#2 Re-secure
With the many benefits of cloud-native computing, organizations should know that traditional security methods and tools will be disrupted, so we need to re-secure (especially after cloud migration and refactoring).
“Assume everyone has access to everything, assume it is distributed and could be anywhere, now protect it. Network isolation is no longer sufficient, and there are no locked doors,” said Brent Schroeder, Global CTO of SuSE. “Access to every resource, application, and API must be structured based on ‘least privileged access.’ The need to encrypt everything is also a mantra in this context; data at rest and data in flight must be encrypted. It is more critical that these strategies are always applied in cloud environments’ shared and distributed ecosystems. Still, many industries with highly sensitive data don’t trust utilizing the shared infrastructure of the cloud. The emergence of Confidential Computing, which can now encrypt and protect data to ensure clear data is never exposed, not even to the cloud provider themselves, opens the door for these more sensitive industries and applications.”
Schroeder also insists that we assume everything is dynamic and will change, so no protection should be static. This drives numerous needs, some technological, but most importantly, people and processes. Security must become a part of all development, release, and change control processes, not an afterthought.
“Assume new technologies will render traditional tools ineffective. Cloud-native introduces new communication between processes that go undetected by traditional network monitoring tools, impacting the ability to perform deep packet inspection and data loss prevention techniques. Ensure you seek out new generation solutions that cover all the bases,” advised Schroeder. “Finally, even with all these threats protected, assume you will be breached. A zero-trust security method should be overlaid across all the above; never trust, and always verify. Zero trust helps prevent loss even when the breach occurs, providing that last line of defense.”
#3 Re-skilling
The Confederation of British Industry (CBI) suggests that some 94% of UK workers will need reskilling by 2030 – and it’s a figure that would surely gain a similar ranking in the USA or any modern economy. This high figure is widely agreed to be predominantly due to technologies like AI – typically embedded into cloud applications – changing how businesses operate… and, as a result, which skills they need. Recent research by Workday found that nearly three in four (72%) business decision-makers believe their organizations lack the skills to implement AI fully.
“Reskilling to use and make the most of AI is imperative and mutually beneficial for companies and employees: companies can quickly adapt to change while employees can bolster their internal mobility. For both, it offers access to new areas of expertise which can drive business performance and efficiency – whether it’s utilizing predictive analytics or automating administrative tasks,” said Dan Pell, Vice President and Country Manager for the UKI region at Workday.
Pell explains that his team has carefully considered its approach to employee reskilling by offering gigs (short-term assignments that align with employee interests and desired skill sets) to all staff members. He insists that this technique works, i.e., data suggests that 95% of gig participants said they could build on existing or new skills. Furthermore, internal movement and progression through a company was nearly 50% greater for employees who participated in a gig than those who did not.
#4 Re-building
As a business grows and its cloud infrastructure balloons, there’s a point when the CTO asks, ‘where’s our agility gone?’… and this is because early cloud-enabled flexibility and agility tend to bottleneck as the business scales. Combining multi-cloud environments – sometimes segregated across increasingly complex digital services – increases management time and engineering toil.
The trick to staying agile and up is to rebuild for operability, insists Mandi Walls, DevOps advocate at PagerDuty. “More specifically, scaling cloud capabilities means building in automation as the business changes. The aim is a series of pivots as rebuilds to turn manual runbooks into delegated, self-service requests. To automate critical operational processes across cloud environments. To optimize security and compliance and strip back team toil as they let automation take the strain and the slowness out of planned rebuilding and post-incident repair,” said Walls.
She proposes that rebuilding is the foundation of another R word: resilience. This requires an AIOps layer to manage the multitude of event-based triggers and running SaaS systems in real time. Any ticket-based, purely human response can’t manage this at the speed of digital business.
#5 Re-architect (aka cloud migration)
One of the benefits of migration of any type is that, in most cases, it requires an IT team to think about the reasoning and justification of the change. Cloud migration facilitates this in many ways, but evaluation of architectural decisions seems less often. This is the paradox of cloud in the view of Bill McLane, CTO of cloud at DataStax.
“Most of the early conversation around cloud migration focused on how to lift and shift existing applications and infrastructure to the cloud with as little change as possible. What this avoided, however, was a monumental value that a new modern architecture might bring to the table when moving to the cloud,” explained McLane. “Lift and shift on the surface makes a lot of sense as it provides the ability to migrate with minimal effort, downtime, and cost to existing applications. But, there is also a lost opportunity cost when migration doesn’t evaluate the decision around the existing architecture and doesn’t look for ways to modernize the foundational technology used by the applications.”
Because so many of our application design principles are tied to a given architectural decision, migration to the cloud provides a clear opportunity to modernize those decisions. Modernization initiatives are often the first thing to get cut when budgets are tightened, but we have seen clearly over the last few years what neglecting modernization can cause.
“Cloud migration offers a special opportunity to evaluate the decisions of the past, validate those assumptions, and modernize the approaches applications are being developed against,” explained DataStax’s McLane. “With the rapid introduction of generative AI, there is a clear need to modernize legacy infrastructures to enable agile data access, data distribution, and application development. There is a need to support modern architectures like event-driven and microservices, but more importantly, to adopt cutting-edge architectures like Retrieval Augmented Generation. Part of the cloud journey has to be an evaluation of the architectural decisions of the past that can be used to feed the justification and modernization to the architectures to support the future.”
#6 Re-hosting
Let’s take on cloud R, which typifies the reality of modern SaaS environments. As we have already suggested here on multiple levels, no solitary, lonely cloud is generally enough; certainly, most enterprise organizations of any size will run multiple databases across hundreds of applications in several world regions, so more than one cloud service is needed. This is why we have multi-cloud and why we need to be able to perform re:hosting functions.
The goal here is to perform re:hosting procedures without changing how any software application is architected and constructed. Hybrid multi-cloud computing company Nutanix reminds us that its annual Enterprise Cloud Index survey now lists multi-cloud as the primary IT deployment model for most companies using the cloud. This reality is thought to be on the verge of being even more substantiated according to Nutanix cloud architect Peter Chang, who says that term of cloud re:hosting and the process of getting applications to reside on cloud services, “Only a small percentage of the workloads, perhaps 15% to 20%, have been migrated. [This is because] companies migrating multiple apps in parallel can take one to two years per migration, depending on the application size.”
Cloud computing technology consultant Dipti Parmar writes in line with Nutanix’s Chang to explain that we need to think about the cloud R selection pack as also including these elements:
#7 Retain
Keeping an application where it is, on-premises.
#8 Re-optimize
Undergo processes, which may include re-writing code into another programming language for greater efficiency and/or applying management processes to reduce over-provisioning of cloud clusters, containers, and components.
#9 Remediate
The same as re-platforming, often with a complete change of database
#10 Repurchase
Replace legacy applications that can’t be rehosted
#11 Re-observe
Applying some Application Performance Management (APM) and wider observability techniques to the cloud estate to gain deeper insight into system stability, solidity & security.
#12 Retire
When a cloud application has come to the end of its life, or met its objectives
13 re:Invent
It would be inappropriate to compile this inevitably unfinished and undoubtedly updatable list without mentioning what might be the most famous Rs in the world of cloud computing – re:Invent.
The quirky name AWS gives to its annual cloud conference is probably read by most people as a stylized iPhone generation lowercase uppercase amalgam designed to look quite cool and insert punctuation in the middle of a ‘word’ or term. AWS re:Invent is so named because (and this tale might be slightly apocryphal) apparently, a techie sent someone internally an email about how they were going to “Invent” new services on the cloud and the reply came back quite quickly with a positive vote under the subject line (and you’ve already guessed it) re:Invent.
Somehow (so the story goes), this email made its way into the hands of the marketing team, who thought it looked snappy enough to perhaps one day even use it as the name for a very big cloud conference, and the rest is history.
