Top 10 Checklist for Cloud Best Practice

The top-ten priorities for selecting the right cloud services for your business. This step-by-step checklist puts you in the know.

Selecting a suitable cloud model is essential in guaranteeing the performance and efficacy of your IT strategy. This means getting the mix of on-premises, cloud, and service provider options just right for your business in your industry. This article keeps you fully informed, delivering ten clearly defined steps for selecting the right cloud services for your business.

Top 10 Checklist for Cloud Best Practice

Find the right cloud solution for your business.

While moving to the cloud may be a sure way to keep up with industry benchmarks and best practices, it’s also meaningless if you don’t deploy the right cloud solutions for your business.

The market is saturated with messages about how cloud is “best practice”, and questions around data sovereignty, integration options, total cost of options, performance requirements, and more, are not always given due consideration.

Failure to do so can result in poor customer experience, higher operating costs, and other negative outcomes that would ultimately invalidate your move to cloud in the first place.

It’s important to remember that not all cloud solutions are equal when it comes to what’s right for your business.

This best practice guide cuts through the noise of “cloud for cloud’s sake” and identifies the factors that need to be considered in order to realise the full potential of the cloud.

Made with Australian business executives and leaders in mind, this guide will help you make more thorough, informed decisions about cloud adoption that further your business agenda, and empower you to take control over your own transformation and innovation programs.

Topics explored include:

  • How to maximise cloud performance
  • How to maintain data sovereignty and security
  • How to avoid technology and commercial lock-in
  • Cloud contracts and legal matters
  • Understanding the differences between public, private and hybrid clouds

Content Summary

Foreword
Introduction
Top 10 cloud consideration checklist
Performance
Data sovereignty
Technology and commercial lock-in
Total cost of ownership
Support levels
Accounting in the cloud
Talent and capability
Leveraging clouds and integration options
Security and authentication
Cloud contracts and legal matters
Next steps to cloud best practice

Foreword

Embracing Hybridity in the Cloud: Ensuring your Cloud strategy delivers the right outcomes for your business.

In today’s challenging economic climate, Australian businesses are being forced to rethink the way they operate. Strategies and approaches that delivered results in the past now need to be re-examined to ensure they have the agility to deliver efficiencies and performance in the long term.

At the heart of this shift is information technology. Powering every facet of modern business, IT has become the fabric that binds everything from supply chains and manufacturing to customer service and support.

One of most significant developments in IT during the past decade has been the emergence of the different cloud computing models. Initially developed to give businesses more freedom and flexibility with their IT strategy, cloud frees businesses from the need to invest in and manage their own infrastructures. Organisations can now select from a portfolio of resources and tools that are delivered as a service, freeing them up from long-term capital expenditure models and the need to invest in highly skilled IT management teams.

Yet, while a cloud strategy has much to offer, its true benefits can only be realised through the right blend of cloud services, arrived at through proper planning. The many alternatives available need to be carefully assessed to ensure they provide the level of performance and resilience needed.

In many cases, such a platform will combine resources from multiple providers and technology vendors. This ‘hybrid cloud’ approach, done properly, will result in a uniquely tailored platform that aligns a business’s particular technology requirements.

Achieving maximum benefit from the adoption of hybrid cloud requires ongoing management. Each of the components must be carefully monitored to ensure they work together as a cohesive whole, delivering true and demonstrable value.

Introduction

When it comes to cloud computing, there are three variants on offer: public and private clouds, and an approach called ‘hybrid’ which combines the best mix of public and private cloud for your business.

This article will assist you through your decision-making process, to ensure you can make an informed decision about which is right for your organisation.

Public clouds are operated and owned by cloud service providers, who deliver their computing resources and storage over the internet. AWS, Google Cloud Platform and Microsoft Azure are three good examples. The public cloud is ideal for organisations who need or want to consume software, platforms and IT ‘as a service’, and want little or no physical interaction with the actual ‘tin, wires and boxes’.

A private cloud refers to cloud computing services used exclusively by a single organisation. It may be owned, managed and operated by the organisation, a third party (like Tecala) or some combination of the two, and it may exist on or off the premises. Organisations that need complete autonomy and control in their cloud will choose this model.

Hybrid cloud combines a private cloud with one or more public cloud services, through a software layer that allows data and applications to be shared between them. Hybrid cloud provides organisations with the flexibility to move workloads between cloud solutions as needs and costs fluctuate.

For the vast majority of mid-size organisations in Australia (and around the world) the hybrid model offers the best potential for freedom, flexibility and control in the cloud. It allows organisations to enjoy maximum benefit and value from the cloud environment, through a unique configuration of private and public clouds, delivering a fluid mix of cloud computing services.

Hybrid cloud can deliver significant business benefits from traditional onpremise infrastructure, with improved SLA’s and reduced costs, and knowing you have technical experts managing the infrastructure.

Top 10 cloud consideration checklist

When planning IT infrastructure strategies, IT and business leaders will need to choose the right mix of on-premises, cloud, and service provider options. Here are ten vital factors to get the most out of cloud services and reduce risk.

Performance

It is essential to select the right cloud model – or models – which can cater for the underpinning performance requirements of your applications and workloads.

Failure to adequately account for performance when adopting a cloud strategy can result in poor customer experiences, higher operating costs, and more complex management requirements. Assess the network latency and access requirements around the service or workload requirement, and review if the cloud option, such as a virtual public cloud provides the computing and network performance equivalent to other options like hosted servers.

Questions to ask about performance:

  • Does my application require dedicated hardware?
  • Can the application scale across many cloud servers?
  • Is the cloud environment going to provide low network latency?

Data sovereignty

Many industries have restrictions on how their data is managed, including how long it is retained and where it is stored. These requirements are important when choosing the right cloud for your application.

Generally, on-premises infrastructure allows the most control over the data and transactional public clouds the least, as they often don’t guarantee any retention or residency. Start by assessing if the data needs to be retained in a specific region for legislative or privacy concerns, and review the impact on data sovereignty of disaster recovery and backup services within the cloud. A primary cloud service might offer data location restrictions, but move backups to another geography.

Questions to ask about data sovereignty:

  • Does the target cloud platform backup data to a location of their choosing?
  • Will the cloud provider contractually guarantee to keep my data in Australia? Or, will it provide me with that option?
  • Are my IT service providers transparent about where application data is stored?

Technology and commercial lock-in

When assessing the risk of cloud it is important to consider how your business might be exposed to “lock-in”. Once you have committed to a cloud provider or application, how difficult is it to move away if the need arose?

This process must be considered from both technology and commercial standpoints. Commercial agreements can have unpredictable (and unreasonable) exit clauses and technologies used by cloud providers can make it difficult and costly to migrate an application away. Factors like APIs, user interfaces, processes, billing, encryption and transfer out costs can differ greatly between providers so know where you stand before becoming too committed to one cloud.

Questions to ask about cloud lock-in:

  • Is the cloud standardsbased or are there mostly features which are unique to that provider?
  • How much access do I have to the data which will be generated when I start using the cloud? Things like technology use, capacity, billing, API data and so on.
  • Will the cloud provider make it difficult to leave from an SLA or contractual standpoint?

Total cost of ownership

With the ubiquitous nature of public clouds it is easy to start small, empower your user-base and then incur uncontrolled resource sprawl and, hence, cost-creep. This equates to higher operating costs for what the business needs.

Consider what controls and reporting you require to ensure staff are afforded the capability of cloud, without the unforeseen cost. These measures will be more relevant for larger organisations with many business units. When selecting a cloud it is also prudent to evaluate the TCO of the different types of cloud offerings. For example, using a public cloud can look like a low-cost value proposition in the immediate term, but as usage matures other options like MSP-managed infrastructure can deliver a lower TCO.

TCO equations should also take into account features your organisation might gain access to, but not need. Cloud agility, such as the ability to scale up down on demand, is a compelling feature, but if you do not require this level of agility you are paying for capabilities you don’t need.

Questions to ask about TCO:

  • What controls does the cloud (or MSP partner) have to prevent underutilised cloud services?
  • Will the application be best suited to virtual or physical infrastructure? Using more virtual servers to achieve the same performance as a physical server will influence TCO.
  • How does long-term cloud cost compare with asset depreciation?

Support levels

A common misconception about cloud is it consists of fully automated components which don’t need support. Cloud, like all other types of computing infrastructure, requires support to get the most out of it and get your back when something goes wrong.

As part of your cloud selection process, review the level of support you will receive and the capability of the support staff. The more engineering-level support you can get the better since the people you call for support are more likely to be able to resolve the problem without having to escalate it further.

Many cloud providers give only very basic support services within the standard service offering. Leading public cloud providers deliver enhanced support by means of charging a percentage of total spend on a monthly basis. So another thing to check is how easily and affordable are additional support services if required.

Questions to ask about support:

  • Does the target cloud provider have engineering-level support?
  • Will any additional support requests come at a high price?
  • What options does the cloud have for getting enhanced support via an MSP?
  • What level of monitoring and visibility does the cloud support? In some cases the level of system visibility is less in the cloud.

Accounting in the cloud

In addition to TCO modelling, your cloud selection strategy must include how the provider charges for its services.

A big promise of cloud is to make IT infrastructure procurement easier; however, billing rates are complex and “bill shock” is a significant problem in the cloud. Although cloud service billing can contain fine-grained detail, the complexity for traditional accounts teams to decouple this each month can be highly onerous.

Make sure your journey to the cloud isn’t burdened by complex billing and put the obligation onto the cloud provider, or service partner, to deliver a reasonable payment plan for the subscription.

Questions to ask about accounting and billing:

  • Is the cloud provider’s billing onerously complex?
  • What options are available for simplifying the accounting procedure? For example, a flat monthly fee.
  • What tools are available for the cloud which help match spending with requirements?

Talent and capability

Managing IT service infrastructure, be it in the cloud or on-premises, requires skills and capability

Cloud decision making should include the depth of skills you already have and what you can augment with service providers. Cloud capability includes:

The ability to move services to and between clouds presents challenges common to the traditional on-premises model.

You won’t require storage, compute and network people or teams for cloud. Instead, you will need people with knowledge managing private, public and hybrid clouds and, most importantly, how they interoperate.

Cloud capability is more aligned with software and APIs, rather than hardware and cables.

Having experienced individuals and service providers on your side eases the complexity of finding the right cloud and performing migrations.

Questions to ask about talent and capability:

  • Can our staff be easily trained on how to use the target cloud?
  • Do we need to engage with a cloud support partner to get the most out of cloud?
  • Do we need to recruit new skills into the organisation as part of our cloud journey?

Leveraging clouds and integration options

The popular concept of “cloud” has connotations of a single entity where all data processing happens in one place. In reality there are thousands of different types of online services available for business applications and your cloud journey should include how you can take advantage of what is available.

Optimising locality and commercial models for applications frequently results in your data residing across multiple providers and platforms. For example, a billing system might be hosted on-premises, but use a cloud-based content system for the customer portal.

Your cloud strategy should include how your hybrid environment is this best stitched together and what plans exist for API-driven integration and consolidated billing. Cloud integration is the modern equivalent of the “Enterprise Service Bus” (ESB).

Questions to ask about integration options:

  • What existing integration (on-premises and cloud) requirements does the application have?
  • Are the cloud integration options suitable for the long-term roadmap of the business?
  • How can we best take advantage of a hybrid architecture using APIs and data transfer options?

Security and authentication

No cloud planning is complete without a close review of the security of the provider. Security has always been a challenge and is generally consistent across any type of infrastructure, but there are things cloud providers can do to make administering best practice security controls easier.

Support for consolidating authentication (including single sign-on), using and integrating twofactor authentication and taking advantage of encryption technology with keys held by you all contribute to a best practice security posture. Once in the cloud, your security strategy should include how well the data is backed up and how quickly it can be restored in the event of a problem.

Questions to ask about security and authentication:

  • Is our in-house security capability keeping up with persistent threats? In many cases in-house security can be worse than that for clouds.
  • Will the application be exposed to more risk if moved to the cloud?
  • What security options are available in the target cloud?
  • What security frameworks does my prospective service provider comply with?

Cloud contracts and legal matters

One of the biggest risks your organisation might face with cloud has nothing to do with technology, but has everything to do with the commercial and legal aspects of the engagement.

Your cloud service provider should be transparent about what is included with the contract, including any clauses for service level agreements (SLAs), exiting the contract, duration and minimum spend. Any supplier agreement can be the subject of a dispute and if your business application is dependent on a cloud service you don’t want it disrupted over a legal matter.

Before diving in, make sure the terms and conditions of the supplier’s engagement are acceptable to you for the requirement. Other options include engaging with a managed service provider to handle contract administration on your behalf. Just be sure to know where you stand regardless of who is contracting the cloud service.

Questions to ask about contracts and legal matters:

  • Is the cloud provider’s contracts exposing your organisation to new risks, including service interruption or discontinuation?
  • Do we need to engage with a service provider to manage the cloud contractual arrangements?
  • What are our rights if the cloud provider is negligent or difficult to deal with?

Next steps to cloud best practice

Cloud platforms have the potential to deliver significant and long-lasting benefits to your organisation. Deployed effectively, they can reduce operational costs, improve performance, and provide truly scalable resources.

For these benefits to be achieved, it’s important that cloud adoption be tightly aligned with business needs. If a hybrid cloud is selected, the components it comprises need to be carefully selected and managed to ensure they work together to deliver a robust, secure, and high-performance infrastructure.

This article is designed to be a first step in this process, providing a starting point for the creation of a business case for cloud adoption. It outlines the value such a strategy will deliver and the elements that need to be considered along the way.