cloud first

Is Your Enterprise Ready for a Cloud-First Strategy?

Has your organization adopted a “cloud-first” strategy? Should it? Whether it has or has not, it is vital that board members and senior management understand the challenges, risks, and opportunities. According to “A Repeatable Cloud-First Deployment Process Model,” a white paper from Palo Alto Networks (Security Roundtable’s parent company), here are the key issues you should understand:

What is cloud-first? The underlying philosophy of cloud-first is that organizations must initially evaluate the stability of cloud computing to address emergent business requirements before considering other alternatives.

What are the benefits? The primary benefits stem from the ability to leverage a wide range of services without having to make a major investment in physical infrastructure. This can strengthen business agility, lower costs, reduce complexity, accelerate speed to market, and streamline business operations. It will also create a next-generation IT infrastructure that is much more service-oriented than before, which can position the organization to be more innovative and responsive to future customer and workplace needs.

What are the risks? The benefits of cloud computing are generally understood at a high level. What is less clear are the potential security, legal, financial, and compliance issues of going cloud-first. Often, the stakeholders responsible for those areas are not sufficiently familiar with how a cloud-first strategy affects their roles and functions. This can lead to unintended and potentially devastating consequences: Data breaches, cost overruns, missed deadlines, and more.

How to get started? Success starts with a fundamental understanding that cloud computing is a shared responsibility model, whereby different entities are responsible for managing their areas of concern across the entire implementation. Successful cloud initiatives must have top-down support. Just as critically, they need to be viewed as a collaborative effort in light of the breadth of subject-matter expertise required from all parts of the business.

How to reap the benefits and mitigate the risks? The path to cloud-first might have a beginning, but it doesn’t have an end. Cloud-first is just the start of an ongoing process of assessments and decisions that an organization will need to make if it wants to ensure that its best interests are protected.


Moving to a cloud-first strategy is not a single event, but rather a permanent shift in how an organization implements business decisions. While most enterprises already have a presence in the cloud, many have made these moves without a clear process for ensuring that critical business interests are protected. Decisions made today will have lasting consequences for how the organization meets its legal and compliance requirements, SLAs, financial targets, and other business imperatives.

Introducing a clear and repeatable process early in the organization’s cloud-first journey provides the opportunity to ensure more positive outcomes as the organization progresses. By learning to engage the right stakeholders at the right time to make critical decisions, organizations will be able to create secure, efficient, and productive cloud initiatives that will support business growth and success long into the future.

For a more detailed analysis on how to ensure a successful cloud-first strategy and security, download the white paper (registration required): A Repeatable Cloud-First Deployment Process Model.