Microsoft Azure CTO Mark Russinovich discusses cloud adoption and how industry should break down the barriers that still exist
As CTO of Microsoft Azure, Mark Russinovich is in a unique position to discuss what might be preventing enterprises migrating to the cloud and at IP Expo he claimed he was speaking from the perspective of one of the largest and most complex organisations in the world – and one that has a lot of cloud to sell.
Among the barriers to cloud adoption Russinovich discussed were business culture and skillset, migration strategy, cost and governance, security, and the nuances of a hybrid cloud model.
Clash of cultures
He said one of the main cloud barriers to cloud adoption is the cultural transformation IT needs to undergo. A closer relationship between a business’ developers and its finance team can make a move to the cloud more of an obvious strategic business decision, he suggested.
Microsoft’s migration of 100 percent of the mission-critical workloads on its Treasury App to the Azure cloud platform was cited as a prime example of how such a cultural shift can attain great efficiencies.
The company’s Treasury manages Microsoft’s $100 billion in liquid assets and executes about $300 million in cash transfers across dozens of banks around the world every year.
“IT has traditionally been very risk averse and very focused on infrastructure and key performance indicators (KPIs) for how they build servers and keep uptime.
“IT needs to become a partner to the business. This means developers that are sitting side by side creating a platform for the business to deploy onto the cloud.
“The Treasury App we just migrated 100 percent to Azure. MS IT helped architect the solution, first as a ‘lift and shift’ purely to Azure and then as a modernisation to Platform-as-a-Service (PaaS).
“As part of cost savings, the Treasury App-run premises that were formerly run on 56 servers, when we moved it to the cloud, were reduced to using 21 servers. A lot of it had gone to PaaS, a lot had become elastic.
“This is an example of cultural development: ‘Let’s go solve a business problem together’, rather than ‘Here are some servers, have a nice day’. IT has to be a business partner to avoid violating corporate networks and putting the business at risk.
“The requirements of being a business partner include being focused on business outcomes rather than IT metrics. As a partner, IT is just as invested in the applications for the customer as the enterprises themselves.”
Russinovich said a hybrid model will be easier to swallow for most businesses, whereby maintaining some on-premise footprint gives a degree of reassurance when considering migration of workloads.
“Hybrid is something that’s durable, persistent and here to stay. Microsoft wants to enable enterprises to take advantage of technologies in their own data centres.
“This is why we’ve invested heavily in Azure Stack, which is the same software we run in public Azure but made so that customers can run it in their own data centres or in a hoster’s data centre.
Securing the cloud
Trust is similarly important for prospective cloud adopters. Evidence a service provider operates in a trustworthy manner can help overcome doubts that remain about the security of data stored in the cloud, Russinovich said.
“Microsoft for example fights very hard for our customer data. Among the concerns is privacy and data security, especially when it comes to law enforcement – the case in Ireland being an example, with Microsoft fighting against the US government’s attempts to get data out of a foreign country without going through due process and the law in that country.
“Once you have this confidence then there is the matter of how do I secure my applications on top of that. There are fundamental things that come with the cloud that enable the cloud to offer better security than what you can achieve on premises.
“One is identity and hybrid identity: the ability to connect your corporate identities up into the cloud and use a single identity control centre like Azure and active directory to gain access not just to your own resources but third party PaaS and SaaS resources.
“Identity is the heart of any security model. You’ve got to have a centralized identity model if you hope to have an understanding of the way that your business is operating.”