The Cloud, like every other computing platform, has to be managed. Once you’ve decided to move to a cloud, the next most important decision is to choose the right cloud computing service provider. Investigating the reliability and viability of a cloud provider is one of the most complex areas faced when managing the cloud.
As businesses begin to move their data and application functions into the cloud, choosing the right cloud provider is the biggest decision to make. The question isn’t about what the cloud can do for you, but how can you trust the provider in getting the job done. Not just any provider will suffice.
Contents of Post
- 1 What we using the cloud for?
- 2 What are my company’s workload requirements?
- 3 What services does the cloud provider provide?
- 4 Can we trust this cloud provider?
- 5 How secure is your cloud?
- 6 Cloud Technical Interface
- 7 Where is your data center and how safe is it?
- 8 What happens if you lose my data?
- 9 Understanding the Different Types of Clouds
- 10 The Public Cloud: Low Cost
- 11 The Private Cloud: Greater Performance, Security, and Flexibility
- 12 The Hybrid Model: The Best of Both Worlds
“Some basic questions should be included in your evaluation for the right cloud provider.”
What we using the cloud for?
Most companies will begin using the cloud for storage as an easily accessible and simple service to access. However, many providers do not extend their services beyond basic storage so dedicated enterprise IT vendors required to meet other needs. Determining your cloud needs for the long-term future and direct your search for a vendor capable of meeting all needs, or consider employing services from multiple providers to meet different needs.
What are my company’s workload requirements?
Some business operations are static in nature; they have limited IT requirements that are relatively stable over the course of a workday or workweek. Other operations may fluctuate drastically over time – even between months. Subsequently, the demand for cloud resources may also vary with time and function. Some organizations undertake data-centric operations that must be regulated and therefore face strong requirements pertaining to security, privacy and auditability. Some operations interact with multiple internal and external sources, thereby increasing the amount of data traffic. Potential cloud providers will need the right levels of performance, security and reliability to support workload-specific IT needs.
What services does the cloud provider provide?
Respectable service providers will have a portfolio of services, a comprehensive description of each service they offer, the key performance indicators and evaluation of current performance against those indicators. A cloud provider may have a single service to meet multiple workload types or have multiple services to meet particular needs. Generally speaking, different services are offered at different prices and can be beneficial for the discriminating business types. Below are some concepts to explore in a provider’s portfolio:
Interoperability – This characteristic defines the capability of working across multiple environments, such as running an application on a public cloud while its data is stored on a private cloud. How interoperability will be defined across multiple cloud providers will differ significantly. Determine exactly how each potential provider sees their capability.
Proprietary – Often not discovered until it’s too late, each cloud provider may run its service in a unique environment which makes it difficult to transfer functionality to another cloud provider either technically or legally. So should you find a reason to end the relationship with a particular cloud provider, you may lose all your functionality, or worse, data.
Flexibility – How well does the cloud service meet the different, changing requirements for the different workloads it is expected to support? How much will special configurations cost?
Service Level Agreements – Read the fine print and ask multiple questions about the provider’s service levels and the rights of the customer during certain service conditions, such as outages, disasters, and data theft.
Security – What steps are being taken to secure and protect data assets? How fast can the service provider react to a different types of security problems and what will they do in reacting?
Can we trust this cloud provider?
Trust often goes beyond competence of a cloud provider. Find out if you build a long-term relationship with your potential cloud vendor. Though cloud computing is relatively new, the problems it solves are old. What is the provider’s experience in managing data centers, providing secure hosting, and delivering on application requirements? Is the cloud provider simply looking to enter into a lucrative market or are they committed to a clear vision and investing appropriately to be the best provider possible? Do they have the time and technical expertise to support your business through a well-maintained customer service program?
Many businesses have been testing the waters of cloud computing with easily accessible services before making a fully established commitment. Experimenting can be beneficial. Asking the right questions upfront will ensure a successful adoption of cloud computing.
How secure is your cloud?
Security should be a major consideration when it comes to storing your company’s critical data in the cloud. Cloud providers should have several standard security measures in place and constantly update them, Foreman says. “You’ve got to be sure that you’re completely comfortable with your cloud provider’s approach to security.”
Security measures to look for include firewalls, anti-virus detection, multifactor user authentication and data encryption, and routine security audits. It’s also important to ask who at the cloud company will have access to your data in the cloud and whether the cloud provider does employee background checks to weed out potential cybercriminals or identity thieves.
Cloud Technical Interface
To take advantage of the benefits of cloud computing the proper technical interface must be in place. Companies that have already moved to a service-oriented architecture (SOA) will be find this transition easier.
APIs and data transformations
A cloud’s Application Programming Interface (API) is the software interface that lets your company’s infrastructure or applications plug in to the cloud. This is perhaps the most important place for standardization. For an organization to easily build connections between its internal data center and the cloud, it must use standardized APIs and data transformation capabilities.
Data and application architecture
New internally created services that support the business’s changing demands must operate with cloud ecosystems. These services may need to migrate to and from the cloud. This means that it will have to build an architecture that’s modular enough to allow services to move between various cloud platforms.
To be effective, data also has to be packaged and managed. The IT organization needs to manage data independently of the underlying packaged application, transactional system, or data environment such as a warehouse. Your organization needs to start with consistent definitions of data elements to manage cloud-based information services.
Security in the cloud
Companies planning to use cloud services must be assured of tight, well-defined security services. Many levels of security are required within a cloud environment:
Identity management: For example, so that any application service or even hardware component can be authorized on a personal or group role basis.
Access control: There also needs to be the right level of access control within the cloud environment to protect the security of resources.
Authorization and authentication: There must be an authentication mechanism so the right people can change applications and data.
Where is your data center and how safe is it?
The location and security of the data centers and servers where your company’s information will be stored are as important as online security, Foreman says. “You want to make sure you’re not doing business with a guy with a couple of servers in a spare room somewhere that could quite easily be accessed and compromised.”
To make sure that isn’t the case, Foreman suggests asking how a potential cloud vendor protects its data center from natural disasters, including fires, floods, earthquakes and storms. Also, find out how the facilities are protected from thieves who could walk away with your sensitive data.
What happens if you lose my data?
On the off chance your cloud provider accidentally deletes or loses your precious data, you need to know how it will rectify the problem. Be sure to ask: What provisions are in the company’s Service Level Agreement (SLA) that address potential data losses? Will the provider compensate you for losses? What data redundancies does it have in place to mitigate the risks of data loss? It’s also important to ask if the company has experienced any significant issues resulting from the loss of customer data.