Cloud Migration: Frequently Asked Questions (FAQ)

What are the benefits of Cloud?

There are many benefits of adopting Cloud based software, some of the top ones being:

• Cost – cloud computing provides a pay-as-you-go model so that you can utilise resource as and when you need it.
• Flexibility – In addition to the above, cloud computing allows users to increase and also reduce the resource they need as and when they need it.

What is the difference between cloud and traditional data centres?

The key difference between the cloud and traditional datacentres is that traditional data centres are usually on-premise at an organisations office location.

Cloud refers to datacentres that are managed by a cloud service provider (CSP) from a central location(s) and are accessed and managed over the internet rather than an internal network.

What’s the difference between hybrid cloud and multi-cloud?

Multi-cloud is where organisations use multiple public cloud service providers. An example of this may be if an organisation wants to create a disaster recovery plan, using multiple public cloud service providers to ensure they minimise the risk of using just one CSP.

Hybrid cloud is where organisations use a mixture of both public and private cloud. An example of this may be if the organisation has some systems that don’t use or store any sensitive information, public cloud would be applicable and vice versa for private cloud.

What does my organisation need to do to prepare for a move to the cloud?

You should gain a full understanding of:

• The drivers/motivation to move to the cloud.
• Does cloud computing work for your business model?
• Does your organisation have the expertise to implement and manage your estate in the cloud?

Some organisations implement a ‘lift and shift’ approach to the cloud, which is not always the right approach. When moving to the cloud, core business processes and policies will likely need to change, so an understanding, documentation and risk assessment of these policies is recommended.

What are the top considerations when migrating to the cloud?

Some of the top considerations for organisations when moving to the cloud include security, data protection, resilience and availability. Extensive research has shown that security is the number one concern regarding moving to the cloud. Cloud Service Providers (CSPs) have excellent security features that aim to minimise security risks, which in a lot of circumstances far outweigh the security features available for on-premise solutions. CSPs provide organisations with the building blocks to create their own security and organisations utilising third-party hosted software should ensure security is implemented and monitored correctly.

How can my organisation develop a cloud strategy?

Understand your organisation's drivers for moving to the cloud and then select a cloud strategy that will support this. There are many successful and failed use cases of organisations moving to the cloud. Research these, learn from them and then develop a strategy specifically to suit the needs of your organisation.

What workloads should I move to the cloud?

Not all workloads are currently applicable for the cloud, although this is constantly changing due to new technologies being introduced by cloud software suppliers. If your organisation is starting its cloud journey, you may want to start small. Select a particular business unit, department or a set of applications and migrate these to the cloud-first.

What are some of the common mistakes organisations make when moving to the cloud?

Assuming security and software resilience is handled for you. A lot of organisations assume that when utilising third-party cloud-based software the responsibility for software security and resilience is solely the software suppliers which is simply not the case.

Strong security and application availability can be implemented without a doubt but this does not come as standard and protection levels can vary so organisations should take steps to mitigate against these risks themselves. Secondly is concerning the cost of the cloud. It is widely known that utilising cloud resources is cheaper than procuring the hardware yourself, however, there are some use cases where organisations have been caught out with poorly planned or unexpected costs.

How do we ensure our environment and data is secure?

As mentioned earlier, CSPs and software suppliers offer the building blocks from which organisations can build up their security on the platform to suit their needs. After adding the security, maintaining continuous monitoring is equally important - having facilities such as a Security Operations Team or Security Operations Centre (SOC) that monitors activity within an organisations cloud infrastructure to identify and remediate any irregular activity is certainly recommended.

How can we protect ourselves against supplier failure and downtime?

There are several mechanisms where organisations can protect against supply chain disruption including:

• Software availability: Organisations should be mitigating against the viable risk of their software supplier no longer being able to provide its service by implementing an escrow solution to ensure access to and resilience of the cloud application.
• Availability: Organisations should utilise the availability tools provided by CSPs so that in the event of data centre downtime the service could still be available from another region.
• Backup: Organisations should look to implement agreements with their cloud software supplier where their data is backed up and provided to them regularly. This option doesn’t protect against the software supplier no longer being available to provide data backups so organisations should incorporate a third-party cloud escrow arrangement to mitigate against the risk of software supplier failure.

Do I need a Software Resilience strategy for my cloud-based software?

There is a sliding scale of software resilience solutions for applications hosted in the cloud. It is recommended that all cloud software should be protected by a cloud software escrow agreement as a minimum to ensure resilience. Most organisations will focus on their mid to high-level critical applications as a starting point since the failure of these could have the greatest negative impact to the business.

In addition to a cloud escrow agreement, it is equally important to understand the cloud environment, the application and how it runs in this environment. For any mid to high-level criticality applications, a level of verification to provide the documentation on the above is strongly recommended.

How do I plan for and manage the cost of the cloud?

With traditional/on-premise infrastructures, organisations usually have to procure software on a CapEx basis, whereas cloud computing can be run on an OpEx basis which can be much more favourable for organisations who don’t want to invest upfront, but rather as and when they need to. Most cloud providers have very good tools that enable organisations to estimate costs based on their usage of cloud resources. We recommend that organisations do their research and estimate cloud spend over a longer time period to understand exactly what both your migration and ongoing costs will be.