As a C-level executive, you might want to deliver a new service to market. Your IT department could take six to nine months to set up the systems and get it ready—after you rounded up the funding, that is. Meanwhile, you’ve probably lost time-to-market. But if you put your new offering in the cloud, it gives you the ability to launch much faster, and to automatically scale it depending on the demands and needs of your customers.
This is but one of the reasons your enterprise needs a good cloud architect, one who can inventory your IT processes, leverage new cloud-enabled technologies, and free up your resources to invest in tackling more complex, business-critical projects.
A critical hire
What makes a cloud architect (CA) a key hire? A cloud architect is not just another IT manager, but an expert in business strategy and planning. The role is both tactical and strategic, involved in addressing the pain points your IT staff deals with every day. This can give you financial peace of mind, in that it’s not about buying infrastructure, but concentrates on delivering critical business initiatives.
For some insights into and advice about how to hire and benefit from a CA, I turned to two experts in the field. One of Microsoft’s handful of technology evangelists, Rick Claus, who is a senior program manager on the Azure Compute team, and Sean Duca, VP and regional chief security officer for Asia Pacific, at Palo Alto Networks. (Duca’s job is to help executives understand how to control risk so they can profit from the benefits of cloud technology; Palo Alto Networks is Security Roundtable’s parent company.)
Before hiring a CA, however, it’s a good idea to know what the cloud is all about. “The cloud is, literally, someone else’s computer, and you get to use it!” explained Duca. You can shift your company’s software applications and data to it, he said, “while somebody else makes the capital expenditure and manages it. What’s more, it shrinks and expands on demand instantly to suit your needs.” With your digital assets entrusted to an outside entity, it’s the CA’s job to manage the migration of your systems and data so everything’s safe.
Appetite for risk
As with any decision, there’s always a risk. But what’s considered acceptable risk? According to Duca, that’s up to you. To benefit from the quick scaling that a cloud provider can offer, you don’t have to put a critical software application out there right away, nor sensitive customer data. At the same time, you should first consider the risks you’re already facing by hosting your apps and data in-house.
“If your systems are all on premises, you’re probably protecting your data the same way you did ten years ago,” said Duca. “That kind of security won’t suffice for the next ten—and, possibly, not even for the next two—years.”
So, exploiting new options doesn’t necessarily mean accepting more risk than you can handle. As your company’s risk profile changes, your cloud architect can help you decide what components of your IT system to move into the cloud, precisely because cloud providers can protect some of it better than you can.
While recent news stories about high-profile data breaches might be enough reason to bring on a skilled CA, there are many upside drivers, too. For instance, traditional IT leadership might not even be aware of the ins and outs of how the cloud can benefit your business.
“My approach would be to find a ‘born-in-the-cloud’ expert,” said Duca. “Find someone who’s got competency to work in one of the cloud platforms—Google Cloud Platform, Amazon Web Services (AWS), Microsoft Azure, etc. The more competency they’ve actually got in those different clouds, the safer it’s probably going to be for you and the organization.”
So, what is a cloud architect?
Claus emphasized both the immediate benefits and the long-horizon value of taking advantage of the cloud. And that means changing your IT department.
“A cloud architect brings the perspective of modernization and efficiencies that come from leveraging cloud technologies into existing and new projects,” said Claus. “A clear line of sight on the benefits and returns for adopting cloud technologies needs to be front and center during the evolution of an IT department.”
A cloud initiative includes reducing the footprint of on-premises data centers. A savvy CA will recommend which IT workloads to move to scalable cloud providers and show IT staff how their own tasks and workloads can evolve to manage these new technologies. The strategic objective should be to free up resources to re-invest for tackling even more complex projects that are truly mission-critical to the business.
Strategic security planning
If you’re still contemplating a move to the cloud, your business faces security risks even while everything is primarily in-house, simply because the nature and behavior of your users, data, and applications will change. A cloud architect brings a new strategic perspective to your top-level security planning.
“Threat management was once about blocking and keeping bad things out,” said Duca. It was simplistic. “I had antivirus, then I had a firewall. That was a very static world. I had one device and an IP address and that was it.”
Now your employees, customers, and partners are connecting to hybrid, intermingled data and software applications via multiple devices—to and from places you don’t even know about. (“If I can’t see it, I can’t control it, and I can’t enforce security,” warned Duca.)
In many respects, your business is already in the cloud. For example, companies use more contract workers than they ever did. There’s an ever-changing population of employees that are coming and going and potentially accessing and exposing sensitive information.
“How do we control all that?” asked Duca. “We’re at a point now where, exponentially, the threat has gone up. You probably can’t even work out how secure the data in your own databases is.”
Claus added: “Is your IT planning up for these new challenges?”
With a good CA on your team, Duca said, your digital assets could actually be safer in the cloud than in your own systems. “Your CA defines the governance around anything you put into the cloud and works with your cloud provider to secure it.”
What to look for
“A cloud architect needs to be a team player who is able to adapt to fit into the teams he or she are working with,” said Claus. “They need to act as an advisor and facilitator. They should be able to identify themes and scenarios that can bring consensus to a disparate team that would otherwise get stuck in traditional models and debates.”
Of course, a good CEO who’s looking at candidates for a cloud architect will likely come back to risk management. This is right up Duca’s alley as a cybersecurity expert: “From a CEO’s perspective, I’d be thinking, How could you help me understand what are some of the risks and challenges I’m facing and, ultimately, how am I going to overcome them?”