Managing The Risks From Cloud Computing

Cloud Security

I’ll begin with an apology for being yet another person talking about “The Cloud”, but there is a reason. I recently read a post that talked about how SMBs weren’t flocking to Cloud services and I thought it was interesting that reliability came up as one concern.

Of course, for many of you adopting Cloud services (SaaS in particular) isn’t something you can stop – the business users are pushing it, and you either get on board or get sidelined – and nobody likes the latter. So here are a few thoughts on being a partner with the business when it comes to adopting any Cloud services.

1. Pick a reputable vendor to use

You want to know if they have SLAs, what support options they have, what monitoring they provide to you (if any) – and get this data, not so you can say no to every vendor, but more so you know where you need to fill in the gaps.

2. Understand the ‘delivery chain’ for the service

We all know that while the provider is one piece of the puzzle, you’re relying on the public Internet, your network, and the user devices to create a good user experience. So make sure that there aren’t bottlenecks outside of the provider that are going to cause a problem.

3. Monitor, monitor, monitor

Ok, so you can’t fix every problem when it comes up, but you can be the point person in the organization who works with the providers to get problems fixed when they come up.

I suspect many of you already knew #1 and #2, but how do you go about #3? We see a few mechanisms being used. Monitor the network and reachability of the service providers. From a pure network standpoint you can do this with something like IPSLA Manager which uses Cisco’s often overlooked IPSLA technology that’s built into most of their routers to periodically test the response time of various protocols between 2 points.

This will give you the baseline of network connectivity and latency to the provider and is typically the minimum bar for monitoring. If you want to go further you may consider monitoring the performance of the web application using synthetic transactions. Synthetic transactions allow you to playback common application flows (such as a login and search) every few minutes and allow you to see if those transactions are slowing down or if they’re not available.

Combined these two approaches can give you a view of whether your Cloud service is available to your users and if it’s not give you some perspective on whether it’s something you control in the delivery chain (like your network) or whether it’s something you need to call your provider about. Hopefully this gives you a little more confidence in your ability to help the business adopt Cloud services.

Sanjay Castelino is SolarWinds' VP of Product Marketing. He is a long time technologist and a geek at heart. His path to SolarWinds has taken him through hardware design, software engineering, and finally product marketing.