Unlocking Real Value from Cloud in 12 Basic Steps

By Thomas J. Smart

Cloud platforms and strategies remain a common theme in digital transformation, enabling agility, scalability, and innovation. To fully leverage the cloud's benefits while mitigating risks, organisations must implement structured controls and practices that align with their objectives, culture, and compliance requirements.

In this article, I’ll refer to the uncertainty matrix as explained in my whitepaper, whereby we apply the foundational concepts of knowns and unknowns to structure understanding and effectively address uncertainties. To start with, we will look at known-knowns in the context of cloud adoption.

Known-knowns (tasks)

Known-knowns represent the baseline understanding and actions most organisations can confidently navigate as they embark on cloud adoption. These tasks are generally supported by extensive documentation, tutorials, and best practices outlined by cloud service providers, making them accessible to organisations regardless of their previous cloud experience. 

By mastering these foundational elements, businesses lay the groundwork for more advanced cloud strategies and optimisations, progressively building their capabilities in alignment with their growing cloud maturity. 

Here are 12 basic issues and the steps organisations can take to resolve them for scalable and high-performance delivery:

1. Cloud environments are not consistently set up.

Use automated processes and templates to create standardised cloud environments or landing zones for different environments (e.g., Sandbox, Non-Prod, Prod). This ensures consistency across different environments, streamlining onboarding and development. The organisation’s cloud presence must include a multi-account architecture that separates concerns such as billing, logging, security, workloads, and shared services.  This includes configuring single sign-on (SSO) with standard roles and registering each environment in a CMDB for compliance tracking. Cloud application environments can be shared (multi-tenant) or created for each application or portfolio (single-tenant).

2. Cloud user structures and access levels are unclear and poorly managed. Setting up a cloud user structure that delineates responsibilities and access levels, ensuring operational clarity, is a clear task. This involves creating user groups dedicated to specific functions (e.g., billing, operations, development) to facilitate management and security.

3. Source control practices are missing or inconsistently applied. Implement robust source control management for application code and infrastructure templates, ensuring version control, collaboration, and adherence to a clear Git branching model. Complement this with secure, automated management of build and deployment-time variables, leveraging encrypted storage and integrating with CI/CD tools to prevent manual errors and security breaches.

4. Deployments rely on outdated manual methods that do not scale. Leveraging "clickops" or basic deployment strategies provided out of the box by cloud platforms, such as using the cloud provider's web console to deploy and manage resources, is a common starting point. While simple to understand, this does not offer a scalable strategy for deployments.

5. DNS configuration and security lack automation and monitoring. Automating DNS configuration and provisioning, integrating it into account/vending processes, and ensuring DNS functionality can be observed and monitored contribute to a stable and responsive cloud environment. Implementing DNS security controls further safeguards against potential DNS-related vulnerabilities.

6. Logging and monitoring are insufficient for operational visibility. Implementing basic logging and monitoring capabilities offered by cloud providers to track the performance and health of cloud resources is a crucial known-known. This setup is essential for operational visibility and the early detection of issues, and also involves enabling lifecycle configuration of logs to manage cost.

7. Security and compliance practices are inconsistent and unclear. Understanding the necessity of implementing industry-standard security and compliance measures, while seeking clarity on the most effective practices, is a common known-known. This typically relies on compliance packs provided by the cloud provider or third parties that simply need to be enabled.

8. Backups are not consistently configured, and there is limited testing of restore practices. Implement automated backup and restore procedures for all cloud workloads, ensuring data is stored securely, locally and in a secondary region. Enforce retention periods and replication strategies aligned with recovery objectives, restricting access to data owners and providing comprehensive restoration playbooks. Regularly test the restoration of backups to ensure they align with recovery objectives.

9. Admin accounts are maintained “just in case”. Admin access should always be temporary and heavily monitored. Establishing a "break glass" procedure that allows privileged access in emergencies ensures there is a controlled method for gaining urgent access to systems when automated processes fail or are not feasible. This process must be protected and only permitted with appropriate authorisation and approvals. 

10. Encryption practices are applied inconsistently across systems. Utilising cloud providers' default encryption options for data at rest and in transit ensures basic security measures are in place, protecting sensitive information without the need for complex configurations.

11. Cloud platform documentation is difficult for developers to find. Creating a central repository for cloud documentation, guidelines, and best practices enables team members to access essential information for managing and operating cloud environments effectively.

12. Ephemeral environments are manually managed and prone to resource waste. Automate the creation and removal of on-demand temporary computing environments for development, testing, and training. These environments should have predefined landing zones and security controls, with automatic termination based on schedules or usage patterns to reduce costs and improve isolation.

Wrapping Up

These steps cover the essential groundwork for any cloud strategy that’s built to scale.

Getting the basics right, however, is only the beginning. 

Next, we’ll proceed to the “known-unknowns” quadrant of the uncertainty matrix, where we’ll unpack the cloud adoption areas where you know there’s a technical gap but need sharper tools and thinking to close it.

Who is Thomas?

Thomas is a highly accomplished digital transformation leader and Fractional CTO at MISSION+. With 21+ years of experience across FinTech, telco, logistics, and cloud transformation, he excels at bridging C-level strategy with actionable execution. As a prolific author, Thomas has written multiple blogs and whitepapers in which he shares his ideas around technology, project management, and problem-solving. Feel free to discuss your cloud adoption strategy with Thomas by reaching out at hello@mission.plus.