Cost savings is still the #1 reason organizations are adopting cloud services. In theory, reducing capital expenditures for data centers, hardware, software and staff frees up capital. Adoption of less costly cloud-services becomes the new operating model. The cost savings can then be redirected to meet budgetary shortfalls, fund new initiatives, or even a short-term bump in operating margins.
Despite cost savings being the popular metric for measuring business success, emerging complexities associated with hybrid IT, Cloud, and multi-cloud environments are still impacting the rate of adoption by organizations. Cost control is becoming more difficult, cybersecurity challenges are increasing, compliance requirements multiply, new third-party vendor risks emerge, and even SaaS adoption is contributing to unanticipated cost growth.
Let’s take a brief look at how each of these factors can negatively impact your expected cloud cost savings.
STRATEGY, TOTAL OPERATING COSTS AND COST CONTROL
Nearly half of the IT Professionals responding to a recent survey found cloud infrastructure cost control was their greatest challenge. Executives expecting cloud-based cost savings are discovering unchecked cloud growth and project cost overruns are depleting the forecast savings. Organizations without an established cloud strategy typically do not have an active IT governance process either. Establishing processes for total operating cost estimates, requirements for cloud monitoring, Shadow IT policies, and an established cost control framework are key elements in a successful cost controls strategy.
CYBERSECURITY CHALLENGES CONTINUE TO INCREASE
Securing sensitive and mission critical data isn’t any getting easier. Over 4 billion records were hacked in 2016.  The ever-evolving threat landscape requires constant vigilance by cybersecurity staff and service providers. With over 5,000 security products on the market, assembling a DIY combination of staffing, cloud management and security tools is time consuming and expensive. And as we highlighted in our Public Cloud Shared Responsibility Model webinar on June 1st, moving to the cloud doesn’t alleviate your organization from security responsibilities – whether IaaS, PaaS or SaaS. Security concerns continue to drive organizations towards delaying cloud deployments while continuing to make expensive investments in data centers, postponing potential cost savings.
COMPLIANCE AND PERPETUAL CHANGE
Compliance requirements come in many forms depending on your industry vertical. With regulations constantly changing, maintaining compliance with Sarbanes-Oxley, HIPAA, PCI, emerging GDPR regulations and others is a complex, ongoing effort. As Hybrid IT and multi-cloud environments are added to your organizations portfolio, they must be integrated into your Compliance strategy. In addition to the internal cost of compliance, the cost of a non-compliance event can rival the cost of a data breach. 
THIRD PARTY VENDOR RISK
The recent Verizon AWS S3 data breach demonstrates the risk associated with outsourcing cloud management to a third-party vendor. With a single incorrect AWS S3 setting, the Managed Service Provider (MSP) exposed millions of Verizon’s customer’s data.  With the average cost of a data breach reaching $9.5M, organizations must carefully weigh the expected cost savings gained against the expense associated with a third-party caused data breach.
CUSTOMIZING SaaS APPLICATIONS
With SaaS adoption leading all other cloud platforms, there’s an emerging trend that can erase expected cost savings: SaaS customization. Increasingly companies offer SaaS solutions built to run on their OEM cloud platform. Instead of telling customers to change business processes, these vendors willingly help modify the product to fit existing customer processes. Having witnessed this firsthand, there’s a lock-in with both the OEM cloud platform and an expensive third party support/maintenance agreement. Choosing the platform with features approximating your business model with minimal changes to the SaaS functionality may help avoid cost growth when selecting a SaaS vendor.
We’ve covered several factors that can negatively impact expected cloud cost savings. Executive Leaders have high expectations for cloud computing projects that in many cases aren’t being met. Struggles with cost control, an increasing security threat landscape, continually evolving compliance requirements, and strategic sourcing decisions for third party product and service providers represent continuous tactical and strategic challenges for organizations.
Brookey & Company recommends these tips for Executive Leaders:
- If you do not have a cloud strategy in place, form a team of technical and business stakeholders immediately. Give the team a realistic deadline for completion of your cloud strategy. If you don’t have the in-house resources or skills, invest in external resources to get a plan established.
- Already have a cloud strategy? When was the last update? Are you using Key Performance Indicators to measure progress? Are you getting the maximum benefit from your cloud investments?
- Does your organization have an IT governance process in place? Are meetings held on a scheduled basis? Ad hoc? If not, establish the governance membership. Ensure representation across your organization to include Finance, Risk & Compliance, IT Operations and Cybersecurity, Strategic Sourcing/Procurement, Legal, and Engineering Product Development. Set the agenda and meet on a pre-scheduled basis with allowance for ad hoc “emergency” meetings.
- Establish a time-phased IT Roadmap to chart your cloud journey. Identify cloud-ready applications and workloads early in the Roadmap. Use cost savings to expedite projects to retire and replace data center based-legacy applications to further decrease IT operating costs.
- Ensure the Executive team and Board of Directors understand the complexity of cloud when providing directives like cloud quotas. Data center and cloud teams must be in-sync to effectively execute on the Cloud Strategy.
- Using the cloud strategy as the framework to set budget and resource priorities to meet the organization’s business agility and innovation needs.
Establishing your Cloud Strategy, IT Roadmap and Governance process is an investment in future cost savings. You’ll save time and money by avoiding ad hoc reevaluation and analysis of every new project/product someone in the organization wants to consider.
 "Cloud Survey: 96 Percent of IT Professionals Feel Cloud Could Use a 'Makeover'", Fugue, June 28, 2017
 Weisbaum, Herb "More Than 4 Billion Data Records Were Stolen Globally in 2016", January 30, 2017
 "The True Cost of Compliance, A Benchmark Study of Multinational Organizations" Ponemon Institute LLC, January 2011
 Whitaker, Zach, "Millions of Verizon Customer Records Exposed in Security Lapse", ZDNet, July 12, 2017
 "2016 Cost of Cyber Crime Study & the Risk of Business Innovation" Ponemon Institute LLC, October 2016