With the cloud becoming increasingly diverse and complex, unfortunately not every organisation is currently operating within it correctly
Demands for more storage space have already encouraged a migration to cloud-focused technology and services in recent years, with IDC predicting that by 2022, over 90 percent of enterprises worldwide will rely on a mix of on-premises/dedicated private clouds, multiple public clouds, and legacy platforms to meet their needs. With 2021 labelled ‘the year of multi-cloud’, a large proportion of enterprises will be looking to adopt a varied cloud approach, combining on-premises, off-premises, public, and private solutions. When doing so, it must be done right.
While we’ve all become used to storing our data in the cloud, common mistakes remain, with many organisations leaving themselves open to countless business and reputational risks for failing to properly migrate or adopt new services. Businesses can no longer afford to make such mistakes.
So how can those in charge of implementation troubleshoot issues before they become a significant risk?
Mistake 1: Failing to meet business needs by not sizing up
Connectivity is key. If an organisation chooses the wrong connectivity, it will degrade the end user’s experience. This will ultimately undermine the quality of service that it is trying to offer.
User experience should be a focal point, and nothing undermines a computing experience like sluggish performance, which is particularly true of cloud computing. When moving to the cloud, organisations must have a realistic understanding of the amount, and quality, of bandwidth that they need, as well as the implications of the data flows.
Unfortunately, many organisations fail in this regard, because they don’t consider the network implications of data leaving the cloud.
Egress charges are the cost for data leaving the cloud provider, allowing end users to lift and shift their data into different locations for different uses. These can often make up a large chunk of an organisation’s cloud expenses as the data is constantly on the move.
On average, data egress is charged at 7p per gigabyte. Moving 25 terabytes out of the cloud an on-premise data centre or another cloud provider could cost £180,000 in egress fees through the public internet (even via a virtual private network). However, there are many examples of applications that may create data-egress costs, some of which may come as a surprise. Restoring backups in the cloud to an on-premises location, hosting a website and delivering web content into someone’s web browser, and consuming remote desktops hosted in the cloud are just a few.
Network connectivity needs to be flexible too. That way organisations can improve agility and respond faster to changing business conditions, something many IT leaders have struggled with over the last twelve months.
The modern cloud adopter is procuring networking like they consume cloud compute resources by working with a provider that can provide high-performance, low-latency private connectivity that can be scaled up or down on demand, will allow a real time response to workload fluctuations and changing business demands, while enhancing security, preventing bill shock, without long term contractual lock in.
Cloud has enables you to respond to the agents of change, your network should too.
Mistake 2: Not preparing for individual applications and adopting a one-size-fits-all strategy
Frequently, organisations view the cloud from a “server” perspective rather than from an “application” perspective.
The term “cloud” remains nebulous, as cloud implementations include ever-changing technology offerings. This can make it difficult to discern how to optimise a cloud solution to meet business needs.
The needs and goals of each organisation and industry differ, making it impossible to adopt a one-size-fits-all cloud strategy, or even the same strategy for each workload within an organisation.
Before making a cloud a cloud-hosting decision, businesses should assess the attributes of their workloads , often this may include understanding their performance, compliance\security, application integration and data volume needs. When viewed holistically an assessment can be made as to the effect of workload-placement decisions.
During the decision-making process, IT decision makers need to factor in the following:
· Business considerations – top business problems the organisation is working to solve, and the main use cases to enable or enhance, including time to market, agility, and legal and regulatory
· Technical considerations – attributes like performance, security, integration, data volume and workload elasticity
· Ecosystem considerations – factors like software as a service maturity, cloud service provider offerings or the market accessibility of cloud expertise
· Other considerations – consider existing applications and their cloud-readiness, application licensing, global data centre operations, and organisational practices, like disaster recovery and business continuity
Some applications are better suited for public cloud, while others are better in private cloud. By focusing on application needs, rather than server needs, the best decisions can be made.
Mistake 3: Bringing in the cloud, but not updating security landscapes
When adopting cloud, organisations often implement new technology without fully understanding it and updating their security posture to match. This makes them susceptible to all sorts of risks.
Here are four common cloud security mistakes and how to solve them:
Granting overly broad permissions
Rein in permissions by adopting a least privilege access approach. That way access is limited to only those who need it to do their job. If someone does require broad permissions, make sure those accounts are locked down with multi-factor authentication.
To limit the consequences of storage misconfigurations, employ encryption anywhere you can, including the encryption of storage at rest. That way, if encrypted data is stolen, it will be unreadable by hackers.
Inefficient application protection
Firewalls were once considered sufficient perimeter protection. Not anymore. A traditional firewall can be locked down to allow web traffic through only on a specific port. In many cases, that’s all a hacker needs to compromise your network. To properly protect business applications, implement effective patch management and web application firewalls (WAFs).
Make sure regular scans are carried out, maintaining visibility and automating the patching process.
When moving to the cloud it’s important to identify which countries the data will be processed in, what laws will apply, and what impact they will have. Then, follow a risk-based approach to comply with them. Enable compliance and application-level monitoring and assign an owner. That way cloud compliance, the collection of audit evidence, and misconfigurations can be easily tracked and identified, preventing any non-compliance.
The future of business will be in the cloud
The pandemic has changed the way organisations operate forever.
Recent research from TCS highlights that over half (51 percent) of organisations have increased their spending on cloud services over the last twelve months because of the pandemic, with only 27 percent of those surveyed having already migrated their core enterprise systems to cloud platforms before the pandemic began in January 2020.
Businesses are going to find themselves easily caught out by common mistakes if their cloud strategy doesn’t account for all the necessary elements before they make the move. By adopting a cloud readiness approach, and correctly planning for the task ahead, organisations can identify problems before they occur and protect their return on investment by not having to move data back to on-premises solutions.
About the Author
Leon Godwin is Principal Cloud Evangelist for EMEA at Sungard Availability Services. Sungard Availability Services (“Sungard AS”) keeps your business running all day, every day. Sungard AS partners with customers across the globe to understand their business objectives, identify gaps in their current infrastructure technology environment and tailor a plan to deliver the highly available, cloud connected infrastructure services they need to achieve their desired business outcomes.
Featued image: ©Skórzewiak