A CIO’s Roadmap to a Successful Cloud Migration, Part I
One of the most widely discussed topics in IT today is making the move to the Cloud. Most organizations that consider the journey into cloud computing seek gaining quick access to new services, platforms and toolsets – while stabilizing sprawling IT costs. Cloud may solve many objectives for the right workloads, but I’m hard pressed even as a cloud service provider – and most analysts would agree – to say that every single workload type should move to the cloud. So what’s the CIO-level roadmap to determine which workloads move when?
Executing a migration to the Cloud requires meticulous upfront planning and a thorough understanding of which workloads make sense to move (why), which cloud(s), how and when? Enterprises must determine when and how they will migrate, and strike a balance between what will be managed internally and what will be managed externally through a trusted managed services partner. Each company’s ability to successfully transition depends heavily on many variables, including: the level of understanding of the existing environment, the application/IP/licensing strategies, plus the internal IT resources, skillsets and desired long-term capabilities.
The process of deciding whether or when to migrate to the cloud can be daunting. To help you, here are 5 key considerations for migrating to the cloud.
- Matching the right workload requirements to an effective cloud option. One of the first considerations when migrating to cloud is your deployment model for each application workload. Which fits appropriately in a private, public or hybrid cloud vs. makes sense to stay on premise edge compute. Factors to consider when placing workloads into the right model include:
- Data Compliance Requirements – where is the data stored and accessed from and what data compliance requirements must be upheld? Who is allowed to service each data region and from where?
- Lock-in and Licensing – How does your cloud provider play well (or not at all) with your application provider? What leverage is your company maintaining to control costs now and in the future? How quickly could you adjust course if an application or cloud provider changed its interdependent licensing models? There’s many examples if you look around at how SAP, Oracle, Microsoft, VMware, Amazon, and many more have made either close partners or complete enemies with one another – and clients end up paying the bill, or lacking true long term support, depending on which applications they are running on which infrastructure. Fun to watch and be part of as the OEM ‘cloud wars’ continue for years to come.
- Elasticity and Stability – how does each workload need to scale vertically and horizontally? When evaluating cloud providers (even public) be sure to understand how each model can scale up/down and out incrementally. It’s surprising, even with some public cloud IaaS, the limits of incrementally adding compute resources in smaller increments – and in some application-specific clouds how the “cloud” may be reliant upon physically dedicate hardware with little/no true elasticity.
- Latency & Performance Requirements to Connected Systems – one of the largest drivers towards keeping systems on premise is a requirement for extremely low latency processing for workloads that support real time decision making, like healthcare, IoT and automated machinery – hence the trend towards Edge Computing (thankfully the industry started introducing non-Cloud language to make a distinction with a modern on premise compute infrastructure, albeit this is still consider hybrid cloud, I digress).
- SLA Requirements – if one component, system or data center has issues, what recourse and leverage do you have to hold the cloud provider accountable? Are they able to protect your up-stack applications and services being provided? What about each of the services elements; how are services covered in the SLA?
- Backup and Disaster Recovery – While sometimes it makes sense to have two or three completely replicated environments globally, it’s often cost-prohibitive and having a proven and tested disaster recovery plan is essential regardless of how the technology works today – it must be tested and retested to keep up with change.
- Financial Strategy – How might your Capex and Opex preferences change over time? Savings on infrastructure doesn’t help it the overall costs to operate (services, application, tools, etc.) go up elsewhere. What licensing agreements does your company have in place that you might already be able to leverage with a cloud provider software assurance (SA)?
- On-Premise or Cloud Provider (who will maintain your cloud environment?) – you must consider who will maintain your cloud environment – your internal IT team or a managed cloud services provider? Does your IT team have the expertise to maintain your cloud environment? Do you need a team to simply augment your existing team? Cloud providers allow enterprises to benefit from economies of scale, flexibility and scalability.
- Cloud Security and Compliance – When storing data in the cloud, the cloud infrastructure must be secured. You must consider your organization’s security requirements. Does your industry have specific compliance requirements? If so, you must ensure that your provider can facilitate compliance with your obligations. If you plan to go with a third-party cloud provider, what does the provider guarantee in terms of the security and safety of authentication and authorization? How much control will you have over the configuration of security features? This is an important business consideration since your customers depend on your compliance.
- Infrastructure Availability – is your current infrastructure optimized for the cloud or is the infrastructure of the MSP ready for your workload? Also, cloud data center location is an important consideration. Do you have data location restrictions, or do most of your users reside in a specific geographical region? Make sure the service level agreements (SLAs) meet your business requirements.
- Testing HA, Backup/Restore and Disaster Recovery Separately (and often) – Successful migration to a cloud environment requires an understanding of the disaster recovery requirements and features in a cloud-based model. Many cloud providers suggest an always-on design though it needs to be tempered with the TCO of licensing as it relates to the application and transaction network costs. What are your current backup and retention policies? Do they fit with your cloud provider? Manage Cloud Service providers may have standard backup policies with some level of customization. It is worth it to have a look at those and see if they are suitable for your company before they become a potential roadblock.
You’ll want to pay attention to retention frequency, backup type, recovery time objectives (RTO) and recovery point objective (RPO) and define how much time you are willing to allow for data restoration. Each safeguard method should be tested and monitored frequently, as applications and changes happen more frequently in a cloud-environment the importance of having a Plan B – perhaps a multi-cloud strategy for DR – is more crucial than ever.
I hope that I have covered crucial areas when considering a move to a cloud platform. In specific situations, there may be additional areas of concern, but in general, careful planning and detailed deliberations are essential for a move to the Cloud to be successful.
Through a carefully phased approach, enterprises must define and achieve a cloud transition roadmap to realize reduced time to value, save money, mitigate risks, and overcome valuable internal resource constraints, while leveraging the very best in cloud.
This is part one of executing a move to the Cloud. Part II of this blog will focus on how to choose an MSP….to be continued….
Nick Ilitch is the VP, Product at Secure-24.