A significant amount of time has passed since my last article on this topic. One of the exceptional qualities of humans is that we can adapt and look for innovative ways to deal with new situations. Initially, organizations were looking at interim solutions to weather out the pandemic, but as time has passed the focus has moved to make many of these solutions permanent and operationalize them in a manner that will continue even when the pandemic has ended.

Technologies that enable virtual collaboration and provide productivity tools like Desktop as a Service (DaaS) etc. have now become normal and will probably remain the same once the pandemic is over. Instead of planning for the post-pandemic, businesses have moved to a permanent portfolio of offerings and models that will greatly remain unchanged post-COVID-19. As a key enabler of these business capabilities, the CIO organization must shift to a solution that will support business not as an interim but as a permanent solution.

All of the technology and IT services companies now try to differentiate themselves from the competition by proving their effectiveness and capabilities in remote and virtual environments. The focus of the CIO organization is now to carefully evaluate and choose products and services that will realize significant business value without accumulating huge technical debt.

Prepare for a glide path to the post-pandemic digital model

“Digital”, “Virtual”, “Contactless”, “Virtual Agile” and a few more similar buzz words are used by organizations to showcase how they are delivering services. To accomplish any of these conditions requires a significant change in tools, processes, and operating procedures. CIOs will play a significant role in enabling these capabilities for their business by:

1. Think Hybrid Cloud Hosting: While some businesses can fulfill all of their requirements through one cloud vendor, many will not, or at least not without significantly changing their tools, applications, and processes and incurring a major financial burden in doing so. My advice to CIOs is to have their architects and SMEs:
   • Evaluate and rank requirements for their workloads against the major cloud vendors and rate them by native capabilities of that cloud, ability to host in your preferred geography, ease of transition, and operations.
   • Group your findings to rationalize workloads in no more than three cloud environments plus on-prem.
   • Use the output from this exercise to select tools that will enable operations in this hybrid cloud.
2. Tools For Hybrid Cloud Operations: Automation and tools that provide a common operating layer on top of a hybrid cloud environment will be the key to deliver the efficiencies that business requires. Things and technologies to consider are:
   • Service Mesh: Use service mesh to handle communications between various discreet services across the hybrid cloud is the best approach especially if you are moving towards a microservices architecture for your cloud-native apps.  To operate efficiently in hybrid cloud, plan to implement the microservice architecture. Use service mesh to handle inter-services interaction and communications.  Service Mesh tools will enable anywhere from service discovery and load balancing to encryption, authentication, and other security guardrails to comply with customer’s SLAs and security/compliance requirements.
   • Hybrid Cloud Portal: Select a portal environment that will provide a simple unified interface to operation’s personal and business users without the complexity of a hybrid cloud. Alternatively plan to build your own portal if you cannot identify one that meets your needs; however, I will strongly suggest staying away from this option.
   • Operations Automation: To make themselves more attractive and relevant, cloud vendors are constantly adding new features and automation as part of their native services. CIO organization should make it a priority to automate routine operations tasks and cyclic processing using automation templates and Robotic Process Automation (RPA). Enough data has been captured since the start of the pandemic to use and build Machine Learning (ML) models to implement self-healing as a solution to commonly occurring issues and reduce downtime and operations cost.
3. Democratize Data: To go truly “Digital” business will need access to all data in one place or at least have the ability to access all of the data without having to go through the complexity of moving from one data source to another. The goal should be to pour all data in a data lake or data swamp with proper security measures and data governance models, it is OK if an adjacent ERP data warehouse is maintained for any reason. To fully realize the value of your data it will be important to implement tools that will allow for self-service analytics and access to harmonized data irrespective of where the data resides within the cloud.
4. Security, Security, Security: While cloud vendors have gone through considerable lengths to secure their environments, hackers are finding new ways to breach them. Instead of adding security as a layer to the environment, enforce security as a core part of everything you do. Think DevSecOps and not DevOps. Coupled with proper data governance and access models, organizations will be able to greatly reduce their security risk. As tools alone cannot guarantee security, CIOs must select tool vendors who will go beyond their product and help implement best practices to audit and enforce security and compliance.
5. Application Development:
   • Virtual Agile Development: At the start of the pandemic, organizations patched their processes and tools to enable a virtual development model. As the virtual operating model has now normalized, many organizations have streamlined and mastered the art of agile development in the virtual model. When choosing a development partner, CIOs must evaluate vendors based on their success in delivering DevSecOps in a secure virtual agile delivery model. Additionally, since the code is delivered in the cloud, part of this DevSecOps model should be Infrastructure as code (IAC) to automate deployment in the cloud.
   • Containers and APIs: Recognizing the need for hybrid clouds, many vendors have extended their container capabilities to work seamlessly across multiple cloud environments. CIO organizations should choose a vendor who has a container management tool that will make use of a hybrid environment instead of just operating in one environment. This will enable “Digital” capabilities by using workloads across multiple infrastructure environments. This coupled with service mesh will realize business benefits that were untapped up until now.
6. Cost Control: Last but not the least, if not properly managed and controlled, the complexity of this new norm, can become very costly. Careful assessment of the pricing structure of each cloud vendor must be performed to understand their pricing model and variables that contribute to that model. Unless there is enough talent available in-house, CIOs must engage service providers who have mastered and developed automation that will enforce best practices to maximize savings in cloud consumption. CIOs must also demand that they have visibility to audit reports or a dashboard that shows current consumption and identifies inefficiencies that must be resolved.

While this is not an exhaustive list of the CIO agenda, these recommendations should be used as a foundation to build a detailed plan.