Eight Best Practices for Successful Cloud Migration
2018 will be likely be a record year for migrations to the cloud. According to a study by the Cloud Security Alliance, 33% of organizations have taken a “full steam ahead” approach toward cloud services and each major public cloud provider has projected high growth rates.
As many organizations undergo their first cloud migration, the process and operational practices followed during this initial stage are critical to adopting a successful cloud-first strategy. While each cloud migration has a unique set of drivers and requirements, there are common steps to success that Burwood Group has experienced helping clients migrate to the cloud.
1. Engage the Business
Within organizations, business departments are always looking to innovate, transform existing applications, and add new applications. As you plan for your cloud migration, embrace this need for transformation and seek business stakeholder alignment. This is key to the ongoing support, funding, and eventual success of a multi-year cloud migration. To start, determine if there will be upcoming transformation events such as a new innovative priority or a merger and acquisition so it can be incorporated into cloud planning. At this stage it is also important to review application lifecycles and roadmaps so that the right applications are prioritized for cloud migration.
2. Be Realistic about the Benefits and Timeframe
To realize value with a cloud migration, plan in no longer than two year increments. Planning for longer than two years becomes challenging as it is difficult to calculate ROI in that time span and business or IT priorities could dramatically shift in two years.
Cost should not be the main driver of your cloud migration plan, as it can take multiple years to realize cost savings. Take into account that costs will typically rise during migration due to increased staffing, support, and the infrastructure needs associated with running dual environments. The most common benefits of the cloud are agility, flexibility, innovation, and faster time to market. Over time, improvements to IT staff efficiency will also be evident.
Increasing data security regulations will likely trigger compliance needs within many organizations and should be factored into your application migration decisions and cloud selection. Ensure that all stakeholders are in agreement about the benefits being sought and the timeframe it will require to realize them. Be as transparent as possible about the risks and challenges that could be encountered along the way.
3. Automate Application Discovery
One of the keys to successful cloud migration planning is having a firm understanding of application, database, server, network, and security dependencies. The goal of application discovery is to understand what dependencies and communication flows are associated with an application. A critical component of this discovery is understanding the performance requirements for an application on-premises so these performance needs are addressed as the application moves to the cloud.
Application discovery and dependency mapping tools replace organization gaps in documentation or historical application knowledge and significantly reduce the risk of missing a dependency during a migration. Application discovery tools also provide scenario planning so you can organize applications into migration groups and perform what-if analysis around cloud fit, cost, and migration timeframes. Using these tools, application discovery and dependency mapping reduces a process that can take upwards of several months when done manually, to mere weeks.
The output of application discovery and dependency mapping provides a great start in implementing micro-segmentation in the cloud. Restricting network access to only valid business traffic is a key tenant of security in both on-premises and cloud data centers.
4. Work Smarter with Operational Outsourcing
The team migrating applications to the cloud ideally needs to be dedicated to the task and not occupied with operational support issues concerning the current environment. Consider leveraging operational outsourcing to support your current on-premises environment. Operational outsourcing services can provide 24x7x365 support at a cost often lower than organizations can build themselves and can scale up or down based on the need.
Operational outsourcing can also greatly aid in the validation of application performance pre-, during, and post-migration with monitoring tools. The right provider will take on support of applications once migrated to the cloud, which frees your team to focus on the next migration rather than day-to-day maintenance.
5. Start Small, Build Confidence
Achieve early, quick wins to build staff confidence and to allow key stakeholders to begin seeing benefits. Start with a small workload to move to the cloud to develop team capabilities, comfort level, and support experience. Some of the most common workloads are Dev/Test environments, non-critical applications, or data analytics environments. All of these types of environments can also benefit from the scheduling and scale out capabilities of the cloud. Data analytics is a great place to start because of the machine learning, artificial intelligence, and natural language processing capabilities offered by public cloud providers, such as Google Cloud. These capabilities are often difficult to replicate on-premises cost effectively and at scale.
Don’t be over-ambitious about how many applications can be refactored for the cloud. Refactoring applications with containers or micro services is usually focused on an organization’s innovative applications. Refactoring an application takes time and your organization will need to ramp up this capability. Lift and shift is the most common cloud migration pattern and is recommended for initial cloud migration of an application. It allows an organization to move quickly to the cloud without much development work. It is also much easier to refactor an application once it is in the cloud.
6. Proactively Manage Costs
Be aware that there will be increased operational costs during cloud migration. When planning for the migration, be sure to include costs for additional head count, circuits, and migration tools. Circuit costs need to be factored in for data migrations in particular. Leverage burstable circuits in instances when you may be charged based on bandwidth leveraged for a period of time. This will allow you to scale down usage and costs after the migration.
A cloud migration can stall if costs are not monitored during the migration. The best approach is to have an individual, team, or partner, separate from the cloud migration team, who can proactively inspect cloud costs to identify areas of waste and optimization during the cloud migration. On-premises environments were built to handle peak workloads. Migrating servers to the same size virtual machine in the cloud is often not cost effective. Ensure that compute, memory, and storage are adjusted to the levels needed for normal operation and leverage the scale up capabilities of the cloud to handle peak usage. If Dev/Test workloads are part of your migration strategy, schedules can be attached to these environments to shut off when not in use and can terminate after a period of time to align with your environment refresh strategy.
Reviewing cloud bills is often complicated, akin to reviewing an intricate telephone bill. It can be difficult to determine which application, department, or resource is the source of a cost overrun. As cloud usage grows, the amount of detail can be too great to simply review in Excel or for one person to sort through manually. Leveraging Cloud Cost Optimization software is recommended to proactively review cloud spend, pinpoint waste, and provide what-if analysis for optimization planning.
7. Deployment Processes Must Include Security
As you know, the cloud can be more secure than on-premises solutions, but if done incorrectly the risk and impact can be far greater. APIs, object-based storage, and serverless applications all spur innovation, but also make it easier for hackers to access sensitive data if proper access control is not implemented. Moving too fast, de-centralized environments, and new technologies all create increased opportunities for security risks to be introduced. In the cloud, the root account has access to everything which is a big change from your on-premises world with silos of access to different parts of the infrastructure.
Identity management, access control, and data security are of utmost importance in the cloud, so developers should be equipped with robust security training. If you have moved to continuous integration and deployment, consider automating code and integrating vulnerability review into the deployment process. Automated policy checking is also critical to ensure that identity management groups are set up correctly, SSH keys are secured, and storage buckets have appropriate access. Many cloud providers are building these policy-checking capabilities natively into their platforms.
8. Plan Ahead. Develop a Multi-Cloud Governance Approach
The cloud you are migrating to will likely not be your only cloud. Based on cloud capabilities and business department needs, there may be other public clouds in your organization’s future. As public cloud providers continue to specialize in areas like container management, database as-a-service, machine learning, artificial intelligence, and natural language processing, sticking to one cloud provider is not going to be realistic for many organizations. Through M&A, organizations also need to proactively plan how they connect and integrate with multiple clouds.
A cloud acquisition policy and process is a great place to start to develop responsibilities across the organization. This includes selecting, purchasing, designing, and deploying new cloud environments including public cloud and software as-a-service.
Most organizations with a cloud-first strategy are also developing a multi-cloud strategy. To effectively plan for multi-cloud, even if your team is starting with one cloud, we recommend developing an overall governance model with defined policies and a suite of tools for how you will support new cloud account creation. The governance model should include tagging strategies that will work consistently across multiple clouds, security, data access governance, and architectural standards.
From increased agility to enhanced security capabilities, the benefits of a cloud-first strategy are becoming increasingly clear. But what may be less obvious is how to tap into those cloud advantages in the best way possible. After all, while cloud use has grown rapidly in recent years, optimizing use of the cloud is still a new frontier of sorts for many organizations.