Cloud licensing explained: What businesses need to know AI in cloud computing: Benefits and concerns
X
Tip

How to plan a cloud strategy: Complete guide and template

A cloud strategy document is a mission statement, not a design document. It should capture the what and why of a company's cloud strategy, without delving into the minutiae of how.

Cloud computing has emerged as a versatile and efficient platform that enables businesses to deploy workloads and services through an independent provider. Companies pay only for actual usage and free resources when they're no longer needed.

But cloud adoption is far from simple. A typical cloud provider can offer hundreds of different resources, services and pricing tiers. Businesses are left to design, implement, optimize and manage the selected cloud environment and then measure the benefits of cloud computing.

Successful cloud adoption requires a solid strategy that details the desired cloud infrastructure, development roadmap, business goals and governance within the cloud environment. An effective cloud strategy defines the functionality, service levels and costs associated with cloud use.

Importance of a cloud strategy

A cloud strategy provides a critical roadmap for cloud use that encompasses several different dimensions, including the following:

  • A cloud strategy aligns cloud investments with business objectives. The enterprise can understand what the cloud is being used for, why it's being used and how it's expected to benefit the company. This alignment provides business leaders with a clear benchmark and ensures cloud benefits outweigh cloud costs.
  • A cloud strategy can offer a comprehensive plan for the entire company, which involves resource allocation, security, integration, monitoring and reporting, and optimizations. Without a plan, business use of the cloud quickly fractures and devolves into silos for each use case -- typically reducing cloud efficiency and cost-effectiveness.
  • A cloud strategy sets performance and reliability expectations. Businesses can determine the cloud architecture needed to host and operate workloads at required levels of performance, especially in terms of scalability. Similarly, the cloud infrastructure can be designed to deliver adequate reliability and availability to ensure the business is properly protected against outages and disruptions.
Descriptions of the four major cloud deployment models.
A cloud strategy's foundation is built on the type of cloud service model selected.

Benefits of a cloud strategy in business

Formulating a cloud strategy is one of the best ways to ensure the success of an organization's cloud journey. Although a strategy may encompass many discrete advantages, a formalized cloud strategy can yield broad benefits.

Assessment and alignment

A central benefit of a cloud strategy involves mapping needs to capabilities. A cloud strategy typically starts with a comprehensive understanding of goals and objectives -- what the organization needs to accomplish in the cloud. Required is a clear knowledge of the resource needs and performance requirements of every workload intended for cloud deployment. Also required is a detailed knowledge of the resources and services available from the cloud provider -- what the cloud provider can actually support. Assessment and alignment enable a company to set appropriate expectations and establish a baseline for later cost justification and optimizations.

Governance and continuance

Businesses face mounting pressures to address governance, compliance and continuance, whether for on-premises data centers, remote locations or third parties, like public cloud service providers. Governance sets policies for cloud usage, such as data backup and disaster recovery; outlines enforcement of those policies; and governs access to cloud resources. Compliance sets standards for meeting regulatory requirements and prevailing legislation around data storage, processing and protection in the cloud. Continuance involves ensuring the business can function in accordance with laws and regulations and continue to function in the face of disruption or disaster.

Security and privacy

The public cloud uses a shared responsibility model. While the cloud provider takes responsibility for safeguarding the infrastructure, the task of safeguarding data and access in the cloud falls to the cloud user. A cloud strategy must establish a policy of security awareness across the organization and address data security issues, including access control, data integrity, data encryption, data sovereignty, data loss prevention, and incident identification and remediation.

Cost and optimization

Although the public cloud promises cost savings compared to on-premises IT infrastructure, the lack of a sound cloud strategy spikes costs unexpectedly. A cloud strategy should include plans for monitoring, managing and optimizing cloud costs based on the following:

  • An understanding of the cloud resources and services needed.
  • Resource tagging to see how and where resources are used.
  • Recognizing when those resources and services are no longer needed -- eliminating cloud sprawl.
  • Optimizing costs using varied techniques, including long-term commitments, discounts and right-sizing resources.

Automation can also help control costs by scaling based on demand and eliminating unnecessary resources when the need expires.

Graphic showing cloud's business benefits.
An effective cloud strategy should be built around specific business needs and goals.

Challenges when creating a cloud strategy

Despite the potential benefits offered by the cloud and the clear importance of a suitable strategy, arriving at a cloud strategy can pose some serious challenges.

Cloud skills

A public cloud presents IT experts with a bewildering mix of resource and service options that can be difficult to architect, optimize and troubleshoot without well-refined cloud skills and expertise. A cloud strategy must be supported with experienced staff through recruiting, training and development.

Organizational change

Using an outside provider for critical IT infrastructure, resources and services can create problems for a company. Cloud adoption demands a change in processes, workflows and culture. Management resistance, employee pushback and an overall lack of engagement can sink a cloud strategy. Success depends on collaboration and communication among business leaders, technology leaders and project stakeholders.

Workload demands

Putting workloads in the public cloud can be complex. Some older or legacy applications might not be cloud-ready and demand extensive and costly refactoring or modification. Similarly, establishing an appropriate cloud architecture to host a workload can pose other complexities, such as dependencies. Workload design is also becoming more complex with evolving design paradigms, such as microservices. Some amount of workload testing and proof-of-concept evaluation might be necessary.

Security and compliance oversights

Even when a company implements and maintains careful security and compliance practices, like encryption, access control and monitoring, within an on-premises data center, it can be difficult to translate those measures to the infrastructure of a third-party cloud provider, potentially leading to gaps in security and compliance. The company must also gauge whether the cloud provider's practices can properly support security and compliance needs.

Vendor issues

Adoption implies dependence. The choice to rely on a third-party cloud provider typically results in some level of vendor lock-in. Many services are proprietary and lack standardization, so different cloud providers do things differently. Even multi-cloud strategies can experience significant problems with integrating and orchestrating disparate services. Cloud outages can have serious implications for businesses. A cloud strategy should emphasize the use of open standards, interoperability and portability to mitigate vendor lock-in.

Cost management

Cloud cost efficiency is often a key benefit of cloud adoption, but cost savings can be difficult without careful management. Lack of cost monitoring and governance can easily lead to overspending and put enormous pressure on any cloud strategy. Careful cost policies must be coupled with cost monitoring and reviews to ensure continued cost efficiency.

List of cloud security challenges to consider in a cloud strategy
Security is among the major considerations when formulating a cloud strategy.

Example of a cloud strategy

There are countless examples of effective cloud strategies. Every strategy differs according to the unique needs, scope and vision of the company. The goal is not to arrive at a correct strategy document, but rather to develop and embrace a document that is correct for the business.

The National Oceanic and Atmospheric Administration (NOAA) Office of Oceanic and Atmospheric Research released a cloud computing strategy document for the implementation of cloud capabilities, such as scalability, consistency, security, cost management and data-agnostic operations, to meet the agency's strategy through 2026.

The NOAA strategy outlines the driving factors and intended goals of cloud adoption and how the agency views cloud computing as a technology and its capability in key areas, like a cloud-hosted development environment, high-performance computing (HPC), website hosting, machine learning, AI, data analytics and data management. The agency then specifies the following principal strategic goals for cloud computing:

  • Determine how to move into the cloud, using rehosting, replatforming and refactoring as appropriate to develop cloud capabilities.
  • Pursue cloud-native (cloud-first) capabilities to enhance computing resources and reduce data storage and analysis costs.
  • Define an HPC procurement and implementation strategy that can show the clear benefits of HPC in the cloud.
  • Support governance through procedures that define cloud roles and responsibilities.
  • Identify and provide workforce training to enhance cloud competence and help streamline cloud adoption.
  • Create self-service capabilities and templates for easier cloud adoption and cloud resource provisioning -- particularly important for developers, scientists and testers to utilize cloud capabilities quickly and effectively.
  • Define requirements for cloud architecture -- how IaaS should be designed and deployed -- to ensure the confidentiality, integrity and availability of data, applications and cloud services.
  • Use best design and development practices to optimize cloud resources and cost-effectiveness.

Although NOAA's example is broad and sweeping, its most noteworthy characteristic is brevity and the absence of tactical detail. A cloud strategy document is a mission statement, not a design document. NOAA's document is an excellent example of capturing the what and why of an organization's cloud strategy, without delving into the minutiae of how. The how is typically developed later through other specific policy and design documents, which would be peer-reviewed for adherence and consistency with the strategy.

In addition, NOAA's cloud strategy document deliberately recognizes that on-premises HPC infrastructure is still needed for some tasks, including testing, evaluation and transition. The agency uses this hybrid on-premises/cloud approach to facilitate its most complex undertakings and stage experimentation, evaluation, procurement and adoption of the cloud moving forward.

Best practices for creating a cloud strategy

There's no single pathway to building a cloud strategy, but there are numerous considerations that can make a strategy more effective.

1. Focus on cloud goals

A central part of any cloud strategy is to identify and document why the company is moving toward the cloud and what it plans to accomplish in the cloud that it can't readily accomplish on premises. There must be a tangible justification for the cloud. Migrating to the cloud just because it's there isn't the foundation of a sound cloud strategy. The cloud is best suited to businesses that see rapid change and scalability.

2. Consider cost management

Cloud services are rarely cheaper than on-premises resources. The bill for cloud services might indeed be more than local services. Cost-effectiveness is typically found in the scalability and pay-per-use nature of cloud services. Cost management should go beyond a simple price tag and include deeper analysis, such as cost per feature or the total cost to deliver a service to customers. Proper analytics should show that costs track with growth and cost tracking is a key business metric. Popular business practices, such as FinOps, can help understand and manage cloud costs.

3. Plan migration over time

Cloud adoption is rarely an all-or-nothing task. In most cases, cloud adoption takes place over time, with an evolving strategy that's guided through practical experience. A cloud strategy should include careful consideration of workload migrations from on-premises resources to the cloud service provider -- how to architect and move workloads and their dependencies to the cloud. Proper planning enables service and cost optimizations, mitigates disruptions, maintains governance and protects security.

4. Evaluate security

A cloud strategy should include goals for data protection, sovereignty and security within the cloud. Those goals should align with current on-premises security practices and be expanded according to the services and measures available through the cloud provider. It's also important to evaluate the provider's own security measures and ensure that posture aligns with business needs. Security needs should be reevaluated and updated frequently.

5. Align governance with business goals

Governance is about using the cloud in ways that align with business needs and goals. It can involve the assignment of roles and responsibilities, access controls, data management and protection, disaster recovery and a range of policies, such as provisioning, performance monitoring and deprovisioning. Governance needs change frequently, and cloud strategies are often updated to reflect this constant evolution.

6. Update the cloud strategy regularly

Like any mission statement, a cloud strategy changes, grows and evolves over time. Change typically occurs most rapidly during phases of heavy adoption when many workloads are migrated to the cloud. Revisit the strategy any time new business units or stakeholders need cloud access, business or security requirements change, or new cloud services and technologies are available to the company.

7. Factor in service and deployment models

There are numerous cloud service models, including IaaS, PaaS and SaaS. Each platform has its own tradeoffs and is better suited for certain workload types. Similarly, there are several available deployment models, including public, private, hybrid and multi-cloud. Although public cloud models are most common, each model is suited to particular use cases and business needs. Service and deployment models impact the cloud strategy document.

8. Bolster cloud skills through education and training

There are two educational avenues for a cloud strategy. First are the technical skills needed to implement and use cloud services. Whether developed through formal training, trial and error, or a mix, a staff must possess adequate technical skills. Otherwise, additional training and hiring may be needed. Second is the accessibility and usability of the cloud, which is geared mainly toward end users -- for example, the data scientists who perform data processing in the cloud. A combination of policies, templates and automation is necessary to help users access the cloud properly. Regular training is the best way to achieve that confidence across the team.

List of the cloud strategy's basic parts.
A cloud strategy should be comprehensive, align with business goals and set performance expectations.

Cloud strategy template

Developing a cloud strategy has no single approach or style. Every company can perform its own evaluations and assessments and plot its unique cloud journey. Most cloud strategies, however, include several common elements that can help business and technology leaders build a comprehensive plan of action.

Purpose

Outline the why of a move to the cloud. The purpose might be to improve business agility, manage costs or facilitate technological innovation.

Business priorities

To build on the why of the cloud strategy, emphasize the more detailed business needs, which are typically specific and measurable, enabling the organization to objectively measure and optimize results. Business needs might include cost containment, user growth or satisfaction, or improved data protection and disaster recovery.

Current challenges

Assess the company's current infrastructure and services, explore current challenges and limitations, and fundamentally make the case for a cloud strategy by determining what can be done in the cloud that can't be done on premises now. Common challenges might include application performance and scalability, data management and analytics, or business continuance.

Tactical goals

Outline specific or tangible business outcomes that should be expected from the cloud journey. Goals might include real-time performance reporting, DevOps or CI/CD support, and high availability workloads that resist disruptions or attacks.

Current portfolio

Consider the portfolio of applications, services and data already being managed, and evaluate their requirements, costs, benefits and importance. Common categories include web apps, enterprise apps, databases, data sets, and those that are underperforming (not currently scalable or stable), unused or legacy. The goal is to determine what assets the business has available, what should be migrated to the cloud and what should be retired or left on premises.

Migration strategies

After the portfolio evaluation, determine the preferred approach to facilitate the migration of each desired workload, service or data resource. Common strategies include rehosting, repurchasing, replatforming, rearchitecting or building new. A typical app running in a VM might easily be rehosted -- a simple lift and shift from a local server to a cloud compute instance -- while a vital legacy app might need rearchitecting or an entirely new iteration, such as rethinking an app as a new cloud-native microservices app.

Conditions for success

Evaluate what's needed for the cloud journey to be successful. A company, for example, might need a trained team to use the cloud effectively and securely, the uptime (availability) of customer-facing apps to exceed 99.999% or apps in the cloud to deliver greater business value than current on-premises apps. The key is to define the parameters that mark success for the organization's cloud strategy.

Timeline or action items

Once a basic cloud strategy is established, consider a potential roadmap for subsequent review, preparation and varied phases of cloud adoption. It may take four to six months for staffing and training and several more months for cloud testing and proof-of-concept migration projects, followed by a series of planned migrations and ongoing reporting to achieve a successful conclusion.

It's not necessary to include all these elements in a cloud strategy document. More elements can be added. Completing a cloud strategy document is rarely relegated to a single individual or team. In most cases, the successful completion of a cloud strategy requires detailed collaboration among many business and technology teams, as well as workload stakeholders.

Stephen J. Bigelow, senior technology editor at TechTarget, has more than 20 years of technical writing experience in the PC and technology industry.

Next Steps

The history of cloud computing explained

Quiz yourself on cloud computing basics

Dig Deeper on Cloud infrastructure design and management

Search Data Center
Search ITOperations
Search AWS
SearchVMware
Close