Important Considerations before adopting Public Cloud
Building an application and make it available for public consumption has become easy by using Cloud Services. We don’t have to think or plan for procurement of infrastructure, hiring right set of network and system engineers or data center maintenance. We can create an account on public cloud provider (AWS, Azure, GCP etc…)of our choice and start publishing our workloads.
But is it that simple??? Or do we need to do our homework before considering any of the public cloud for organization. I have been building cloud based application from part few years now and seen most of the organizations are quite excited about moving to cloud but struggles to maintain that excitement when they start facing challenges related to security, cost, data etc.
Most of the time the cloud adoption journey started with the thought that Cloud is just another technology. Work starts in silos with PoCs done by a small team of engineers to check the technical feasibility, and success of that turns into a full blown project. But during the implementation or sometimes once the project goes live, teams start facing the challenges related to security, data governance, performance etc. Then the reality settles in and organizations starts contacting architecture teams of cloud providers and involve cloud experts. These experts will share the report with gaps and areas which are not considered during the cloud adoption process. Finally this will results in either putting cloud adoption process on halt or reduce the scope of its implementation and lots of people and financial investments was already done. By this time all the excitement related to cloud lose its steam.
In order to reduce the impact of these factors it is important to do our home work before start using cloud services. It will start with creating Cloud Governance Council (or what ever we may want to call it as), and the purpose of this is to bring representatives from all over the organization together to plan for Cloud Adoption Strategy. This council includes people from infra, devOps, application development, security professional, financial professionals, project management and business functions. Here the team will discuss about the fundamental considerations which council must keep in mind before jumping on with cloud adoption process.
Considerations
Before selecting the cloud provider and jumping on to moving the workloads on cloud we need to keep following considerations in mind:
Security — It covers the security implications of moving to cloud. Here we need to define the confidentiality, integrity and availability of data in public cloud systems. confidentiality means that the system and data are available only to those who have authorized access. Integrity means the ability to ensure the data is accurate and no tempering is done to data. Availability ensures that the networks, systems and applications are providing service to legitimate users
Though most of the popular cloud providers take care of physical security of network and datacenter, still there is a different degree of responsibility on consumer to protect data, applications, implementing IAM etc.. Below is the reference of Microsoft shared responsibility model which talk about the responsibility of Microsoft and Customers based on the hosting of workloads:
Cloud Cost Management — Cloud cost models are different than traditional IT cost models. Cloud cost is based on operational expenditure and not capital expenditure i.e. cost of services is charged based on pay-for-what-we-use model. Consuming cloud services is literally equivalent to online-shopping on Amazon, its dangerously easy to let costs run away. That is why defining a governance model for cloud cost optimization from the beginning is very important.
Cost optimization is not one-time but continuous process so model must define the strategy for analysis, implementation, governance and monitoring. As cost is one of the most important aspect in cloud adoption so public cloud providers provide various tools to help us with that such as Azure Cost Management, Azure Billing APIs, Azure Pricing Calculator, Azure Monitor, Log Analytics etc…
For more information on cost optimization in Azure you can refer to my previous blog:https://tekspry.medium.com/cost-optimization-in-azure-part-1-guidelines-and-tools-639b792b3191
Data governance — Data is everything, from data-to-day transactions to enormous analytical datasets. Governing data at such scale can be daunting task. A Gartner survey some time back showed that the top two challenges Enterprises faces when planning for cloud adoption are data risk and compliance concerns (For more details: https://www.gartner.com/smarterwithgartner/cloud-computing-tops-list-of-emerging-risks/). So organizations must define the robust data governance strategy before adopting public cloud.
For defining the data governance strategy we need to classify the data which goes into cloud and only then we can govern it. For data classification we need to setup a data governance team. For data classification there could be different ways to do it but at a high level data can be classified as:
a) Regulated Data: It means data which is regulated by compliance such as GDPR, HIPPA, PCI-DSS etc… This data need special consideration for where it goes and how it’s handled in the cloud.
b) Valuable Data: This include the data which is not necessarily regulated by some governing body but it contains the trade secrets of an organization such as organizations financial data, Product secrets etc. This data is of high value for organization and hackers or business rivals would like to get hold of it. To protect organizations interests data governance council must include data owners and business stakeholders.
c) Sensitive Data: There could be chance the data element is not sensitive in nature but pieces of such data elements may make the information more valuable.
Services — There are two different aspects need to be covered for defining service strategy.
When and How to use services?: We need to outline when and how to use different cloud services for likely business use cases. Public cloud providers gives multiple options for compute, storage, integrations, security etc, using which IT teams build a solution. Also, they provide SaaS solutions as buy option where IT teams act as broker. This is good but at the same time it can be confusing on Build vs buy or if building a solution then which service to choose. So its important to define which cloud service to use in different organizational use cases. So to start with we can create a matrix that answers which cloud service models to use for which business use cases. There are multiple matured SaaS solutions are available in the market for standard use cases such as CRM, HR systems, Financial systems, service management and business workflows etc. It will be better to use existing SaaS solutions such as Salesforce or Microsoft Dynamics for CRM, Workdays for finance and HR operations and ServiceNow for service management. Core business solution can be build internally.
Who is the Customer?: Secondly we need to define who our customers are, value we offer them, and how we provide that value. Identifying the target audience is important to identify which service to select such as if the application is build for internal users where we are very well aware of scaling requirements of the application we may not like to go with compute services which are generally used to manage auto scaling or dynamic scaling. Also, if the application is used by internal users and the application is not business critical then we may not need 100% uptime SLAs. Where as if our target audience is external users then we need to look into other aspects as well such as whether the audience is B2B or B2C, do we need to expose only website or APIs. Security considerations will be different for different set of users.
Apart from identifying when and how to use cloud services, we need to consider challenges such as vendor lock-in and significant changes by cloud providers.
- While defining the cloud adoption strategy we must avoid relying on single cloud provider as it will allows vendor to have complete control over how much they charge you for services and if better and comparatively cheaper services are available with other provider it will be difficult to migrate.
- Also, public cloud providers are always changing and improving their products and keep on sunsetting existing services. This could become a challenge if at the time of service selection we have not looked into when a service is getting retired. For example recently Azure Scheduler is retired and replaced by Azure Logic Apps (https://docs.microsoft.com/en-in/azure/scheduler/migrate-from-scheduler-to-logic-apps).
So its important to evaluate the services not just based on current availability but also future availability as well. Also while making the choice make sure to select generic, more popular and widely used services than selecting a vendor specific service such as Azure provide support for multiple container orchestrator i.e. Azure Service Fabric and Azure Kubernetes Service. Out of these 2, Kubernetes as an container orchestrator is more popular and supported by CNCF (https://github.com/cncf/contribute/blob/main/projects/README.md#kubernetes) so if there is no specific reason to go ahead with Azure Service Fabric it will be better to choose Azure Kubernetes Service.
Also, we need to define the migration strategy in place if due to some reasons we need to migrate from one cloud to another or migrate to on-premise (though rare but its true there are organizations who have migrated from cloud back to on-premise due to unexpected cost and performance degradation).
5. Knowledge with in the teams — Cloud adoption is not just adoption of another technology but it is about bringing a cultural change as well. If we consider it only as another technology and not bring in any cultural change then we will never able to meet our expectations and end up in bureaucratic challenges with in the teams. Insufficient skills is also highlighted as one of major factors impacting cloud adoption in 2020 as per Gartner report (https://www.gartner.com/smarterwithgartner/4-trends-impacting-cloud-adoption-in-2020/). So in order to championing the culture for cloud is to instill education as a core value with the teams and organization. The role of the Cloud council is not just limited to define considerations for security, cost, data governance and services but also have to work with different teams for introducing various services and technologies in the existing ecosystem. The teams will be brought together to explore the feasibility of new technologies. So we need to build the structure and promote environment that allows facilitating teams as well individuals to be curious, ask questions and dive into latest research. We need to facilitate the teams with online and offline trainings, access to books and research work and have to build a culture of experimentation and improve learning experience.
This is not the end of the list I would say but these are minimum number of things we need to consider while going for cloud adoption. It will help us in streamlining the process and fix some of the major challenges faced during cloud adoption journey.
