5 Steps to Get Your Cloud Integration Approach Right
We see many organisations enthusiastically start with the use of cloud - or their cloud journey, as it is commonly referred to - but at a certain point they hit a bit of a wall. We covered causes for this in our previous blog on common cloud integration mistakes.
As a quick reminder: you should not treat cloud as a special case, nor treating cloud as standard IT, your managers should understand cloud properly. Other causes are missing governance and lack of continuity of cloud skills and knowledge throughout the business.
In this article, we’ll look at the elements required for a best-practice cloud integration approach.
Cloud integration framework: An introduction
5 steps to get your cloud integration approach right
Help to get started with your integration
Cloud integration framework or Cloud reference framework: An introduction
In the previous blog we signalled that there is often a lack of cloud integration around knowledge, governance, organisation and/or processes. These are usually reasons why a cloud journey is not progressing as expected, more than any technical integration problems. These are usually quite easy to fix, as soon as it is clear how the cloud journey should be managed.
To inventory what the most challenging areas of integration are for a specific situation, we usually perform a complete cloud maturity assessment, usually based on the Open Alliance for Cloud Adoptions (OACA) cloud maturity model.
If such an assessment is too heavy, and you are looking for a more lightweight approach, we can perform a governance quickscan, based on the Nordcloud reference model, focusing on the most important topics in the context of a Cloud Team or Cloud Center of Excellence (CCoE).
Nordcloud's CCoE framework
Both the OACA model and the Nordcloud CCoE reference model are based around People, Processes and Technologies (PPT), indicating that the actual cloud implementation (technology) is only one part of proper cloud implementation.
You also need to implement the correct processes: both the processes within CCoE managing the cloud itself, as well as processes in the organisation connecting the business to the CCoE. And you need to organise the People factor, focusing on cloud knowledge and cloud expertise.
Besides the levels of PPT, both models also cover a broad range of topics or domains: ranging from cloud strategy, cloud portfolio management, cloud security management and cloud financial management to actual cloud development and operations activities.
In general, when we support organisations in rebooting their cloud journey, we first do maturity assessment or a governance quickscan. We regularly see that the cloud strategy is outdated and is in need of recalibration, or isn’t present at all.
Based on the updated cloud strategy, we realign the high level cloud governance model, taking into account the organisation’s (shared) responsibility model. This will lay the foundation for maturing the cloud integration, making clear why cloud is important to the organisation and defining who is responsible for what with cloud activities.
One important note: when searching for “cloud integration” on the Internet, you will initially see numerous tools to integrate the different hyperscaler cloud solutions into one manageable solution (like IBM Multicloud Accelerator). Or solutions to integrate cloud in your current (on-prem / data centre / classical) IT environment, for example connecting to IAM, SIEM or SOC solutions.
These are important, but to use these tools properly, you also need to address the People and Process aspects as mentioned above, for example to define where different (specific, cloud) responsibilities stop and (generic, organisational) responsibilities start.
5 steps to improve your cloud integration approach
Coming back to the general causes of a crashing cloud journey or lack of proper cloud integration in our previous blog, and based on our cloud integration experience, we can list some typical improvement recommendations. Use these to give your cloud (integration) journey a push to get it back on track again, and to help you use your cloud integration tools properly.
1. Educate your entire organisation on cloud
If you want to use cloud, you need to understand cloud. And when integrating cloud in your organisation, this is especially important for managers. They don’t need to know all the technical aspects of cloud services, but they do need to understand how cloud services are different from classic IT, and have a proper understanding of the cloud shared responsibility model. Otherwise, by lack of understanding, they are not willing to integrate cloud fully into the organisation, sticking to what they know and being averse to or scared of change.
Embracing and boosting agile knowledge will also be beneficial, as cloud is often steered and grown using agile working: adopting multiple small changes to constantly improve cloud implementation and cloud usage, allowing for fast adaptation to new developments.
2. Define cloud goals and start to measure
You can’t use cloud without having a defined reason to do so. Your reason might be costs, ease of use, flexibility, reliability, security, agility - or a combination of these. But without a clear reason, you can’t define goals, nor can you verify that you’re heading in the right direction. Steering and management is key, and with no clear direction and measurable outcomes, cloud can become a drifting island in your organisation.
So you need to define your reason and your goals (preferably using KPIs), so you can align your cloud governance accordingly. Don’t forget to align this with your IT and business goals, and periodically assess your progress as you go.
3. Define roles and responsibilities
Many organisations have not properly defined cloud associated roles and responsibilities. To be successful and accountable, it needs to be very clear who is doing what, taking into account the shared responsibility for cloud, adapted to your specific situation. You need to define those roles and responsibilities accurately and without any ambiguity, usually using RACI models, and check that there are no gaps or duplicate responsibilities defined. Also you need to keep these up to date, as things will change over time.
Usually we work in two levels of roles and responsibilities:
- At a high level, and first, define generic responsibilities across the organisation which everybody needs to know and understand. This forms the foundation of all other cloud related roles & responsibilities. This high level should at least cover C-level, Enterprise Architects, Generic IT, Cloud IT and Application/Business teams that are using cloud.
- On a more detailed level for specific topics, using the high-level definitions for operational and alignment purposes between different teams, for example on the topics of connectivity, identity & access management or monitoring & alerting.
4. Form teams and associated roles to people
When roles & responsibilities are defined, you can form or re-evaluate the staffing of your cloud teams. Be aware that a single person can perform multiple roles.
Especially when your CCoE is starting up, it is quite common to combine multiple roles (for example cloud architect and cloud engineer, or CCoE-manager and Platform Team-lead). When the CCoE grows and more capacity is needed, the combined roles can be separated into multiple roles.
Looking at roles, there is a difference between more technical roles like cloud engineer and cloud management roles like CCoE-manager. We usually recommend that the more managerial positions in cloud context and leading cloud architect should be internal people, whilst the more technical roles can be outsourced or staffed. This is because management needs to be aware of context and should be as stable as possible (and additionally: to avoid conflict of interest, for example having an external CCoE-manager not being unbiased when choosing cloud partners).
5. Connect cloud management to IT management and business processes.
To avoid cloud being run independently, cloud management processes need to be defined and run in alignment with your other IT management processes. If they need to be specific for cloud, make them specific but connect them to the IT management processes (like asset management).
Try to keep the processes generic as much as possible. This activity directly connects with the detailed roles and responsibilities we mentioned in recommendation 3, as by defining who is doing what, you both address the responsibilities and the process.
Most of the time, linking your cloud management to IT management will automatically connect cloud to your business processes like cost management, portfolio management, risk management or compliance management. But you need to check and make sure you interlink cloud activities with the business process as well.
Help to get started with your integration
If you’re using cloud, you need to make sure it’s not being treated as an isolated, special entity, and integrated in your business. It needs to serve a clear purpose with clear governance, defining clear and defined roles and responsibilities. And if you want to use cloud properly, you need to embed knowledge right across your organisation.
At Nordcloud, we’ve built out our advisory services to partner with organisations to overcome these challenges. We’re here to help you get started with cloud integration, or to reboot cloud journeys that aren’t quite working. This includes our Governance, Risk Management and Compliance (GRC) advisory team, which can support you in setting up and running your cloud governance in an effective way.
Most organisations get started with one of the following:
1. Cloud Governance Discovery Workshop - This helps gain a full understanding of your setup and operations, and highlighting strong and weak areas, with full recommendations for improvement.
2. GRC Maturity Assessment - Analysis of your current GRC maturity and providing you with a roadmap to structuring GRC-related activities in your cloud journey.
If you have any questions about this article or would like more information about our advisory services, you can contact me, Sander Nieuwenhuis, Nordcloud GRC Advisory Lead, below.
Get in touch.
Sander is standing by to help your organisation develop a winning cloud integration approach