Most cloud vendors won’t say this plainly, so we will: the cloud itself is rarely the problem. What consistently derails companies, expensively and avoidably, is arriving at a migration without a proper cloud migration strategy.
If you lead a mid-size company in Germany, Switzerland, or Austria, you probably recognise at least one of these situations. You are planning a move to the cloud, and the scope keeps shifting. You are mid-migration, and the budget is already under pressure. Or you made the move, and the monthly bill is climbing in ways nobody forecast.
This is rarely a technology failure. It is a planning failure.
Companies average 23% over budget on cloud spending, and an estimated 30% of cloud outlays are wasted, primarily because the strategy is defined after the infrastructure decision, not before it. Source: McKinsey & Company, Cloud Migration Opportunity report.
This article is for the decision-makers who want to get this right. It covers the types of migration facing mid-size companies today, the challenges that cause the most damage, and a practical step-by-step approach, with specific attention to the budget and compliance realities of operating in Germany, Switzerland, and Austria.
Why Mid-Size Companies in DACH Cannot Afford to Wait
Cloud adoption in the EU has reached a tipping point. According to Eurostat’s 2025 data, 52.7% of EU enterprises now use paid cloud services, up 7.4 percentage points since 2023. Among large enterprises, that figure is 84.7%. Among small businesses, 49.3%. The gap is closing, but it is still wide enough to represent a real competitive disadvantage for the companies sitting on the fence.
Three pressures are converging for DACH mid-size companies right now and making continued delay increasingly costly.
The first is regulatory. Switzerland’s revised Federal Act on Data Protection, the revDSG, or FADP, came into force in September 2023. It introduced requirements around data processing agreements, privacy by design, and cross-border data transfers that directly affect how and where companies can host their infrastructure. The EU’s NIS2 Directive, which member states were required to transpose by October 2024, adds cybersecurity obligations for organisations in critical sectors, including many mid-size ICT and MedTech businesses. These are not future planning considerations. They are current obligations with current consequences.
The second is competitive pressure. Cloud-native competitors move faster, scale more cheaply, and bring products to market in timelines that traditional on-premise infrastructure cannot match. For Swiss and German mid-size companies, where engineering precision and reliability are non-negotiable, the question is not whether to modernise, but how to do it without disrupting the operations that make the business valuable today.
The third is AI. Companies that want to deploy AI at scale need the elastic compute infrastructure that the cloud provides. On-premise hardware is not a viable long-term platform for AI-driven operations. If AI features meaningfully in your business strategy over the next three to five years, your cloud infrastructure is the foundation it will need to run on.
Know Your Journey Before You Plan Your Route
One of the most consistent sources of migration problems is treating it as a single, uniform activity. The approach that works for a Swiss MedTech company moving patient data from on-premise servers is fundamentally different from the approach that works for a German ICT firm consolidating two cloud platforms after an acquisition. Before anything moves, you need to know which journey you are actually on.
The most common starting point for DACH mid-size companies is moving from physical, on-premise infrastructure to a public cloud provider, AWS, Azure, GCP, or a sovereign European platform. This path carries the most complexity, because legacy enterprise applications are often interconnected in ways that simply are not documented. For companies operating under the Swiss FADP or GDPR, data residency requirements need to be designed into the architecture from the outset, not retrofitted six months later when an auditor asks the question.
A growing number of companies are moving between cloud providers, outgrowing their first platform, or consolidating environments post-acquisition. This is consistently underestimated in effort. Data egress costs, re-architecture requirements, and compatibility gaps between providers create friction that surprises even experienced IT teams.
For most mid-size enterprises in the DACH region, the practical starting position is neither staying fully on-premise nor committing to full public cloud. A hybrid cloud model, running some workloads on-premise or in a private environment, whilst others move to public cloud, is the dominant architecture for good reason. According to the Flexera 2025 State of the Cloud Report, 70% of organisations operate this way. It preserves existing investments, limits migration risk, and allows companies to phase their transition over a realistic timeline rather than forcing a big-bang cutover.
Then there is cloud modernisation, which goes well beyond moving workloads. Modernisation means re-architecting legacy applications: breaking apart monolithic systems, containerising workloads, and adopting cloud-native development patterns. It takes longer and costs more upfront. It also delivers the highest long-term return. Lift-and-shift gets you into the cloud. Modernisation makes it work at the scale your business actually needs.
Five Challenges That Derail Most Mid-Size Migrations
Vendor content tends to show migration as a smooth, predictable journey. For mid-size companies with lean IT teams and a decade of accumulated legacy systems, the reality is considerably messier. Here are the five issues that cause the most damage and what you can do to pre-empt each one.
1. Underestimating how connected your systems really are
Legacy enterprise applications built over years in German manufacturing, Swiss financial services, or Austrian MedTech are often intricately connected in ways that are not written down anywhere. The failure shows up after migration, when something breaks unexpectedly and the root cause turns out to be a dependency nobody knew existed.
The fix is to invest in formal dependency mapping before a single workload moves. For ICT companies and MedTech businesses in particular, this step is not optional; it is the difference between a phased, controlled programme and an emergency rollback at 2 am.
2. Cost overruns that arrive after go-live, not during
According to the Flexera 2025 State of the Cloud Report, 84% of organisations cite managing cloud spend as their top challenge, and budgets are already exceeding forecasts by 17% on average. The pattern is consistent: companies migrate, expecting costs to fall, then discover three months later that over-provisioned resources, forgotten development environments, and unmanaged licences have inflated the bill beyond the original on-premise baseline.
The fix is treating cost governance as a discipline that begins before the first workload moves, not after the invoice arrives. We cover the practical levers in Section 6.
3. Compliance complexity that most migration guides don’t cover
Operating in the DACH region means navigating regulatory requirements that are consistently underestimated by written guides for global audiences consistently underestimate. Switzerland’s revDSG/FADP, the EU’s GDPR, and NIS2 each impose specific obligations on how data is processed, stored, and protected obligations with direct architectural implications. Choosing the wrong cloud region, failing to implement encryption by design, or not having a compliant data processing agreement with your provider are not minor oversights. In a regulatory investigation or an enterprise customer audit, they are deal-breakers.
The fix is building compliance into the architecture from the start, and making sure your migration partner has genuine working knowledge of DACH regulatory requirements, not a compliance checkbox on their proposal.
4. Discovering your team’s skills gap mid-project
Cloud architecture, DevOps automation, security configuration, and cost governance are skills that most mid-size IT teams do not hold in sufficient depth to execute a full migration in-house. The Flexera 2025 report found that 60% of organisations now rely on managed service providers for some or all of their cloud management. The most effective model for mid-size companies is one where your team owns the strategy and the outcomes, and a specialist partner owns the technical execution.
5. Choosing lift-and-shift because it looks cheaper
Lift-and-shift gets workloads into the cloud quickly. The unit economics look attractive at the point of decision. But running on-premise architecture on cloud infrastructure without re-architecting for how cloud services are actually priced and scaled frequently results in higher ongoing operating costs than staying on-premise would have. Match the migration approach to each workload’s profile, not to the timeline pressure. Some workloads are lift-and-shift candidates. Others will cost significantly more in the long run if you do not modernise them first.
Building a Cloud Migration Roadmap That Delivers
A cloud migration strategy is not a document that gets filed and forgotten. It is a sequence of decisions made in the right order, by the right people, that determines whether the migration delivers what the business case promised. Here is the approach that works consistently for mid-size companies.
Step 1 — Start with a cloud readiness assessment
Before anything moves, you need an honest picture of what you have: your current infrastructure, your application dependencies, your compliance obligations under the revDSG/FADP and GDPR, and what your actual IT costs are today. This step is the one most companies rush or skip. It is also the one most responsible for the migrations that go over budget. Invest the time here; it is the highest-ROI activity in the entire programme.
Step 2 — Define your strategy before you choose a platform
The platform choice: AWS, Azure, GCP, or a sovereign European provider should follow your strategy, not lead it. For most mid-size DACH companies, starting with a hybrid cloud approach is the right call: it preserves existing investments, limits migration risk, and allows workloads to move in stages. Your strategy should answer which workloads are moving, in what order, and what success looks like twelve months after go-live. The provider question comes after that.
Step 3 — Phase your migration by risk and business value
Start with low-risk, high-value workloads: development and test environments, collaboration tools, and non-mission-critical applications. Build operational knowledge before you touch core business systems. A phased approach gives you natural checkpoints to validate costs, compliance, and performance before the stakes get higher. The median enterprise migration runs to around eight months; end-to-end build buffer into that estimate, and plan cutover windows to avoid peak operational periods.
Step 4 — Get costs under control before you go live
Cloud cost optimisation is not something you bolt on after migration. It is a design decision made before the first workload moves, and a governance discipline maintained permanently afterwards. Right-size workloads before migration. Implement resource tagging from day one so spending can be allocated to teams and projects. Use reserved or committed-use pricing for stable workloads, typically 40–60% cheaper than on-demand. Automate shutdown of non-production environments outside working hours. Organisations that apply FinOps disciplines consistently achieve 30% or greater cost reduction (Flexera / FinOps Foundation, 2025).
Step 5 — Define cloud management ownership before go-live, not after
Migration is not the finish line. Monitoring, governance, security patching, performance tuning, and cost oversight are where your ROI is either realised or quietly eroded. Before go-live, define who owns cloud management, what tooling they will use, and what the escalation process looks like. If your internal team does not have that capacity, build managed services into the plan from the start, not as an afterthought six months later when the first incident occurs.
The Budget Conversation You Need to Have Before You Migrate
Here is a number that tends to land hard in a CFO conversation: 27% of cloud spend is wasted globally, across idle resources, forgotten environments, and over-provisioned instances (Flexera 2025). If your company is spending CHF 500,000 per year on cloud infrastructure, that is CHF 135,000 disappearing annually without delivering any business value.
For mid-size companies in the DACH region, the budget risk is compounded by two factors that global benchmarks tend to understate. First, Swiss and German infrastructure costs, both on-premise and cloud, are higher than the European average, which means the absolute value of wasted spend is greater even at the same percentage. Second, GDPR and revDSG compliance architecture carries a real cost: data residency configurations, encryption requirements, and access control frameworks need to be budgeted for explicitly, not absorbed from a contingency line.
The practical levers for reducing cloud spend are well established: right-sizing workloads before migration, using reserved instances for predictable workloads, automating shutdown of non-production environments, and implementing resource tagging from day one. Before you start, it is worth modelling your numbers against Swiss-specific benchmarks using Kansoft’s Swiss Cloud Cost Calculator. It takes ten minutes and typically surfaces costs that were not in the original business case.
The companies that avoid bill shock are not the ones who spend less on cloud. They are the ones who know exactly what they are spending before they commit to it.
What a Well-Executed Migration Looks Like in Practice
There is a meaningful gap between understanding migration theory and having delivered a programme for a mid-size company with a decade of legacy systems, active compliance obligations, and a business that cannot afford unplanned downtime.
At Kansoft, our cloud migration engagements follow a five-phase model: readiness assessment and dependency mapping; a tailored strategy that matches the approach (rehost, replatform, refactor, or retire) to each workload; a pilot phase using low-risk workloads to validate cost and compliance assumptions; phased full-scale execution with rollback plans for critical systems; and post-go-live optimisation covering cost governance, performance tuning, and ongoing management.
Our engagement with Palisis AG, a Swiss ICT and travel technology company, illustrates what this looks like in practice. The programme covered a ground-up overhaul of core systems: frontend re-engineering, a Gen AI-powered chatbot, and CI/CD pipeline deployment. The outcomes included substantial cloud cost savings, a significantly reduced DevOps backlog, and an infrastructure that could scale at the pace the business needed. None of that came from choosing the right cloud provider. It came from building the right architecture on a solid strategy, executed in stages, with clear accountability at every point.
The consistent pattern across every migration we have delivered: companies that invest in strategy and readiness before they commit to infrastructure achieve materially better outcomes on cost, on timeline, and on operational stability.
The Migration Starts With a Plan, Not a Platform
If you have made it this far, you are already approaching this more carefully than most. Three things are worth carrying forward:
- Strategy before platform. Which cloud provider you use matters far less than knowing which workloads you are moving, why, and in what order. The platform decision follows from the strategy, not the other way around.
- Compliance is architecture. For companies in Germany, Switzerland, and Austria, GDPR, the Swiss revDSG/FADP, and NIS2 are not bureaucratic hurdles to clear after migration. They are design constraints that need to be embedded in the architecture from day one.
- Cost visibility from the start. The companies that avoid cloud bill shock are not the ones that spend less. They are the ones who build cost visibility and governance into their migration plan before the first invoice arrives.
Cloud migration is not inherently complicated. It becomes complicated when it is treated as an IT infrastructure project rather than a business transformation programme. The companies that get it right on time, within budget, with genuine ROI give strategy the same rigour they give technology.
