Skip to main content

Select your location

Mission Critical Modernization

Mission-critical modernization in the cloud

What does “mission-critical modernization” mean to CIOs and senior IT executives? As cloud adoption increases within an organization, there will inevitably become a point where moving mission-critical applications and workflows becomes a front-and-center strategy for IT leadership. This raises the question: What challenges and issues do CIOs need to anticipate and resolve for in shifting these core technologies to the cloud?

We hosted a recent CIO discussion to collectively answer that question. Host Mark Ardito and guest speaker Tony Surma, Chief Architect at Microsoft, talked with CIOs from a range of business sectors and company sizes who all shared four central challenges for tackling the mission-critical parts of the IT terrain.

We joke that we can build a safe, fast, secure car, so to speak, but you can still crash it and you could still not maintain it, and so we have to give you the tools to build your solution securely with all the certifications on top of it, and then keep that running and up to date that way.

Tony Surma - Chief Architect at Microsoft

Challenge 1: Establishing the business case

A CIO pursuing mission-critical modernization may feel like they’ve camped out in the CFO’s office. Justifying the expense of the initiative can be challenging, as it runs counter to traditional financial approaches. Cloud computing does not fall into the capital expense category that IT expenditures once fell into. The cloud is all OPEX, and this can be a challenging pill to swallow.

Not only can the first steps in an initiative be the most expensive, OPEX is likely to increase as more of the company’s IT operations move to the cloud. The total cost of ownership calculation is also a hurdle for many CFOs. Comparing current strategy to cloud-centered strategy is not an apples-to-apples comparison, so TCO assessment is difficult. Some companies shy away from the move because it appears too expensive.

Though the value is difficult if not impossible to quantify, moving mission-critical IT to the cloud has a compelling value proposition. Put simply, it makes life easier.
Unfortunately, this may not be sufficient to win a CFO over. It is likely more useful to come up with numbers, like the level of person hours spent of “low strategic value” that will be saved—for example, all the time spent on patching the servers, server maintenance, and all the other work that goes into the care and feeding of all that infrastructure.

Freeing up low value time means that people can be put on assignments that positively impact the business—increasing customer value, crafting updated business processes, designing new offerings, to name just a few.

The good news is that once the CFO (or CEO) grasps the opportunity that mission-critical modernization offers—that the gain greatly outweighs any pain—they become firm believers. Not only do they then become partners, they serve as champions for other “on the fence” executives and managers.

Challenge 2: Managing data in the public cloud

The moat and castle approach to data center security does not work to manage cloud security. In the cloud, security must be approached with a zero-trust framework. Some are pursuing network segmentation to address this framework and implementing service mesh with microservices on containers to close some of the segmentation gaps.

Encryption can be complicated in the public cloud. It depends on the type of data, the type of encryption, data classifications, access rights, and other factors. A hot topic in certain sectors, notably health and finance, is field-level data encryption. There are several ways to look at it.

One way is implementing different levels of support depending on location—a VM, or a managed instance, or SQL as a service. Another is related to segmentation, where data encrypted at the field level stays encrypted as it transits and is unencrypted in the application. One of the challenges is key management and support, and this is an area where investment needs to be made.

Data privacy is another challenging area. With data now in the cloud, the idea of sharing much more widely—with business partners as well as across business units—is attractive. Further, the data, no longer “locked” in individual systems, can be used for analytics or artificial intelligence purposes.

This raises the level of strategy, responsibility, and liability analysis. A benefit of going to the cloud is that the relative cost for storage drops considerably, which allows investment in protection, access, and exchange solutions.

Challenge 3: Securing the right talent

The whole field of data management has transformed in a relatively short time. This has resulted in a talent gap, and a big challenge is having staff with the right skill sets.

Companies have implemented skills initiatives to keep employees up to date. One form this takes is through third-party training partners that offer formal coursework. Another is through technology partners that are part of the cloud initiative. In this case, knowledge transfer occurs on the job, and staff benefits from the depth of expertise of their partner counterparts.

A third is defined by Kin + Carta’s Enablement offering, which is something of a hybrid of the two. Kin + Carta staff work onsite on a specific issue or problem, and part of the key resolution is to ensure that in-house staff has the necessary skills to continue successfully.

Challenge 4: Taking the first step

Like so many other technology areas, mission-critical modernization must be taken in steps. One big step is giving up the kind of control common to a data center.

There is no tangible hardware; there’s not even a data center. Everything happens in an invisible environment. It takes a different view of what control looks like in this new situation and getting to this is the first step.

Making this change in “control perception” can be facilitated by a clear definition of the parameters of the initiative. For example:

  • What are the goals?
  • What pain is being removed and what gain is being realized?
  • What are the short-term benefits?
  • What are the benefits in the long term?

Once these questions are clearly answered, the next step—designing the way forward in collaboration with partners—can be taken.

Interested in participating in our next roundtable discussion? Join our CIO Community.