Cloud Security, Cloud Security

Three ways to get a stalled cloud migration back on track

A visitor tries out a tablet next to a cloud computing symbol at the 2013 CeBIT technology trade fair on March 5, 2013, in Hanover, Germany. Today’s columnist, Josh Stella of Snyk, lays out five fundamentals of cloud security.
(Photo by Sean Gallup/Getty Images)

Cloud migrations have always been tricky, but COVID-19 has made them more so. That’s because the pandemic was a phenomenon that at once prompted, and then complicated, the migration process for countless businesses struggling to adapt. The same urgency that forced companies into digitization overdrive to cope with pandemic-related disruption led to strategic shortcuts that – together with the pandemic’s ongoing impacts on business continuity overall – complicated or even stalled the modernization effort later on.

Unfortunately, whether it’s time, money, technical blockers or a lack of strategy from the rush to migrate, many companies have found themselves stalled in their migration efforts. That leads to cyber risk, compliance and visibility hurdles, and unnecessary costs through redundant systems as the technical debt of doing nothing.

Let’s examine some of the main reasons cloud migrations get stalled, and how to go about jump-starting those efforts.

Why companies move to the cloud…and why it causes trouble

There are a lot of pain points that drive companies to invest in the cloud – business needs that motivated the migration from the start. These include pressure to innovate to keep up with new technologies, remain competitive, and offer better services and customer satisfaction. But a stalled migration toward these goals actually creates more vulnerabilities than before, including:

  • Duplicative costs and unnecessary contract extensions on pre-migration services.
  • Increased cybersecurity risk from misaligned systems and broader attack surfaces.
  • Compliance concerns related to data privacy stemming from lack of visibility and security gaps.

These vulnerabilities result from challenges in understanding environments, migration candidates, and dependencies to adequately plan suitable paths of transformation.

All the while, business operations suffer, and when things fail, security pros have assets on either side and tooling not aligned, so there’s poor orchestration and visibility. Whether it’s system latency, patching and process-intensive hardware refreshes, or scalability and investment hurdles, these complications add further risk and detract from success.

Get the migration back on track

The way to get out of this purgatory and jump-start a stalled migration is to adopt a more realistic view of migrations: Accept the fact that it’s a question of when, not if, complications will arise. From there, it’s possible to adopt a more proactive and effective approach founded on three strategic priorities:

  • Take a problem-agnostic view.

Embrace the troubleshooting mindset. Problems can come in the form of challenges with funding, technical integration, extended licensing costs from missed migration targets, change management hurdles or changes in leadership or business requirements. Regardless of the source of the curveball, maintaining this mindset helps the team anticipate change and bring an agile and timely solution to the table.

  • Look for holistic ways to address time, assets and resources.

Recognize that they’re all constrained – often around the same issues. As an example, think ahead to prioritize a database migration to the cloud for a specific system that may run by server software nearing end-of-life. This strategic choice will help avoid unnecessary licensing costs and problems with support and performance that would occur if the team had kept the system on prem for a longer period of time.

  • Design for the unknown.

In doing so, the team can incorporate new technologies being developed over time, some of which may have already advanced since when the organization first started a migration that later stalled. For instance, new edge and AI/ML applications and other digital transformation innovations are continually expanding customer experience into total experience capabilities. Ensure that the company’s design architecture and asset strategies have data standardization and governance in place to stay agile and adaptable to new use cases and configurations.

Throughout the migration process, organizations should ensure comprehensive and dynamic monitoring, even in production-grade and multi-cloud environments, through automated cyber asset management tooling.

Security teams can further remove roadblocks to operational and scalability needs of an architecture by applying a data-science approach to tagging cyber assets – which involves using data on both attributes and functions to reap behavioral insights the team can visualize for advanced enterprise asset graphing. This, in turn, lets the company predict how systems will grow and interrelate as the cloud migration continues.

Fixing stalled migrations requires a new strategic mindset for proactive planning and problem solving. Having deep, comprehensive insight on assets allows for robust planning and workload placement that reduces risk on both the migration tasks and future operations through cyber asset controls and security. It’s a mindset that can get the project back on track and pull the organization out of a vulnerable position of excessive cost and risk.

Keith Neilson, technical evangelist, CloudSphere

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.