by Adam C. Greenfield
While many healthcare organizations are on their way to cloud migration, or in the cloud but deploying a few small workloads, other organizations have been in the cloud for a of couple years now. Specifically, health insurers in year two are a significant subset of healthcare in the cloud; they are experiencing certain pain points at this point in their evolution, moving from experimental first year cloud projects toward cloud-as-a-business-unit processes and practices. Here are three best practices insurers in their second or third year of cloud can embrace to improve success.
#1 Turn Your Early Wins into Documented, Repeatable Processes
In year one on the cloud, you were bound to have had several great success stories. Perhaps you solved a business problem, or deployed faster than you ever thought you could, or met a big project deadline on scope and spec—these are just a few of the ‘win’ stories we see organizations encounter in their first year in the cloud. Now is the time to learn from and lean into these wins. Try to understand what you accomplished, find the processes that led to these wins, and make those processes as repeatable as possible. If you had Java developers build a new application and they got it tested and deployed really quickly, use it to build a quick start guide as part of your internal documentation. They can replicate the process for other Java builds, or other developers working with other languages can use this to learn from rather than starting from scratch. People get excited and go fast and don’t always stop to document wins that can be easily replicated. But if they do document, they can amplify the power of those early wins.
Also, year two is still early enough in the cloud journey to build passionate champions within your organization by shining a spotlight on the ones who are having early successes. So, in addition to bolstering your processes, you are building champions who will integrate and share knowledge in your organization, ingraining these processes for future success.
#2 Mature your Metrics and Dashboards to Align Operational and Financial Metrics
In addition to thinking about building processes around those success stories, it’s also time to mature your metrics and dashboards. Many common DevOps or Cloud Native aligned methodologies focus on generating and capturing operational metrics, providing a wealth of raw data to work with. You will have accumulated enough data to now build out operational and financial efficiencies. Those metrics – operational and financial - tend to align very closely. If you can build a good operational dashboard, you’ll get financial value out of that and vice versa.
By the time you hit year two, you should inherently be planning for the dashboard metrics and compliance metrics around your environment as part of your process when you deploy new workloads. You can use tools and experienced partners to accelerate your success, including ClearDATA Comply™, our SaaS compliance management software that provides a 24/7 view into your compliance posture as well as automated safeguards to keep you in compliance both from the start and if you begin to drift out. Comply generates consistent artifacts across different cloud environments and workloads, making reporting and creating audit trails a much lighter lift.
Figure 1. Comply provides customizable reporting that can be filtered by standard or regulation, account, service, as well as timeframe.
There’s an analogy in ITIL circles, “Electrify the Fence” referring to the methods of cattle ranching where ranchers would electrify the fence so if the cow began to wander out of the pasture in which it belonged it was immediately alerted to return inside the fence. These days on cloud there are automated tools, such as ClearDATA Comply automated safeguards that protect you across hundreds of cloud services and controls by automatically enforcing the appropriate technical controls for different cloud services, along with continuing to evaluate those services throughout the lifecycle of your application and identify and remediate if there are non-compliant actions. These are integrated into Comply, giving you a single pane of glass that automates, remediates, and demonstrates your compliance posture.
Figure 2. Comply provides compliance status for all of your accounts across AWS, Azure, and Google Cloud within a single frame.
You can also use cloud cost optimization tools here to set up alerts so if someone deploys a workload that isn’t healthy or that uses too much compute, you’ll be alerted so you can fix it rather than paying for more compute than you need. There are wonderful automated guardrails in the cloud and by year two these should be deeply integrated into your environment so you can manage your environment from cradle to grave. Patterns emerge and you will have ideas of your projects should look like so it will become obvious on your dashboards if something is out of alignment. With the right dashboards, outliers that cause your metrics to skew will become quickly evident and can also be quickly corrected. The cloud has made it much easier than traditional datacenter approaches to put these business analytics tools to use to benefit your organization.
#3 Mature a Governance Policy for Operating in the Cloud
The third best practice is to mature your governance policy for operation in the cloud, because at this point you should move past the earlier practices that frequently see single-champion driven cloud deployments. You should have a good process that spans several business units to evaluate your workloads, determine technologies you want to use and the locations for those, and approval processes as workloads are brought into production. You want to integrate the cloud deeply into your operational processes. A common mistake I see when talking with organizations in their second or third year in the cloud, is they are still threading their cloud workloads through a small handful of people. If it’s a project you can have a champion and a helper, but by year two it needs to be integrated into the business process, supported by a set of core business teams, enterprise IT security and compliance processes, or a Center of Excellence route.
Year two is going to bring increased scrutiny and attention. You can expect your CFO to be asking questions. Your finance team is going to be asking how to charge back effectively, how to review vendor agreements responsibly, and more. Cloud will be viewed differently as it moves from project-based to business processes and your CFO is going to want to have a least a tab in the budget spreadsheet that talks about cloud economics and measures what your status is.
It’s a natural progression as year one’s anecdotal success stories get out there in your organization, that you will generate increased awareness and interest in your cloud strategy. Plan now to build a mature process so you can handle these nature occurrences – the scrutiny and attention – to your advantage and build out organization wide support for your cloud business.
If your organization is prone to going into firefighting mode, you could handle the attention and scrutiny that comes in year two in that manner, but it will waste time and money and be harder to scale and sustain your success. So, use these three best practices now to build for a stronger future in the cloud. Some organizations had heavy planning in year one, but many used a more experimental approach. That needs to be matured in year two. You’ll be glad you did.