Assess and address common mistakes
One big advantage of cloud services is that they enable users to buy services easily and directly. This is also a risk.
"Nearly half of IT spending on the cloud is outside of the IT budget. That means the IT department, in many cases, is unaware of the spending and can't apply practices and risk mitigation steps," says Mishra. "In the era of the General Data Protection Regulation (GDPR) and other data compliance regulations, unsanctioned use of cloud services can be a serious threat to organizations."
SPVM leaders must keep those risks and others in mind before they choose a cloud provider. "Consider current and future security, compliance and regulatory requirements to ensure cloud IaaS does not pose a risk to the business," Mishra adds.
Have your must-have list ready
A lot of organizations struggle to accept the standard terms and conditions of public cloud IaaS contracts. The most challenging factor is likely to be location, as deals across different geographies introduce risks such as varying contractual practices and unfamiliarity with local systems.
"SVPM leaders have to assess their organization's main areas of concern first and create a must-have list," says Mishra. "The second step is to identify the associated terms and conditions in the IaaS agreements and see if they address concerns or need to be renegotiated."
For example, every contract should contain customized end-of-term agreements for moving data back in-house or to another provider. The standard termination notice is 30 days, which may be insufficient for big amounts of data.
Uncover hidden costs and total cost of ownership (TCO)
Cost reduction is a leading driver of public cloud IaaS adoption. In a recent Gartner survey, the majority of respondents considered cost savings as one of the main reasons for moving to the cloud. However, the ROI often is not as obvious as expected and needs to be carefully analyzed. Add-ons, data transfer, security, backups and many other small but necessary capabilities create a pile of hidden costs.
"Having a good understanding of hidden costs is extremely important to create an accurate business case and estimate TCO. SVPM leaders should develop best, realistic and worst-case scenarios, and include historical data to verify whether or not the calculated future demand is what they think it is," Mishra adds.