BLOG

Lift and Shift with Confidence

Lori MacVittie Miniatura
Lori MacVittie
Published October 24, 2016

Cloud, most would agree, has come of age. It has matured under our watchful if not sometimes wary eyes, to the point that a Harvard Business Review survey conducted in the fall of 2015 noted that a majority of respondents said “their organizations had adopted a public cloud first strategy for at least some new applications. In fact, only 22% of survey respondents said a cloud-first strategy was unimportant.”

Our own surveys have supported that. In our 2016 State of Application Delivery survey, 67% of respondents identified as “Cloud First” organizations and the three cloud models (private, public, SaaS) dominated the top 5 strategic trends. 

But you’ll note that there still remains hesitation when it comes to cloud. While SaaS, which effectively consumed the bulk of commoditized business operation software that had long been purchased as packages and deployed on-premise, grew at astounding rates, public cloud continued to lag behind. Our own survey is not alone is showing that when asked to distinguish between usage of public (AWS, Azure, Google, Rackspace), private (on-premises), and SaaS, it is SaaS and private cloud that dominate adoption of “cloud.” Not public.

There are a variety of reasons for this, and Harvard Business Review’s aforementioned survey brushes against the edges of enterprise reluctance to jump head first into public cloud when it comes to business critical, long-lived applications, noting integration as a significant challenge.

But it isn’t just integration amongst applications and data sources that stymy business leaders’ desire to “go cloud.” It is the integration--the dependency--on app services that provide the speed, security, and scale of those applications that often gets in the way.

top3nteworkspenddrivers-2016-sotnw-nww

Oh, public cloud is maturing and is finally beginning to hit a tipping point where they must offer more advanced services than IP table-based firewalls and plain-old load balancing to maintain their growth. This was inevitable. Once the price-wars were over and the compute cheaper than an 8TB flash drive, providers had to look for other ways to differentiate and offer compelling reasons to adopt their platform. It  has not gone unnoticed that network investments are focused on speed, scale, and security. Respondents to Network World’s State of the Network survey noted that the “primary drivers of networking investments are improving network speed and performance (55%), improving data security (53%), ensuring availability (50%), ensuring business continuity (46%), improving IT process efficiency (43%), and improving business process efficiency (41%).”

Speed. Security. Scale.

The problem is not that providers aren’t going to offer those services, they are and will. But those services remain disjointed from data center operational systems, and models, and processes and require significant changes in not only staff but skills. Policies must be translated from one service to another. Processes and systems changed to include cloud consoles, dashboards, logs, and APIs to provide the visibility operations needs to manage the increasingly digital business day to day.

stateofappsecurity-2016-security-services

That’s assuming you can find complementary services available in the cloud. In our first annual State of Application Security report, respondents indicate reliance on a wide variety of security services to protect and defend against the evolving threat landscape.

Web application firewalls, anti-malware, IPS, firewalls, web fraud detection. They’re all out there, in varying degrees. As are the services that provide for scale and speed.  

When organizations talk about migrating to cloud, they are faced few options. Rewriting an application can be overwhelmingly expensive and time consuming, particularly considering the existing backlog of applications. A backlog that, as noted by PaaS provider OutSystems, impacted 85% of surveyed enterprises. Over half laid claim to backlogs of 10 to 20 apps. 

Lift and shift, however, brings with it reasonable concerns regarding the supporting infrastructure of an application. It’s the need to lift and shift the entire architecture, not just app components, that tends to throw a damper on IT enthusiasm for such migratory efforts. The resulting operational costs of a disjointed set of tools, consoles, dashboards, and policy languages can take a significant chunk out of the time and money business is trying to save.

That’s why it’s important to not only consider the features and functionality of rapidly emerging app services offered by cloud providers, but to consider the operational consistency solutions may or may not provide. 80% of functionality may be acceptable, and 50% of the cost desirable, but when administrative costs are considered those decreases are quickly eroded by new staff, new tools, and additional time needed to integrate, operate, and manage new services.

lift-shfit-consistentcy

It’s operational sprawl, and it’s not a good thing.

It is possible to lift and shift with confidence to the cloud. By ensuing parity of infrastructure services, both in function and operation, organizations can migrate even more complex applications to the cloud.

To enable lift and shift with confidence, consider:

1. Services. Keeping architectural parity is critical, particularly when moving security-related services with well-defined policies. Introducing new services requires significant investments.  

2. Management. Prefer services that can be managed regardless of where they are deployed. A single dashboard is preferable to many, even though staff may view it as a reasonable justification for that third monitor.  

3. Automation. Evaluate APIs and programmatic methods of automation and orchestration to ensure a fit with operational skillsets. Requiring yet another language, framework, or policy toolset introduces a learning curve that can result in errors, looser policies, and unintended consequences.

You are (according to every survey) going to the cloud. While there are certainly some applications that will never experience the public cloud, there are many that will. The secret to success moving forward is architectural and operational parity.

Keeping that in mind, you’ll be lifting and shifting to the cloud with confidence in no time.