Pity the poor soul at your company who is in charge of technology decisions. Whether that person is the CIO, the director of engineering, vice president of IT, or holds some other title, it’s a thankless task. If things go smoothly, no one really notices. But if they go sideways, as they often do, guess who gets blamed?
Heck, not even CEOs are immune from the finger pointing.
With that in mind, here’s a list of top bugaboos that keep these execs burning the midnight oil.
1: It’s about security stupid.
There’s not an IT executive on the planet who is not worried about data security after a seemingly endless series of breaches. At the US Office of Personnel Management, at the Internal Revenue Service, at Anthem, at Target (TGT) etc. Even though insurance ends up paying for a lot of the cleanup, no one wants to see their company logo on the evening news in this context.
Defending against ever-changing threats is like nailing jello to the wall. The bad guys are always changing their attack strategies so the good guys have to be constantly vigilant and moving as well. And enforcing sometimes unpopular security requirements on employees.
“Security risks and threats seem increasingly dynamic and adaptive, requiring more and more focus on preventive and reactive solutions that must be equally dynamic and adaptive,” said Don Whittington, vice president and CIO of Florida Crystals, the company behind Domino Sugar and other brands.
2: Vendor lock-in.
Anyone who controls a couple of million dollars in IT budget knows that Oracle(ORCL) , Microsoft(MSFT), IBM(IBM), VMware(VMW), Hewlett-Packard(HPQ), SAP(SAP), Salesforce.com(CRM) insert-favorite-vendor-name-here wants more of those dollars for itself and to shut out its rivals.
Sure there’s lots of happy talk about being open and supporting standards, but these vendors also talk about how their stuff works best if you use it with the rest of their stuff.
The truth is that legacy vendors are not keen on opening up about the inner workings of their technology even to their biggest and best customers. Most of them view OpenStack as an opportunity to look “open” while adding their own secret sauce to the mix which, raises the question that they’ll be less open. Go figure.
That’s one reason TD Bank (TD) is sold on OpenStack, the open-source cloud framework. OpenStack comprises several modules for storage, computing, networking, that companies can use to fashion their own cloud infrastructure. Users may pay for support and maintenance, but the software itself is free, and the accompanying documentation is voluminous. As is the support community.
“With OpenStack, I know exactly how many bugs are in the pipeline and can watch bug fix progress in real time as people address them. Getting a bug fix is very difficult in the proprietary world,” said Graeme Peacock, vice president of platform engineering and design of the company told Fortune.
3: The data deluge
In case you haven’t noticed, we’re drowning in data as more devices connect to each other and as companies aggregate data from more nontraditional sources—those devices, social networks etc.. Making sure all that data gets to where it’s needed securely and in useable form is a bear.
“The complexity of the interoperability (not just integration) of devices and data sources gets particularly challenging,” Whittington said. Sure you want that data, but some of that data may not legitimately be available to everyone who wants it. So there are huge challenges in terms of security and privacy.
Balancing the need for fast data flow with the need for security is no mean feat.
4: Proving the value of tech rollouts
Every CEO by now has grokked the notion that big data and cloud computing are key, even if they don’t really know what the terms mean. So they’ve pushed their tech leadership to experiment and or maybe even deploy new technologies. Now they just have prove that these deployments are worth the effort.
“There is pressure now on CIOs to show actual results of moving to the cloud,” said Rodney Rogers, former CEO of Virtustream, who now heads up cloud computing at EMC (EMC) by virtue of EMC’s acquisition of his company.
Cloud migration “was sort of hype five years ago, but investment began in earnest in real production volumes a few years ago and now it is time to pay the piper,” Rogers said.
5: Inflexible partners
IT professionals have to weigh the trade-off of dealing with many specialized vendors for various needs or using fewer mega-vendors with expertise that may be miles wide but inches deep (see number 2 above.)
When TD Bank made its initial foray into private cloud, it turned to Rackspace (RAX), because it had the specific expertise in OpenStack and in cloud deployment that the company didn’t necessarily have itself.
It could have gone with bigger vendors that also offered OpenStack, but those other more diversified players had mixed agendas. “The universal vendors were struggling with clouds themselves. They have a lot of products and their model is to make technology very proprietary and opaque so the price of exit is very high,” Peacock said. Big vendors in short, pull customers in, and then make it hard to get out.
Rackspace actually went beyond its purview to accommodate a key bank request. The bank, which obviously has big concerns around compliance and security, wanted to Rackspace to run its private cloud inside the bank’s own facilities. That was not (yet) part of Rackspace’s services, but it did it, Peacock said.
Subscribe to Data Sheet, Fortune’s daily newsletter on the business of technology.