Big Co. Small Co.
Power of One


Cloudophobia - Don't Let the Cloud Scare You!


It’s the time of year for conjuring up our fear of things that go bump in the night, but the cloud shouldn’t be one of them.

The public cloud has been floating around for quite some time now, anywhere from 10-12 plus years depending on which of the various origin stories you might follow.  So why, after all this time, a decade or more, is there still this reluctance on the part of many businesses to embrace the cloud as a resource in their IT transformation efforts?

Here are just a few concerns that businesses give for their “cloudophobia”:

- Security and data protection
- Loss of command and control
- Concerns about performance
- Uncontrollable Cost
- Integration with their current systems, data, and processes

Perhaps the most cited reason is fear of the unknown... 

Many businesses are reluctant to use the cloud because they don’t understand it, particularly how it would fit the needs of their business and what steps to take to get started. This hesitancy leads to missed opportunity.

Let’s look at some of the reasons not to be afraid of the cloud:

  • Agility & Scale- Infrastructure & Services as code provide immediate access to the resources needed that allow your application teams to innovate and scale

  • Future Proofing - Using cloud based resources provides the latest hardware and services, removing the need to invest in hardware and tools that quickly become legacy technologies

  • Spend Optimization - Done properly, with the right solution architecture, the cloud can provide more resiliency and higher asset utilization factors by right sizing resources and scaling with load.

So how about those Cloudophobias… Should we really be that concerned, or is it just the fear of change and different ways to do what we have always done?

I think is healthy to approach any shift in technology with a degree of concern and skepticism. That said, the public cloud has come a long way and many have helped blaze the original trails that are now becoming well defined patterns on how to approach planning, migration, and day-2 cloud operations.

When working with customers, I am adamant about ensuring that they have a current inventory of applications and a unique identifier tied to each of them… Think of this as the social security number or serial number of the application. This number is a critical component to the tagging strategy that will be used to manage automation tied to the resources, services, and maintenance tied to the respective application.

The next core component of managing risk in the cloud is having a solid tagging strategy and making sure that your tagging practices have been incorporated directly into your cloud deployment tooling, whether this is through a commercial CMP package, or within your CI/CD tool chain. Automating this as a set of predefined variables helps ensure consistency and adherence during implementation.

Once these two foundational objectives are complete, we can focus on how to manage the other key concerns around access & security, performance, cost and enterprise integration.

The core pieces that factor into the remaining concerns are the solution architecture of how both the cloud platform is implemented, and the architecture of the migrated applications themselves. The other is taking a position of least privileged access. Having an architectural strategy, tied to service account based access when used with CMP or pipeline based deployments go a long way in mitigating many of our concerns as IT leaders.

Ultimately we want to provide our teams with the maximum amount of freedom in the cloud to go fast and innovate… That said, we have to keep our names off the front page news as yet another company that has exposed customer data. Combined with the above strategies, I always recommend a compliance automation engine that can take action on your behalf when (not if) mistakes are inadvertently made. As an advisor and partner I recommend that DivvyCloud be a tool that is considered to ensure your cloud resources don't go bump in the night!

To find out how Big Co. Small Co. can help you overcome your fear of the cloud, contact us today for your free 30-minute session by visiting our contact page.


Thomas Martin is a former CIO, and technology leader of the General Electric Company.  Prior to leaving GE,  Thomas was the Executive Vice President of Application Transformation tasked with moving 9000 legacy workloads to public and private cloud infrastructure.  He has been a leading evaluator, adopter, and advocate of innovative tools and emerging technology that drive effective operation of cloud infrastructure at scale.

CloudThomas Martincloud, aws, gcp, azure