Even as enterprise modernization tops boardroom priority lists, cloud computing has lost its lustre for some business leaders — especially those that mistakenly conflated cloud’s potential with the goal of saving money. It’s an understandable error to make. After all, the promise of shedding long-term capital investments, such as data centers, in favor of the pay-as-you-go operational expense of cloud is both alluring and easy to grasp. And it’s not as if this is an empty promise: done right, transitioning to cloud can be a big money saver for your business. 

But as many business execs are learning, that little phrase ‘done right’ hides a world of complexity. In their rush to realize savings, too many businesses are finding themselves with cloud migration strategies that fail to meet their goals. One study by market researchers IHS Markit found that nearly three-quarters of firms polled had moved a cloud-based app back on-premises because they hadn’t realized the anticipated benefits.

It doesn’t have to be that way. Cloud can be a truly transformative strategy for the enterprise. Cloud offers organizations the flexibility to match computing resources to their needs, scaling up or down as circumstances demand; cloud can underpin efforts to innovate and improve organizational security. It can even help companies become more environmentally sustainable. But to achieve these things, you need a plan that will make as much of your IT estate as ‘cloud native’ as possible. That takes some careful planning and a willingness to make tough decisions.

Move fast, fail fast

Focus on cost can seriously undermine cloud migration efforts, says Scott Shaw, head of technology at ThoughtWorks Australia. “If you expect to see immediate results just from migrating workloads to the cloud, you’re probably going to be disappointed,” he says. “You should actually be prepared to see costs go up.”

That’s because in the rush to migrate to the cloud, too many enterprises have taken a ‘lift and shift’ approach, where existing architecture, security practices and IT operational models are simply replicated in the cloud. 

Such an approach not only fails to realize cloud’s true potential, it can be more expensive, says Shaw. Many enterprise applications were not designed to run in the cloud; running them in the cloud as if they were in your data center can result in suboptimal performance. You might find that if your applications are architected to run in a data center, they generate significant network traffic — which you’ll have to pay for in the cloud.

“Unless you've invested in modifying your applications to take advantage of the cloud, you're probably going to discover a lot of hidden costs that you weren’t paying for in your data center.”

In some cases, business leaders might assume that because they were previously able to generate instant cost savings by migrating from an on-prem customer relationship management system to one in the cloud that they can do so again by moving other legacy systems to the cloud. In fact, those initial returns they saw come from moving to a cloud native system — just lifting and shifting legacy means it’s not optimized for the cloud.

And there are savings to be realized by optimizing for the cloud. At one company we worked with, ThoughtWorks was able to reduce the compute resources needed in the cloud by 50% by implementing responsive and dynamic interfaces that refreshed and loaded UI components only as needed, rather than the whole page. As a result, our client realized 25–30% infrastructure cost savings.

The ease of provisioning cloud services, while undoubtedly appealing, can also be a double-edged sword. One of the frequent mistakes we see companies make is to move to the cloud without first implementing adequate governance, says Cassie Shum, technical director, ThoughtWorks North America.

“You’ll find all of their developers have spun up multiple cloud instances in non-production environments to test something and without proper checks, they leave them running and the CFO wonders why costs are spiraling,” she says.

As a result, it’s becoming common to see organizations, having rushed to migrate to the cloud, rapidly back-peddling.

One of the reasons that this happens is because the organization is locked into traditional ways of thinking about IT purchasing, says Shaw. Companies conflate the idea of moving to the cloud with having to choose a single vendor and sign a big enterprise agreement with that single provider. “In fact, cloud is different; you need to think differently about how you approach it,” he adds.

Cloud beyond cost

One tactic that can avoid cloud despondency is to plan for more than just cost benefits at the outset, says Alexandre Goedert, head of technology at ThoughtWorks Chile. So while cloud can definitely deliver cost savings, there are wider benefits such as improved agility and the ability to rapidly respond to changes — in a world that’s lived through the 2020 pandemic, those are traits not to be underestimated.

One of the primary ways cloud benefits the enterprise is elasticity, that is the ability to scale up computing resources in times of peak demand or to scale them down in quiet periods. This linkage between the computing resources you need and what you pay for has a strong financial resonance but it’s easier to achieve if your estate is optimized to run in the cloud, says Goedert.

The ease with which cloud applications can scale has benefits beyond dynamic provisioning. As Shum explains, one financial services company she’s worked with has been forced to migrate away from its mainframe because with its planned growth, it simply couldn’t cope with the growth in transactions volumes they were predicting. “That’s a pretty powerful incentive to migrate to the cloud but it’s also a challenging one. If you’re expecting this to happen overnight you’re probably going to run into some bumps in the road.” 

Innovation can also be a powerful driver for cloud migrations, says Shaw. Cloud is the ideal environment for testing out digital products because you can give your development teams a lot of autonomy to build small scale environments they need quickly and cheaply. “If this experiment is successful then they're able to just grow and scale out what they built,” he adds.

Shared security in the cloud

When cloud first emerged over a decade ago, many business leaders were wary over the security implications: they understood the locked-down, perimeter model of security that operated for their data centers and were skeptical that a third party could provide such robust protection.

As it turns out, migrating workloads to the cloud can increase security, argues Shaw.

The key to operating securely in the cloud is understanding the shared responsibility model, says Shaw: the delineation of where the responsibilities lie between you and your cloud providers. “This can be a painstaking process — especially in highly regulated industries. And it can slow down your cloud migration. But when you have your applications built in a cloud-native way, you’re going to see the benefits.”

These include:

• Offloading some responsibility. While you still maintain significant responsibilities for securing access to services in the cloud, your provider will be responsible for securing the compute, network, database and storage services you’ll consume.
• High levels of automation. Cloud providers have a wealth of security scanning tools that can ensure your instances and containers follow defined patterns. These automated vulnerability checks enable you to stay up-to-date with the emerging threat landscape.
• Rapid patching. Because of the high degree of automation, cloud gives you the ability to quickly roll out patches for newly discovered vulnerabilities. That can significantly reduce your risks of attack — traditional patch management could be a laborious and time consuming process.
• Ease of rebuilding. Cloud gives you a managed environment, where you’ll have defined states for everything that’s running. These environments are designed to be destroyed and rebuilt regularly, without you losing anything important — so in the event of a malware breach, you can quickly return your environment to a safe state.

Patterns of cloud migration

Because cloud requires a different mindset, many companies are only able to make that shift once they’ve had some experience of transitioning to the cloud and are able to learn from their mistakes, says Goedert.

He sees four common patterns of cloud migration.

Lift and shift

Despite the perils of lift and shift, it remains a common pattern for cloud migration. That’s understandable in cases where organizations have data centers that are approaching end-of-life, says Shaw. “In those circumstances, not many companies want to recommit to another 20 year data center contract, so lift and shift becomes a viable option.”

Shaw has worked with companies that have made that choice; nearly all have done so with a plan to rearchitect their applications at a later date. “Not many have actually achieved it,” he adds.

Replatforming business-critical systems

As a first stage to optimizing applications to run in the cloud, organizations might look to replatforming, perhaps moving an application from running on a traditional relational database to one that’s running in the cloud.

The advantage of replatforming is that it allows enterprises to leverage some cloud capabilities, without having to go through the laborious process of decomposing their large, complex, business-critical monolithic applications.

Rearchitecting your monolith

To take full advantage of the cloud may mean rearchitecing your monolithic applications — that is breaking them down in a piecemeal fashion and rebuilding them in a cloud native way, gradually over time moving the entire application into the cloud.

This can be a multiyear endeavor, says Shum, so it’s essential that business and IT teams are working together closely before they start. “If there is no business use case that we're actually trying to drive to, you're going to get to that cloud fatigue because no one will see cost benefit immediately,” she adds.

If you have that strong relationship between IT and the business, decomposing your monolith can dramatically increase your organizational agility in the long run. 

Nonetheless, decomposing a monolith is a daunting task. ThoughtWorks typically advocates for a thin-slice approach — where a slice represents a complete function that can be transitioned to the cloud. “Typically, we’d build almost a matrix and look at what is the top business functionality that you can actually see immediate value from transitioning,” says Shum.

“When we think about a thin slice, it should cut through parts of the technical and architectural stack. You want one that would enable you to drive things like continuous integration and delivery pipelines that will be a core part of becoming cloud native.”

Embracing polycloud

For some time, ThoughtWorks has been championing the notion of polycloud. This approach to cloud not only rejects the practice of signing one cloud enterprise agreement but also the notion that companies should take a lowest common denominator approach to cloud services in the hope that it would make it easier to migrate between cloud providers.

The idea of polycloud probably reflects a level of cloud maturity that few organizations have today, says Shaw. But there are strong reasons to aim for it, he adds.

Today’s big cloud providers have reasonably similar core offerings but important differences do exist — whether that’s around data privacy or machine learning capabilities. And for some workloads, you’re going to see significant advantages when choosing one provider over another.

Enterprises should also consider their applications’ lifecycle. “For something like a core banking system that might reasonably have a 10-year life span, do you really want to tie yourself to one provider for all that time?” Shaw asks.

There’s also a distinction to be drawn between polycloud and multicloud. Polycloud is using different cloud capabilities from multiple providers, based on the business’s assessment of which capabilities best fit their needs. Multicloud in this context is using the same capabilities — and deployed applications — in different places, sometimes as a backup for SLA problems. We often see companies embrace a multicloud strategy for business continuity reasons, says Goedert, especially if they’ve had issues with their providers’ ability to meet their service-level agreements.

Cloud is different

As we’ve seen, realizing cloud’s potential for the enterprise involves huge changes within your organization — from changing your IT purchasing behavior, to how your applications are architected, to how your teams work. “It’s a multiyear effort,” says Shaw, “and you’re probably not going to get everything right.”

The winners will be those courageous enough to learn from those mistakes, and not retreat to the old ways of working. “Ultimately, enterprise modernization can be expedited by moving to the cloud,” says Goedert. “You need to plan for how you’ll manage that.”