Being passionate about the cloud and the benefits it can bring to an organisation’s digital transformation journey, last month I shared part one of my views around important aspects to consider for a successful migration to the cloud.
In it, I addressed the need for clearly-defined business goals, spoke about the cloud migration strategy and the various cloud migration methods, and touched on the question around whether an organisation should outsource key IT functions to third-party experts or manage its IT infrastructure in-house.
In this second article, I share my views on some of the remaining considerations. So, to continue…
Number four: Cloud migration framework
It is important to adopt a robust cloud migration framework which enables organisations to implement cloud migration in phases, making it easier to manage and control the project. The framework must include the following:
As-is IT landscape assessment – to understand all existing workloads. Determine which workloads are still relevant, how much resources are allocated, are they efficiently used? Is the security in place adequate?
Cloud readiness assessment−assess cloud readiness of existing applications and data to determine the level of complexity to migrate them to the cloud.
Legacy workload migration−now the organisation is ready to perform the cloud migration. The public cloud platform chosen will influence the type of resources and skills required. Start by migrating a couple of workloads and ensure they work correctly in the new environment. Continue with this phased approach until all workloads are migrated.
Post-migration operations −once the workloads have been migrated to the cloud, the process of decommissioning legacy systems can start. Involving in-house team members early on and throughout the project becomes important during this phase, to ensure that transitioning to the new modern operating model is seamless. Performance of the cloud environment needs to be measured against set service level agreements and performance metrics with a view to optimise where required to ensure the business objectives are met in the new environment.
Number five: User adoption
Effective user adoption is critical for any successful cloud migration project. A change management strategy needs to be developed and should run throughout the project lifecycle to ensure users are on board with the new cloud implementation.
It is important to have leaders that are actively and visibly supporting the cloud migration project. This ensures commitment and shows a clear vision of the future and how the new changes will benefit the company.
It is important to adopt a robust cloud migration framework which enables organisations to implement cloud migration in phases, making it easier to manage and control the project.
For end-users, an organisation will need to clearly articulate how the new systems will benefit the end-user and how it will add value to their day-to-day work.
One way of achieving this is to develop a change programme that lays the foundation of how the implementation will go.
Below are five steps that need to be taken to ensure a successful change programme:
Clearly explain the need for change − demonstrate to people why change is necessary and communicate both the potential benefits and the challenges the project may encounter and the plans to mitigate against them.
Plan for the change – start the project with a solid plan. A detailed plan will help get buy-in from leaders and give all the role players a sense of accountability.
Implement the change − assign the tasks according to the plan and kick-off the project.
Continuously review and modify implementation − once the project is under way, track progress and make changes when necessary.
Communicate the progress − communicate all project milestones as well as challenges. It is important to be transparent to gain trust.
Number six: Data security
The organisation needs to adopt data loss prevention (DLP) strategies that specifically deal with cloud data protection. Even though public cloud providers have robust security measures in place, it is important that the organisation is proactive about cloud security, privacy and data protection, and to ensure that sensitive data stored in the cloud is encrypted.
The biggest challenge in protecting cloud data is that data is stored in multiple places, such as cloud storage solutions like Amazon Web Services. The popularity of consumer cloud storage services like Dropbox and iCloud further compounds the problem that an organisation can be faced with. Even worse, this cloud data can be accessed anywhere, anytime using any network or devices which may or may not be secure.
There are two options for cloud DLP, namely cloud application API and cloud security access broker (CSAB). The advantage of using API is that developers are already familiar with programming APIs and can use them to implement security measures at the application level. However, application-level security is limited by the fact that most cyber attacks happen over APIs.
A CASB solution is a security tool that resides between a cloud service application and its end-users, enforcing organisational security policies and best practices, protecting against intrusions and preventing ‘data leakage’. An organisation can run CASBs on its on-premises infrastructure or in the cloud, and CASBs are easily integrated into existing on-premises DLP solutions. The organisation does not have to start from scratch as it can simply extend its existing DLP to the cloud if it already has one.
Regardless of the cloud DLP solution an organisation chooses, it’s important for DLP policies to be consistent. The same data policies that apply within the enterprise must also be enforced within the cloud.
Number seven: Cloud computing service models
There are three types of cloud computing service models, namely software-as-a-service (SaaS), platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS). When embarking on a cloud journey, it is important to have a good understanding of these models and choose the one(s) suitable for the business use case.
SaaS is a licensing and software delivery model, which allows access to software on a subscription or pay as you use basis.
PaaS is a cloud computing model where a third-party provides, over the internet, a set of tools and services designed to make coding and deployment of applications quick and efficient.
IaaS is a cloud computing delivery model that provides cloud computing infrastructure − servers, storage, network and operating systems − as an on-demand service over the internet.
SaaS characteristics include:
- Applications that have a significant need for web or mobile access.
- Standard offerings in which the solution is largely undifferentiated; eg, e-mail service.
- Applications that require significant interaction between the organisation and the outside world.
PaaS characteristics include:
- Services to develop, test, deploy, host and support applications in the same integrated development environment.
- Web-based user interface (UI) creation tools used to create, change, test and deploy different UI scenarios.
- Multi-tenant architecture in which many concurrent users use the same development app.
- Built-in scalability of deployed software, including load balancing and failover.
- Integration with web services and databases via common standards.
- Support for development team collaboration.
IaaS characteristics include:
- Resources distributed as a service.
- Allows for dynamic scaling.
- Has a variable cost based on utility pricing model.
- Allows for multiple users on a single piece of hardware.
In conclusion, when planning to migrate to the cloud, an organisation must have a clearly-defined use case that the cloud will satisfy. It is important to have a plan detailing the migration method and the process that will be followed.
To minimise risk of project failure, the organisation should consider partnering with cloud experts with a proven track record in cloud migration.