Achieving cloud excellence and efficiency with cloud maturity models
Business
leaders
worldwide
are
asking
their
teams
the
same
question:
“Are
we
using
the
cloud
effectively?”
This
quandary
often
comes
with
an
accompanying
worry:
“Are
we
spending
too
much
money
on
cloud
computing?”
Given
the
statistics—82%
of
surveyed
respondents
in
a
2023
Statista
study
cited
managing
cloud
spend
as
a
significant
challenge—it’s
a
legitimate
concern.
Concerns
around
security,
governance
and
lack
of
resources
and
expertise
also
top
the
list
of
respondents’
concerns.
Cloud
maturity
models
are
a
useful
tool
for
addressing
these
concerns,
grounding
organizational
cloud
strategy
and
proceeding
confidently
in
cloud
adoption
with
a
plan.
Cloud
maturity
models
(or
CMMs)
are
frameworks
for
evaluating
an
organization’s
cloud
adoption
readiness
on
both
a
macro
and
individual
service
level.
They
help
an
organization
assess
how
effectively
it
is
using
cloud
services
and
resources
and
how
cloud
services
and
security
can
be
improved.
Why
move
to
cloud?
Organizations
face
increased
pressure
to
move
to
the
cloud
in
a
world
of
real-time
metrics,
microservices
and
APIs,
all
of
which
benefit
from
the
flexibility
and
scalability
of
cloud
computing.
An
examination
of
cloud
capabilities
and
maturity
is
a
key
component
of
this
digital
transformation
and
cloud
adoption
presents
tremendous
upside.
McKinsey
believes
it
presents
a
USD
3
trillion
opportunity
and
nearly
all
of
responding
cloud
leaders
(99%)
view
the
cloud
as
the
cornerstone
of
their
digital
strategy,
according
to
a
Deloitte
study.
A
successful
cloud
strategy
requires
a
comprehensive
assessment
of
cloud
maturity.
This
assessment
is
used
to
identify
the
actions—such
as
upgrading
legacy
tech
and
adjusting
organizational
workflows—that
the
organization
needs
to
take
to
fully
realize
cloud
benefits
and
pinpoint
current
shortcomings.
CMMs
are
a
great
tool
for
this
assessment.
There
are
many
CMMs
in
practice
and
organizations
must
decide
what
works
best
for
their
business
needs.
A
good
starting
point
for
many
organizations
is
to
engage
in
a
three-phase
assessment
of
cloud
maturity
using
the
following
models:
a
cloud
adoption
maturity
model,
a
cloud
security
maturity
model
and
a
cloud-native
maturity
model.
Cloud
adoption
maturity
model
This
maturity
model
helps
measure
an
organization’s
cloud
maturity
in
aggregate.
It
identifies
the
technologies
and
internal
knowledge
that
an
organization
has,
how
suited
its
culture
is
to
embrace
managed
services,
the
experience
of
its
DevOps
team,
the
initiatives
it
can
begin
to
migrate
to
cloud
and
more.
Progress
along
these
levels
is
linear,
so
an
organization
must
complete
one
stage
before
moving
to
the
next
stage.
-
Legacy:
Organizations
at
the
beginning
of
their
journey
will
have
no
cloud-ready
applications
or
workloads,
cloud
services
or
cloud
infrastructure. -
Ad
hoc:
Next
is
ad
hoc
maturity,
which
likely
means
the
organization
has
begun
its
journey
through
cloud
technologies
like
infrastructure
as
a
service (IaaS),
the
lowest-level
control
of
resources
in
the
cloud.
IaaS
customers
receive
compute,
network
and
storage
resources
on
an
on-demand,
over
the
internet,
pay-as-you-go
pricing
basis. -
Repeatable:
Organizations
at
this
stage
have
begun
to
make
more
investments
in
the
cloud.
This
might
include
establishing
a
Cloud
Center
of
Excellence
(CCoE)
and
examining
the
scalability
of
initial
cloud
investments.
Most
importantly,
the
organization
has
now
created
repeatable
processes
for
moving
apps,
workstreams
and
data
to
the
cloud. -
Optimized:
Cloud
environments
are
now
working
efficiently
and
every
new
use
case
follows
the
same
foundation
set
forth
by
the
organdization. -
Cloud-advanced:
The
organization
now
has
most,
if
not
all,
of
its
workstreams
on
the
cloud.
Everything
runs
seamlessly
and
efficiently
and
all
stakeholders
are
aware
of
the
cloud’s
potential
to
drive
business
objectives.
Cloud
security
maturity
model
The
optimization
of
security
is
paramount
for
any
organization
that
moves
to
the
cloud.
The
cloud
can
be
more
secure
than
on-premises
data
centers,
thanks
to
robust
policies
and
postures
used
by
cloud
providers.
Prioritizing
cloud
security
is
important
considering
that
public
cloud-based
breaches
often
take
months
to
correct
and
can
have
serious
financial
and
reputational
consequences.
Cloud
security
represents
a
partnership
between
the
cloud
service
provider
(CSP)
and
the
client.
CSPs
provide
certifications
on
the
security
inherent
in
their
offerings,
but
clients
that
build
in
the
cloud
can
introduce
misconfigurations
or
other
issues
when
they
build
on
top
of
the
cloud
infrastructure.
So
CSPs
and
clients
must
work
together
to
create
and
maintain
secure
environments.
The
Cloud
Security
Alliance,
of
which
IBM®
is
a
member,
has
a
widely
adopted
cloud
security
maturity
model
(CSMM).
The
model
provides
good
foundation
for
organizations
looking
to
better
embed
security
into
their
cloud
environments.
Organizations
may
not
want
or
need
to
adopt
the
entire
model,
but
can
use
whichever
components
make
sense.
The
model’s
five
stages
revolve
around
the
organization’s
level
of
security
automation.
-
No
automation:
Security
professionals
identify
and
address
incidents
and
problems
manually
through
dashboards.
-
Simple
SecOps:
This
phase
includes
some
infrastructure-as-code
(IaC)
deployments
and
federation
on
some
accounts.
-
Manually
executed
scripts:
This
phase
incorporates
more
federation
and
multi-factor
authentication
(MFA),
although
most
automation
is
still
executed
manually.
-
Guardrails:
It
includes
a
larger
library
of
automation
expanding
into
multiple
account
guardrails,
which
are
high-level
governance
policies
for
the
cloud
environment. -
Automation
everywhere:
This
is
when
everything
is
integrated
into
IaC
and
MFA
and
federation
usage
is
pervasive.
Cloud-native
maturity
models
The
first
two
maturity
models
refer
more
to
an
organization’s
overall
readiness;
the
cloud-native
maturity
model
(CNMM)
is
used
to
evaluate
an
organization’s
ability
to
create
apps
(whether
built
internally
or
through
open
source
tooling)
and
workloads
that
are
cloud-native.
According
to
Deloitte,
87%
of
cloud
leaders
embrace
cloud-native
development.
As
with
other
models,
business
leaders
should
first
understand
their
business
goals
before
diving
into
this
model.
These
objectives
will
help
determine
what
stage
of
maturity
is
necessary
for
the
organization.
Business
leaders
also
need
to
look
at
their
existing
enterprise
applications
and
decide
which
cloud
migration
strategy
is
most
appropriate.
Most
“lifted
and
shifted”
apps
can
operate
in
a
cloud
environment
but
might
not
to
reap
the
full
benefits
of
cloud.
Cloud
mature
organizations
often
decide
it’s
most
effective
to
build
cloud-native
applications
for
their
most
important
tools
and
services.
The
Cloud
Native
Computing
Foundation
has
put
forth
its
own
model.
-
Level
1
–
Build:
An
organization
is
in
pre-production
related
to
one
proof
of
concept
(POC)
application
and
currently
has
limited
organizational
support.
Business
leaders
understand
the
benefits
of
cloud
native
and,
though
new
to
the
technology,
team
members
have
basic
technical
understanding.
-
Level
2
–
Operate:
Teams
are
investing
in
training
and
new
skills
and
SMEs
are
emerging
within
the
organization.
A
DevOps
practice
is
being
developed,
bringing
together
cloud
engineers
and
developer
groups.
With
this
organizational
change,
new
teams
are
being
defined,
agile
project
groups
created
and
feedback
and
testing
loops
established.
-
Level
3
–
Scale:
Cloud-native
strategy
is
now
the
preferred
approach.
Competency
is
growing,
there
is
increased
stakeholder
buy-in
and
cloud-native
has
become
a
primary
focus.
The
organization
is
beginning
to
implement
shift-left
policies
and
actively
training
all
employees
on
security
initiatives.
This
level
is
often
characterized
by
a
high
degree
of
centralization
and
clear
delineation
of
responsibilities,
however
bottlenecks
in
the
process
emerge
and
velocity
might
decrease. -
Level
4
–
Improve:
At
level
4,
the
cloud
is
the
default
infrastructure
for
all
services.
There
is
full
commitment
from
leadership
and
team
focus
revolves
heavily
around
cloud
cost
optimization.
The
organization
explores
areas
to
improve
and
processes
that
can
be
made
more
efficient.
Cloud
expertise
and
responsibilities
are
shifting
from
developers
to
all
employees
through
self-service
tools.
Multiple
groups
have
adopted
Kubernetes
for
deploying
and
managing
containerized
applications.
With
a
strong,
established
platform,
the
decentralization
process
can
begin
in
earnest. -
Level
5
–
Optimize:
At
this
stage,
the
business
has
full
trust
in
the
technology
team
and
employees
company-wide
are
onboarded
to
the
cloud-native
environment.
Service
ownership
is
established
and
distributed
to
self-sufficient
teams.
DevOps
and
DevSecOps
are
operational,
highly
skilled
and
fully
scaled.
Teams
are
comfortable
with
experimentation
and
skilled
in
using
data
to
inform
business
decisions.
Accurate
data
practices
boost
optimization
efforts
and
enables
the
organization
to
further
adopt
FinOps
practices.
Operations
are
smooth,
goals
outlined
in
the
initial
phase
have
been
achieved
and
the
organization
has
a
flexible
platform
that
suits
its
needs.
What’s
best
for
my
organization?
An
organization’s
cloud
maturity
level
dictates
which
benefits
and
to
what
degree
it
stands
to
gain
from
a
move
to
the
cloud.
Not
every
organization
will
reach,
or
want
to
reach,
the
top
level
of
maturity
in
each,
or
all,
of
the
three
models
discussed
here.
However,
it’s
likely
that
organizations
will
find
it
difficult
to
compete
without
some
level
of
cloud
maturity,
since
70%
of
workloads
will
be
on
the
cloud
by
2024,
according
to
Gartner.
The
more
mature
an
organization’s
cloud
infrastructure,
security
and
cloud-native
application
posture,
the
more
the
cloud
becomes
advantageous.
With
a
thorough
examination
of
current
cloud
capabilities
and
a
plan
to
improve
maturity
moving
forward,
an
organization
can
increase
the
efficiency
of
its
cloud
spend
and
maximize
cloud
benefits.
Advancing
cloud
maturity
with
IBM
Cloud
migration
with
IBM®
Instana®
Observability
helps
set
organizations
up
for
success
at
each
phase
of
the
migration
process
(plan,
migrate,
run)
to
make
sure
that
applications
and
infrastructure
run
smoothly
and
efficiently.
From
setting
performance
baselines
and
right-sizing
infrastructure
to
identifying
bottlenecks
and
monitoring
the
end-user
experience,
Instana
provides
several
solutions
that
help
organizations
create
more
mature
cloud
environments
and
processes.
However,
migrating
applications,
infrastructure
and
services
to
cloud
is
not
enough
to
drive
a
successful
digital
transformation.
Organizations
need
an
effective
cloud
monitoring
strategy
that
uses
robust
tools
to
track
key
performance
metrics—such
as
response
time,
resource
utilization
and
error
rates—to
identify
potential
issues
that
could
impact
cloud
resources
and
application
performance.
Instana
provides
comprehensive,
real-time
visibility
into
the
overall
status
of
cloud
environments.
It
enables
IT
teams
to
proactively
monitor
and
manage
cloud
resources
across
multiple
platforms,
such
as
AWS,
Microsoft
Azure
and
Google
Cloud
Platform.
The
IBM
Turbonomic®
platform
proactively
optimizes
the
delivery
of
compute,
storage
and
network
resources
across
stacks
to
avoid
overprovisioning
and
increase
ROI.
Whether
your
organization
is
pursuing
a
cloud-first,
hybrid
cloud
or
multicloud
strategy,
the
Turbonomic
platform’s
AI-powered
automation
can
help
contain
costs
while
preserving
performance
with
automatic,
continuous
cloud
optimization.
Explore
IBM
Instana
Observability
Explore
IBM
Turbonomic
Was
this
article
helpful?
YesNo
Comments are closed.