What’s standing in the way of your ability to execute at speed?

Play video
10 minute read 17 Oct 2019
Authors

David Padmos

EY Global Advisory Technology Leader and EY US-West Advisory TMT Leader

Experienced consulting leader. Technology enthusiast excited about advances in robotics, AI, cognitive analytics, blockchain and automation and the potential to improve our client’s business models.

Ken Englund

Ernst & Young LLP US North America Technology Sector Advisory Services Principal

Focused on helping technology, consumer electronics, internet, social commerce and software companies solve critical business issues.

10 minute read 17 Oct 2019
Related topics TMT Technology Automation

In an era of elevated customer expectations, a cloud-enabled enterprise is a prerequisite to stay ahead of the market and your competition.

Why are technology, media and entertainment, and telecommunications (TMT) companies flocking to the cloud? For many, the lure has little to do with cost savings. These companies are seeking a competitive edge and see the cloud as an enabler of new, innovative business models. The numbers substantiate this.

A recent survey of 550 IT decision-makers finds that 9 out of 10 companies will have migrated some portion of their applications or infrastructure to the cloud by the end of this year.¹

But despite all the emphasis on the cloud as a source of cost savings, the survey participants report that their primary motivation for moving to the cloud is to satisfy business demands for increased speed, agility and responsiveness.

Nearly three out of four respondents (71%) indicated that “improving the speed of IT service delivery” was the chief factor driving their cloud investments. The second most frequently offered reason (by 63% of respondents) was achieving “greater flexibility to react to changing market conditions.”

Yet for some companies, and many TMT companies in particular, the cloud holds even greater potential to transform their business models and gain an outsized edge over their competitors. For these businesses, the cloud has become a primary enabler of new product development and accelerated time-to-market strategies.

In a larger sense, by fully leveraging the cloud, these companies are transforming themselves into the adaptive digital enterprises of tomorrow.

  • Proof point examples

    A leading provider of streamed video content is a case in point. The company has adopted a cloud-native strategy and has virtually rebuilt its entire infrastructure and applications workload. Among other things, this made it possible for the company to rapidly expand its streaming membership by a factor of eight.

    Meanwhile, during the past 12 months a large, traditional telecommunications company migrated 20% of its mission-critical applications to the public cloud. It undertook the shift as a precursor for its digital transformation and a key step in helping it to compete with rival over-the-top (OTT) content providers.

    A highly regarded maker of financial-management software undertook its journey to the cloud to meet the ever-changing demands of its global customer base. Among other advantages, cloud adoption has given its developers greater access to the tools they need to respond more quickly to sudden swings in market demand.

Moving to the cloud

90%

The percentage of companies who will have migrated some portion of their applications or infrastructure to the cloud by the end of this year.

As they move toward fully leveraging the cloud, these and other TMT companies plan to introduce new products and services in near real-time. Once a TMT company has migrated to the cloud and eliminated its infrastructure constraints, it can embrace a cloud-supported agile development model — one that allows it to pilot, rapidly withdraw, reconfigure and reintroduce new product offerings based on market feedback and with minimal risk.

“TMT companies are moving very rapidly with their cloud adoption,” notes Greg Cudahy, who leads the team at EY that advises the TMT sector. “But it’s important to keep in mind that for the most part these companies have just begun their cloud-enabled journey. The greatest impact and most far-reaching consequences of this shift are still just visible on the horizon.”

Working on screen at night
(Chapter breaker)
1

Chapter 1

What does it mean to be cloud-enabled?

To pave the way for new business models, CIOs need to rethink how they build applications.

The drive to maximize IT agility to support new business requirements, while holding down costs, is leading many CIOs to reimagine their core IT infrastructure. Many are choosing a hybrid approach that integrates on-premise with cloud-based resources.

This approach gives them the best of both worlds — operational continuity on the one hand, and an affordable way to rapidly scale and absorb new workloads on the other. Integrating their data centers with a service provider, however, should only be regarded as the first step in a cloud-ward journey.

To take full advantage of the cloud’s potential, an enterprise must become fully cloud-enabled. And this means going native — cloud native, that is.

  • Cloud-native benefits

    Cloud native is an approach to building applications designed to run on the cloud. It uses an open software stack to create apps that are:

    1. Containerized, with each application process packaged separately in its own container. This makes it much easier to troubleshoot, upgrade and reuse the software, and to identify the infrastructure resources on which it depends.
    2. Dynamically orchestrated, which allows each container to be actively managed for optimum resource utilization.
    3. And most important, microservices-oriented. This is the secret sauce of the cloud-native approach because it makes it much easier to develop, support and maintain an application. By building applications out of shared microservices, TMT companies can dramatically accelerate how they bring new products and services to market.

    A cloud-native or microservice-based development architecture helps businesses achieve the flexibility and speed of execution they need to succeed in the digital era — characterized by rapid change and customer demands for real-time response. It does this by enabling a new kind of product-development framework — one in which new offerings can be continually introduced, updated and rearranged as needed to add new features and functionality based on market demand. Further, these offerings can be managed in such a way that, despite the steady stream of changes, rollouts take place seamlessly, without disrupting the ongoing activities of the company’s user base.

    The traditional “lift and shift” approach to migrating legacy applications to the cloud still has its place. Systems with stable feature sets and a well-known system load do not have to be reengineered to benefit from the cloud’s scalability and low-cost structure.

    But as software increases in strategic importance and companies look for ways to differentiate themselves through their digital presence, they need to make rapid changes and adjustments to their systems in response to customer demand. Failure to quickly adapt to their customers’ needs makes them vulnerable to competitors that will gladly provide what their customers are demanding, and a cloud-native, microservice development architecture optimizes their ability to respond to customer preferences and marketplace demands.

    For TMT companies, this has huge implications. The content-streaming service referred to earlier would never have been able to support its ballistic rate of growth had it clung to a traditional, monolithic application architecture. And the financial software developer would never have reduced its operating costs by a factor of six, without reconfiguring its services for the public cloud.

    But to embrace the cloud-native development model, TMT companies must abandon the complex, monolithic applications they have long relied on. While these programs have proved durable and have reliably handled many critical business functions for dozens of years, their inherent complexities, extended development cycles and cumbersome deployments (think ERP rollouts) undercut the very reasons TMT companies are moving to the cloud.

    Traditional monolithic applications:

    • Are fragile. Due to their large scale and numerous interdependencies, any changes to the system often have unintended consequences.
    • Are resource-intensive and difficult to scale. This is the very antithesis of what a cloud deployment is all about.
    • Are time-consuming to develop and challenging to deploy.
    • Are extremely complex, making them awkward to maintain and difficult to upgrade.
    • Have extended life cycles, severely limiting a TMT company’s ability to embrace new technologies as they emerge.

From EY’s perspective, cloud-native applications are the inverse of all of the above. Tightly integrated collections of cloud-based microservices can sidestep component failures to provide resiliency and scale easily when workloads change. Application components can be reused, mixed and matched to speed development, and their inherent flexibility makes them much easier to deploy.

Such applications can be written in any programming language and make use of any technology stack. And since different microservices can be developed with different technologies, this opens the door for TMT companies to quickly adopt the most current technologies.

When traditionally architected applications are ported to the cloud, they don’t run any differently than they did in their original environment, and all of their limitations and drawbacks remain in place. To maximize the benefits and realize the cloud’s full potential, TMT companies need to adopt new, cloud-native application architectures supported by new, agile models of development.

A recent report by IT market forecaster Forrester sums all this up nicely. “In 2019,” the report’s author Dave Bartoletti writes, “cloud computing will firmly establish itself as the foundation of tomorrow’s enterprise application platforms. It’s the best way to create the compelling software experiences that your customers demand and your competitors fear.”²

As these trends gather momentum, here are some important questions for TMT business leaders to ponder:

  1. Is your business as agile and resilient as the marketplace demands? And if not, how are you confronting this challenge?
  2. Are you taking advantage of the hybrid-cloud model to rapidly provide all the network capacity and scalability that your applications need?
  3. Have you taken this a step further and embraced agile development, microservices and cloud nativity — or are you still caught up in releasing software changes once every six months?
Business people waiting for elevators
(Chapter breaker)
2

Chapter 2

Security and trust in a cloud environment

Many assets need protecting. The most important are the bonds businesses have with their customers.

But can the cloud be trusted?

Worldwide, spending on security-related hardware, software and services is forecast to reach US $103.1 billion in 2019 — an increase of nearly 10% over 2018. The telecommunications industry alone will spend over $6 billion this year to guard against online incursions.³ Yet at the same time, 66% of IT professionals say security remains their most important concern around their cloud-computing strategy.⁴

This reflects a widespread prejudice among IT professionals that on-premise data centers — because they’re more directly under an enterprise’s control — are more secure, more compliant and therefore more trustworthy than cloud-based operations. But is this true?

  • Entrusting data to the cloud

    As far back as 2012, Alert Logic's Fall 2012 State of Cloud Security Report observed there are minimal differences between the security threats to data stored on-premise vs. data hosted on the cloud. Further, the report noted, the number of attacks against corporate data centers outnumber the attacks against cloud-based facilities by more than two to one.

    The upshot, the researchers concluded, is that any code or data that can be accessed via an external network — whether it resides in an enterprise’s own data center or within a public cloud — is equally at risk.

    More recently, a compelling argument has been made that data stored within the cloud is more secure than data under its corporate owner’s immediate control. One premise for this argument is that their economies of scale enable cloud-service providers to spend much more on securing their systems than is practical for any individual enterprise.

    “While your applications may no longer reside in your own data centers,” explains Rob Belk, Cybersecurity Leader at EY, “in most instances you’re handing them off to an organization better-equipped to manage computing environments than your own. This doesn’t mean that you don’t have to pay attention to security controls; it just means that the cloud provider is usually better able to implement them.”

    In terms of privacy, cloud-service providers increasingly give their enterprise clients fine-grained control over what their individual users can and cannot do in their cloud environments. They also provide customers with highly detailed logs of all the activity taking place within their accounts, allowing them to monitor for any unusual or potentially harmful occurrences.

    These providers further reduce the “surface area” for any penetration attacks by carefully defining their clouds’ entry points and securing them with multifactor authentication, web-based tokens, limited-time restricted access and similar tools.

    This is not to say that there aren’t significant security challenges when it comes to entrusting data to the cloud — because, indeed, there are. If anything, moving to become a cloud-enabled enterprise heightens those challenges since more of the enterprise’s intellectual property and product-related assets will reside in the cloud and must be protected.

    But the enterprise still must address those concerns whether it operates in the cloud or not. The best way to address them, however, will differ in a cloud environment.

Cloud-computing security

66%

Percentage of IT professionals who say security remains their most important concern around their cloud-computing strategy.

Although many aspects of security are the same for cloud environments — be they public, private or hybrid — as they are for on-premise data centers, the cloud is highly interconnected. This makes it easier for traffic to bypass traditional perimeter defenses.

“Preventing unauthorized access in the cloud requires a shift to a more data-centric approach,” says Amr Ahmed, Managing Director, IT Advisory and Technology Transformation at EY. “It’s one that relies more on safeguards such as encryption, two-factor authorization and multilayer security.”

Moreover, since virtually everything in the cloud is virtualized, security is more software- than hardware-driven. This has pros as well as cons. Among the positives are that cloud security is heavily automated and dynamic. “The parameters can be changed nearly instantaneously in response to new threats and changing circumstances,” according to Ahmed.

A potential negative is that it is possible to access every cloud process from a single control console, and if users fail to secure their console properly, they can pay a heavy price. Although the default settings provided by most service providers are designed to keep data private, there are numerous instances where configuration errors on the part of customers have exposed their data to the world. Perhaps the most infamous occurred in 2017, when National Security Agency operatives misconfigured their cloud-security settings, giving the world an unwelcome view of a secret US intelligence-collection program.

To remain viable in an unrelentingly dynamic market, today’s TMT companies must strive to become tomorrow’s adaptive digital enterprises. In the process, they need to embrace the cloud as a primary enabler of new product development and accelerated time-to-market.

From EY’s point of view, bonds of trust with customers take years to build, but failing to safeguard their data and privacy can destroy them very quickly. Yet this threat is just as prevalent in on-premise data centers as it is in the cloud.

The risks posed by cloud computing are somewhat different, and these must be recognized and properly managed. But the biggest risk is letting misplaced fears over security vulnerabilities deter a business from capitalizing on the competitive advantages that the cloud offers.

With the cloud posing new security challenges, TMT leaders would be wise to consider:

  1. Has your security strategy evolved to address the different threat profiles posed by the cloud? Have you developed an encompassing security architecture that establishes the necessary requirements and controls for a cloud environment?
  2. Are you providing the requisite support for your solution architects and developers? Do they have access to the tools they need to provide effective security controls for your cloud deployments? Have they embraced the security development operational mindset, commonly known as DevSecOps, that everyone is responsible for security?  
  3. As part of your cloud-security governance procedures, do you routinely identify, locate and protect the high-value assets that you store in the cloud?
Male thinking at night
(Chapter breaker)
3

Chapter 3

Digital transformation and the cloud

Cloud computing is already disrupting the TMT sector. But the full extent of its impact has yet to be felt.

“No-one knows where the cloud journey will end,” observes EY’s Greg Cudahy, “but it’s now widely accepted that the cloud paradigm will give TMT companies the means to accomplish things that were previously considered impossible. To remain successful, these companies must rapidly respond to constantly evolving customer expectations. And the only way for them to do this is through the cloud.”

TMT companies that are leveraging the cloud to achieve digital transformation are reporting rapid growth and greatly improved efficiencies. When, for example, the quality of its online video games fell behind those of its rivals, a well-known game-streaming service rolled out an innovative cloud-based service that guaranteed its gamers a sub-35-millisecond response time.

Likewise, when a major cable and internet-service provider wanted to upgrade its flagship video product, it turned to the cloud. The hybrid service it utilized provided both the scale and security the company required to deploy new features several times a week instead of once a year.

EY advisors believe that the cloud paradigm will help transform TMT companies by greatly accelerating their ability to roll out new products, gauge their customers’ responses and make rapid-fire adjustments. And by applying cloud-based analytics to all the user data that they generate, these companies will gain far greater insights into their customers’ behavior than was ever before possible.

But to accomplish these ends, porting an application to the cloud will no longer be the relatively simple “lift and shift” procedure it has largely been until now. Designing, deploying and securing applications that can be offered as services requires a new agile mindset, along with a cloud-based development model that makes it feasible to modify, track and protect the hundreds of moving parts on which these applications depend.

However, while the complexities will increase, so will the payoffs, as service-centric applications become the basis for new subscription and pay-per-use business models. Such models open the door to new sources of recurring revenue and — by migrating all of its operations to the cloud — enable the entire business to run that much faster.

This reality is beginning to hit home. “Five years ago,” says EY’s Cudahy, “only the most progressive boards would engage in discussions about cloud computing. Today, the cloud is a regular topic on board-meeting agendas at companies of all shapes and sizes. Rather than a cost to the business,” he adds, “It’s now seen as a revenue generator and enabler of innovation.”

No-one knows where the journey will end, but the cloud paradigm will let TMT companies accomplish things that were previously considered impossible.
Greg Cudahy
EY Global Technology, Media & Entertainment and Telecommunications (TMT) Sector Leader

From a strategic standpoint, EY encourages TMT leaders to reflect on the following:

  1. Is your current cloud strategy helping or hindering the pace of your digital transformation at your company?
  2. Is your cloud strategy solely geared toward improving operational efficiencies, or does it also provide you with the necessary flexibility to pilot and tailor new business capabilities and allow for immediate scale?

What role does the cloud play in helping you respond to market demands? Are you really taking advantage of the cloud’s resiliency and flexibility to deliver the optimum customer experience?

Summary

Leading TMT players have already moved key applications to the cloud and are reaping the benefits. The most forward-looking are going further and using the cloud to re-envision how they roll out new products and respond more rapidly to customer demand.

TMT companies that cling to a traditional, application-centric development model will fail to keep pace with today’s unrelentingly dynamic markets. Only by fully leveraging the cloud can a TMT company achieve the speed and agility it needs to sustain a long-term competitive advantage.

About this article

Authors

David Padmos

EY Global Advisory Technology Leader and EY US-West Advisory TMT Leader

Experienced consulting leader. Technology enthusiast excited about advances in robotics, AI, cognitive analytics, blockchain and automation and the potential to improve our client’s business models.

Ken Englund

Ernst & Young LLP US North America Technology Sector Advisory Services Principal

Focused on helping technology, consumer electronics, internet, social commerce and software companies solve critical business issues.

Related topics TMT Technology Automation