By Neil Cattermull, Director of Cloud Practice, Compare the Cloud
Introduction
The cloud is here to stay and it makes sense to use it. The market is already developing and changes will occur over the next few years that will allow you to have even more choice than today. Microsoft will inevitably offer a complete hosted solution, along with Oracle, VMware and many, many others. We are also seeing disparate systems on disparate platforms (AWS, Google and others) being linked together, managed by complicated orchestration products. The greatest problem with all of these platforms and services is likely to be the support element, so when choosing cloud for your business, make sure you are asking the right questions:
1. What cloud services do you need?
In order to choose the option that is best suited to your business, it is vital to understand exactly what cloud services you need.
In order to choose the option that is best suited to your business, it is vital to understand exactly what cloud services you need. There are so many on the market, from full infrastructure hosting and application delivery through to managed backup and disaster recovery services. Even if you only want to move one or two of your services to the cloud at the moment, think about whether you may want to extend this in years to come. Choosing a provider that offers them all could give you more flexibility in the long run. One of the features of a cloud solution is its ability to scale up and down to match your size, but you should still ensure that the provider’s capabilities match your plans for growth.
2. Who am I dealing with?
Many cloud companies do not in fact have their own infrastructure but resell from others. This need not be a problem – it is common practice for a cloud provider to sell services via a channel of smaller resellers – but you should make sure you know who is actually providing them! It is quite possible that you will receive better support from a smaller value-add reseller, but you need to know whose customer you are, and who is ultimately responsible for the services you are buying.
3. What about the contract?
Standard hosted contract terms are often 24 – 36 months, with shorter terms generally attracting higher costs. Some cloud providers, however, are now starting to offer a 12 months or less contract or “pay as you grow” option. This can be helpful if the provider is new to you or even new to the market place, and will allow you to gauge the type of service you will receive without making a long term commitment.
4. The Service Level Agreement
Don’t get tied into a service that just isn’t working for you.
This is very important. Don’t get tied into a service that just isn’t working for you. Check the terms and conditions for material breaches and downtime. Many providers offer compensation but this is likely to be insignificant compared to a loss of service for your business if your entire company’s infrastructure is running remotely. A good provider will give you the option to terminate the service if the SLA is consistently breached but beware there are many providers that will not.
5. Where is my data?
There are so many reasons why you should know this. If you do not know where your IP (intellectual property) or data is, then how can you get this back if you fall out with your provider? It is YOUR data and YOU need to know where it is. A good provider will give you access to it, no matter what the circumstances, at very short notice. Beware “safe harbour” agreements too. Although they are designed for data protection, they often fail to stand up if challenged. If you are offered one, have it checked thoroughly by a lawyer.
6. Security
You must ensure that your provider has the appropriate security to safeguard your business.
This is a very important point and it should be right up there with “should I have cloud services for my business?” At the end of the day, your data is accessible from the internet (and we all use it in one form or another). You must ensure that your provider has the appropriate security to safeguard your business. ISO standards are a good base to grade the provider’s competency in this area, but there are many other standards that can also be adhered to. Note that if you are regulated by a governing body such as the FCA (FSA of old) or HIPAA (health care), additional security standards are required. Make sure these are not just a tick-in-the-box accreditation – challenge the provider on what they offer.
7. Internal policies
As well as being good security practices, security policies for your business are essential for cloud services. ‘Password123′ is not good enough!
Staff will use applications to share information, whether you know it or not. On average, internet users have 25 password-protected applications they manage, but only six (or less) unique passwords. Using a cloud password management platform that enables employees with one password to access all their applications (single sign on) will help to provide a better experience while securing company access and data.
8. Check for hidden costs
One major problem with all the options available today is to normalise the offerings and get a fair comparison. You can compare features and functions with a bit of research – using comparison tools such as those on Compare the Cloud – however, providers differ not only in functionality, but also in costs and billing methods.
Make sure you get to the bottom of the provider’s pricing. For example:
CPU costs: 2 Core (@2.5GHz) with 2GB RAM costs £x.xx /instance/month
Storage costs: Cost of 1 GB usable storage, SAN/NAS based on 10TB base infrastructure = £x.xx/GB/month
Backup costs (£x.xx/GB backed-up)
Network costs: (£x.xx/GB/month transferred in and/or out)
9. Availability
Consider how your company’s business handles network, system and other failures. Does the cloud infrastructure need to be highly resilient, or can individual parts fail without causing a major service interruption?
A good cloud provider will have a replicated copy of your infrastructure (for their own internal disaster recovery plan).
A good cloud provider will have a replicated copy of your infrastructure (for their own internal disaster recovery plan). Some providers will charge you for this and some providers will simply not have this and gloss over the discussion with you. A good start would be to discuss where your provider is hosting your service – data centre – and ask about the Tier level. Every data centre can be graded by this tiering (and should be) and the results will be obvious for you to understand when you receive them.
Tier 1 = Non-redundant capacity components (single uplink and servers).
Tier 2 = Tier 1 + Redundant capacity components.
Tier 3 = Tier 1 + Tier 2 + Dual-powered equipment and multiple uplinks.
Tier 4 = Tier 1 + Tier 2 + Tier 3 + all components are fully fault-tolerant including uplinks, storage, chillers, HVAC systems, servers etc. Everything is dual-powered.
A Tier 4 data centre is considered as the most robust and less prone to failures. Naturally, the simplest is a Tier 1 data centre used by small business or shops.
10. When it all goes wrong
So you now have a cloud service, or multiple services, and it all goes horribly wrong. How do you migrate away from the incumbent failing provider? Make sure that you are not handcuffed to large exit bills and contract penalty clauses. There are some test cases where clients were asked to pay extortionate fees just to keep their cloud services running after the firm went into financial hardship.
If your business is considering a move to the cloud and you need some advice, contact Compare the Cloud’s Cloud Practice Group and we’ll provide you some free advice and details on other ways we may be able to help make your transition a smooth and happy one.
Neil Cattermull, Director of Cloud Practice, Compare the Cloud
Neil's focus is on developing cloud technology and big data. You can often find him advising CXOs on cloud strategy.