David Linthicum
Contributor

3 things to add to your 2022 cloud to-do list

analysis
Oct 19, 20213 mins
Cloud ComputingCloud SecurityIT Skills

Cloudops, layered security, and a well-trained staff should all be on your radar for next year.

Cloud budgets have expanded in the last two years. Although most see the pandemic as the cause, the reality is that IT dollars have shifted to the cloud for pragmatic reasons as well, such as shutting down aging data centers and upgrading security. 

The mantra thus far has been “migrate, migrate, migrate,” lifting sets of applications and data from the traditional systems and plunking them down on one or more public clouds. Workload and data migration will continue to be where the money is being spent in the world of cloud computing.

We’re now seeing more strategic tasks being introduced as well. Here are three things to consider adding to your 2022 to-do list.

Focus more on cloudops needs, including AIops capabilities. Some enterprises have indeed built their cloud systems from the ground up with ops in mind, but for most enterprises it’s an afterthought to be dealt with at the end of the migration or development processes of net-new cloud systems.

You need to do two things: First, figure out how ops is supposed to work in detail. This means writing ops playbooks or whatever planning approaches you use. Second, get the tools in place for cloudops: AIops, security, governance, network operations, etc. This is typically a mix of some old and many new tools.

Consider layered security for your cloud-based systems. I’m seeing that most public cloud systems stood up today leverage minimum viable security (MVS). In other words, companies hope to get away with security systems that will meet the minimum-security requirements of their cloud-based applications and data. MVS is not a bad thing, but other security layers should be considered as well.

Security managers come to mind, especially for more complex architectures such as multicloud. These can sit above your different MVS technologies and make identity management, encryption, authentication systems, etc. easier to operate and thus more secure. Think of it as a master control center for all of cloud and sometimes non-cloud security.

Formally and consistently augment the skills of your team. If you think that cloud training within your company is one and done, you’re sorely mistaken. During the pandemic we learned to train on the fly using on-demand resources, cloud provider certification, and even structured on-the-job training where individuals could be mentored directly over Zoom. However, now that many of those skills have been obtained, some companies think training is over, at least as a larger strategic effort.

Now is the time to figure out your approach to cloud-skills training moving forward. Which platform and provider will be strategic partners? Miss this, and you’ll find that staff won’t feel like an investment is being made in their careers. You’ll also learn that skills become dated, and costly mistakes start occurring. Training should be ongoing and ever-changing around the needs of the cloud teams.

None of what I’ve said here should be new. The idea is to get these concepts funded, or strive for continuous funding. We’ve come this far. Let’s keep up the momentum.

David Linthicum
Contributor

David S. Linthicum is an internationally recognized industry expert and thought leader. Dave has authored 13 books on computing, the latest of which is An Insider’s Guide to Cloud Computing. Dave’s industry experience includes tenures as CTO and CEO of several successful software companies, and upper-level management positions in Fortune 100 companies. He keynotes leading technology conferences on cloud computing, SOA, enterprise application integration, and enterprise architecture. Dave writes the Cloud Computing blog for InfoWorld. His views are his own.

More from this author