In just a few years, we have seen acceptance of public cloud shift fairly dramatically from concern and skepticism to eagerly embracing the opportunities afforded. Five years ago, many of our hosted clients wanted to know that Unicon (and indirectly, they) had physical control of the data, servers, and other infrastructure. Today, confidence in cloud providers to deliver the highest levels of security and reliability led us to migrate all of our remaining colo (colocation) customers into Amazon Web Services (AWS). In most cases, those conversations were generally an enthusiastic “It’s a no-brainer, let’s go!”
“Let’s go!” quickly turns to questions of what, when, who, how, and why. There are a myriad of valid approaches to adopting cloud, ranging from tactical reasons to full-on, strategic “all in” approaches. Giving consideration to strategic questions can help provide a framework for the decision-making that follows.
Below are samples of topics for your IT team to consider as they start to develop a cloud strategy.
1. What is the Big Driver?
Are the primary motivations lowering cost (if so, capex, opex, or both)? Is it to improve service levels, improve agility, avoid a massive technology refresh (aging data center or other infrastructure)? Alternatively, is the goal more tactical – get your feet wet and learn? Really tease out the big “why” and keep that as a touchstone for the decision-making to follow.
2. How will It Fit with Enterprise Architecture?
How is the cloud environment going to fit into the overall enterprise’s technical architecture? What key processes or workflows may need to span the current infrastructure/solutions and the cloud? Also, how will that evolve or change over time? Does this change key data architectures that support critical missions such as compliance, accreditation, and financial controls?
3. “All in” or “What fits?”
This can actually cover a range of guiding principles. “All in” can mean fully moving all infrastructure to the cloud, but it can also refer to “all in” on a particular solution leveraging all of the chosen vendor’s services and solutions versus just deploying basic compute and “rolling your own” from there. The trade-offs here are fairly obvious: lower effort, possibly lower costs, and improved reliability at the expense of high switching costs. Also, do you just “lift and shift” and then evolve applications to become more “cloud native” over time? Giving some thought to these in advance, and involving the application architects/teams in developing the guiding principles here will also help clarify the approach.
4. Does Security Cover the Data?
Obviously, security is a big topic. Be sure to consider how the current security strategy can be implemented in the cloud or if it will need revision. Do the potential vendors support the security constructs, certifications, and features required for the workloads and data you will be moving? Your security team may need to conduct or update the enterprise risk analysis to identify new or different risks and engage in the appropriate discussions to address them. Your security team may need to become familiar with cloud-specific controls such as the Cloud Security Alliance Cloud Controls Matrix to help manage cloud risks.