Thanks to the numerous public cloud offerings available today, choosing an optimal partner for that service has become a tough decision to make. In this post, we will guide you through the factors that should drive your decision-making and explore some of the difficulties you might experience along the way.
Business and Financial Health
One of the most important things to consider when you are evaluating prospective public cloud providers, is the business health of the provider.
The cloud provider may have all the technological prowess that ticks all your boxes, but may fall short on their business health and profile. To ensure future operations run smoothly, an increased focus should be put on the public reputation of the company, their staff adequacy, and their financial standing.
It is important to look at the company’s track record of stability via online reviews, and market research and analysis of their past and present business dealings.
A few other things to look out for are if they have a structured management process, if they have a vetting process for onboarding third-party vendors, and what their reputation among current consumers and partners is.
Proper market research will highlight red flags such as a future acquisition or merger, past or present court cases due to flouting compliance norms, or talks of raising capital funding because of less-than-expected growth in recent financial year quarters.
When you have completed your market research and are comfortable with the business health of the company, it is time to delve into the technical capability of the provider and determine if their public cloud meets your current needs and if it is agile enough to accommodate your future needs.
Many public cloud providers focus on the latest and greatest technologies of their service offerings. It is important to understand your business model and choose a public cloud that closely aligns with it.
For example, if your employee base mainly consists of developers, you may want to consider a public cloud provider with heavy emphasis on Platform-as-a-Service(PaaS) offerings.
This would include special emphasis on things like serverless architecture, deploying infrastructure as code, and tools that seamlessly integrate with your current development stack.
A lot of cloud providers provide their own proprietary services that improve upon the performance of your on-premise workloads, such as SQL or Data Analytics. Ensure you understand the ramifications and changes necessary when you move your workloads to these services. Another aspect that is often overlooked in a cloud adoption strategy is how hybrid-friendly the cloud provider is.
Contracts and Service Level Agreements (SLA)
Understand the service level agreement (SLA) of individual services and how they will align with your organizational agreements. Look into historic data to determine how often the public provider abides by SLAs: it should raise a red flag if outages are not infrequent.
Ensure that the contract you sign with the provider clearly outlines such things as outages due to maintenance and financial compensation for unplanned outages.
Note: Many public cloud providers do not provide a finance-backed SLA when they provide free services and will only provide compensation within the purview of the current billing cycle. Make sure you understand these terms and adjust your SLA accordingly.
This ties into another important aspect of SLAs: service level objectives (SLOs), aka service level targets (SLTs). Guarantee that your contract has individual quantifiable statistics of quality of service (QoS) measurements like availability, service response time, and throughput. Standards like ISO/IEC 19086-1:2016 are a good starting point.
Security and Data Governance Policies
Public cloud security is understandably one of the most debated topics in public cloud adoption.
As your private data will no longer be maintained on-premises, your public cloud provider has to provide you with the same level of security and conform to your security norms. This includes encryption of both at-rest and in-transit data.
Ensure you understand the inner workings of encryption technologies such as key management systems (KMS) and the processes in place to manage and maintain them. One major aspect to not overlook when reviewing security is physical security.
Understand the stringent controls in place like biometrics and round-the-clock coverage, which act as a deterrents to both internal and external threats.
Also, verify that there are audit processes in place for accessing data, as they may prove useful when investigating a breach.
Data governance policies dictate the laws that will be applied to your private data based on the location of the data. Ensure that you are aware of where your data will be located and that the jurisdictional law in that location conforms to your standards and regulations.
Standards and Certification
A standardized framework and industry-leading certifications show that a cloud service provider provides features such as interoperability and assures that they follow industry-critical best practices. These can range from information security standards like ISO/IEC 27018:2014 to health standards like HIPAA.
The Cloud Standards Customer Council (CSCC) has laid down step-by-step guidelines on how to verify if your public cloud provider conforms to security norms and standards.
Ensure that your public cloud provider adheres to basic IT industry standards like ISO 27001 and any other certification that is core to your internal and external stakeholders.
Partners and Vendors Network
A major deciding point for public cloud adoption is the expansiveness and quality of the partner network.
The first point of focus should be on their cloud marketplace and the quality of vendors listed there. Integration with these partner technologies must be well-documented, including published case studies which prove the effectiveness of the solution.
Another point to look out for is that the vendors you work with using technologies such as microservices are listed in the marketplace so that your workloads can be seamlessly migrated to the cloud.
It is also important to check that the provider has proper partner accreditations, technical capabilities, and staff support to help implement and support these solutions.
Most of the time you will have to restructure your vendor-integrated solutions because of differences in public cloud architecture. Be sure that you understand all these caveats and know how to work around them before you embark on the public cloud journey.
Migration Support and Vendor Lock-In
Workload mobility is one of the most important points in choosing a public cloud provider. Ensure that the cloud vendor provides user-friendly tools to help migrate your workloads and applications in a simple-to-use, seamless, and secure way with minimal downtime.
These tools should not only help migrate, but also help assess your current environment so that you can address action items such as infrastructure refactoring or changes in DevOps processes.
In addition to migration tools, you should also consider the availability of cloud experts who can guide you along your cloud journey and help support the environment after the move.
While devising a migration strategy, you should also consider an exit strategy if things do not go as planned. If that does happen, look out for hidden costs like exit maintenance fees or caveats when you are transitioning from a proprietary solution like a database back to your in-house software or another public cloud solution.
Reliability and Performance
Downtime is inevitable in any infrastructure environment—the public cloud is no different.
Conduct proper research into your potential cloud provider’s track record of past downtimes. This should include information such as downtime duration, whether they provided regular availability updates to consumers, detailed reports on the causes of outages, the regions affected by the downtime, and how consumers were compensated once the outage was sorted out.
Try to research into the technologies provided by the cloud provider that would increase reliability and align the resources with your internal SLA agreement.
While evaluating the performance of the public cloud, it is important that you run assessments and your own proof of concept (POC) to determine the performance of the cloud resources. User reviews and the use of performance measurement tools should give you a fairly good idea of how your workloads will perform in the public cloud.
Look for options in tools and processes to improve performance, such as a direct private connection between your on-premises environment and the public cloud.
TCO and Administration Support
Total cost of ownership (TCO) inevitably becomes one of the driving factors in choosing a public cloud provider. It is very important to understand the resource costs associated with your migration by means of proper planning and assessment.
It is equally important to consider ongoing costs like outgoing network costs or storage costs. Pour through forums and blogs to understand hidden costs and how to avoid them.
Understand if you can utilize your own licensing contracts to lower costs and how you can use automation and resource management to drive down costs in the future.
Administration support like automated billing and helpdesk support are important points to consider as these can easily drive up your TCO.
Although it can seem like a daunting step in migrating to the cloud, choosing the right cloud service partner ensures that you can easily overcome the bumps in the road and ultimately drive down your Opex costs.
Remember research and real case studies are two of the most important parameters used to quantify the points discussed in this blog.
No matter which cloud provider you choose, it is pertinent that your employees are well versed in the platform, as they will be hands-on deck and primarily responsible for successful implementation of the cloud migration project.