As businesses try to optimize their costs during economic downturns, ramping up cloud spend can be a pain point. Efforts to alleviate this – from, say, moving workloads to a cost-effective environment/on-prem or re-architecting to save costs – become difficult, as organizations often find themselves strapped for technical agility.
With modern businesses carrying so much data, some legacy or homegrown applications not allowing for transfer and cloud lock-in all to contend with, it can quickly feel like trying to fit a thousand square pegs through a thousand round holes – all against the backdrop of accelerating cyberthreats like ransomware. Because of this, the right balance between cost and security needs to be found for every workload.
In response, IT teams are increasingly adjusting their environments with data portability in mind. But they need to ask themselves a few questions first.
Why Move Data at All?
To state the obvious, modern enterprise IT environments are vastly complex. They can be monolithic and highly dispersed, with the growing data gravity of some environments making many companies essentially “digital hoarders.” This is problematic as is: Holding on to unnecessary data exposes you to unnecessary cybersecurity and compliance risks. But data bloat in the cloud also brings severe financial consequences and the dreaded “bill shock” when that invoice lands.
So, even though many companies moved to the cloud in the first place to optimize costs, the flexibility that the cloud gives businesses can be a double-edged sword. While you only pay for what you need, the flip side is there is no “spending cap,” so costs can easily get out of control. To solve this, better data hygiene can help. But for the data you do need, it’s about picking the right platform for the workload, which may involve re-platforming or re-architecting to optimize costs. This is where data governance and hygiene come in – before looking to move data or improve processes, you need to know exactly what data you have and where.
What Data Can You Move?
Once you’ve established what data you should think about moving, the next, more difficult question is what data you can move. Unfortunately, this is where many organizations face challenges. Having data portability is crucial to be able to move things around and maintain data hygiene in the long term. But several factors can make it difficult to move or transfer workloads from one location to another. The first is “technical debt” – i.e., the extra work and maintenance required to update older or scratch-built applications to get them to a point where they are transferable and compatible with other environments. The cause may be taking shortcuts, making mistakes, or not following standard procedures during software development. But leaving it unfixed makes it impossible to optimize environments and can cause additional problems for things like backup and recovery.
The other, perhaps more infamous, issue that can affect data portability is cloud lock-in. It is a well-known fact that businesses can easily be locked into using specific cloud providers. This can be due to dependencies like integrations with services and APIs that can’t be replicated elsewhere, the sheer “data gravity” it might have in a single cloud, and a simple knowledge gap, meaning teams lack the expertise to work with a different provider. Of course, this will only affect moving workloads out of the cloud, so it’s still possible to build for better portability to give you better storage options and promote better data hygiene. Essentially, where possible, businesses need to create standards, across their environments, making data more uniform and portable and mapping and categorizing it so they know what they have and what it’s for.
The (Constant) Security Question
Finally, it’s crucial when building and capitalizing on data portability that security is not left behind. Improving security can (and should) be a motive for moving workloads in the first place, but if you’re migrating workloads to optimize costs, this must be balanced against security considerations. Security needs to be part of the data hygiene process, so teams need to ask, “What do we have?” “What things do we not need?” and “What are the critical workloads we absolutely cannot afford to lose?” Beyond this, continue to patch servers and when moving data to colder storage, remove internet access when it’s not needed.
Having backup and recovery processes in place is key when moving workloads. To come full circle, having easy data portability is also important for disaster recovery. In a critical event like ransomware, the original environment is often unavailable to recover damaged workloads (via backup) as it’s typically cordoned off as a crime scene, and the environment might still be compromised. To recover quickly and avoid costly downtime, workloads sometimes need to be recovered to a new temporary environment, like a different cloud.
As organizations strive to manage their IT environments and avoid financial and cybersecurity surprises, it’s important to constantly assess what data and applications you have and where they are kept. But to manage and adjust as needed, businesses must build with portability in mind. By doing this, businesses can create a more agile, cost-effective cloud environment, making it easier to bounce back and recover from disasters like ransomware.