Cloud computing is transforming the modern workplace and could be the leading cause of spend for IT departments around the world. For small- to medium-sized businesses, the cloud has had a transformative effect, helping to make data management more efficient overall. However, making the switch to the cloud is one thing, but determining which cloud service delivery model is right for your needs is essential, and in order to do that, you need to have a firm understanding of their respective strengths and weakness – it’s important to first determine which cloud service delivery model best complements your needs.
Choosing the best cloud technology for your workloads and ensuring that they are cloud-ready is challenging in today’s evolving IT environment. Hence, we are sharing the compilation of some of the best practices for managing cloud infrastructure and determining the right cloud for your workloads.
Measure, analyze and understand your application.
Elasticity is the key advantage of cloud, however, you need to make sure that the target cloud or cloud can accommodated your anticipated volume of growth, as well as unexpected spikes in demand of your service. Also, an analysis of your applications will help you to define requirements at the right level to evaluate prospective cloud endpoints that can meet the current and forecasted demand for your workload patterns.
To optimize your cloud deployment, you need to understand an application’s requirements in six key areas in order to place it correctly:
• Data protection
Some other considerations include whether or not the cloud provider has the ability to support a multi-cloud architecture which in turn supports the various workload types for your enterprise.
Create a shared responsibility model with your cloud provider.
Your cloud provider must meet the type of regulatory and compliance requirement driven by the industry and/or the location you are in/located. These include industry compliance standards such as HIPAA, PCI and FISMA. Others are geography specific like SB-1386 or the European Union Data Protection Directive.
Each regulatory entity may require that any cloud service provider you use is certified to be compliant with those regulations. But that doesn’t mean using one automatically makes you compliant. You still have to use the service in a compliant manner; it is your responsibility to ensure the provider maintains regulatory controls on an ongoing basis. You also need to ensure that you have the ability to do the auditing, the reporting, and have access to your information.
In a nutshell, it is the ultimately the consumer who needs to ensure the end to end compliance.
Refresh Corporate security policies through data impact analysis, classification and access management plan
Security is the primary challenge, risk, and concern when moving to the cloud. A key is to understand how much risk you can take on as an organization and that it varies by the types of applications, the industry you are in, and the way you are accessing your application.
A couple of key things to understand are:
1) Location of the data
2) Sensitivity of the data
3) criticality of the data
Most enterprises normally have a rating between 1-5 in terms of criticality, sensitivity and risk.
You need to determine what applications use that information and data and also where that data reside as some public cloud providers won’t guarantee where your data is placed.
The first step is to make sure you are still following all policies no matter what the architecture or cloud provider. Then, create a plan around classification and how you’re going to allow access to the data from appropriate applications. You’ll also need to have the ability to access and monitor the information no matter where it is placed. Not just being able to see it within an application, but the end-to-end data path.
Adopt and deploy a service oriented architecture.
Architecture is a broad topic and most technical individuals have different points of view. We need to look at a few different dimensions while talking architecture in reference to the cloud, workloads or your application. When dealing with applications, they cannot be isolated, so they need to be integrated and designed to get to the right networks, storage, data, and processing capabilities. When you look at architecture from an infrastructure standpoint, you have to provide each of those capabilities (network, storage, processing) and have the availability to supply those demands in a flexible and agile way.
As you decompose your application and understand the demands of the workloads, you should start evaluating cloud providers. They provide many repeatable services. One of the faults made by many enterprises is they decompose their applications, then just move it all over to the cloud and miss out on using the services provided by the service providers. This is a way to accelerate a service-oriented approach and a way to get the maximum benefits out of the cloud provider.
Rethink your IT Organization
People are the key to success. It is a major change for organizations when they decide to adopt cloud. It’s crucial to understand what skills your team will need and how the demands of individual jobs will change with cloud.
Look for cloud providers whose resources are fully committed to providing cloud management, remote infrastructure management and service desk support to enterprise clients 24×7. Additionally, ensure that your provider’s operation centers are staffed with highly skilled, certified engineers able to see the bigger picture and provide recommendations beyond the devices being managed. The cloud solutions provider should have clear service-level agreements with well-defined response and resolution times spelled out, and they should be able to be customized as needed for each client situation.
Also, make sure to get a service-level or operation agreement in writing. They will default to their standard agreement, but most providers are able to tailor it specifically to your demand patterns.
While choosing the most effective cloud service delivery model is important for businesses that plan to get started with cloud computing, being able to understand the pros and cons of each may also help enterprises avoid certain significant security risks.