Cloud-enabled business: it’s more than just using the cloud

  • Strategy guides standards and service criteria and architectures.

  • Governance builds and maintains processes to support ongoing use of services.

  • Security is critical to sustained and expanded use of cloud services.

Being a cloud-enabled business requires more than simply using cloud-based solutions for IT and business-process challenges. Today, the vast majority of companies are at least partially cloud powered, whether they are outsourcing an application (as more than 97% of organizations now do) or a platform for hosting apps (42%) or a virtual infrastructure (53%), according to Nemertes 2014-15 Enterprise Technology Research Benchmark. Most organizations, however, are struggling to seamlessly integrate cloud into their IT environment.

Being cloud enabled requires the strategy, governance, and security to make continued and increasing use of cloud services sustainable operationally and from a risk management perspective.

STRATEGY is important from a number of perspectives. It can:

  • Drive selection criteria (e.g. “Must support identity federation for single sign on,”) and standard contracting practices (e.g. “Never sign up for more than 24 months of service.”)
  • Drive architectural decisions and thereby help build an environment that works together and appears to end users to do so seamlessly (e.g. “We will use single sign-on as a service for ease of use and security to end users.”) Architecture can create the environment needed for comprehensive operations automation and for straightforward integration across internally provisioned and externally provisioned services.
  • Help prevent wasteful replication of services, isolated islands of service, and retain necessary in-house services.

GOVERNANCE rides on the back of strategy. While strategy guides standards, service criteria, and architectures, governance builds and maintains processes around service selection, testing, acquisition, integration, and ongoing use. Governance is how cloud goes from something that an individual in an organization uses to something that the organization uses over time, responsibly and reliably.

SECURITY within cloud services is critical to their sustained and expanded use. Without sufficient provisions for security, the enterprise engagement of the cloud would have to be shallow and temporary, and would ultimately fail to displace use of internal resources for any and all sensitive and critical work. In fact, Nemertes 2014-15 research benchmark shows that it is the lingering unease with cloud service security—whether focused on continuity, availability, or integrity of services and data—that is chiefly responsible for holding back use of PaaS and IaaS. Most enterprises have moved less than 2% of overall workload into IaaS as a result.

Because security is the main sticking point for the adoption of cloud services, a business must focus on how IT security can help the business do more while still being good stewards of data and protective of services. Promoting “security-as-a-business-enabler” is easier when there is a well-understood strategy for bringing cloud services into the portfolio, and a set of well-defined processes for integrating and operating them within that portfolio.

Being a cloud-enabled business isn’t just about using the cloud. To be sustainably cloud-enabled requires strategy, governance, and security commensurate to the challenges and opportunities your business presents. These are competencies that a strong service provider can help your organization establish.

Learn more about cloud services from AT&T.


John Burke Principal Research Analyst Nemertes Research About John