Moving To The Cloud: 5 Areas Enterprises Must Address

Moving To The Cloud

CIOs and IT managers are turning to the cloud in droves, with Gartner suggesting that cloud computing will be a $207 billion industry by 2016. But as with any new deployment or implementation IT needs to approach cloud investment with its eyes wide open. When moving more IT to the cloud there are a number of areas enterprises must address:

1. Service Level Agreements (SLAs)

Define the SLA required should be defined and the options available compared against the opportunities, risks and costs. A balanced approach should be ensured to managing the risks and carry out scenario planning with cloud service providers.

The SLAs required can vary from business-to-business. Some organisations have business critical IT to deliver and may need very high service levels. In these circumstances the public cloud may not give it sufficient cover, as the cloud service providers can’t guarantee the end-to-end performance if the delivery is relying on the Internet. However, if availability isn’t business critical then a cloud service option may be good enough and will be far cheaper.

2. Data Protection

It is vital that data strategy, standards and policies are documented before making the decision to move services into the cloud. An organisation will have data which is a vital asset for the business, perhaps containing IP (intellectual property), personal data and commercially or regulatory sensitive information.

It is paramount that organisations can articulate their data protection requirements to the cloud service providers clearly to secure these assets. The organisation cannot abdicate responsibility for managing and protecting its data. It must ensure a cloud service provider can demonstrate how they will help mitigate the risks.

3. Virtualisation

The risks and options need to be weighed carefully in a heavily virtualised cloud environment. Virtual computing is already widely adopted within many organisations. and the challenges of managing IT support for applications are largely understood within the confines of the enterprise.

However, part of the value in moving to the cloud is that it uses virtual servers (potentially multi-tenanted) in co-located environments at scale. The risk profile of virtualisation and co-location needs to be understood and mitigated. Different ways to mitigate the risk of co-located environments could be physical segregation with hybrid or private cloud environments.

4. Performance Management

The application design needs to be focused on to ensure they are able to test, measure and tune the performance without necessarily having sight of the end-to-end delivery. Historically organisations have struggled with measuring performance of applications in the traditional enterprise as commercially available tools are limited. As such a compromise on accuracy has to be accepted or a bespoke measurement tool developed and deployed. Any IT manager will know bespoke means expensive, both to design and run, and the task of measurement becomes even more difficult in the cloud.

5. Security

Robust security policies must be in place. Organisations need to work closely withcloud service providers to get alignment and potential improvements in their risk profile.

Security in the cloud is a huge topic in its own right with many elements to consider. Both users and vendors have to take into account the fact hackers are becoming ever more sophisticated and able to exploit all manner of vulnerabilities. Denial of service (DoS) attacks are rife and can be extremely disruptive and costly. In the cloud, which is heavily virtualised, cloud service providers have been investing in security to protect themselves and their clients. That investment has been more significant and better targeted than organisations may have been able to provide individually.

Consequently there have been some major advances, particularly in the protection of virtualised services. Having this investment and protection added to an organisation’s on premise security firewalls is complimentary and beneficial in the war against hackers. Web based applications are arguably one of the largest security vulnerabilities.

With more people and businesses making use of social media, the cloud service providers must be able to allow access to sites such as Facebook but still be able to block access to elements such as gaming. Irrespective of moving services to the cloud, organisations must ensure their security policies cover their staff’s responsibilities.

With thorough preparation IT managers and CIOs can reap the rewards of transitioning to the cloud. However without negotiation, preparation and risk assessment along the way the benefits of the cloud could be lost to high costs and poor control.

Pat Phillips

Pat Phillips is a very experienced service director with over 27 years spent in the IT industry. He has held a variety of senior roles at Thomson Reuters and the Metropolitan Police Service where he built considerable expertise in most aspects of IT, more recently with a particular focus in business management and creating strategy. At Xceed, Pat focuses on major business change and transformation opportunities including transition from traditional support to ‘as a Service’ and cloud based models, helping clients recover failing programmes and turning around poorly performing technical organisations. He can provide particular value to clients in the prevention of fraud and cyber-crime initiatives in both the private and public sectors.

  • Barbara Kroll

    Cloud solutions are most definitely set to change the business landscape. Business-savvy accounting professionals will look for cloud-based book-keeping systems, among others, in order to stay close to their clients and become a stronger business partner.

    Unlike traditional book-keeping software solutions, these systems will transform the way organisations and accountants interact on a day to day basis. The cloud model is a cost-effective option for businesses, as real-time access to client information enables processes to be completed quickly and efficiently, thereby providing significant cost savings.

    Most importantly, this approach transforms the service a practice offers to clients: Rather than increasingly commoditised transactional book-keeping, firms can offer a range of services that essentially fulfil the role of a virtual Financial Director (FD).

    Naturally, the security of data in the cloud is an important consideration – to ensure that data is safe, organisations should take a number of precautionary steps. Encrypting data by means of a digital certificate with the highest possible security and ensuring that the service is audited by an external party and a stamp of quality is issued is imperative.

    Additionally, businesses should also ensure that no external party has access to the data and the number of employees with access is limited. Finally – make sure all data is backed up.

    Barbara Kroll
    Managing Director
    Twinfield UK
    http://www.twinfield.co.uk

Our latest thought leaders

What would you like to submit?

Byline Article

Press Release