Not all that long ago, the cloud adoption debate was dominated by talk of risks – whether in terms of security, compliance, performance or whatever else.
But now the tide is turning, and a number of surveys and industry commentators have shown that would-be cloud buyers’ questions are shifting from “is the cloud production-ready?” to “what’s the best way to move there?”
Case in point: during a March 2017 interview with TechTarget, Trend Micro vice president of cloud research Mark Nunnikhoven said: "I don't think I've had that question or challenge in the last 18 months. The most common [questions are] where's the lifecycle for our existing environment, and how fast do we need to be transitioning to the cloud?"
However, that’s not to say moving to IaaS cloud hosting is a totally risk-free enterprise. Like any change to your IT environment, cloud adoption will potentially affect your overall risk profile in many different ways – so would-be adopters need to understand the implications of the move and address any new issues that arise as a result.
Here are a few of the key cloud hosting risks we’d recommend you consider.
Where your data lives
Even as fears around control and visibility in the cloud subside, data sovereignty remains an important consideration for would-be adopters, and it looks like it’ll stay that way for the foreseeable future. The key reason for this is compliance – in particular, the upcoming GDPR will make regulatory compliance a much more demanding issue for EU firms, and one that affects their risk profile when moving to cloud hosting.
Depending on the information you handle, then, it may be necessary you choose a UK cloud hosting service in order to comply with your data protection requirements and avoid fines and sanctions from regulators. And besides – keeping your data close can have benefits from a performance perspective, and may help you develop a closer and more dependable relationship with your provider in terms of support.
Keeping your infrastructure secure
With outsourced IaaS cloud hosting, you can maintain a high level of control over your applications and data, and therefore a high level of control over their security, too. What you won’t have, however, is control over the security of the infrastructure itself and the data centre underpinning it all.
As such, it may be important to assess your cloud provider’s credentials and capabilities in terms of data centre management, and whether the correct security controls – such as CCTV monitoring – are in place to support your requirements.
Downtime and availability
Don’t put too much stock in the number of nines in your SLA – prolonged unplanned downtime is still a risk in the cloud (as demonstrated by the 2017 AWS outage) and it’s important to ensure your provider has sophisticated systems and controls in place to protect against it. Our previous blog, Is your cloud hosting reliable enough for your business?, discusses this issue in detail.
It’s also important to note that connectivity still matters in the cloud, and despite what some first-time cloud buyers may assume, the quality of connectivity between a cloud hosting service and your premises can vary wildly depending on the supplier you choose. Failing to consider this in your risk assessment could expose you to significant resilience and performance problems a little further down the line.
The migration process
Finally, the process of moving to IaaS cloud hosting can be complex and – if not properly managed – present a number of risks in itself. Due diligence and careful planning are therefore important parts of your successful migration. Your chosen provider will be able to help you to ensure that the right precautions are in place to mitigate security, compliance, downtime and availability risks.
You’ll want to go into as much as detail as possible here, exploring the risk of disruption at the application level, developing business continuity plans, communicating changes to end users, and so on.
Undertaking a phased rollout, along with choosing a cloud provider and platform that won’t leave you wanting in terms of support and ease-of-use, could well be the difference between a smooth migration and a failed one – so you’ll want to consider these factors in your migration plan, too.