiries, but with a couple of hundred lines like that nobody can understand the invoice. There is no relationship between technical cost and business benefit. So you sign off with the idea 'It's probably correct' or 'I'll have a look next month' because nobody wants to not understand. But ploughing through the whole thing is undo-able. And this way ... you're not in control. 'It's probably correct' is a red flag for us that it's not, or at least not entirely, correct.
Fill the tank with drops
With clod cost I'm always reminded of an Uncle Scrooge cartoon. He's at a gas station and asks the attendant what a drop of gas costs. 'Nothing' answers the attendant. 'Fill the tank with drops then' says Uncle Scrooge. With cloud cost the components seem really cheap, but if you add everything up that tank of gas is quite expensive. I say 'Expensive' on purpose because the value it delivers ... is actually disappointing. At least Uncle Scrooge gets to drive many miles.
The answer is oversight. Oversight is incredibly important to keep your cost under control. Because it's so easy to click together all the requirements for an application, you lose that oversight quickly. How much storage, compute and network are you buying? Who's reponsiblefor keeping an eye on that and does that person have the right information and the right knowledge to do that. The knowledge about business requirements, applications and technology to bear that responsibility.
Who's in charge?
For a cloud presence and the migration that gets you there you need to procure the services of different parties. The cloud provider itself. A party that creates the cloud resources and configures them. A party that supplies the physical network connection. A party that manages the communication equipment (like VPN's). Often there is a different party for this, with different equipment on premise that the one that handles the cloud side. And a couple more, before you know it there's 10 parties involved. All experts in their own field, but with far too little knowledge of the neighbors. Let alone they'd know what's happening at the end of the street.
To be in chare properly you need to know how everything is connected and how it all fits together. What technical resources are being deployed for which application. If it still serves a business need and if so, what that business need is. How many users use it how often and to what extent. and last but not least, what de ROI is of your monthly investment.
How do i get and stay in control?
Measuring is knowing and guessing is missing. To get in control and stay in control first and foremost you must have the correct data available. Those data are always somewhere, but they need to be easily accessible by you and you need to be able to see them in relationship to one another. Only the will you know what you have and will you be able to compare it to what you really need. Then you can improve efficiency and reduce complexity. Risks can be identified and mitigated.
I can help you get in control and stay in control. Make a 15 minute appointment with me and you will know how to get back in control. That time investment is guaranteed to have a high ROI.