Who To Consult With On Your Cloud Strategy, And Who To Manage It

May 18, 2026 Doug McMaster and John Klockenkemper

If you run IBM i, you already know what operational discipline looks like. Tightly governed security models. Decades of validated business logic embedded in RPG and DB2 for i. Systems of record that have been running continuously since before “the cloud” was anything more than a weather term. Your platform is not fragile – it is, in many ways, the most stable and secure thing in your data center.

But the world around IBM i has changed. As we discussed in our previous IT Jungle article, the latest IBM i Marketplace Survey data confirms what most shops already know: Windows Server, Linux, and AIX workloads surround your core IBM i systems. And increasingly, public cloud services from AWS and Azure are in the mix – sometimes by deliberate strategy, sometimes by departmental drift.

The question is no longer whether your organization will engage with public cloud. The question is who will help you define that strategy – and who will manage it once it is running. That distinction matters more than most IT leaders realize. And for IBM i shops in particular, getting it wrong carries consequences that go well beyond a surprise bill from Amazon.

The Hyperscaler Proposition – And Its Limits

Amazon Web Services, Microsoft Azure, and Google Cloud have turned raw infrastructure into a commodity. Compute, storage, and networking are available on-demand, globally distributed, and deliberately low-margin. That is a remarkable engineering achievement. It is also, for many midmarket IBM i organizations, a dangerous starting point. Hyperscalers sell primitives, not solutions. They offer tools that assume you have cloud architects, DevSecOps maturity, continuous optimization practices, and 24/7 operational discipline already in place. Their shared responsibility models explicitly state: “We secure the cloud. You secure what’s in it.”

For the IBM i shop with two or three senior administrators – where HA/DR expertise and born in the cloud virtualization skills issues can pop up – this is not an empowering model. It is an exposure model. Hyperscalers do not own your business outcomes. They do not customize operations per customer. They do not take accountability for uptime, security posture, or cost optimization. They do not adapt services to your industry-specific compliance requirements. And they certainly do not understand the operational realities of running IBM i workloads alongside cloud-native services.

This is where a CloudSAFE earns their differentiation. Cloud Service Providers (CSPs) survive and grow only by operating above the infrastructure commodity layer – delivering the expertise, governance, and accountability that hyperscalers intentionally leave to the customer. The driver is straightforward: customers do not want more cloud. They want cloud to work for them.

Complexity Is the Real Product – And IBM i Shops Know It

If you have ever tried to explain to a cloud architect why your RPG batch jobs cannot simply be containerized, or why your DB2 for i data warehouse cannot just be replicated to S3 “for performance,” you understand the complexity gap intimately.

Hyperscale platforms are powerful – but cognitively expensive. Organizations struggle with tool sprawl across monitoring, security, identity, and backup. They struggle with security configuration across multiple services and regions. They struggle with cost management under consumption-based pricing. And they struggle with hybrid complexity when on-premises IBM i and Power Systems must coexist with public cloud workloads that operate under fundamentally different assumptions.

As we explored in our second IT Jungle article in this series, many of these friction points are architectural, not political. IBM i workloads were designed as monolithic, tightly coupled applications – stateful jobs running continuously with direct DB2 for i calls and embedded business logic. Public cloud architectures assume the opposite: stateless, restartable, horizontally scalable. Bridging that gap requires more than a landing zone template. It requires someone who understands both worlds.

The CSP value proposition here is absorbing complexity. Opinionated architectures. Pre-integrated tooling. Guardrails and governance. Managed platforms rather than raw services. For IBM i organizations, this means a partner who does not ask you to abandon what works but helps you extend it deliberately into the hybrid world.

The Accountability Gap – Where IBM i Discipline Meets Cloud Ambiguity

IBM i professionals are accustomed to a tightly governed security model. Object-level authority. Menu-based access control. Auditing that has been baked into the platform for decades. When you move into hybrid environments, that clarity can dissolve quickly.

Cloud providers secure the infrastructure. Customers secure everything deployed on top of it. In practice, the line blurs – especially in hybrid environments. IAM sprawl, inconsistent access controls across platforms, legacy security tools that do not extend to cloud, and compliance complexity all introduce new risk vectors. Meanwhile, threat actors increasingly target identity misconfigurations rather than perimeter defenses.

The painful insight, as we noted previously, is that many cloud security failures are governance failures. The hybrid cloud maturity move happens when identity, logging, and policy enforcement are standardized end-to-end – across IBM i, across Windows and Linux, and across AWS or Azure. This is where consultative architecture assurance early on pays dividends over time.

CSPs, like CloudSAFE, step into this accountability gap by offering end-to-end security ownership, compliance-as-a-service across frameworks like SOC2, HIPAA, and PCI, continuous posture management, and incident response. Customers want someone on the hook – not just a responsibility matrix.

CloudSAFE’s public cloud professional services span CSPM, IAM, Zero Trust, and compliance enforcement – delivering secure, cost-optimized solutions tied to measurable business outcomes. Our strategy-and-advisory services begin with cloud assessments, business cases, target operating models, and roadmaps that start with understanding risk, not just technology.

Hybrid And Legacy Environments Are Where Real Work Happens

Hyperscalers optimize for greenfield workloads, cloud-native development, and containerized or serverless applications. They are less interested in IBM i, AIX, mainframes, hybrid latency issues, coexistence with on-premises processes, and the transitional architectures that define most real enterprises.

This is where CSPs with genuine IBM heritage differentiate. Real enterprises are messy. The IBM i platform sits at the center, surrounded by Windows Server, Linux, and AIX workloads. Data flows between systems of record and cloud-native analytics. Batch jobs interact with APIs. RPG programs feed Web services. The architecture is hybrid by default – and has been for 30 years.

CloudSAFE’s heritage stretches back decades in IBM i and AIX environments. We operate managed private cloud for IBM i, IBM AIX, Windows, and Linux workloads across ten data centers in North America and Europe, supporting over 500 customers with 1,100 hosted environments. Our hybrid cloud offering brings private and public environments together under one operational model – consistent management and security regardless of where a workload runs.

For public cloud specifically, CloudSAFE CORE for Public Cloud is a fully managed cloud operating environment that provides customers with a standardized, secure, and compliant foundation for running production workloads on AWS and Azure. CORE combines pre-engineered landing zone architectures, automated governance, and ongoing expert operations into a cohesive operating platform – handling patching, capacity planning, backups, governance, compliance, monitoring, and FinOps.

For organizations that may not need the fully managed CORE solution but need targeted assistance, CloudSAFE FLEX for Public Cloud offers each CORE service module as a flexible, à la carte component that layers onto existing customer cloud environments – with an optional path toward a controlled migration to CORE over time.

The FinOps Reality – CFOs Are Watching

Here is a conversation happening in IBM i shops that would have been unthinkable a decade ago: the CFO is asking questions about cloud spend. Hyperscalers profit from increased consumption. They offer usage recommendations and cost tools, but they do not optimize customer budgets or enforce spend discipline. Their incentive structure points in one direction – up.

For IBM i organizations accustomed to predictable capacity planning on Power Systems, the shift to consumption-based cloud pricing can be jarring. As we noted in our first IT Jungle article in this series, we want our customers to know they are spending the expected amount of money, that capacity costs are based on their predefined requirements, and that they understand their monthly AWS bill. We want to help them be informed of their utilization across platforms as they carry different costs.

The fact remains – at many companies, no one really knows the answers to these questions. No one fully knows what is being rented on the cloud and how secure it is. In the case of seasoned IBM i and AIX professionals, if you are asking them to manage cloud capacity and its security, they may not be wholly suited to the task. It can be “you don’t know what you don’t know” with current cloud virtualization, and yet your applications and databases are out there running.

CloudSAFE addresses this through dedicated FinOps capabilities embedded in both CORE and FLEX, including spend analysis, governance, and ongoing cost engineering. Our Cost IQ capability provides continuous visibility, context-aware optimization, and the ability to identify and remediate inefficiencies before they materialize into budget surprises.

Vertical Pressure And Regulatory Demands Reward Specialization

Hyperscalers serve horizontal markets. They provide compliant primitives – HIPAA eligible, possibly FedRAMP authorized – and generic frameworks. They do not interpret regulations, configure controls per industry, or own audit readiness. For IBM i organizations in manufacturing, healthcare, insurance, and financial services—which describes much of the IBM i installed base – this gap is significant. Regulation and industry nuance reward specialization, not scale.

CloudSAFE’s focus on midmarket organizations in the $50 million to $2 billion revenue range reflects this. We treat backup validation and configuration monitoring as baseline requirements and make testing and simulation routine—ensuring demonstrable outcomes for auditors, regulators, and executive leadership. Our embedded compliance capability integrates compliance frameworks directly into infrastructure from inception via policy-as-code, transforming compliance from a periodic manual audit into a continuous, automated operational byproduct.

Fewer Vendors, Not More Tools

Each hyperscale platform introduces its own native monitoring, native security, native identity extensions, and native backup tools. The result is tool sprawl and integration overload – exactly the opposite of what a lean IBM i shop needs. CSPs differentiate by acting as a single operational throat-to-choke. Curated toolchains. Integrated observability and reporting. Tools aligned to customer maturity rather than cloud vendor marketing calendars.

CloudSAFE’s management plane provides centralized governance enforcing security, compliance, and operational policies across Azure, AWS, and hybrid resources – with unified audit logging, custom RBAC with least-privilege access, and automated drift detection and remediation. One partner. One operational model. Regardless of cloud.

As technology commoditizes, trust becomes the differentiator. Local presence. Long-term relationships. Knowledge of customer history. Contextual decision-making. The ability to translate technology into business language – and to understand that your IBM i platform is not “legacy to be dealt with later” but a core business asset that must be integrated deliberately.

CloudSAFE’s extraordinarily high client retention rate reflects this. We provide named teams. We participate in customer planning. We act as advisors, not portals. And because half of our heritage is in IBM i and Power Systems, we speak the language your team speaks – while also bringing the public cloud expertise that your business increasingly requires.

The Right Question

The public cloud landscape has matured to the point where infrastructure is table stakes. For IBM i organizations evaluating their cloud strategy, the differentiating questions are no longer about which hyperscaler to choose. They are:

Who will own the outcomes, not just the infrastructure?
Who will absorb the complexity so your team can focus on the business?
Who will close the accountability gaps that shared responsibility models leave open?
Who understands your platform, your compliance requirements, and your hybrid reality?
Who will be there when things go wrong – and help you plan so they don’t?

The answer to those questions is rarely a hyperscaler’s self-service portal. It is a cloud services partner, like CloudSAFE, with the heritage, specialization, and commitment to make cloud work for your business – without asking you to abandon what already does.

Doug McMaster is chief executive officer at CloudSAFE, and John Klockenkemper is vice president of public cloud.

This content was sponsored by CloudSAFE.

This Issue Sponsored By

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search