The Flexera 2023 State of the Cloud Report is here. According to the report, organizations are embracing cloud technologies, with 96% of all organizations using public cloud to some degree. This means good news for companies wishing to achieve greater scalability and faster innovation. However, rapid adoption of public cloud can create challenges and blind spots.
As organizations rush to put cloud capabilities to work, the adoption of cloud services is outpacing the adoption of cloud skills and experience needed to manage cloud environments, making it difficult for organizations to properly maintain, secure, and optimize cloud environments. Without the right expertise, organizations see cloud costs spinning out of control while struggling to maintain a low security profile, putting sensitive data at risk.
With the right cloud strategy organizations can avoid wasting money and stay on top of security, compliance, and governance. Here are the top 5 cloud challenges of 2023 and how to overcome them.
1. Managing Cloud Spend
82% of survey respondents from across organization types have signaled managing cloud spend as a top cloud concern of 2023. While cloud service providers (CSPs) like Amazon Web Services (AWS) boast of 30% savings on infrastructure costs, this can only be realized if the cloud environment is optimized correctly. Oftentimes, organizations pay for more cloud resources – and more-expensive cloud resources – than is actually needed, causing unnecessary costs to accumulate.
Another issue is how much control developers have in the cloud. On premises, developers have to work through the IT team to deploy new servers, so all infrastructure is accounted for and monitored by IT. In the developer-driven cloud, however, developers can spin up new servers with the touch of a button, and they often do so without any oversight from IT. In addition, without proper tooling in the cloud, IT teams will not have visibility into what is running in their environment. All of this is a recipe for cloud costs to spiral out of control.
The best way to overcome this challenge is to initiate proper governance and cost management policies. CSPs provide a range of tools to help with cost management, like AWS Organizations, AWS Budgets, and Azure Policy, and third-party tools like CloudHealth are also a great option for visibility and cost management. Knowing how to use these tools and perform cloud cost analysis can help you minimize unnecessary spend and better predict cloud costs.
Cost optimization has to be proactive and continuous. An emerging trend in cost management is FinOps. Similar to DevOps, FinOps encompasses tools, people, and processes to build a culture where being cost efficient is a continuous, iterative process.
Using FinOps, Cloudticity helped one customer reduce their cloud spend from $45K per month to nearly $15K per month in one year, while actually improving performance. See Figure 1 to understand how much of a difference you can make in reducing your cloud spend when you employ proactive, continuous cost optimization and management practices.
Learn more about cloud cost optimization in AWS, download the white paper "Reduce Your AWS Cloud Spending."
2. Cloud Security
79% of organizations reported Security as a top cloud challenge. With global cyber attacks increasing by 38% last year and healthcare organizations seeing an 86% increase in malicious attacks, hackers are getting smarter and more sophisticated and cloud security teams must, too.
CSPs offer native tools that can help manage security within their cloud, and there are thousands of third-party tools available to help address multi-cloud and hybrid-cloud environments. Cloud Security Posture Management (CSPM) tools like Prisma Cloud by Palo Alto Networks can help you maintain a low risk environment, but they require expertise for tuning and often need a full-time employee for management. Without sufficient resources to manage Prisma Cloud, organizations often end up with a dashboard full of risks that go unaddressed – an outcome that doesn't help security at all.
To make matters worse, the U.S. Department of Commerce estimates there are currently 700,000 open cyber security positions, and one recent report found that 62% of professionals report their cybersecurity teams are understaffed.
For organizations struggling to find and retain the right cloud security talent, the best option might be to partner with a Managed Services Provider (MSP) or Managed Security Services Provider (MSSP). These cloud partners have been certified by CSPs for competence in managing and mitigating threats in cloud environments. You’ll want to pick a partner with the right certifications and competencies to support your business. Here are 10 tips for choosing a managed cloud provider for healthcare.
Learn more about top healthcare cybersecurity risks and defense strategies, download the white paper, "Securing Your Healthcare Cloud."
3. Lack of Cloud Resources/Expertise
80% of enterprises and 78% of all organizations reported lack of cloud resources and expertise as a top cloud challenge. According to one Robert Half Recruiter, cloud computing remains the number one most sought after skill on the market. And a Cybersecurity Ventures report recently found that the number of unfulfilled cybersecurity jobs grew 350% from 2013 to 2021.
With the demand for cloud talent rapidly outpacing the supply, organizations are looking to other solutions besides hiring new employees to help them meet their cloud goals. One option is to upskill current staff by cross-training them in cloud technologies. However, this comes with risks. For existing employees to cross train, they will typically follow a set of certification courses with increasing difficulty and scope. An example of a common starting point is the AWS Solution Architect Associate exam. It is suggested that 50-60 hours be spent in study over a three month period.
Once this is achieved, it’s advised to spend two years working with the AWS cloud before taking the higher level Solutions Architect certification. There is simply no substitute for real-world experience.
There are also numerous specialty certifications in subjects such as security, advanced networking, and database management, representing skills that are likely to be needed for a journey to the cloud.
To augment the cloud skills gap, many organizations turn to MSPs as a solution. The right MSP can help you manage your cloud environment, reduce your security risk, improve compliance, and optimize costs while simplifying your internal strategy.
4. Cloud Governance
71% of survey respondents reported governance as a top challenge. Governance in the cloud refers to the process of establishing policies, procedures, and guidelines for effectively managing cloud resources, applications, and data. It defines rules for who can engage with what resources, and how. Governance is essential for cost management and also for security and compliance. A good place to start for organizations struggling with governance is the AWS Management & Governance Cloud Environment Guide or governance guides from Microsoft for Azure.
Governance should be a part of your cloud strategy from the beginning, as configuring governance later will be more difficult and time consuming. The cost of not implementing governance can be expensive. You'll end up paying for resources you're not using, or worse, you'll find that gaping holes in your security infrastructure went unnoticed and unmonitored. We recommend working with a qualified cloud partner to help implement governance.
5. Cloud Compliance
73% of respondents reported compliance as a top cloud challenge. As organizations store and process more types of sensitive data in the cloud, tighter compliance requirements are necessary to keep data safe. The cost of non compliance is devastating, with organizations losing an average of $4 million in revenue due to a single non-compliance event.
Compliance in the cloud is tricky because of the ephemeral nature of the cloud. Since cloud environments are constantly changing, compliance can no longer be a one-and-done audit event. Organizations that use public cloud infrastructure must enable a state of continuous compliance, where controls are automatically enforced using code. Then, they must continuously monitor environments for compliance related issues.
Cloud-native tools like AWS Audit Manager, AWS Cloudtrail, and Azure Monitor can help you monitor compliance in cloud environments. Additionally, third-party CSPM tools are a great option and often come with out of the box compliance modules that you can check your environment against.
Learn more about cloud compliance in healthcare, download the white paper on "Navigating and Simplifying Public Health Compliance."
Overcoming Top Cloud Challenges
With budgets tightening across industries this year, it’s not surprising that managing cloud spend is a top concern for IT leaders. One issue is that most organizations lack a solid cloud strategy that addresses key areas of concern, like ongoing cost optimization, staffing, and security. In fact, many organizations jump into the cloud without any type of strategy at all, hoping to figure it out as they go. As a result, they end up being reactive to cloud issues rather than setting themselves up to capitalize on cloud efficiencies.
Creating a solid cloud strategy from the beginning will allow you to avoid these cloud challenges altogether and position your organization to be efficient in every applicable domain.
Want to see how your AWS account stacks up against cloud best practices for security, reliability, compliance, and cost optimization? Try our FREE (and totally automated) AWS Technical Assessment. Or, schedule a free consultation with a healthcare cloud expert to learn how we can work together to keep your healthcare cloud security, compliant, cost optimized, and reliable.