Preparing for the cloud - laying the foundations for success
Cloud-based services offer many benefits, including: greater agility, reduced capital expenditure, ease of management and the ability to facilitate mobility - and C-level executives are eager to leverage these benefits within their organisations. However, migrating to the cloud is not simply a matter of changing from one solution to another. After assessing the viability of a cloud solution, it is vital to put the correct foundations in place and have a clear road map for the complete migration before beginning, in order to ensure maximum returns and minimal disruption.
Gartner defines cloud computing as a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service to customers using internet technologies. In order for a service to be categorised as 'cloud' it must have certain cloud-essential characteristics, defined by the National Institute of Standards and Technology (NIST), which are: on-demand self-service; broad network access; resource pooling; rapid elasticity; and measured service.
Cloud computing, by its very definition, offers a number of benefits to the enterprise; however, it also represents a significant change, not only in technology, but also in the way people perform tasks, the way processes are managed and executed, and even potentially the way organisations are structured and the job roles of employees. As a result, there are several key factors that must be considered before, during and after a cloud migration. These include: security and control; bandwidth; the cloud deployment model (public versus private cloud); the actual migration processes; change management; and the people, processes and structure of the organisation.
The first consideration
Security should always be the first consideration when looking to migrate to any externally provisioned IT service, such as the cloud. Organisations should look for a Cloud Service Provider (CSP) that has applied mature security technologies to cloud models and addressed a number of facets. Firstly, all layers should be secure. This includes the network, storage, server, hypervisor, application and data layers. Data should be adequately segregated to provide confidentiality, and the integrity and availability of the data should also be preserved. Customers should ask what will happen to their data in the event of a failure and request a list of the CSP's vendors and their roles with regards to the data.
The CSP is responsible for almost all security functionality when it comes to Software as a Service (SaaS) models, so it is important to understand where the roles and responsibilities lie. In addition, CSP's need to comply with the Protection of Personal Information (PoPI) Act, be transparent and provide evidence of the quality of their security. Due to the critical nature of security, it may be advisable to obtain the services of a third-party expert to perform due diligence, or to outsource active defence to a Security Operations Centre (SOC), which will alert to any security issues for a prompt response.
In addition to security, bandwidth is another critical aspect of any cloud deployment, as the cloud relies upon sufficient available connectivity to deliver the user experience. If bandwidth is insufficient, organisations will be unable to access their cloud services, which could have a significant negative impact on the business and its ability to be productive and profitable. In addition, bandwidth speed and quality are critical for certain applications. Latency will negatively affect some cloud services, for example VoIP services, virtual desktop applications or media streaming.
Another key decision
Deciding which cloud deployment model to use is another key decision. The private cloud is often the first choice for most large organisations due to the isolation it provides. However, for some applications, specifically SaaS, the public cloud may be more efficient and cost effective. In many instances, using a combination of private and public clouds may be the optimal approach. For example, an organisation may wish to store company data on a private cloud and burst into the public cloud during peak periods, or use a hybrid model for load balancing. For these reasons, private clouds are likely to evolve into hybrid clouds - it is no longer a question of public versus private, but about which deployment model is best suited for which application and how the hybrid cloud will integrate into current IT systems.
When it comes to the actual migration, the most significant challenge is a lack of best practice. Cloud adoption and implementation are still relatively new, and the processes for migration are still being developed. In order to ensure the greatest chance of success, it is important to have a thorough understanding of the current systems, especially as cloud systems tend to be less well proven and understood. The first step in planning a migration should be to define the business requirements clearly. This is extremely important, as it is vital to assess the options, costs and risks properly. An exhaustive total cost of ownership exercise should follow to ensure cloud is the appropriate solution, where technical, process and organisational aspects should be considered. In addition, a systematic risk assessment should be carried out, with design, implementation and operation phases evaluated as part of the process. If a cloud migration is planned and structured properly, downtime can be negligible - and any downtime should always be planned for off-peak periods to minimise disruption. A roll-back plan is an essential step in case anything goes wrong, so systems can be returned to their previous state for continued functionality while problems are ironed out. In addition, change management, communication and stakeholder engagement are crucial.
Core systems need to be migrated
Many organisations begin the move to the cloud with applications such as Microsoft Exchange because they are fairly straightforward, and a move to, for example, Office 365, will provide access to additional mobility features. However, while peripheral and more generic applications such as email and CRM are often the first services to be migrated into the cloud, these are not where the real business benefits lie. To realise higher business efficiency, core systems need to be migrated. However, these are the applications where there is a need for integration and customisation, as well as process level integration, which significantly complicates the process.
Integration is a huge undertaking and should be done in partnership with the CSP and third-party experts, if necessary. The ability of the people performing the migration needs to be examined, as well as a track record of migration and testing in a similar environment. It is advisable to run the legacy and migrated systems in parallel if they are critical. For less critical environments, for example test and development, it may not be cost effective to maintain more than one system at a time. By partnering with an expert third-party service provider, organisations will be better able to determine which systems should be migrated in parallel and which can be switched over. Third-party experts are in a position to provide the in-depth and focussed services required to make applications such as contact centres (inbound and outbound) and ERP services work properly, which many CSPs are not able to do.
One final consideration to bear in mind is the need for change management. This is an essential step, and one that is often overlooked as a result of a singular focus on the technology. The reality, however, is that technology is often much simpler to transform than mindsets. The barriers working against cloud adoption are coming down slowly and soon things like security will not hinder cloud usage. However, people's functions will likely need to change; perhaps the company will need fewer people to achieve the same outcomes, the company's organisational structure might need to be adjusted, processes will need to be more agile and company culture will need to embrace the flexibility of cloud. These can often be huge challenges and should not be disregarded.
Cloud service adoption should always be conducted with extreme care as one size does not always fit all. Leveraging a partnership with an expert third-party provider can help to ease the complexity, ensure that the migration path runs as smoothly as possible, and deliver maximum returns with minimum disruption or downtime.