What It Takes To Transition To Cloud Computing
By Pankaj Sabnis, Principal Architect – Cloud Computing, Blue Star Infotech
Too many devices clouding your organisation – What it takes to transition to Cloud Computing?
Cloud Migration is the process of moving an organization’s data, applications and other elements of the IT from on premise facilities to cloud. A transition to cloud involves the usual IT issues primarily raising from the fact that the data and applications are stored and managed remotely. When an organization embarks a cloud migration process, they need to consider many aspects like privacy, security, interoperability, business continuity and how the cloud embeds seamlessly into their IT organization. Cloud Migration is a journey rather than a process.
Let’s look at what is driving Enterprises to employ cloud platforms. Innovation is happening at a much rapid pace in IT industry and Enterprises can no longer remain stranger to it. The key themes for most IT departments in coming years would be in cloud, mobile, collaboration and analytics.
The cloud has revolutionized the technology landscape, and is providing enterprises new abilities to deliver technology solutions to their users.
With constant changes in technology and continuous demands on hardware and software provisioning, IT departments face a constant challenge in catering to ongoing needs and meeting business demands in a timely and cost-effective manner. With the cloud, some of these challenges can be easily overcome. From a financial standpoint, for those organizations interested in converting Capex to Opex, the cloud provides the biggest advantage as it works on a pay-per-use model. For those organizations requiring a more dynamic environment, the cloud provides flexibility and ability to quickly ramp-up with on-demand provisioning or change over without significant overheads or loss of time. In addition, it also provides other benefits such as enhanced security and better performance due to the larger scale that a cloud provider operates in. It eliminates the spectre of ageing which most IT organizations face every now and then.
Apart from the above, it also eliminates the need for enterprises to maintain a large team of people for administrating the infrastructure.
Cloud is a delivery model and there are multiple ways to move the IT Infrastructure to Cloud –
Co-location hosting (where we rent a space at the data center and manage it ourselves)
Using public IaaS cloud such as AWS (while we pay for the space, the provider manages our infrastructure) Subscribe to a SaaS application and let the provider manage both applications & hardware for you
Key points to be taken care while moving IT Infrastructure to a third-party Cloud –
Choosing the right model that your business needs
While moving to cloud it is important to choose a model – Public Cloud, Private Cloud and Hybrid Cloud after assessing your business requirement. This depends on the control vs governance policy that an organization would want to have on its infrastructure, post moving to Cloud. Private cloud provides maximum control while public cloud provides a lot of governance with maximum agility and scalability. Organizations need to analyze if they can get the best of both by extending private to public (hybrid cloud).
Cloud computing follows a utility based pricing model that frees you from your worries regarding optimum utilisation of the infrastructure and its capability to support peak hour requirement. While appointing a vendor, you should assess the billing rate (for peak and normal hours), whether the vendor charges a fixed cost for initial set-up, mentions a minimum contract period, minimum charges for compute and storage monthly. All these will take up the average cost on an upper side. Though cloud is looked at more from cost saving perspective, you should assess in the long run how feasible it is for the organisation.
Selecting the right vendor
Selecting a right vendor is crucial as you are moving your server and your data to a third party. You also lose control to a great extent, and with a wrong partner, it may be a disaster. It is essential that you assess the right vendors and go through a rigorous evaluation process once you have decided to move forward.
Service Level Agreements (SLAs)
SLA’s of the cloud service provider needs to be analysed thoroughly by reading the fine print and all clauses (with regard to security, maintenance and support services) should be clearly defined to avoid any confusion. Also look for third-parties involved in the operation and ensure that they are covered as well. Performance of the cloud provider needs to be assessed through a small POC. E.g. some providers provide 99.9% availability while some provide 99.95% availability. The higher the availability assurance, the higher the price. You need to determine what the minimum level of assurance you need, perform a cost-benefit analysis and make an appropriate choice.
It is very important for the provider to provide the relevant support services along with a clear picture of the probable outages that may occur. The vendor should have a qualified team of engineers who will be able to provide 24X7 support. Support services are an important aspect while moving to cloud, and it would be wiser to choose a vendor who can provide the requisite bandwidth. Cloud providers like Amazon Web Services and Microsoft Windows Azure offer a graded paid support service. Based on the criticality of the applications/data and the business needs, the right support option needs to be subscribed to.
As we all know, managers are hesitant to move to cloud as they lose control on their crucial data, so it is very essential that we chose a provider who maintains transparency in terms of where the server will reside, what security measures will be taken, who all will be assessing the data from their end, and how do they authenticate those engineers, etc.
A thorough due-diligence of security needs to be done before selecting the provider. Security being one of the key aspects while moving to cloud, vendor’s security infrastructure and expertise need to be assessed. Though it is claimed that the cloud service providers maintain a high level of security in compliance with international standards, it is very essential for the users to be confident about vendor’s security approach, data centre reliability, number of engineers accessing the data and the like. Many large cloud service providers are SAS 70 Type II, FISMA, and ISO 27001 certified, and are audited by independent, third-party security organizations.
The vendor must be compliant to industry specific regulations. Ensure that your cloud service provider meets all such needs as per your business requirement. In some cases the location of your data matters (legal compliance). So it’s important to find out those aspects in details. E.g. if you are into healthcare domain providing services in USA, you need to comply to HIPAA and HITECH act, which are U.S. laws that apply to most doctors’ offices, hospitals, health insurance companies, and other companies involved in the healthcare industry that may have access to patient information (called Protected Health Information or PHI). Microsoft is now offering HIPAA BAA (Business Associate Agreement) compliance guarantees on a number of Windows Azure core services. The BAA is a standard contract clause that is mandatory whenever a contract involves the use or disclosure of PHI.
A Cloud migration journey has to start from understanding the organization’s goals and business objectives. Any activity in the migration journey has to strategically align to these business objectives. Some enterprises may be looking at agility, some may look at cost optimization, while some may be looking at global expansion. Each of these needs will drive the cloud migration roadmap for an enterprise. The cloud adoption has to overall align with the Enterprise Architecture.
Not all applications are suited for cloud. Hence, a thorough application portfolio assessment is needed with inter-dependencies clearly understood to define the cloud roadmap. The Roadmap is a long term vision based on which we can derive the short, mid and long term plans. The risks have to be evaluated, mitigation plans put in place before you start the actual migration. The complexity of the migration and the potential ROI it can deliver can also form the basis of the overall assessment. There may be need to do short proof-of-concepts and develop technical alternatives if you encounter any hindrances.
Once all the stakeholders have a buy-in on the roadmap, you need to start the migration process one application at a time. At times, it may even make sense to move a part of the application to cloud, test it and then move the other parts one by one. This can ensure reduced risks where-in you test the reliability of the overall system at each stage.
Cloud migrations should start small and then grow. At each stage the IT leadership should be able to demonstrate the alignment to the organization’s objectives. IT departments need to embrace the cultural change where they have to give up their tight control on data and applications and embrace better governance mechanisms in cloud.
SMAC is about integration of Social, Media, Analytics and Cloud Computing to support the new Enterprise IT model which focuses on delivering services in a cost-effective manner and is the new way forward for businesses. Enterprises will focus on adopting SMAC to grow revenues through the new sales channels like mobile devices and social media while trying to bring in operational efficiency and an intuitive customer experience. Cloud will be the de-facto delivery model as CIO’s focus to deliver the services to its customers in a cheaper, faster and more intuitive way.