The rate of cloud adoption was rapid even before the pandemic hit. Now, it has increased exponentially due to the greater need to adapt to working remotely. IDG reported that in 2020, 81% of organizations were already using cloud computing or had applications in the cloud compared to 73% in 2018; and that 92% of organizations’ total IT environment was at least somewhat in the cloud.

Since these figures are climbing fast, it begs the question: How can organizations optimize their cloud usage?

The answer lies within their management and balance of cost, efficiency, and security.

Optimization 1: Eliminate High Costs and Waste

Escalating cloud costs and wasted spend has become commonplace in the rush to shift workloads to the cloud. According to the Flexera 2021 State of the Cloud Report, 61% of organizations planned to optimize cloud costs, making it the top initiative for the fifth year in a row. Optimizing cloud costs boils down to two related things—ensuring optimal application placement and implementing cost control measures through governance.

  • Balancing value and risk is crucial to determining the total cost of ownership (TCO) of your applications. Prioritize software-as-a-service (SaaS) where possible, followed by platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS).

    PaaS is preferred for most custom applications, as it eliminates the burden of maintaining OS’s and other infrastructure. Platform and infrastructure patching and updates are taken care of for you, and your team can concentrate on delivering application capabilities.

  • Poor IT-Business alignment is often the underlying cause of waste. Ensure better alignment by populating the cloud governance function with leaders from IT, Business, Finance, and Procurement—each with clear roles and responsibilities in relation to cloud configuration and growth.

IT should act as a guide and broker by establishing enterprise-wide best practices, tools, and processes to help optimize costs as well as application performance. Business units should be held accountable for their team’s cloud spend, and they should take proactive steps to leverage IT’s guidelines and best practices. And Finance and Procurement should lead the way in negotiations, budgeting, and vendor management.

IT must shed its reputation as simply a cost center; it is and will be an “optimization center.” That means less time keeping the lights on and more time innovating and driving business results.

Optimization 2: Boost Efficiency, Productivity, and Speed with DevOps

The move to cloud requires a concerted overhaul on how you do things, and this allows you to adopt new ways of working and improved methodologies—like DevOps (or DevSecOps). The Redgate 2021 State of Database DevOps report found a significant increase in DevOps adoption due to the pandemic, with 74% of organizations stating that they already had some adoption.

DevOps emphasizes collaboration, continuous improvement, accountability, transparency, and automation—all of which are enabled by the cloud. This minimizes miscommunication while ensuring more stable and higher quality deployment of deliverables. The transparency of DevOps allows teams to minimize downtime and resolve issues faster, while automation reduces complexity and errors when incidents occur.

So, what’s next in enabling your organization’s cloud usage optimization and DevOps adoption?

Start small. Form a “cloud services organization” or “Center of Excellence” to lead DevOps adoption and all cloud-related initiatives. The group’s responsibilities should include the following:

  • Managing relationships with the Business and other stakeholder organizations
  • Developing, releasing, and operating services
  • Managing virtual environment
  • Overseeing cloud infrastructure—infrastructure architecture, engineering, and deployment; operations management; and integration and automation management

This cloud services organization should have dedicated resources, with the option to draw from existing IT infrastructure services teams.

Optimization 3: Strengthen Security

Tessian reported that human error is responsible for 88% of cloud data breaches. People (via social engineering) remain the weakest link in many organizations. But note that most cloud providers offer a host of built-in security services. In fact, Salesforce found that 94% of organizations claimed they saw an improvement in security after moving their data to the cloud.

The greatest way to strengthen security is to run security yourself and ensure the proper security controls are in place. So, here are some key security questions to consider:

What does access look like?
Who has permission to access from an administrator role?
What controls does your IaaS/PaaS program need, and are they available to you as needed?
Are there gaps in terms of security roles and responsibilities provided by your cloud vendor—and is your security team ready to cover them?
Do you have the right types of firewalls in place, and are the settings right for each use case?
Who has access to change the firewall settings?
What ports do you have open or closed on each server?
What application programming interfaces (API) are available for your cloud environment—and how are they configured?

Note that several of these considerations are simplified when hosting your applications on a PaaS; one reason this is preferred over IaaS implementations.

It would help if you also implemented multi-factor authentication (MFA); and to monitor data movement across the environment so that you can identify any anomalous behavior quickly. This is where the future of AI for monitoring, alerts, and automation will be especially valuable.

Approaching providers with an auditor’s mindset is the first step to better cloud security. Know everything about your data—what it is, where it sits, how it moves, and who moves it. Take the lead on security by demanding contractual and configuration security requirements and accountability at the negotiation stage with vendors.

To ensure your cloud strategy is successful and that it can withstand future workforce disruptions, have a clear optimization objective and thorough understanding of the tools and capabilities to meet that objective. For more information, visit our website and look at our Cloud Strategy & Migration capabilities.

Read our strategy brief, The Cloud Optimization Playbook, for an in-depth look at how to overcome the cost, efficiency, and security barriers to optimal cloud performance.



Our team is a blend of high-quality talent from all levels who can tackle your most complex issues with a fresh approach. With a globally connected network of 4,000 employees, Wavestone is designed to help you get results. All our consultants thrive on complex challenges, enjoy blazing new trails, and are committed to your organization’s success.

6 Operational and Strategic Benefits of GenAI-Driven Tech Procurement

Nov 30, 2023

The procurement of technology services stands at a fascinating crossroads, with the introduction of generative AI marking a transformative shift in how organizations approach this critical function. Read our blog for 6 key operational and strategic capabilities enabled by GenAI-driven tech procurement.

Navigating Complex Procurement: 5 Challenges and Best Practices

Nov 23, 2023

Effective procurement drives efficiency, cost savings, and supply chain reliability, and comes with its fair share of complex challenges. Overcoming them requires a multifaceted approach integrating strategic thinking, innovative solutions, collaboration, and proactive risk management. Read our blog for a detailed examination of 5 major procurement challenges and top-line strategies for success.

Have a Question? Just Ask

Whether you're looking for practical advice or just plain curious, our experienced principals are here to help. Check back weekly as we publish the most interesting questions and answers right here.

Ask Wavestone