Although no longer a frontier technology, the cloud remains the driving force behind the digital evolution of organizations. In the era of AI transformation, new challenges and needs emerge, yet investment in the cloud continues to grow (+24% in 2024, according to the PoliMI Observatory), confirming its strategic relevance. In this article, we will identify the key areas to address to build a cloud strategy that meets the current needs of businesses.
The context has changed dramatically compared to ten years ago. While cloud migration was once primarily driven by the need to improve efficiency and streamline costs compared to on-premise models, today, the cloud has become the main driver of business innovation.
The increase in spending is mainly due to the need to quickly integrate artificial intelligence into business operations, recognizing it’s crucial for competitive advantage. Moreover, compared to earlier implementations, technological advances and the emergence of innovative cloud models have broadened the options available to companies, making the definition of an effective strategy more complex.
Below is a guide on how to develop a robust cloud strategy that takes into account not only the new role of the cloud but also today’s major trends.
A successful cloud strategy has always started with defining its objectives, which, as mentioned, are not necessarily the same as they were ten years ago. Today, companies are focused on a strategic use of the cloud to accelerate innovation, enhance analytical capabilities and decision-making processes, improve customer experience, and increase operational agility.
But how can one concretely define the objectives of a migration – or rather, transformation – towards the cloud? Here are some possible actions:
In recent years, companies have increasingly leaned towards hybrid and multicloud models because no single approach can meet that optimal mix of flexibility, scalability, security, and data control that many companies desire. However, choosing the most suitable cloud model requires a thorough analysis. Some key points to consider are:
As previously mentioned, many companies are intensifying their investments in the cloud to support their AI transformation. The strategy should be based on a rigorous identification of high-impact use cases, prioritizing those that offer a quick ROI, such as predictive monitoring or process automation.
At this point, it becomes essential to choose which AI services from cloud providers to adopt, starting (in the realm of generative AI) with pre-trained solutions to eventually evolve towards customized models. From an economic perspective, the strategy should aim to balance initial investments with long-term benefits, considering both the direct costs of technologies and the indirect costs related to training and managing change.
In recent years, cost optimization has become a priority for companies adopting the cloud. The concern of not being able to predict costs accurately has led to the phenomenon of repatriation, i.e., the transfer of some applications, data, and workloads from public clouds to private infrastructures.
Managing costs thus becomes a key component of every cloud strategy. It is essential to evaluate fixed costs, such as those related to private infrastructure and the necessary management skills, as well as variable costs associated with the public component of hybrid models. Moreover, some costs often escape planning, such as those related to data traffic between cloud and on-premise systems. These aspects are at the forefront for modern CIOs, who fear exhausting annual budgets sooner than expected.
Security and compliance are pillars of a modern cloud strategy, as cyber threats evolve and regulations become increasingly stringent. Protecting data and ensuring operational continuity are fundamental to reducing legal risks, as well as economic and reputational damages. To develop a robust security and compliance strategy, it is necessary to consider the following:
Understanding which laws and regulations the company is subject to (e.g., GDPR, NIS 2, HIPAA, etc.) is crucial in order to select and implement the necessary measures.
Adopting hybrid or multicloud models requires a more intricate management of security policies, since data and applications reside in different environments with varying security and protection rules.
If one of the objectives of the cloud transformation is to enable hybrid work forms, security must be even more stringent, with rigorous access policies, endpoint protection, and secure remote access solutions.
Depending on the type of data (financial data, personal information, etc.), specific protection and encryption solutions are necessary.
Cyber threats continuously evolve, increasing in both number and severity. It is therefore essential to monitor the threat landscape and adapt the security strategy to respond in a timely and adequate manner.
In recent years, sustainability has become a central element in cloud strategies. It can represent a specific objective or, at the very least, a key factor to consider. Optimizing resource usage, relying on providers with efficient infrastructures, and adopting green strategies for cloud computing is not only a responsible choice but also a competitive advantage and an increasingly relevant requirement for compliance with ESG regulations.