This is the next installment in a series of blogs on the subject of Cloud Transformation. When an organization transitions to cloud technology, it will often change the way that organization thinks about IT solutions. Cloud technology allows an organization to operate in more of an experimental/disposable way. This freedom allows an organization to “try out” a new solution with NO long-term cost implications from an infrastructure perspective.
This same “disposable” freedom perpetuates another impact in terms of solution life span. In pre-cloud thinking, IT groups often took a very long view of any new solution. This view could be years, as opposed to days or months. With cloud technology, it is now possible to develop, test, and deploy totally new solutions in days or weeks. This allows organizations to “test the water”. This shorter-term thinking requires a different approach to governance, security, testing, etc.
This rapid ability to deploy new solutions also drives more precise, narrowly-focused solutions for very specific target audiences. These solutions will often find themselves in conflict with current IT controls that have been in place for years. No, this does not imply we need to eliminate those controls. However, it does mean we might need a more precise way to quickly evaluate the risk profile of a new solution. Many of the current “gates” within these control processes establish very static risk profiles that are simply not appropriate for these smaller focused solutions.
Cloud technologies assume a significant amount of “reuse” of critical assets to speed up the process of deploying new solutions. This is another change in thinking that is necessary in our normal pattern for verification and validation of new solutions. If a new solution is being deployed with a previously approved automated infrastructure run book then the run book should not require another round of V&V. If the solution is using a number of previously “approved” APIs then those parts of the solution should not require a second approval.
These types of “changes in thinking” are not easy to make and require a conscious effort by everyone to work out the “new thinking”. This is NOT a call to throw out everything and start over but rather a call to make some adjustments in our processes while making sure the organization stays compliant and secure.
New Capabilities
Any organization immediately gains access to new capabilities with the adoption of cloud technology. Both internal and external audiences can benefit from these capabilities. In the following paragraphs, I will discuss just a few of those capabilities. The reader must be aware that this list of capabilities is much longer than those I have chosen to discuss. In fact, that list is growing on a daily basis. Most public cloud providers are adding thousands of new capabilities every year.
One large category of capabilities are the “citizen development tools”. This typically references tools that non-technical and technical users can use to produce and publish production solutions with almost NO assistance from their internal technology organization. This group is also called “low-code platforms”. Some of the players in this group are OutSystems, Mendix, Kony, Apian, Salesforce just to name a few. The offerings from these vendors can handle all types of solutions. These solutions range from complex business processes to multi-page websites that serve thousands of users.
There needs to be a solid plan developed prior to deployment when an organization decides to make these capabilities available to their internal users. Internal users will demand these solutions sooner or later. It makes good sense for most technology organizations to proactively start working on that plan. Once again, this type of capability will require a change in traditional thinking. The technology organization will need to work with the executive branch to craft an agreement on the overall guardrails to be put in place as part of the plan. A good place to start understanding how to plan for the use of these capabilities is to review some write-ups like this one from Forrester.
Another large category of capabilities is “artificial intelligence (AI) and machine learning (ML)”. This group of capabilities has many different dimensions that need to be considered. The broad nature of these capabilities naturally leads to many different conclusions on how to implement these capabilities. Some of the major players like Microsoft Azure and Amazon Web Services have struggled with the same questions any organization will need to address.
The category of capabilities has the potential to create significant new capabilities while also opening up large pools of risk for any organization. Organizations will need to address a broad range of subjects from organizational values to privacy rules to determine how to utilize these capabilities. This category, like almost all of the cloud technology categories, has the potential to overwhelm an organization and its customers in record time.
None of these cautions about changing the thinking prior to broadly deploying them should NOT be justification to halt working with these capabilities. The author would suggest that, as you start your first pilot projects with these capabilities, be sure to run a parallel project that starts the discussion on how you will change your thinking. You need to explore many of the cloud technologies to at least a minimal depth. This allows you to understand the right questions to challenge your organization’s thinking.
Transferable Skillets
It is no secret that the adoption of cloud technology will require some new, and sometimes unique, skills. Technologies like AI, ML, IaC, serverless computing, etc. do require someone that has training on the basics of these technologies. However, I think, there is too often a mindset that assumes you must go outside your current internal technology resources to find or develop both these skills and other cloud skills.
Every organization thinking about being a first-time cloud adopter should probably engage an outside firm to help develop their strategy. There are two primary reasons for this recommendation.
- First, most organizations will not have a broad enough or deep enough background in all the important parts of a solid cloud strategy. The right outside firm will have experienced consultants that have an array of experiences across multiple clients. This helps them identify the right questions to ask and answer.
- Second, outside firms look at your situation with an “outside” perspective and are not heavily influenced by natural internal bias.
Once the broader strategy is developed, the required cloud-technology skills must be developed by workers. Organizations will find some highly specialized skills will simply take too long to develop internally. This is where the outside assistance from consultants can help once again. Organizations should then have an internal resource aligned with the outside resource to help gain as much OJT as possible.
Potential Impacts and Considerations
The current technology worker can easily add other cloud technology skills to their skillset. Workers will still require the “soft” skills in tomorrow’s cloud-technology world that are necessary today. In fact, there is an argument that these “soft” skills will be MORE important in the cloud-technology world. This is simply because of the number of people that will be impacted by the use of cloud technology.
The duties in job descriptions will shift depending on if the role in on-premises or cloud-based. This change will go from “design, procure, install, configure, deploy, manage” to “design, configure, deploy, manage”. Generally speaking, 60-80% of the duties will be very similar. The other 20-40% is the net difference in primarily training on new tool sets and architectural designs. Organizations can add these items with normal training and educational offerings in the industry today. Most of the public-cloud providers also provide “free” subscriptions for individuals to use as training sandboxes. This allows the employee to play around with the tools in a completely safe environment. Workers can gain real-world experience in the cloud by totally deleting and starting over this same environment.
Based on this blog, I think the reader should be developing a clearer picture of the many other change points to be considered when adopting cloud technology. Many organizations will focus on the impacts to applications and infrastructure, and forget about other change areas. Without a broad-based cloud strategy established at the front end before the adoption of cloud technology, it will be very difficult for any organization to be successful with cloud technology.