|By Gilad Parann-Nissany||
|November 25, 2014 04:00 AM EST||
Sixteen Tips for Moving Your Workloads to the Cloud
Got a plan for your move to the cloud? If you do, you’re in the minority. According to a recent study, a mere 31 percent of those planning a move to the cloud actually have a strategy for migrating data and applications. The rest don’t.
To avoid the complexity and cost, we recommend heeding the following advice. It’s but a fraction of the endless recommendations we received from cloud experts who offered well-seasoned tips on what to do and not do when you begin planning to move workloads to the cloud.
1. Have a real reason for the migration
“Cloud strategy is often not planned, but rather executed from impulses and desires of certain key individuals,” noted Bob Green (@BobGreenCPACITP), lead partner, business risk and technology services for SingerLewak.
“If your plan’s finish line is ‘the app is running in the cloud,’ you’re doing it wrong,” warned Shlomo Swidler (@ShlomoSwidler), CEO for Orchestratus. “The migration plan needs to include key milestones and goalposts that chart your organization’s improved ability to adjust to changes.”
“You need to have a good reason to migrate existing or develop new workloads to the cloud,” said Terence Ngai (@TerenceCNgai), Head of Cloud Delivery Management for HP. “Don’t be fluffy on the metrics. Be clear on what and how you’re measuring progress and success. You need concrete metrics to show success and credibility of your cloud initiatives.”
“A good CIO serves his or her organization well by taking smart, calculated risks that hold the best potential to move the organization forward,” explained Reed Sheard, vice president for college advancement and CIO of Westmont College.
“Illustrate that the move to the cloud is not simply a lateral shifting of data from bucket A to bucket B, but is instead a tangible demonstration of a company’s progress,” said Steve Prentice (@stevenprentice), senior writer for CloudTweaks. “It’s not just data that’s moving forward; it’s leadership too.”
2. Vet the cloud provider
“A cloud is not an outsourced data center. It’s a collection of compute, network and storage infrastructure that is provisioned and managed via APIs,” noted Sravish Sridhar (@sravish), CEO of Kinvey. “Make sure your cloud provider has a robust set of APIs to control the infrastructure so that you can be truly elastic and cost efficient.”
“You want a secure, integrated, centrally managed and easy-to-use environment, with SLAs around availability and performance, especially at peak demand,” said Azmi Jafarey, CIO at Ipswitch.
“Evaluate providers carefully using a comprehensive framework such as the one at CSMIC,” advised Scott Feuless (@ISG_News), principal consultant with Information Services Group (ISG). “Comparing them is not for the faint of heart. Get help if you need it.”
3. Conduct a cloud impact analysis
“Almost every application migrated to a cloud service has connections with various other applications and systems,” said Pierluigi Paganini (@SecurityAffairs), security researcher for the InfoSec Institute. “It is crucial to preventively evaluate the impact of the migration on these connections.”
“Ensure that workloads are cloud ready,” said Mike Matchett (@smworldbigdata), senior analyst and consultant for Taneja Group, “A thorough cloud review can help identify where complex applications need to be updated to make them both safe and efficient during cloud execution.”
4. Test requirements first
“Running a pilot with an initial provider of interest is a great way to get a deeper understanding of both the provider and the process,” said Ben Trowbridge (@Ben_Trowbridge), founder of Alsbridge,
“Each application has different security requirements, workload profiles, performance requirements, availability requirements, transition requirements, elasticity requirements, technology compatibility requirements, bandwidth requirements and more,” said ISG’s Feuless. “The opportunities to generate revenue and drive efficiency into the business by leveraging the unique capabilities of the cloud also vary by application.”
Ian Apperley (@ianapperley), writer and ICT consultant at whatisitwellington, recommends you “create a ‘Cloud Beachhead’ and then target specific workloads that can be migrated into that environment. The beachhead is the environment that will include security, identity management and other basic ICT functions, which the workloads will need later on.”
“Cloud users can capture the cloud’s economies of scale, save time and limit capital spending by using cloud as an application design center, rather than rearchitecting an existing application to fit cloud,” said Kerpan, who recommends you refine the cloud application once the basic elements of your cloud structure are built.
“With the ubiquity of operations in the cloud, there is a really good chance there is an existing solution that your implementation team can copy and iterate off of to achieve the desired result,” said Scott Teger (@scottteger), vice president of operations for 36 Labs.
6. Get a firm grasp on pricing
“The move to the cloud is about money,” said Bob Plankers (@plankers), a blogger at The Lone Sysadmin. “Know your costs. The hard costs of infrastructure are easy to compute, adding up the money spent on licenses and servers and vendor support. But where is your team’s terrifically expensive staff time spent? How much time is spent keeping legacy systems alive? Or working around problems, double-entering payroll data, manually deleting HR records, restoring files from backup, fixing the HR app icon on 50 desktops and so on? An organization that has visibility into these types of costs can do apples-to-apples comparisons with the costs of hosted, SaaS-type solutions, making the path to the cloud much clearer.”
“If you are already multisite with a hosted infrastructure then cloud vs. hosting is mainly a financial move, so make sure to bring finance in to figure out how to structure the deal,” said Jeffrey Bolden (@jbolden1517), managing partner for Blue Lotus SIDC. “Your finance people may want to structure the deal where you own the servers (with you purchasing in advance or the cloud provider financing) and you sell them back to the cloud provider at the end of the term so you can take depreciation.”
7. Work through your security concerns
In order to stay compliant, you need to ask yourself a lot of questions. HP recommends using third-party sources such as the Cloud Security Alliance Consensus Assessments Initiative Questionnaire to guide you through the process of understanding potential security pitfalls.
In addition, as you’re vetting cloud providers, Robert Moulton (@Seven10Software), CEO of Seven10 Storage Software, recommends you “choose cloud storage offerings that offer multiple layers of security and trust services with the ability to enforce and audit policy on the workloads and data they are storing within a cloud storage environment.”
8. Secure your management console
“I’ve taken to likening the cloud computing console as a rope, from which your entire data center hangs,” said Adrian Sanabria (@Sawaba), senior analyst, enterprise security practice for 451 Research.
Sanabria tells the sad tale of Code Spaces, whose unprotected AWS console was held ransom by attackers. When Code Spaces wouldn’t pay up, the attackers deleted all of their data, thus forcing Code Spaces to close shop.
9. Be wary of cloud lock-in
“There is no point making a big effort to move a workload into a cloud only to have it locked in to a specific cloud provider,” said Taneja Group’s Matchett. “Make sure that you can migrate both data and workloads, using virtualization, fluid migration or container-like solutions if your goal is to take advantage of cloud brokerage opportunities.”
Other experts suggested you just resign yourself to understanding that you will be locked in given the databases you choose, and that the level of services that one cloud provider uses will differ from another. Understand that and make decisions accordingly.
Ask yourself, “Are you making a set of decisions that will cause your code base to only ever be happy on one vendor’s offering,” said Todd Graham (@bluenoseinc), co-founder and CTO of Bluenose. “There are plenty of good reasons to embrace a specific vendor and their tools, but make those decisions actively and ensure your organization is aware of the debt you’re willing to take on vs. avoid.”
“Consider using this situation of ‘cloud lock-in’ to your advantage,” suggested Bruno Scap (@MaseratiGTSport), president of Galeas Consulting. “Explain to the vendor that you understand that your organization will get locked in, and that you are willing to allow it if you receive a discount in return.”
10. Train your staff before and after
“Outsourcing is tempting, just make sure you don’t give up institutional knowledge in the process,” advised Mike Vitale (@TalkPointDotCom), CTO of TalkPoint. “You or someone on your team needs to know how the service works. If the cloud provider offers training sessions, take them up on it.”
“The skills required to migrate an application to the cloud are very different from the skills required to keep it running once there,” said Orchestratus’ Swidler. “Invest in bringing your operations teams up to speed well in advance of the switchover, so they can support the service quality levels your customers expect.”
“Interlace the actual work to move workloads with incremental training as you progress,” suggested Paul Martine (@citrix), CIO for Citrix. “It’s the best way to allow your team to be most effective during the transition.”
11. Don’t go it alone
“There are few things that will cost you more than hiring or dedicating an inexpert developer or sysadmin to perform the move and later having to undo the damage,” said Ryan O’Hara, lead tech, professional services at Linode. “Getting things done right the first time is key.”
“Find an expert consultant who can decipher the tidal wave of cloud options and help you decide which one is going to be best for your company,” advised Scott Maurice (@scottjmaurice), managing partner for Avail Partners. “Look for someone who shops the marketplace daily for cloud service providers.”
“There are a lot of smart people out there who have great experience the last few years moving workloads to the cloud,” said Jonathan Alexander (@vocalocity), CTO for Vonage Business Solutions. “You need these people, you want these people. Have them come train your people on how to do it, then have them come audit progress and provide additional guidance at intervals along the way.”
12. Rethink backup and business continuity
“Cloud infrastructure has downtime too,” noted Kinvey’s Sridhar. “Ensure you have a backup and disaster recovery strategy.”
“Get intimately familiar with the shared responsibility model,” advised Tal Klein (@VirtualTal), vice president of strategy at Adallom. “Cloud adoption is a collaboration between vendor and customer. Design a business continuity plan for the cascading effects of inevitable events like outages and breaches—because recovery from such events in cloud services are vastly different than on-premise.”
“Your chosen IaaS provider may offer what you consider a significant number of POPs, but no matter how large that number, they’ll never be as distributed as your end users,” noted Gary Ballabio (@ballabio), product line director, Enterprise Cloud Solutions for Akamai. “Downtime is a reality. Architect applications to allow for failover to alternate regions, or even alternative cloud providers if possible to ensure availability.”
13. Start small
“Low- to medium-security workloads, those without stringent latency requirements, and where the workload is elastic with variable traffic, will work well,” said Ipswitch’s Jafarey.
“These small applications give business and technology employees confidence in their ability to use and move business apps to a cloud environment,” said Bill Schrier (@BillSchrier), senior policy advisor for the State of Washington Office of the CIO.
“When you use the cloud you are ‘outsourcing’ your compute and your data to a provider’s infrastructure, but you must not ‘outsource’ the ownership of your data,” said Gilad Parann-Nissany (@Porticor), founder and CEO of Porticor.
15. Your migration can be delayed by months due to bandwidth
“If you’re moving terabytes or petabytes of data, remember that will take time. Probably on the order of days,” warned Madison Logic’s Herschberg.
“Have a contingency or business continuity plan in place in case the ‘move’ to cloud takes longer than expected or doesn’t go according to plan,” advised Alex Rayter, principal for Phoenix 2.0.
“Look hard at data migration time and costs. It may not be practical to move large data sets (terabytes to petabytes) to the public cloud, making it difficult to move those workloads,” said Rob Clyde (@AdaptiveMoab), international vice president of ISACA and CEO of Adaptive Computing. “A private cloud or hybrid cloud approach is probably more appropriate in such cases.”
16. Automate, automate, automate
“Companies should strive to automate as many of the essential migration project steps as possible—including sales, planning, migration and on-site phases,” said Todd Schwartz (@GetSkyKick), co-founder and co-CEO of SkyKick. “Doing so will help reduce project risk and complexity, and simplify the management of the migration project.”
“The primary benefit of the cloud is the ability for your infrastructure to be mapped into code,” said Adam Duro (@ZehnerGroup), CIO at ZehnerGroup. “Without a coded configuration, every buildup and breakdown will require redundant and manual work by your engineers.”
“Automate everything you can, as you may have to do this several times over the lifecycle of your service,” advised Christian Verstraete (@christianve), Chief Technologist, Cloud, for HP.
Conclusion: Understand the opportunities of the cloud
The one piece of advice we heard from every expert is that cloud adoption is a journey and you should not expect to fully understand it on day one, day 23 or day 223. It’s an evolving process, and sharing knowledge with others who are ahead of you in the journey will be to your great benefit.
If you’re already a few steps into the cloud migration path, please share your experience in the comments below. Thanks.
- Database Security in the Cloud
- Disruptive Innovations and the 'Internet of Things' | @ThingsExpo [#IoT]
- Securing Cloud Data from Cybercrime, Intrusion and Surveillance
- Cloud Computing Security Issues and Challenges By @GiladPN | @CloudExpo [#Cloud]
- MySQL in the Cloud
- Cloud Security – Implementing a Secure Cloud Backup Case Study
- Four Great Tips: Cloud Security for Big Data
- Answering Common Cloud Security Questions from CIOs
- Securing Your ‘Data at Rest’ in the Cloud
- Encrypted Cloud Storage – The Missing Piece