Hidden cloud migration gotchas — and how to avoid them
- 26 June, 2017 20:00
Building a technology stack from scratch in the cloud can be a dream -- if you’re a startup. But if you’re an established company steeped in on-premises solutions, shifting to the cloud can mean unexpected hurdles and headaches beyond belief.
Companies looking to make good on the benefits of moving to the cloud need to go in with eyes wide open. To be sure, the much discussed benefits of the cloud -- in terms of time to market, cost savings, the ability to scale resources as needed, and so on -- are real. But enterprise cloud adopters say they have been surprised by some of the lesser-documented challenges migrating to the cloud brings, such as the difficulty in changing traditional mindsets, the lack of visibility into the new infrastructure, the cost of data transfers, governance issues and how licensing agreements need to be revised or new ones negotiated.
Here, we take a look at hard-earned lessons from real-world cloud migrations and how traditional companies are navigating the hidden hurdles involved in moving to the cloud.
Making the mental shift
Financial and actuarial models are the lifeblood of Pacific Life. Running those calculations requires a lot of high performance computing, but only for a few hours a week, making the cloud an ideal solution for the Fortune 500 insurance company.
So about four years ago, rather than purchase additional hardware, Pacific Life’s IT staff began renting compute capacity and moved the workloads to Amazon Web Services.
“A lot was driven by the fact that we have a very expensive data center to operate here in Newport Beach [California], which as you can imagine, is not the best place to run one,’’ says Reza Salari, manager of cloud security and service transformation at Pacific Life. The insurance company also has a data center in Nebraska that it uses for disaster recovery.
Once the company saw the benefits of being able to scale up and down in the cloud it generated increased internal interest. More recently, Pacific Life began hosting its first application on AWS, data visualization software from Tableau, so that employees can generate custom reports from anywhere, globally. Currently, Pacific Life is working on migrating 28 websites to AWS. But as the company moves deeper into the cloud, along the way there have been some surprises.
Tableau required “a big mindset shift to conceptualize how the pieces come together,’’ says Salari. “First was conceptualizing the architecture and rethinking our tools; we couldn’t just move our on-premises firewall and put it there.”
Both the hosting of Tableau and the migration of the websites is requiring “a lot of security rethinking,’’ as they bring in a new ecosystem of vendors and products Pacific Life hadn’t worked with before, adds Jason Vigil, a solutions architecture consultant at Pacific Life.
“We always assumed that moving to cloud was a simple matter of, ‘OK, we’ll teach our engineers to do Amazon and poof, we’ll have cloud engineering,’’’ says Salari. “We didn’t really understand the depth of the migration and the people organization challenges. We thought we’d have Amazon come in and do a couple of classes and we’d be a cloud organization. That was a huge shift change.”
Dealing with endless capacity
Today, some four years after Pacific Life launched its cloud journey, there are only a handful of people who have caught onto the “cloud fire,” says Salari, and there are those within the two 280-person IT organizations who perceive the cloud as hosted infrastructure that requires a simple “lift and shift” to move something off premises.
But it is far more complicated than that, experts say, stressing that organizations should prepare for cloud migrations well before starting the actual transition, especially when it comes to expected consumption and usage.
“You have to plan for capacity differently than when it was in your data center,” says Mindy Cancila, a research vice president at Gartner. “Most organizations overbought their capacity [when first moving to the cloud] because what you didn’t want to have happen is not ask for enough, and then have to go back and ask for more infrastructure and not have it approved.” That approach ends up being quite a bit more expensive, she adds. “So it’s a paradigm shift for organizations to think about their consumption and usage, which is very different.”
Yet, Cancila finds that most of her conversations with clients are often reactionary and she councils them on the need to put better controls around governance, cost, and usage. “I often will share with clients that it’s not that anyone’s doing anything wrong, it’s the inherent nature of cloud: on demand, self-service, pay as you go; so organizations have unique challenges around putting a governance structure around that endless capacity.”
Evaluating and rearchitecting workloads should be an active part of a migration plan, notes Deepak Mohan, a research director at IDC. “If you don’t change, then what happens is you use the same resources and … all you’ve done is shift from a PC I’ve paid off versus one I pay for on a monthly basis.”
Processes and data: The little things add up
When John Matouk & Co. migrated its ERP and manufacturing systems to Salesforce.com, officials found some of the simple things they were used to — like pressing a button to print out a Fedex label — required a change in processes. “That simple mapping of the different peripherals [and] thinking through where that stuff outputs to requires thought,’’ observes Stuart Kiely, vice president of digital strategy at the 90-year-old manufacturer and distributor of fine linens and luxury bedding. “We took it for granted in the old system and now we have to think it through in how we re-architect the packing process.”
The cost of transactional data storage has also been a surprise, Kiely says, and they went over their limit about a month in when the cloud systems went live in January. Because John Matouk & Co. deals with a lot of customer information, they are storing data around contacts, cases, opportunities and leads. “When you move an ERP system to the cloud, the data you’re generating is 10x more because every single time a piece of inventory moves you’re generating a cost transaction.”
Now Kiely’s team is working on moving some systems back on-premises and “connecting the dots there so our finance team doesn’t have a heart attack,’’ he says. This also requires careful planning “because there are so many relationships in the cloud you can’t just delete a record. There’s so many dependencies on other records so data just grows and grows and you can’t downsize in some instances.”
Tactical issues: Governance, workflows, and licensing
The 145-year-old Pacific Life is not using a lot of agile methodologies, says Vigil. “We have a couple of pilot groups that have helped us move to cloud, but most of the organizational structure is, ‘You do your part and when you’re done, you pass it on,’” he says. “It’s kind of like the Henry Ford assembly line, and we’re in the midst of trying to shift to having a cross-functional team servicing an app. We’re working to try to overcome that challenge now.”
IT also didn’t expect the complexity that moving to Amazon can bring “because you can do so much in there you need a way to control that and visualize that,” says Vigil. Pacific Life is using Dome9 for network security, which he says gives IT visibility into their workloads in AWS and the ability to troubleshoot if one application or system can’t talk to another.
Another so-called “gotcha” was the amount of governance required in the cloud. “On-premises, there are siloed functions, so you may have a couple of engineers that do firewalls and others doing engineering, so it’s more difficult to make a mistake, whereas in AWS, you assign a system admin a particular amount of access,’’ Vigil says. “So it’s quite easy to do the wrong thing quickly if they don’t know what they’re doing.”
Yet another surprise has been the need to figure out whether existing enterprise licensing agreements still apply, adds Salari. “Our contracts guys have been burning the midnight oil to figure out what is limited to on-premises, or do we have to purchase new licenses,” particularly with Microsoft, he says.
Then there have been mindset challenges. For a lot of his peers in IT, “the biggest anxiety was the lack of control and lack of being able to visualize in their mind what the cloud environment looks like,’’ says Salari. The biggest resistors have been the ones who haven’t seen the AWS console, he adds. It was helpful to do a lot of education on the cloud and the use of third-party tools so they could make sense of it, he says.
“I won’t say it was a complete light switch that was turned on,” he notes, “but once we showed them the console and what was there and the third-party tools and how they could interact with them, it reduced a lot of the anxiety, and while they’re not cloud converts, they’re no longer resistors.”
But not every surprise in the cloud is unwelcome. For Pacific Life, the ease of host-based security has been among the pleasant surprises, says Vigil. “In the cloud, there is way better security than we could ever hope to offer on-premises --without the cost,’’ he says.
The elasticity of the cloud has also been a big bonus. “On-premises we could do virtualization, but to scale up and down still requires that we have peak capacity in the form of hardware and in the cloud, we only rent what we need,’’ he says.
Salari has enjoyed being able to test something out in the cloud. He says he goes into his AWS lab account, buys compute in the marketplace and plays around with it for a week, all for around $7. “I love being able to kick the tires a little,’’ he says. “I would have loved to do this more when I was an engineer. It would have made things so much easier.”
PwC has also experienced happy surprises, says CIO Sigal Zarmi. The agility, efficiency and simplicity of the cloud have been a bonus, she says, and PwC’s employees view the cloud as a new way of working, rather than the technology itself.
“A great ‘gotcha’ moment for us was a recent survey of our people, where they estimated they were saving around nine hours a week by collaborating differently, having access to online communications tools and access to information when and where they needed it,” Zarmi says.
Salari anticipates Pacific Life will have all its web pages migrated to the cloud by the end of 2018, with the goal of getting all of its disaster recovery infrastructure into AWS by then as well. Within three to five years, he expects they will have most of their workloads and apps in a cloud environment. “We will only have things on-premises for licensing or practicalities,’’ he says. “We’re a big mainframe organization because we’re financial, so we’ll always be hybrid.”
How to avoid the pitfalls
Like Pacific Life has found, observers and users say a lot of education and re-education is required on how the cloud works and what the benefits are and how the model differs from an on-premises infrastructure.
“The more your engineering staff and leaders learn about cloud and see other companies are doing things with it, the less anxiety they have and the more comfortable they are talking about what we can do -- and not what we can’t,’’ says Salari.
Both Salari and Vigil also recommend that IT staffs get comfortable using native and third-party tools, especially as they utilize multi-cloud providers. Having cloud-agnostic tools is also very important, says Vigil, especially ones that can be used on-premises, too.
Organizations should also plan accordingly because of the breadth of services available in the cloud, advises Cancila. Although they want to leverage “this endless capacity and innovation curve” that cloud computing offers, “for many … it can become quickly overwhelming, especially as they think about the ways they go about budgeting, architecting and managing those ongoing services on an ongoing basis,” she says.
Understand what your current data footprint is and what it will be in the cloud world – and the cost, says Kiely.
“If you’re looking to move major business systems to cloud like manufacturing software and ERP systems, really map out your business processes as part of your implementation plan,’’ he says, “and look at what you’re doing today in the different business units and map out how that can be mimicked or not in the new world order. Cloud is a double-edged sword. It unlocks amazing possibilities,” including the ability to tap into an ecosystem of partners for best-in-class systems. “That’s the beauty of this thing, but in our experience, part of the challenge is things aren’t necessarily as customizable on the fly as they might be with an on-premises system.”
Utilizing cloud technology is an opportunity to “spring clean what you’ve got, and why, even if it means having difficult conversations with the business,’’ says Zarmi. It also requires creating new ways of working with risk and security teams, rethinking disaster recovery, cybersecurity and resilience, she says. “But never overlook the basics: giving people a fast moving, more responsive environment relies on strong change management processes.”
Salari says they have taken to heart the philosophy of Dewey Bushaw, Pacific Life’s executive vice president, about the need to be agile. “His big thing is, ‘It’s not the biggest ship that wins, it’s the ship that turns the fastest.’ Cloud was clearly the way we had to go to meet that business challenge,’’ he says. “You don’t get to be a 145-year-old company unless you’re willing to change.”