How do you get started using the cloud?
For some organizations, cloud usage has already begun by someone in the company - whether they know it or not. But to have a successful cloud deployment, it’s helpful to have a plan.
Consultancy Cloud Technology Partners is one of many companies that help customers adopt public IaaS cloud computing resources. CTP says the following 10 tips are key for a successful cloud rollout.
1. Alignment workshops
After a company has made a decision to use IaaS cloud computing services, it’s helpful to have a level-set meeting with important stakeholders at the company to get everyone on the same page. Typical groups involved in this meeting would be security managers, finance and procurement professionals, infrastructure engineers, operations workers and third-party consultants. Typically a senior IT manager or CIO leads the process. It’s important to have a clear message to this group of why the cloud is being explored.
2. Know your economics
One of the first considerations that will inevitably come up is cost. There is no simple calculation for determining if the cloud will be more or less expensive than on-premises infrastructure; there are too many variables. It’s important to know that different architectural designs will determine cost. For example, if your app requires an active-active high availability architecture across multiple data centers, that will increase costs compared to a single instance deployment. If you can sign a longer-term contract to use virtual machines, you get a discount. The way you deploy the cloud will determine whether it makes sense financially for you.
3. Find agreement
If you have a faction within the organization that is against the cloud, this will be difficult. Get on the same page and make sure any outstanding concerns are addressed before moving forward. Executive buy-in can help.
4. Establish a Cloud Business Office
After there is agreement to move forward, CTP recommends creating a Cloud Business Office (CBO). Some call it a Cloud Council or a Center of Excellence. It’s basically a group that will be the point people for the deployment. Typically the team will be made up of cloud engineers, compliance/risk officers, application owners, IT, finance and third-party representatives. The goal of the CBO is to have a body that will make decisions. Unlike the Alignment Workshop, whose goal it was to decide whether the cloud will be used, the CBO will be responsible for making execution decisions about how the cloud will be used.
With a CBO in place, more detailed planning can begin. Discovering the full landscape of your environment and mapping the dependencies and relationships of applications and processes is a good first step. Take an inventory of what you have and begin to target what will move to the cloud.
6. Security assessment
Before you migrate anything to the cloud, determine what your security profile will be. What standards do you want to set your cloud usage to (PCI? ISO 27001?). The Cloud Security Alliance has a lot of good information on this topic, particularly their Cloud Security Alliance’s Cloud Controls Matrix can help you think about approaching cloud security architectures.
7. Create a minimum viable cloud
Don’t go all in initially. Once you have a couple or handful of applications that have been targeted as low-hanging fruit for moving to the cloud, begin the process of the migration. The idea here is to get some early successful wins that will become the basis for repeatable processes for further migrations.
CTP has a recommendation on how to design a deployment process that is repeatable. Think of it as a hub-and-spoke model. Core services that apply to the entire cloud environment are in the “hub”, including monitoring, logging and security and encryption policies. The “spokes” are applications that adhere to the policies defined in the central hub. This creates an automated, repeatable way to deploy services.
Controlling usage of your cloud is critical. It’s important to have someone constantly keeping tabs on what is going on in the cloud environment, be alerted to unusual activity and enforce policy rules. Which workers have access to which services in the cloud (a developer can only spin up a certain number of virtual machines, whereas a manager has more freedom). Tags can be assigned to every action that is done in an environment by a user so its easy to track who is doing what. Limit access to administrative settings and use two-factor authentication. Set up cost analysis tools for right-sizing VM instances and use tools for sniffing out services that are being paid for but not used.
9. Automation and Validation
You do not want to be building snowflake designs for each new app deployed to the cloud. Manual processes lead to errors and security vulnerabilities at scale. Automate wherever possible. Create a standard architectural pattern for applications. Then, use tools to automate their provisioning and monitor their deployment. Validate deployments to ensure they meet your standards.
10. Prepare for migration at scale
You’ve deployed a couple of apps. Now you’re ready for more. Determine which apps can be moved and which cannot. CTP breaks apps down into four categories: Rehost (only light changes needed), replatform (just change the infrastructure host), refactor (some code changes are needed to the app), replace (app needs to be rewritten), retire (get rid of the app). Using your automation processes, begin migrating the low-hanging fruit and develop a plan with the CBO on how other apps can move in the future.