Whether an organization is just now embarking on their public cloud journey or moving the needle toward cloud maturity, they will likely face—knowingly or unknowingly—a challenge that is often recognized, but rarely understood: The Cloud Consumption Spectrum Dilemma. Put simply, this dilemma involves how much control and freedom we maintain within a small subset of individuals, versus the broader set of users, developers, and consumers of public cloud services. Below, we’ll explore the advantages and disadvantages of using centralized or decentralized public cloud models and provide valuable context for organizations looking to find the balance that best suits their business needs and objectives.
The centralized model, which can be defined as having a ‘cloud team’ that handles all ‘cloud things,’ is an approach that many organizations take because it typically feels the most comfortable. As organizations begin their cloud journey, public cloud is generally thought of as the gateway or solution that will transform the way the business operates and serve their most critical functions. Naturally, an organization would have some trepidation and a desire to minimize the risk of roadblocks by building teams of highly skilled individuals who focus all of their efforts on technology initiatives. The problem with this is that if organizations fail to extend their approach to consider the ‘people’ and ‘process’ aspects of a cloud initiative and focus exclusively on the technology, they may fail to truly recognize any value.
- Governance & Security: Perhaps the number one reason that the centralized model is adopted—implicitly or otherwise—is due to the need to verify that services deployed and configured in the public cloud follow an organization’s corporate governance and security standards. Organizations tend to feel more comfortable and secure when public cloud services are built and maintained by a smaller subset of people. This comes with the assumption that having everything controlled by only a select few helps ensure that the organization won’t open itself up to performance issues or security vulnerabilities.
- Skilled & Experienced Stewards: In a centralized consumption model, the owners and administrators maintain complete control over the public cloud. These individuals typically have backgrounds that span across networking, storage, computing, virtualization, business continuity, etc. – all of which are just as relevant and vital in the public cloud. Organizations that can build these types of experienced teams around their public cloud initiatives—or any area of the business, for that matter—put themselves in a very advantageous position to not only solve problems, but innovate.
- Slowing of Progress: Progress, in this context, refers to the building and/or migration of applications within the public cloud. In the centralized consumption model, reliance on a handful of key individuals who may have far too much on their plate becomes a chokepoint. As a result, trying to build new solutions and maintain existing capabilities in the public cloud often falls to the back-burner while day-to-day operations take higher priority.
The decentralized approach is a model in which ‘everyone can do anything’ within the public cloud. Many of us have heard the stories of organizations that have faced issues in this model – be it something newsworthy or just generally frustrating internally. While this approach may sound like something out of a horror movie for most technologists, there is significant value to adopting a more decentralized model, if done correctly.
- Speed & Innovation: While this may sound cliché, the truth of the matter is that decentralized models tend to foster the ability to innovate, move faster, and ship products quickly. In scenarios where individuals are looking to develop something that drives new value to the business, they have the ability to build cloud services without roadblocks. In other words, new solutions can generally be built in less time and the organization can see the value of the solution more quickly.
- Wild West: A common sentiment among business leaders and technologists alike is that if you open something up to anyone and everyone, bad things are going to happen. This could come in the form of having three different solutions running to serve backup capabilities, or 87 configuration varieties of the same exact PaaS service. Ultimately, more decentralization increases the likelihood that our environment will become a mess.
What about Cloud-Native, Private, and Hybrid-Cloud?
Conceptually, it really doesn’t matter which type of cloud we’re using when examining cloud consumption. Obviously, the tools and technologies would differ, but whether we’re talking about deploying VMs within the datacenter, public cloud PaaS services, or containers in a Kubernetes cluster, the concept still applies. However, an important consideration in how we evolve our approach to private cloud consumption is the fact that this is generally a technology that enterprises have supported for years – and it’s far too common for organizations to become ‘stuck in their ways.’ Therefore, to truly shift our organizational approach to cloud consumption, we should take a step back to consider all of the different types of platform technologies or clouds that support and enable the business.
Determining the Right Approach
So, what is the best approach? To give the typical engineering response – it depends. Ultimately, most organizations are going to find that the model that makes the most sense to enable speed, efficiency, governance, and security lands somewhere in the middle. What this looks like is an organization of cloud custodians who develop the guardrails and packaged offerings, which are then provided to the cloud consumers who understand the capabilities, value, and needs of utilizing public cloud and have the freedom to build innovative solutions within the guardrails.
In order to find and enable that “perfect middle,” we need to build capabilities around—and invest in—a few key themes:
- Cloud Consumer Education: Educating our cloud consumers is paramount to success. This involves making sure that they understand specific organizational standards, general public cloud 101, and the outcomes that public cloud can help provide to the business. The more educated cloud consumers are, the more successful an organizational adoption of public cloud will be.
- Automated Deployments & Configurations Packaged as Standard Cloud Offerings: We should fully embrace the capabilities that automation and infrastructure as code can provide to us as an organization. In doing so, we should automate as much as possible and develop repeatable solutions that can be packaged as standard offerings for our cloud consumers to utilize. These deployments and configurations will adhere to our organization’s security and governance standards by design and provide a simple method to quickly build and develop solutions within the cloud.
- Well-formed Governance & Security Controls: We should not be advocating for no governance or a ‘free-for-all’ within the public cloud. However, we must be diligent regarding our ability to govern, secure, and enable our cloud consumers to either prevent issues altogether or catch them early and remediate accordingly.
- All-inclusive Enterprise Cloud Approach: We should make a point not to invest all of our time and energy in the public cloud simply because its newer or less understood. To drive change across the organization and realize the value of shifting our cloud consumption approach, we should advocate for it to be all-inclusive of the organization’s enterprise cloud, regardless of whether these platforms or clouds are public, private, hybrid, edge, or otherwise.
Knowing that centralized and decentralized consumption models each have discernable pros and cons, the best thing that organizations can do is strike a balance between the two. This balance will differ from organization to organization, but the alternative of going ‘all-in’ on just one cloud consumption model may lead to problems (e.g., security and governance issues or bandwidth constraints) down the road. To be truly effective in our adoption of cloud technologies, we must focus on building the solutions that protect and simplify offerings within the organization while simultaneously opening the doors for innovation. And, as is the case with any evolving technology, we must embrace the fact that change and disruption will be ongoing throughout our journey towards cloud maturity.