Site icon IT World Canada

Does your enterprise even need a formal cloud policy?

IT office business

With all the buzz on cloud migration, IT industry experts have insisted that enterprises need a corporate cloud computing policy, but is it really necessary for cloud success?  Is an explicit cloud policy essential, nice to have, or optional?

By cloud policy, I mean an enterprise-wide cloud governance statement of direction, not just a tactical IT directive or a departmental purchasing rule.  Enterprise policies typically cover business critical topics such as:

Traditional IT is typically not the subject of explicit business policies.  Why does cloud computing warrant being elevated to a higher level?  The table below compares “legacy” IT to cloud-based IT, and illustrates some of the major differences.

Traditional IT Cloud-based IT
Business impact Automates systems of record; asset-based; technology-driven; business process focus Automates systems of engagement and possibly record; service-driven; shared assets; customer transaction focus
Customer Supports internal HQ and branch access; includes basic Web presence Also supports social networks and self-service transactions; supports interactive Web and mobile e-commerce
Control Owned, managed and controlled by the internal IT department Managed by the IT department with distributed external ownership, control and operation
Agility and speed Slow, evolutionary change; customized apps; proprietary technologies Agile development; rapid deployment; standard services; open technologies
Geographic reach Primarily in-house and local (e.g., bank branches, physical stores, offices) Global reach through the Web, social networks and mobile devices
Integration Vertical (all components are in-house) with some external horizontal links Hybrid internal/external solutions with distributed products and shared operations
Personnel Centralized technical staff with specialized planning, development and operations expertise Outsourced operational staff; packaged off-the-shelf services; expanded relationship management functions
Legal compliance Compliance requirements managed internally Internal and external compliance and auditing required
Financial Mixed capital and operating costs; high salary expenses; long term investments Primarily operating expenses; reduced salary expenses; resources on a pay-for-use basis
Innovation Majority of investment is to improve the status quo; innovation can be slow and costly Significantly increased agility; much lower cost for service trials; lower overhead for development and testing; new innovations are results-driven

 

The chart above implies that a transformation to cloud-based IT could indeed be business strategic with a requirement for overarching policies (as opposed to project-by-project business cases).

For example, strategic business outcomes of the cloud transformation could include:

If cloud computing proves to be the most appropriate solution for multiple business issues (as might be demonstrated by the emergence of “shadow IT”), then a corporate policy that gives preference to (or even mandates) the cloud transformation would make sense.

The emergence of government cloud-related policies in the USA, the UK, Australia, Hong Kong, the European Union and China are examples of how this is being implemented in the public sector.

A Cloud First Policy could include such topics as:

Does your organization have a Cloud Business Policy?  Are you planning to create one?  If no, why not?

Exit mobile version