Cloud Computing For Dummies
Book image
Explore Book Buy On Amazon
Digital transformation is the mantra of many organizations. There is no debate about it: Cloud computing has changed the way businesses operate. Small and mid-sized organizations may be all in on the cloud, while large enterprises are a hybrid and multicloud strategy. The cloud is helping startups challenge industry stalwarts, while at the same time, traditional companies are changing.

cloud computing ©ESB Professional/Shutterstock.com

The first phase of cloud adoption was mostly about cutting costs and changing technology spend from a capital expense to an operating expense. For many years, cloud vendors were focused on reducing costs for commodity compute and storage. While reducing costs is still a major driver of cloud adoption, companies are now leveraging cloud services to transform their businesses. The focus of cloud computing has shifted from reducing costs to gaining business agility, providing developers with the tools they demand and ultimately providing excellent customer care.

It’s safe to assume that your organization uses some kind of cloud computing, whether it’s a CRM (customer relationship manager) or HR (human recourses) Software as a Service offerings or Cloud native container-based software development services.

Leverage the cloud for business transformation

The cloud is the most disruptive computing revolution of our times, fostering dramatic changes in both the technology we live with every day and the way we use technology to transform business practices. As organizations are forced to deal with more innovative competitors, it is imperative that management can implement change fast. Cloud computing has become the engine of adaptive change.

If your business hasn’t been on top of the technology curve and disrupting your competitors, your competitors are probably disrupting your business. Changes are affecting all businesses very quickly. Taxis have been disrupted by Lyft and Uber. Physical retail stores have been disrupted by Amazon and Wayfair. Many of these upstarts that are challenging industry stalwarts will likely be disrupted by even more agile startups or existing companies that can use their market power to reposition their businesses.

The cloud makes building connections between your employees, business partners, and customers easier. Innovative companies can no longer live with strict boundaries among business units, subsidiaries, partners, suppliers, and customers. These relationships are key to your company’s success, and building better communications, feedback mechanisms, and transparency will benefit everyone. For example, supply chains benefit when both producers and consumers increase the transparency of their inventories, business plans, and customer needs.

As IT transforms itself to help guide the cloud strategy, the organization can become an agent of change. With the use of well-defined cloud services supported by standard Application Programming Interfaces (APIs), it is possible to more quickly establish new innovative applications and services to support partners and suppliers. With the use of either public or private cloud services, a business can pilot new services with selected partners and iterate based on feedback. The ability to build quickly, test, change, and execute is the best way to experiment with new business models without requiring a massive capital investment.

As you move forward with connecting your ecosystem together more tightly, you’ll need to find techniques to manage the myriad data sources that your company and your partners need to manage seamlessly. It’s a complex task that requires careful business and architectural planning. When these application, process, and data services are freed from their traditional constraints, the business benefits will be compelling.

The need to support multicloud environments

In a perfect world, an organization would only manage a single unified computing environment. But in the real world, life is complicated. Most businesses have a variety of workloads supported by numerous computing platforms. It is common for one business to support multiple public clouds, several different private cloud services, as well as data center services.

In some cases, organizations want to leverage multiple public clouds to avoid reliance on a single vendor. In other situations, an organization may need to support specialized services from a particular cloud service. In many organizations, different business units or developers prefer a particular cloud. The theory is that by working with multiple cloud vendors, a customer has the freedom to move if costs increase unexpectedly. The reality is much more complicated. Meanwhile other organizations have allowed teams to select their cloud provider of choice for different projects.

Almost all public cloud vendors design their services to lock customers into a proprietary platform. Typically, each cloud vendor offers a set of management tools that are only designed to work within that vendor’s cloud ecosystem. While a proprietary management platform solves some problems, it creates new problems down the road.

Transitioning to a DevOps culture

The transition from traditional applications development and deployment is based on a change in culture within the business. This cultural change requires that developers and operations management collaborate to create seamlessness between development and deployment — not an easy task. Traditionally, separate teams have to work together. This new era relies on a combination of tools and best practices to accelerate the pace of application creation and enhancement.

The DevOps culture provides organizations a variety of benefits that make it a good match for today’s IT environments. The most obvious is greater quality, resulting from the use of Continuous Integration/Continuous Development (CI/CD) concepts that find and correct defects early. Continuous integration focuses on constantly integrating and validating changes to software code and underlying services to ensure errors are identified and fixed as soon as they are introduced. Continuous delivery automates the software delivery process (nonfunctional testing, functional testing, security, deployment, and so on), ensuring that with each change, the application is release ready.

The use of automation as a mechanism for operating and managing infrastructure and development processes makes managing at scale more effective. Finally, applications can be developed, changed, and delivered much faster, enabling a faster response to competitive conditions and potentially lowering costs.

Microservices and containers

The cloud has given rise to a variety of technologies meant to help developers become more productive. Microservices, as an example, can facilitate the development of large, complex applications by breaking them down into a set of loosely coupled services. Each service can be developed by a relatively small team of developers — or even a single developer — allowing for parallel development that can make the process more efficient and development time shorter in addition to simplifying testing.

The decentralized, modular architecture that characterize many cloud-based implementations have also encouraged the adoption of containers. Containers provide a means of packaging applications such that they are abstracted from their runtime environments. Developers can now spend their time on creating the application and the user experience rather than working on application logic and dependencies. Likewise, IT operations can focus only on how and where the applications is deployed and how it is managed without worrying about version numbers and application-specific configuration issues. Containers build on the virtualization concept by virtualizing at the operating system level, allowing for a container — or many containers — to run directly on top of the operating system kernel.

Microservices and containers are allowing organizations to quickly update applications to respond to customer and market changes. Some companies release software updates yearly (or quarterly, if they’re ambitious). However, by adopting a DevOps culture supported by microservices and containers, organizations are updating applications weekly or even daily. This ability to continually update applications allows companies to quickly respond to user feedback, add new features without rewriting the entire application, and react to competition.

Security and the Rise of DevSecOps

Security is one of the most important considerations when developing a cloud strategy. Historically, the data center provided a secure platform — organizations assumed that anything behind the was secure. However, with a highly distributed software development environment, security now must be considered throughout the entire application life cycle. As more IT organizations change their software development practices to a more agile approach, there is no guarantee security mechanisms will be in place to provide protection for the new generation of applications. Security cannot be an afterthought; instead you must think about the security of your networks and the data being sent to the cloud, the physical and technical security of your cloud vendor, and the security of your virtual cloud instances.

Despite the continued adoption of DevOps processes, unfortunately security is still often handled traditionally. In many cases, this means that, contrary to the philosophy of a DevOps approach, security is implemented sometime within, or even at the end, of a DevOps process as opposed to being embedded in the development process at the beginning. A solution to this issue is a discipline known as DevSecOps. In brief, DevSecOps is the process of integrating security into the software development process. DevSecOps begins with a change in culture founded in ongoing learning (to raise security awareness with developers who may already be entrenched in DevOps processes), the identification of security-savvy people within the organization who can champion the change in the security approach, and the empowerment of those working on security to determine how best to embed robust security into the clouds they support. Tools can then be used to automate security testing, detect vulnerabilities early, and raise security as a gate to blocking forward progress, and even the deployment of a release, if problems are found.

About This Article

This article is from the book:

About the book authors:

Daniel Kirsch, Managing Director of Hurwitz & Associates, is a thought leader, researcher, author, and consultant in cloud, AI, and security. Judith Hurwitz, President of Hurwitz & Associates, is a consultant, thought leader, and coauthor of 10 books including Augmented Intelligence, Cognitive Computing and Big Data Analytics, and Hybrid Cloud for Dummies

This article can be found in the category: