Are You Ready for the Cloud?
The cloud services industry has become big business. In 2015, Amazon Web Services was estimated to have generated nearly $7 billion in revenue, making AWS the undisputed leader in the public cloud space. Microsoft Azure trails AWS with an estimated $2 billion in revenue. The proverbial “cloud” is huge business, but the industry trend is even more ominous.
The pervasive corporate mindset to transition all levels of infrastructure to some cloud, somewhere, is accelerating the growth of the cloud industry with a rapidity so far unseen in the history of computing. This phenomenon has resulted in weighty pressure on CIOs to develop and deploy an effective and comprehensive cloud strategy or risk their organization falling behind this undeniable trend. The internet changed the information technology game, but now the cloud constitutes an entirely different league.
The Pitfall of Self-Deployment
A common mistake occurs when a company believes that it can develop and implement a comprehensive cloud strategy in the absence of professional architects and suitable technical expertise. Deploying development or training environments into a cloud does not require professional experience. However, enterprise-critical applications and databases must be professionally implemented on-premises or when transitioning into the cloud.
Tip 1: Don’t try to develop an enterprise-wide cloud strategy without help from a qualified provider of infrastructure services.
Only the largest companies with the biggest IT budgets and internal resources are capable of self-deployment into a public or hybrid cloud. Most companies should consider consulting with an infrastructure provider to avoid the common pitfalls when architecting an enterprise-wide, cloud-based infrastructure.
Understand the Cost of Buying by the Drink
It is a common approach for a company to build new infrastructure entirely in the public cloud without fully comprehending the tactical or strategic expense implications. The promise of acquiring IT resources “by the drink” has initial appeal but, unless unambiguous clarity can be achieved, cavalier indulgence may result in significant cost overruns. If the “drinks” your customers consume on any given day are not well-controlled, bloating on all ends will have the obvious negative impact. In this sense, the drinking metaphor is well-conceived. Paying by the drink can cause huge swings in the price paid each month.
Tip 2: Understand the pricing model for each specific cloud resource that will be consumed. Work with your infrastructure vendor to develop an appropriate unified cloud strategy allocating the right resources in the right public or private cloud at the right time.
Some systems are better housed on a private cloud where the consistency of a fixed cost can be realized. Other systems are ideal candidates for a public cloud such as Microsoft Azure. The right infrastructure partner will understand the expense models and assist with building a hybrid cloud that is not only cost efficient, but scalable.
Know Who Is Responsible for the Data
Rob Scott, a managing partner of Scott & Scott, LLP, of Texas contributed an interesting thought at the most recent MSPAlliance Conference: “You should know who is responsible for the data.”
Tip 3: As companies transfer the burden of IT management into the cloud, some responsibilities will be retained by the cloud customer. It’s your data and it is critical that you take steps to keep it secure and recoverable.
Public clouds are not designed by default with high availability capabilities. The migration to a public cloud includes power, cooling, and physical hardware maintenance. Understanding the nature of a public cloud and mapping its capabilities against your needs around data recoverability and availability is an important step toward architecting a proper cloud infrastructure.
Security and Compliance
Public clouds typically do not provide security and compliance services. If your application requires adherence to compliance regulations, then you are responsible for building and maintaining a compliant cloud solution.
Tip 4: If your business is required to adhere to compliance regulations such as HIPAA, PCI, and SOX, then you are responsible for building and maintaining a compliant cloud solution or working with a qualified infrastructure provider that offers those features and services.
The “old school” thinking pertaining to security was to build a wall around your business to keep everyone else out. However, over time, it has been observed that this strategy does not work. Eventually, hackers will get through even the most sophisticated and steadfast firewalls. The incursion will happen; unfortunately, it is simply a matter of time. The average hacker intrusion lasts longer than 200 days inside a company prior to detection. It is important to determine the capabilities of your provider of cloud infrastructure as far as security and compliance go.
Single Pane of Glass Is Optimal
It’s difficult enough to maintain control of an IT environment within your own four walls. As you expand infrastructure into the cloud, the problem becomes more complicated and convoluted.
In a typical modern enterprise, an intrinsic component of the logical infrastructure is SaaS applications such as salesforce.com. Other components such as your legacy infrastructure are situated on-premise, while even more of your infrastructure sits in public and private clouds. It all has to be monitored and managed simultaneously with real-time communications.
To underline the complexity of the situation, you are now paying for partial infrastructure “by the drink,” so understanding consumption in a timely manner becomes even more critical than before. Your ability to prevent system sprawl across such a diverged infrastructure will be critical to the containment of costs. This means you must be able to efficiently monitor and manage across the entire infrastructure regardless of where the individual pieces reside.
Tip 5: Look for an infrastructure provider that offers a single pane of glass from which you can monitor and manage your entire hybrid cloud.
Logging in and out of different systems or portals to manage the aggregate is not a scalable solution. Consider only infrastructure vendors who provide a single pane of glass for a monitoring and management interface. With a single point to manage the broader system, you are in a position to treat the public cloud as a true commodity. Your ability to manage across the hybrid cloud will put you in a positon to leverage the strengths or mitigate the weaknesses of each component of the infrastructure stack.
Look for SLAs With Teeth
A major reason to outsource your infrastructure to the cloud is to free up your business to focus on its core competency. Choose a vendor that has broad capabilities. The public cloud is a commodity. The vendor you choose to work with should treat it as a commodity and provide the expected options. The vendor should understand the capabilities of the different infrastructure options across the cloud and provide you with a hybrid cloud configuration that meets your business needs in regards to availability, recoverability, and performance. The vendor should also offer a service-level agreement (SLA) with substantive financial penalties for failing to meet the obligations of the SLA.
Tip 6: Look for an infrastructure vendor that will provide clear SLAs—with financial penalties for not meeting those SLAs.
Ultimately, it is the infrastructure providers that are the experts. They should be able to architect a hybrid cloud solution that meets your business needs. If they fail to meet those agreed-upon SLAs, the consequences should apply to the vendor as well as the customer.
The Bottom Line on Cloud
The cloud is here to stay. As your business transitions into the cloud, don’t try to do it alone. Work with the experts. Look for an infrastructure partner who is capable of architecting a hybrid cloud solution that meets your availability, recoverability, and performance needs. That vendor should offer security and compliance features to keep your business safe. In the event of an incursion, the vendor should have the ability to address the security breach in a timely and effective manner. The vendor should guarantee these capabilities with clear SLAs that contain real penalties for failure to meet the requirements of those SLAs.
Image courtesy of Shutterstock.