1. The new environment will be complexA hybrid cloud setup is more complex, not less, than any traditional private data center. You have to manage your existing end-to-end data center plus manage your providers, which isn’t as simple as paying a bill. You need to perform periodic contract reviews, validate that Terms of Service (ToS) and Service Level Agreements (SLAs) are being met, obtain more diversely trained IT staff to manage both local and cloud offerings, and manage connectivity and integration between the cloud and your existing data center. Leadership must get the message out early that hybrid setups are more complex, especially in the first year. There won’t be instant savings and efficiencies; instead, there will be learning curves. Leadership will have to closely and continuously manage both environments to keep them tightly integrated and functional.
2. Roles and responsibilities will changeIn some cases, more staff may be needed to handle the implementation until the new operational processes are established and running smoothly. Some roles may need to be redefined to meet the requirements of the new environment, and completely new roles may be needed, as well. Whereas you may have previously had a high number of hands-on technical employees, you may not require as many when leveraging cloud automation, but you’ll need at least one employee to monitor service providers, SLAs, ToS and other new requirements under the cloud model. Leadership must take on the role of the IT Broker, understanding the service providers available and monitoring their performance against the SLAs. As the IT Broker, leadership must ensure that their customers have the right tools and services for the right price, when and where they need them.
3. Know what your customers really needTypical servers in business and enterprise data centers deliver between five and 15 percent of their maximum computing output on average over the course of the year, and 30 percent of physical servers are “comatose.” It’s the job of leadership to minimize that waste and IT sprawl by understanding customers’ needs, the organization’s capacity and resources, and determining what services the organization needs to accomplish its mission. Cloud automation makes all activities related to cloud computing as fast, efficient, and as hands-off as possible through the use of various software automation tools that are installed directly on the virtualization platform or software and controlled via an intuitive interface. Leveraging cloud automation can allow your IT department to spin up or clone new environments in a matter of seconds, matching computing power (scalability and elasticity) with the true need of the organization’s users.
4. Ensure your data will be secureYour organization’s security is just as much your responsibility as it is your service provider’ If you misconfigure your service’s security, don’t assume the service provider will warn you or prevent it. They are handing you the keys to a secured home; whether you decide to leave the doors unlocked is up to you. While many service providers may follow best practices to keep your data secure, it’s critical that you understand what those practices are and develop specific service level agreements (SLAs) and Terms of Service (ToS) agreements to hold the appropriate parties responsible and accountable for your data. These agreements should include a detailed security demarcation point – a point where you are responsible for your data and the service provider isn’t. Organizations should also leverage the Federal Risk and Authorization Management Program (FEDRAMP), a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
5. Develop a plan to move your data to the cloudIt’s important to evaluate the approach that’s right for your organization based on security, convenience, and cost. Most cloud service providers will offer a cloud storage transfer service, but you must have your data online to leverage a variety of interfaces to create and manage transfers. Applications with industry-standard strong encryption are recommended for moving data from on-premise to the cloud. Most providers will offer a variety of transfer applications to match your data size and network speed. It’s important to make sure you understand the pricing model for this type of transfer – every provider has their own model, but most include egress and operation charges, insertion charges, transfer charges, and deletion and early deletion charges, among others. If you have a significant amount of data, you are limited by bandwidth, or you just can’t afford the transfer fees, you also have the option of physically moving your data. Organizations considering this method should be warned that it may not necessarily be cheaper and also introduces new risks. When physically moving data outside of your environment, it is important to encrypt the data at rest and properly maintain chain of custody records and actions. Before your organization moves to the cloud, it’s critical to understand what it is, the benefits, and what moving to the cloud will actually mean for the organization. A smooth, successful transition is only possible if everyone in the organization – from IT staff to organization leadership – adopts the cloud mindset. To learn more about how Tripwire can help you stay secure in the cloud, click here.