If you’ve got the heebie-jeebies about cloud-based operations, you’re not alone and help is at hand. Two of our engineers, Mike Lazenby and Dafydd Jones, offer guidance on the ‘big three’ fears.
Most organisations moving to the cloud don’t consider operations upfront. In fact, many only discover part-way through a largescale migration that traditional tools and approaches will be redundant in the new environment. At this point, fears surrounding stability, security and compliance, and cost control can take hold.
The challenge of cloud-based operations
Deloitte’s Chief Cloud Strategy Officer David Linthicum has written about this issue in an article on TechBeacon Why cloud operations management is the next big thing. As he says, organisations migrating to the cloud generally assume that existing operations engineers will handle cloud-based operations. However, the cloud requires an entirely different skillset to the management of a traditional datacentre.
According to Linthicum: “The enlightenment usually happens when enterprises are 30% to 40% migrated, both data and applications. Teams discover that approaches and technologies leveraged for traditional operations are unsuitable for use with cloud-based deployments.”
So, what are some of the common problems related to this, and how can they be resolved? Mike and Dafydd from our cloud managed services team say the three issues that most concern clients are ‘resilience’, ‘security/compliance’ and ‘cost control’.
1. IT resilience in the cloud
Avoiding downtime is a high priority for any business, but IT outages can be a common problem for organisations that are new to the cloud. An area that often needs urgent attention is disaster recovery.
When DevOpsGroup is engaged for cloud managed services, we quickly establish:
Recovery Time Objective (RTO) – how much downtime an application can experience before it results in measurable business loss.
Recovery Point Objective (RPO) – the maximum acceptable data an application can lose before it results in measurable business loss.
Mike says that RTO and RPO are often out of kilter with disaster recovery measures that have been put in place.
“It’s not unusual to find that an organisation conducts back-ups just once per day, when the RTO and RPO timeframes are measured in minutes or hours. Realigning this needs to be a top priority so the customer can be confident that their system is resilient enough to protect the business.”Mike Lazenby, Senior Cloud Engineer, DevOpsGroup
Identifying the root cause of issues that harm performance is another important aspect of enhancing resilience. There’s often a common theme to problems that result in outages; once this is established it can be prioritised for Kaizen (continuous improvement) work in due course. As operational maturity increases, parts of the estate can also be automated to enable ‘self-healing’ when problems arise.
2. Cloud-based security and compliance
When an organisation lacks capability and confidence in cloud-based operations, one of the greatest fears is that security and compliance will be inadequate.
All organisations need to be mindful of requirements such as the General Data Protection Regulation. Those operating in strictly regulated sectors such as financial services or healthcare also need to take additional steps to establish and maintain best practice.
According to Dafydd, methodical analysis using tools such as CloudCheckr is an important first step to ensure security and regulatory obligations are met.
“We run checks for different regulations then conduct a gap analysis to indicate where the system falls short. This is followed up with recommendations on how to resolve issues that may impact security and compliance.”Dafydd Jones, DevOps Engineer, DevOpsGroup
When they’re coupled with expert engineering support, cloud-based platforms offer effective and efficient ways to keep on top of security and compliance best practice. Our case study for Closed Loop Medicine outlines how we helped this healthcare technology company maximise data security ahead of a clinical trial.
3. Cloud cost control
Resilience, security and compliance are not the only concerns voiced by organisations moving to the cloud. Cost-efficiency is a big issue too.
A previous blog by Ed Pearson looked at ways to deliver cost savings in the cloud. From a cloud-based operations perspective, rightsizing is the single most important factor here.
“Once everything is working smoothly in the cloud, the next big question is ‘how can we do it cheaper?’ Developing an effective, automated strategy for rightsizing is central to this, but very few organisations take the necessary steps.”Mike Lazenby, Senior Cloud Engineer, DevOpsGroup
Mike and Dafydd agree that rightsizing involves a delicate balance. It’s about ensuring the optimisation of resources is ‘just right’ to meet the organisation’s usage needs and patterns. This requires continual analysis to avoid over- or under-provisioning. Ideally, measures should also be taken to ensure the system can handle any spikes in demand.
How a cloud managed services partner can help
Without specialist cloud engineering skills, operations can flounder after migration to the cloud, putting the organisation at risk. Third-party cloud managed services offer an effective and cost-efficient solution. Look for an organisation that works collaboratively with your team, building a rapport and improving operability as well as resolving issues when they arise.
If you’re looking for a partner to help you flourish in the cloud, we’d love to hear from you.