02nd May 2017
Considerations every business should incorporate into its cloud computing strategy
Making enterprise level IT solutions available at a fraction of the cost and with minimal workload for the in-house team; cloud services deliver flexibility, scalability and performance at the centre of their offerings. The cloud is a ‘no-brainer’ for businesses and is seeing greater investment year on year by IT departments.
What started out as cloud storage soon expanded to include services such as ‘Software as a Service’ (SaaS) which have grown to a stack of business benefitting ‘aaS’ models including ‘Infrastructure as a Service’ (IaaS), ‘Backup as a Service’ (BaaS) and ‘Disaster Recovery as a Service’ (DRaaS).
Enabling IT departments to optimise their IT delivery models and increase performance; these solutions are empowering IT to do more with existing budgets. Add to this, the business (and user) demand on technology, the speed of implementation and the pay-as-you-go-model, means that more and more businesses are adopting cloud services into their IT strategy.
With a multitude of options available, businesses have the flexibility to migrate certain aspects of IT to the cloud as and when needed. However, as with any investment, it is vital that the overall plan/design is agreed and parameters are defined rather than implementing solutions piecemeal.
Businesses need to ensure optimal return on investment, the highest level of security and a great end user experience and all of this can only be truly achieved if time is invested first in a cloud computing strategy. Some key considerations every business should incorporate in its strategy:
1. Evolving business needs
With businesses rapidly transforming the way they deliver their services, investing in on premise, high spec technology with significant storage and security capability can be risky. A design that meets the immediate business needs may reach capacity quicker than anticipated or not meet new business demands in 12 months’ time – however much planning and forecasting is carried out. As well as looking to cloud solutions to gain the same functionality for a lesser cost, the ability to scale up or down users and features with ease is vital to any growing business.
2. Data security
With the reliance on data, it is a natural concern for any business as to what is happening with that data and where it is stored when using an external provider. Questions such as how secure is it, is it accessible 24/7 and where is the data held should all be asked. These aspects are getting more critical with increased success of cyber-attacks and the introduction of new legislation. Having the right level of security tools and processes in place should be a given for any cloud provider, but always check your position before signing a contract. Firstly, understand the level of security measures in place. The basics should at least include user authentication, backup and restoration/DR processes in place, a firewall, regular audits and a notification breach policy. Then, make sure you understand what is your responsibility and what is the cloud provider’s responsibility when it comes to the data being stored and make sure you have security policies in place specifically for cloud options. You are responsible for your data and the new legislation will make sure you (as well as the service provider) have carried out the correct due diligence before engaging the cloud provider.
3. Business demands on the in-house team
The demands on the IT department are expanding as the reliance on IT grows. However, the budgets don’t always reflect this. Therefore, getting more value from existing budgets whilst keeping the IT efficiently running is key. By handing over some of the mundane/business as usual work, the IT department can focus its efforts on the more interesting, business transformation projects. First however, work out what needs to be migrated to the cloud, which deployment models will be used and the timescales for doing this so it is manageable for the in-house team.
4. Deployment models such as Hybrid Cloud
An option many businesses are looking at to gain the best from both private cloud and public-based cloud services is to invest in a hybrid solution. This is done through a cloud management platform which connects two or more clouds which are separate entities. By being bound together, the business can benefit from multiple deployment models.
This is also a cost-effective option as many public cloud services are generally cheaper than private. By using a hybrid model, the business isn’t fully reliant on a private cloud which will potentially save a significant amount of money. The business can use the private cloud to process information securely and the public cloud for hosting publicly available data and share large amounts of resources. This way, businesses can enjoy faster data transfer whilst implementing increased privacy for the aspects needed.
This model also enables the business to readily integrate with other cloud applications, giving the businesses even greater flexibility to migrate applications, resource and data between the public and private clouds as the business evolves.
5. Contractual Responsibilities
Whilst using a cloud service has so many benefits, any business needs to maintain control of its data and access. Some fundamental points to remember:
- Whilst you don’t need to worry about what components your provider runs its service on, you should understand and know enough to make sure your cloud service is resilient.
- Understand what security features are in place, how they manage incidents and how they respond. Make sure incident response plans are in place to protect your business.
- Make sure the SLA (Service Level Agreement) works for your business. You want minimum outages and downtime – does that SLA reflect this?
- Make sure regulatory factors are met such as the current Data Protection Act which will become the General Data Protection Regulation in May 2018. Or, that they have a plan in place ready for the new legislation.
- Make sure you have your own processes in place, maybe working with HR. Detail and maintain an employee record for who has access to your cloud systems and which ones. This is not just from a payment perspective, but also from a security perspective so that when they leave, all access to the company systems is removed. This is a common slip up by organisations with multiple cloud services.
If you would like to discuss any points in this blog further, please contact Alex Riddick, Customer Services Director on +44(0)20 8216 3333 or on email@example.com.