Where would we be without computers, smartphones, music and video streaming? Likely, we’d still be using decade-old technologies like typewriters, landlines, CDs and DVDs. These newer products are prime examples of disruptive technology: exciting innovations that displace pre-established items, and drastically shake up the way we live, work, interact and communicate.
As a cloud consultant, I’ve had the opportunity to see dozens of different public cloud implementations – the good, the bad and the ugly.
Regardless of where you are on your journey, every organization faces challenges – whether unexpected costs, unplanned outages or security-related issues. In my experience, most are avoidable with a little extra planning.
As you invest more time and treasure in the cloud, I recommend the following to build the foundation to keep your cloud strategy moving in the right direction.
Embrace the Practice of ‘Least Privilege’
Most IT organizations are under intense pressure to provide cloud-based resources as quickly as possible. For the sake of speed, relatively junior people, or those who aren’t accountable for cost overruns, are given blanket rights to deploy whatever they want. I’ve seen organizations incur unnecessary costs due to people standing up workloads they don’t need. I’ve also seen outages occur because someone with universal access has inadvertently shut down infrastructure.
For most, privileges should be based on the minimum requirements to do their job and nothing more. In some cases, that means being able to stand up a workload or create a database – full stop. It takes a little extra time and forethought but abiding by the principle of ‘least privilege’ is one of the foundational practices I recommend to anyone looking to save time, money and grief.
Manage API Keys with Care
APIs are integral to life in the cloud. They enable functions and allow systems to share information. But if not handled properly, they pose a significant risk to your enterprise.
All too often API keys are stored in scripts or programs. This is of particular concern when developers use publicly accessible services like GitHub to manage code development. All it takes is someone outside your organization getting their hands on an API key to access your environment. If the owner of the key happens to have universal admin rights, they can then do whatever they like with your cloud infrastructure. I’ve seen organizations on the receiving end of substantial bills because an unscrupulous individual has used their infrastructure to add computing muscle for Bitcoin mining, among other activities.
I recommend never assigning an API key to anyone who doesn’t need it and for those who do, ensure you’re practicing the principle of ‘least privilege.’ That way, unless they have universal admin rights, you’ll limit the damage. You can also rotate API keys the same way you rotate your passwords. Better yet, by using IAM Roles in Amazon Web Services or Key Vault in Azure, you can generate temporary credentials at random, making it almost impossible for API keys to fall into the wrong hands.
Good Policy and Governance Saves Money
I’ve met with many CTO’s who express frustration with the unchecked growth of their cloud spending. More often than not, we discover that IT is adding cloud resources to support application development and then failing to decommission them after the completion of the project.
So-called ‘compute sprawl’ is one of the biggest contributors to cost-overruns. Abiding by the principle of ‘least privilege’ gives you a head start by only entrusting those to deploy workloads who can be held accountable.
Even so, you need a tool that can continuously monitor cloud usage. The Softchoice Cloud Dashboard is a great resource because it allows you to track consumption in real-time by department, project and individual user. It’s also free!
Documented policy and governance for how cloud resources are requested and retired are perhaps the best medicine of all. For example, when requesting resources, the amount and lifespan for cloud-based compute should be specified at the outset. As you near the end of the project lifespan, reach out to see if an extension is required, and, if not, decommission the infrastructure at the agreed upon date. Many governance activities can be automated using APIs, saving time in the long run.
You can also tag resources to delineate between production as well as testing and development environments. Tagging resources allows you to generate reports that give a snapshot of your infrastructure and zero in on areas with low utilization so you either look for opportunities to consolidate or shut them down altogether.
Avoiding the most common mistakes isn’t that complicated. But it does take time and a little foresight. If you’ve got a best practice or a question, I’d love to hear it. Please feel free to share in the comments.
Learn more about avoiding cloud computing mistakes. View our latest Cloud Governance event presentation:
The consumerization of IT is causing huge headaches for organizations. Employees now dictate the devices, apps and services they want to use, and IT departments are being forced to oblige.
The 2013 Softchoice CIO Summit – part of the Softchoice Innovation Forum brought together technology leaders from Softchoice clients and many of Silicon Valley’s trendsetting organizations. And using three business “Megatrends” Softchoice has identified, the group set out to expand their collective understanding of what BYOD, Collaboration and Cloud really means for the modern enterprise.
Here are the core findings. You can download a longer PDF version of this article here, or at the end of the post. It includes more details into the various Megatrend breakout sessions, along with the outcomes from the sessions.
20 highlights from the 2013 Softchoice CIO Summit:
- Social media – and its assoicated behaviors – have set the standard of communications and collaboration within business as well
- The consumerization of IT brought about by Apple’s iPhone and iPad has created fundamental changes for how businesses view consumer technology in the workplace, and even onboarding employees
- SaaS sprawl is causing massive headaches for businesses all over, and is in fact responsible for changing the role of IT within organizations
- Mobile technologies mean our expectations of each other from a work and availability perspective has increased significantly – and IT departments are feeling this burden too
- The consensus was that most organizations are on the path to BYOD in some way, shape, or form
- It was agreed that much of the change management required for BYO and Mobility actually lies outside of IT
- All participants agreed that you must have some type of roadmap or strategy that has buy in from other leaders in the organization, including the CFO
- Participants believed strongly in experimenting with pilots across different groups. The thinking is that BYO may not work across the entire organization – and that’s ok
- Establishing KPIs early on for any net-new program is critical – even as part of the overall vision – so there is alignment
- When it comes to SaaS, users know most of what they want is out there already. They just want IT to make it easier for them, to the point of getting out of their way
- Summit participants voiced concerns over the viability and long-term prospects of the many vendors playing in the SaaS space. Specifically, if they go out of business what happens to the data
- Even if it was easy to get back, one executive asked “where would we put all that data when our data centers weren’t built for that ?”. The group also recognized there are risks that even they haven’t thought of yet – the invisible ones!
- When it comes to cloud, many felt there is a bit of a ‘wait and see” in the short term as the SaaS market is still somewhat immature. That said, doing proper discovery provides the opportunity to do some evaluation through the use of small pilots to prove there are realized cost savings
- Collaboration means different things to different people and organizations. The group agreed that at its core, collaboration enables the ability to access data anywhere, anytime, on any device
- Many organizations have invested in many different collaboration tools, which has resulted in confusion around how and when they should be are used and integrated
- There was agreement that most organizations lack the overall vision for how collaboration comes together to benefit the organization in a way that is measurable, and ensures ROI can be tracked
- Change management is paramount when considering collaboration. Without supporting users with the right consistent training, people will revert back to their old, more manual and less cost effective ways
- The group felt it was important to move a little differently and adopt a process where you begin with analysis, then move to research on the technology you are looking at followed by a proof of concept and only then if all goes to plan, move to deploy
- The measurement of success is something that most organizations struggle with today with their current collaboration investments. The team felt it was important to establish methods up front to track ROI
- The ultimate measure of success is that of productivity – and making it easier for people to get things done
Overall, we had some great advice and ideas exchanged in our Megatrend breakouts. Consistently, we heard the need for all of these trends to align with the needs of anytime, anywhere, anyhow and on any device.
Download a longer PDF version of this article here. It includes more details into the various Megatrend breakout sessions, along with the outcomes from the sessions.
Let’s start with the obvious.
There is no silver bullet, one-size-fits-all checklist for creating the perfect Bring Your Own Device strategy. Every organization is completely different.
But it’s not as bad as it sounds. Many of the technologies necessary to support a strategy are probably already in your ecosystem. It’s just a matter of knowing what’s missing, and how to leverage what you’ve already got.
To give you a hand, we’ve assembled seven tools and technologies that make planning and executing your BYOD strategy a reality.
Networking is a word that for many causes trepidation and excitement at the same time, and I’m not necessarily talking only about networking equipment in IT, I’m also talking about human networking. We all know how nerve racking it can be to step into a room full of strangers with the goal of branching out to meet new people.
As society has become more digitally focused with the way we interact, human networking has become a lot less scary for many. (while more scary for others!) Today, through tools like Facebook and Linkedin people can learn about each others most intimate details, interact in both a personal and professional capacity, and in many cases become closer to that person with far less effort or time than in the past.
Many people may be wondering what the above has to do with IT, and may be thinking that I’m just off on another one of my tangents and have no real direction with this blog post… Well here comes the meat and potatoes… [Read more…]