To Cloud or Not To Cloud

March 25, 2019 | Filed Under: AutomationCloudHow ToOperations

Cloud computing, once an exotic industry term, is now omnipresent. Nearly every significant technology company advertises cloud-based offerings; those who don’t are often seen as stuck in the past or falling behind. As a result of this increased visibility and heavy marketing drives, many IT departments at large and medium companies are feeling the pressure to devise cloud strategies and begin migration. While transitioning certain resources to cloud platforms can make sense, this is a decision that should be carefully considered, not undertaken based on hype.

The advantages that PaaS (platform as a service) and SaaS (software as a service) solutions offer are clear:  flexibility, scalability, and availability. In many cases, engineers working on your product can experience workflow improvements and decrease development cycle time when monolithic solutions are split into cloud microservices.  On the other hand, many IT professionals have legitimate concerns about security, loss of control and vendor lock-in. These concerns aren’t taken lightly, with CIO Magazine reporting that some companies are beginning to migrate data back to on-premise resources.

Nevertheless, cloud computing is here to stay, with the number and variety of services and platforms continuing to grow. The question is no longer if companies should move to the cloud, but what they should move to the cloud and how.  

So, what is the correct way to move to the cloud?

1) Decompose Your Infrastructure

Any successful cloud migration will begin with a deep inventory of your applications, data storage needs and security requirements. Making detailed diagrams of your infrastructure and how various services interact can be a good starting point. You may find some of the paradigms associated with Domain Driven Design helpful in decomposing your software into discrete components with defined interactions — in other words, breaking down a giant, monolithic infrastructure into smaller, independent chunks.

Next, you will need to consider which of these discrete components of your infrastructure would benefit most from the scalability and availability provided by cloud platforms without posing acute security concerns. After that, you should evaluate the cloud solutions on offer to see which specific service matches the specific needs of each component. Will you be storing and retrieving data? If so, how often will you need to read or write, and will the structure of the data be better suited for a table or document-based database? Will you require edge-caching for quick retrieval in certain regions? All of these questions, and many more, will determine the vendors and services you choose to employ.

2) Give It A Try!

After a very careful analysis has been conducted and put up for review, there will likely be one or two components that stand out as prime candidates for cloud migration. These should in most cases be independently valuable, independently deployable pieces of your infrastructure that are used across your organization (perhaps not the core of your product, but a frequently used tool or resource) that can easily become a microservice based in the cloud.

This shouldn’t entail a large investment of time and resources, and will not leave you with a long-term dependency on a certain cloud vendor or on the cloud generally. Instead, it serves as a case study for your team and company, giving you a better idea of whether you will benefit from further cloud migration.

3) Evaluate Your Trial Migration

If you successfully deploy and integrate a cloud microservice, you should take time to monitor outcomes and consider whether it’s been a successful venture. You should look at a number of factors: performance metrics, cost, even developer experience. If it’s been a clear success, you can make the case for deepening your company’s commitment to cloud migration. Once again, this does not necessitate moving every piece of your infrastructure and data to the cloud  — only those parts that make sense and are worth the effort.

If the benefits never materialize, you can feel confident in your decision to remain on-premise and avoid the cloud. You will have explored the options, gained a better understanding of your information architecture, and come away with first hand, evidence backed arguments as to why cloud migration doesn’t suit your company’s needs.

There’s More Than One Way To “Move to the Cloud”

Often, when people discuss moving to the cloud, they simply mean moving code and data off their servers and onto a cloud platform. They see moving to the cloud as a cure-all for engineering and architectural problems, a chance to escape slow development cycles and spaghetti code. But it’s not always the right solution.

Sometimes, what’s needed is a re-evaluation of your company’s core competencies to ensure you have the right focus. Maybe your website needs to process payments, but do you really need to have your own payment processing system? Maybe your company needs to send regular email updates or display information in multiple languages, but do you need to maintain your own code for email templating or localization? In most cases, there exists a third-party provider that focuses only on payment processing or only on email templating (their core competencies) that can integrate with your products or infrastructure.

Focus on the core of your business — the thing you do best, that nobody else can do — and use existing solutions providers for everything else. This can potentially let you remove thousands of lines of code, speed up deployments and reduce your developers’ workload. Most importantly, allow your engineers and IT administrators to put the focus where it belongs: on your products and services.

Keep Security in Focus

As discussed above, there is a great deal of unease regarding cloud security, with many companies holding off on certain migrations or backing out of cloud deployments altogether. It’s easy to understand why: it can feel like you are handing off your most sensitive data to third parties, on servers you cannot see or control, and taking them at their word when they tell you your data is safe. While the sophistication of cloud security solutions continues to grow, including the AWS Security Hub and CyberSana’s auditing and monitoring capabilities, many IT professionals feel there are too many unknowns and trust their own on-premise hardware or private clouds for privileged information.

On the other hand, there have been plenty of breaches at companies who employ little if any cloud infrastructure. Attackers often take advantage of idiosyncratic, custom-made security solutions. IT pros should apply just as much skepticism and diligence to their own, on-premise solution as they do to public cloud providers. Are you certain you’re more secure than AWS?

Highly sensitive data and services are, as ever, deserving of the most care and deepest deliberation. Before confidential records are migrated to the cloud, whether public or private, extensive research, consulting, and discussion with legal and compliance professionals must be undertaken. Your initial forays into the cloud should focus instead on useful, but lower-risk, resources and services.

Our Conclusion

Despite an ever-expanding array of services and platforms, cloud computing is not the answer to every problem. It’s easy to get caught up in the hype, or to be awestruck by the very real benefits that cloud migration can bring, but it pays to be patient and cautious. Take your time, understand your needs and technology, research your options and conduct some low-risk experiments.

When you’re done, you’ll understand exactly how the cloud can help your business without sacrificing flexibility or security.

Tags: , , , , ,