Tips for Organizations Heading to the Cloud

Thursday, February 09, 2012

Ben Kepes


In my travels speaking with organizations looking to move to the Cloud, I’m often confronted by folks who have an innate distrust of all things Cloud.

These folks are easy to deals with; I respect their opinion (despite entirely disagreeing with it) and am happy enough to leave them alone to (eventually) come to rational conclusions themselves.

The other classes of people however are those who are open to looking at new approaches, but who want to hear how to do it, along with some tips and tricks for what to look for in their deliberations.

I was stoked to receive an email recently from Stan Klimoff, Director of Cloud Services for Grid Dynamics. In his email, Klimoff sent through a series of simple tips that he uses when talking to folks about a move to the Cloud.

Without further ado then, here follows Klimoff’s four tips for organizations heading to the Cloud;

1.    Identify business processes that can benefit from using the Cloud. For each business process, one should keep in mind the reason to use the Cloud in the first place. Possible reasons for using the Cloud include:

• Cost
• Business agility
• SLAs

2.    Break down the IT processes and applications that support your business processes identified in the previous steps into classes according to the benefits that you want to receive from transition to the Cloud. Depending on what the goal is, the approach will also vary.

3.    Analyze the following items to avoid potential road blocks.

•    Identify the data that is touched by each IT process. Is there any data that has to stay in-house for security or compliance reasons? You may need to change IT processes so the sensitive data is not affected by the transition.

•    Analyze data access patterns. Data-intensive applications are usually not the best fit for a Cloud, unless you plan to put all of your data in the Cloud.

•    Identify security domains. As with any external provider, one should always treat the Cloud as a separate security domain. What is less obvious is that there are different security domains within Cloud itself. Do you need to satisfy PCI DSS requirements? Can your Cloud provider give you guarantees on the data boundaries?

•    Determine availability and reliability targets. Not all of the Cloud providers provide strict SLAs on availability and even when they do, those can be misunderstood (as happened with the notorious Amazon outage earlier this year). However, applications that are more tolerant to weaker availability SLAs can be a good fit.

4.    Calculate total cost.

It’s a good first step; I’d argue with Klimoff’s focus on total cost however, I’ve long said the value from a move to the Clouds goes well beyond any cost savings. The first three points however are spot on and worth using for organizations considering a move to the Cloud.

I’d be interested to hear the tests and processes that others use when talking with organizations making the change – feel free to join in the conversation!

We’re covering these areas of Cloud Computing on an ongoing basis at CloudU, an educational series aimed at increasing the knowledge and skill that SMBs have about the Cloud.

Cross-posted from Diversity

Possibly Related Articles:
Cloud Security
Service Provider
Compliance Cloud Security Enterprise Security Budgets Application Security Cloud Computing Managed Services Data Recovery Service Level Agreement vendors Data Protection Ben Kepes
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked