To Cloud or not to Cloud…
The business world is abuzz by the now ubiquitous ‘Cloud’. The sales pitches about the economics of volume, scale and a host of options thrown at you may have left you more confused. This article attempts to get the holistic picture right, for the key decision makers to arrive at their own Go! Or a No-Go! So how do you go about taking that leap? This article attempts to help you with that challenge!
Cloud solutions basically allow companies to treat their assets as a pool of resources that can be loosely coupled and scaled-up or down to meet business needs. This pool of resources can be organization’s own or rented. Technology today allows a dynamic augmentation/de- augmentation to the resources to address peak/lull resources demand conditions.
Public clouds offer complete outsourcing of the organization’s IT infrastructure to cloud providers to host, monitor and manage. Private clouds are in-house and are much like Public clouds with added custom Security, Data locality and Governance and control and agility aspects. Hybrid Clouds offer the best of both Public and Private Clouds.
The business drivers for Cloud include flexible cost structures, better business to IT alignment, enhanced business agility, faster time-to-market, better focus on core-competencies, virtualized, provisioned and managed resource model.
The technology drivers for Cloud include lower deployment risks, lower IT maintenance costs, and virtualized resources with elastic capacity and anything-as-a-service provisioning model with managed services.
Here are some of the key high-level considerations before you dive in.
- How the cloud solution impacts your organization’s short-term and long-term strategies for managing capital and operational costs?
- How the cloud solution impacts compliance, security, governance processes and privacy in your organization?
- How the human resources are impacted?
- How is your current business risk model impacted and how an updated risk mitigation plan helps face the future risks?
Listed below are some of the high-level factors to consider when deciding about migration of your corporate business applications/processes to cloud.
- Mission-criticality of Applications/ Processes
- Maturity of Applications/Processes
- Total Cost of Ownership (and CAPEX to OPEX metrics)
- Compliance (Security, Regulatory, Business Directives)
- Complexity of Integration requirements (with ‘brown-field’ applications)
- Business Continuity and Disaster Recovery planning
- Risk re-modeling and Mitigation Planning
These are further elaborated below.
Mission-Criticality: These applications are your core business with high-availability, high-performance requirements and near constant load characteristics and their unavailability may have a huge negative impact on your business. These should never be cloudified. The disadvantages of cloud just do out-weigh the advantages by a huge order here.
Maturity of Applications/Processes: Business Processes and applications that are immature and not that yet stable are highly susceptible to worse performance/behavior since these issues tend to be magnified in the cloud environment. Only migrate or cloudify those applications/processes that are fully mature and stable.
Latency: The inherent cloud environment allows for latency to be an integral part of the ecosystem. There may be at times latencies that may be detrimental/inacceptable. Consider this possibility for every application you decide to cloudify.
Total Cost of Ownership (TCO): This is a significant factor in the light of other factors in the decision to cloudify. Costs also include applications life-cycle costs, licensing and maintenance costs. If the CAPEX to OPEX metrics are orders of magnitude more, then it may make sense to cloudify. Else do not cloudify for a marginal cost saving! The trade-offs of latency, weaker security/data confidentiality are often not worth it.
Compliance (Security, Regulatory, Business Directives): These may be specific to your industry and have to be run through with your cloud provider to ascertain whether your SLAs with the Cloud Provider address these issues head-on and you both reach an agreement that is enforceable and legally binding.
Complexity of Integration: Your ‘brown-field’ applications and their integration with your newly cloudified applications may present significant challenges in some cases and the complexity may simply be too risky to manage.
Business Continuity and Disaster Recovery planning: As with any IT infrastructure, the Cloud too is susceptible to outages, and its price is often paid by your customers! So business continuity, disaster recovery are high on the list to negotiate with huge influences on your SLAs with your cloud vendors. Make sure that your business has a plan in place for continuity and recovery.
Risk re-modeling and Mitigation Planning: Risk models for applications may be impacted and may need change to address the Cloud specific needs. This may call for a complete re-visit of the risk model and a newer/updated risk mitigation plan/process.
So, there is no ‘one-size-fits-all’ solution as you may have realized by now. Typically in most cases, organizations may adopt multiple Cloud models. In other words they may have one or more business components/applications implemented in Public Cloud while other in a Private Cloud or a Hybrid Cloud.
The table below provides typical Cloud and non-Cloud uses-cases for your reference
Not to Cloud
Requirements: Non-mission-critical, Lesser risk, variable-workload applications
Requirements: Core-business, Mission-critical, High Performance, High availability, Near constant workload
Typical Business Processes:
So best of luck for your new Cloud endeavor!
Stay tuned !!!