In-Depth
What Enterprises Should -- And Shouldn't -- Move to the Cloud
By Shahin Pirooz
There's no denying it -- more businesses today are looking toward the cloud as a means to better manage, secure, and support their IT infrastructure. Because of the benefits the cloud can deliver, worldwide spending on cloud services will grow exponentially faster than for general IT solutions.
A move to the cloud is not as simple as eliminating your physical network infrastructure and software and moving everything to a hosting company. Not every aspect of your business can be easily and effectively moved into the cloud, so you must do your homework to ensure that the hosted services -- as well as the cloud provider itself -- can deliver the true benefits you desire.
Why Move to the Cloud
There are many reasons why an enterprise may choose to move from a traditional in-house IT model to the cloud. First and foremost, tight budgets have prevented many enterprises from making IT investments, such as new hardware or the latest version of business-critical software. This decision has consequences and risks because your aging infrastructure has a limited useful life. As a result, the cloud has become a way for enterprises to more cost-effectively upgrade their IT infrastructure, compared to the price tag of a forklift upgrade of in-house hardware and software.
Another reason is utility pricing. By moving to the cloud, enterprises can easily scale up or down to meet their changing needs. Cloud providers offer best-in-breed IT infrastructure. Because the underlying infrastructure is leveraged across many organizations, the cost per organization is a fraction of maintaining IT infrastructure in-house.
Enterprises also may move to the cloud because they require proactive management and round-the-clock monitoring and support of key systems, robust disaster recovery solutions or a way to minimize downtime of critical applications. Or they may need to support a mobile or geographically dispersed workforce that requires remote support across multiple time zones and with different technology environment.
Is Your Business "Cloud Ready"?
Moving to the cloud can be an ideal proposition for most small and midsize enterprises. Once you decide to transition to the cloud, conduct a thorough assessment of your IT environment to determine how much of it can be moved to the cloud and what is better suited to remain in-house.
Many enterprises simply do not have the time or resources to take a deep look at their infrastructure and determine how all the parts work together. While most understand what hardware, operating systems and applications they're running, there are even more factors to take into account.
To determine "cloud readiness," your assessment of IT resources should carefully examine three key components:
Network: This assessment will allow you to determine if your enterprise has sufficient bandwidth to support access to cloud services, and if the hardware you have in place can handle the demands of the cloud. The network directly impacts the quality of performance of cloud services, and can be a big factor in your satisfaction with hosted solutions. There is no "right" answer to how much bandwidth is required. As your Internet connection becomes a more critical factor for accessing cloud services, you can ensure you have the bandwidth needed in a number of ways. You can rely on quality of service for your network to ensure business critical applications have the necessary dedicated bandwidth, observe normal network management best practices, and have a plan for redundancy on your connectivity to the cloud.
Server: By examining the number of servers in use, you can determine whether they can be virtualized and how many you need to achieve your goals. Many enterprises have succumbed to server sprawl, starting a new physical or virtual server every time a new application is needed. The server assessment can help you decide which ones can be consolidated into a smaller footprint, and eliminate those that may not be required to provide redundancy or disaster recovery once the move to the cloud takes place.
Application: Look at what applications you have in place, such as a customer relationship management (CRM) and enterprise resource planning (ERP), and determine whether they can be virtualized. Part of this assessment should consider how the performance of these applications, and how their ability to interact with other ones, may be impacted if they are moved off site.
What Not to Move
Now that your assessment is complete, it is important to understand that some facets of your IT environment are not ideally designed to reside in the cloud. Although they can be moved to the cloud, the decision requires special considerations to minimize potential problems. Services and applications that do not ideally belong in the cloud include:
File access: Moving file access services into the cloud may be impractical and laden with latency problems because of the Common Internet File System (CIFS) protocol currently in use today. CIFS was designed to work over LANs and does not work as well when you put distance between the user and the file, as would happen in the case of a hosted file server. For example, it could take several minutes to access a large PowerPoint document from the cloud, resulting in lost productivity and frustration for the user.
If you do choose to move file access to the cloud, however, there are ways to minimize these problems. First, you could implement a caching appliance to keep the most frequently accessed files local and move the others to the cloud. Second, you could your entire ecosystem -- including file servers and the clients that access them -- to the cloud. This requires you to implement a virtual desktop and virtual office environment.
Windows Authentication: Like file access, this option relies on a protocol (Remote Procedure Call, or RPC) that is designed for a LAN environment. When you move authentication away from Active Directory and into the cloud, you are again putting distance between the user and the server that is responsible for authenticating and giving that person access to the network. That distance can result in a long lag time for your employees when they log into the network to start working. Similar to file access capabilities, if you want to move authentication to the cloud, the best option would be to move your entire IT ecosystem.
Printing: In many cases, printers do not have sufficient memory to support all the documents that might be sent to them at a given time. When caching documents, it is more logical to have a print server near the printer. Although there are some options for "Web printing," which entail sending a document to a Web queue that is designed to communicate with the printer in the office, this is not the most efficient way to accomplish the task.
There are two ways you may be able to manage printing in a cloud environment. First, give each employee their own printer so they could print locally and use that machine as a print spooler. Second, dedicate one or two computers in the office to act as a spooler.
Selected vendor-specific applications: Some vendors will not provide support if their applications are placed in the cloud or a virtual environment. However, those vendors are decreasing in number, as most have accepted that cloud computing is a reality and its use is growing exponentially.
Developing Your Transition Plans
Once you've decided what IT components you want to move to the cloud, you must develop a strategy for making the transition. There is no single set of best practices for determining what to move and when -- it depends solely on your company and its particular needs. There are some questions you can ask yourself to help develop a plan:
- How do you grade your performance? Is your network reliable or does your Internet connection fail frequently? Ensure that the network providing cloud access functions properly and has the bandwidth necessary to accommodate this new environment.
- What is the state of your hardware? If you have older hardware that supports a critical application, this may be the perfect component to move to the cloud first because you want to ensure that you do not suffer any downtime. However, if you recently invested in new hardware, it might not make sense from a financial perspective to move those components to the cloud at this time.
- Are you concerned about reliability? If worries about a total IT failure and disaster recovery keep you up at night, then this should be the first cloud solution you implement. The cloud offers a cost-effective model to support your disaster recovery and back-up requirements.
Finding the Right Match
As you assess your IT environment and determine which components you wish to move to the cloud, you also need to consider the capabilities of your cloud provider. Many of today's cloud providers are focused solely on infrastructure-as-a-service (IaaS), and, therefore, do not have application ecosystems or the virtual desktop components you may require. As a result, you may be signing up for a Herculean task that requires you to build your own virtual servers to effectively move four-tier solutions such as ERPs to the cloud should you select an IaaS provider. This creates more work for the internal IT staff, who will have to cobble together these various servers, and introduces security concerns.
To avoid creating more work for your IT staff and to fully leverage all that the cloud can offer, you should ask your prospective cloud provider the following questions:
How much experience does your company have? With a spate of new providers entering the cloud marketplace, it is important to consider how much experience your cloud provider has, because less-experienced providers may experience growing pains -- in the form of outages or other service issues -- while they expand and mature. If you move mission-critical infrastructure or applications to the cloud, you want assurance that there will be no downtime.
Do you offer integrated solutions and have expertise in the various tiers you may need: client, database, application, and Web? Ideally, consider using a single provider that can effectively integrate your cloud components, as that will help ensure security and reliability across the board.
What type of support do you offer? Helping employees troubleshoot problems takes much time away from the IT staff in small and midsize enterprises, and can be a virtually impossible task given the fact that employees are working non-traditional business hours. To help re-focus the IT team on their core mission, look for a cloud provider that offers end-user support via help desk staffed with subject-matter experts who are available 24/7.
Do you support mobility? Over the next five to 10 years, personal computers will become less of a factor as mobile devices (such as tablets, netbooks, and smartphones) become more prevalent. If mobility is critical to your workforce, you should seek a cloud partner with a good foundation in supporting mobile device management and security, as well as tech support for users of a wide array of these devices.
Is your cloud environment certified? If your company is in the financial services industry, or maintains vital private customer data, find a cloud services provider certified in one of the audit standards, such as AT 101 (SOC 2) or SAS 70 Type II (which was replaced in June 2011 by SSAE-16 (SOC 1)). This will ensure that your cloud provider has put in place all of the best internal practices to verify security, availability, and privacy in your hosting environment.
As you consider your move to the cloud, it is critical to first define the results you wish to achieve, then determine which components of your IT environment can -- and cannot -- effectively be hosted. By developing this strategy and selecting the most appropriate cloud provider to meet your company's needs, you will be able to achieve the full promise of the cloud.
Shahin Pirooz is chief security officer and chief technology officer of CenterBeam Inc. He can be reached at spirooz@centerbeam.com.