Skip to main content
Do techies need financial skills to avoid overspend in the cloud? Introducing… DevSecFinOps
Vince Lubsey is chief technology officer at Lemongrass Consulting. Vince has 30+ years of experience in IT and deep expertise in enterprise software and architecture and leads a global team in the design, development, implementation and support of the Lemongrass Cloud Platform (LCP, formerly known as MiCloud), which companies are using to migrate and manage their SAP applications running on AWS. Prior to Lemongrass, Vince was a co-founder and Executive Vice President of Product Management and Solution Architecture at Virtustream, a leading enterprise class Cloud company. Before that, he was Senior Manager in the Enterprise Architecture and SAP consulting practices at Adjoined Consulting, continuing in this capacity after Adjoined’s acquisition by Capgemini. Earlier in his career, Vince was with SAP in Walldorf, Germany, working on the development of the first version of the SAP Beverage industry solution, and he was a Global Supply Chain Architect at The Coca-Cola Company.

An angry CFO with an unexpected $50,000 invoice on their desk may not be one of the intended outcomes of a cloud migration project. After all, isn’t the move supposed to save you money?

However, this scenario isn’t uncommon among enterprises that move from the on-premise environment that they have become accustomed to.

It goes without saying that organisations running their systems in a data centre are typically concerned with network and infrastructure issues such as heating and cooling. The overwhelming focus is on hardware. In this traditional environment there are typically a set group of people worrying about the financial and security aspects, allowing the technical infrastructure people to go about their jobs, so long as they operate within those constraints.

When moving to the cloud it is an alarming misconception that the business can carry this same infrastructure perspective into the cloud, treating it as just another data centre, which it simply isn’t. The ability to spin things up at speed creates great opportunity for innovation through agility, but cost and security challenges without having the appropriate controls in place as well.

This means a huge degree of education for the team operating in the cloud. The ability to do things easier and faster requires a new set of skills, known as DevSecFinOps.

Financial awareness may be the last thing on the mind of the tech team, but is frankly no longer an option when operating in the cloud. Rather than be daunting, there should be three core areas of focus:

  • DevOps (development and operations): As we have discussed, do not think of the cloud as another data centre – and that you can simply lift and shift. Any company taking this journey should keep in mind the benefits of optimising and evolving beyond their current ways of working. The key difference is the digitisation of infrastructure and the immediacy of the resulting servers or services
  • FinOps (finance). Building awareness of cost into all actions will empower the IT teams to cover all the bases when undertaking IT improvements. This also demands a level of governance and control around the approval of the spend incurred by seemingly innocuous actions. The challenge is to create a light touch approval process that keeps things moving, rather than a cumbersome ITIL process intended to limit change
  • SecOps (security). A mantra that guides accountability for security within the development process. Similar to finance, there are security implications to most actions. Cloud providers have tried to shield customers from the most serious implications of their actions, but it still requires a significant amount of customer knowledge to keep their organisations safe

The latter two are simply less of a concern when operating on-premise. But, in many cases, the internal resources within the enterprise do not have the experience and expertise around how things work in the cloud. This can lead to mistakes, brought about simply by failing to take advantage of discount programmes or utilising alerts and notifications in case things are trending in the wrong direction. This can result in surprises and overspend simply by not understanding the implications of their actions.

When the CFO asks why they have to spend $50,000 more than planned, the infrastructure team will say they have just been doing what they’re accustomed to, without an understanding of the implications.

This scenario is typical of a major IT transformation project carried out to meet short term objectives. Too often, simply ‘getting to the cloud’ is the end of the journey. Instead, organisations should look beyond the migrate phase and concentrate far more effort on how they ‘operate’ on the cloud. At a practical level, notifications, reports and budgeting tools help monitor spend, along with training to understand how to work in the cloud and pick up on anomalies.

Armed with the right mindset, an understanding of the financial and security implications of their actions, the technical team will be able to leverage the benefits of the cloud and deliver truly game-changing innovation for the business.

Photo by Mathieu Stern on Unsplash

Want to find out more about topics like this from industry thought leaders? The Cloud Transformation Congress, taking place on 13 July 2021, is a virtual event and conference focusing on how to enable digital transformation with the power of cloud.

Source

Emma Crabtree

Emma Crabtree

Providing our clients with first class service and helping our candidates take the next step in their career is what gets us out of bed every morning.