A 10-point guide to derisking cloud platform migrations

The benefits of migrating data and workloads to the cloud are by now well understood. But cost, complexity and skills are often a barrier. An estimated 72% of global organisations run hybrid environments today, meaning they blend public cloud deployments with private cloud and/or on-premise datacentres. That can add flexibility, but also risk.

Fortunately, help is at hand.

What are the risks of failure?

The public cloud is often seen as a more cost-effective option. But this isn’t always the case. A reasonably priced quote from an MSP may look good on paper and a contract is signed. It’s during the migration or in the early days that performance issues start to occur, and the costs start to ramp.

Additionally, if any one part of the cloud migration piece doesn’t work as intended, it could have a major impact on employee productivity, morale and even lead to data loss. That could feed quite quickly through to a negative hit on brand reputation and the bottom line. No organisation wants to be forced to fail back workloads after making the strategic decision to go to another cloud platform.

From planning to execution

With that, here are some key things to bear in mind to de-risk any cloud migration strategy.

1. Plan, plan, plan:

It sounds obvious, but successful cloud migration projects begin with thorough planning. It’s not just about a project manager describing what’s going to happen. It’s essential to begin with a clearly defined scope, understanding the workloads that need moving and ensuring they’re going to the right location in the right cloud. The type of workload will dictate where and how migration should happen. Remember: even small changes can have a big impact on end state.

Most critically, any cloud initiative should be aligned with business strategy. That’s why it’s important to start with a tailored assessment of the business and current IT systems, business priorities, future vision and key challenges. From there, the MSP should be able to create a personalised cloud solution that meets the client’s specific needs. QuoStar will create a comprehensive plan that outlines the scope, resource requirements, and project deliverables. This will always include accurate costs and a detailed plan of action.

2. Back-up and integrate:

If it’s a case of migrating from on-premise to a private cloud, this means ensuring the organisation has the right replication tool sets. If it’s about migrating to the public cloud, the organisation will need backup capabilities properly tested through to recovery for the solution that’s being migrated. Consider migrating to a development environment first, and/or moving a small handful of non-key workers’ services. A phased approach like this will help to surface any potential issues early on.

Another potential hurdle relates to core management system applications. If they’re simply “lifted and shifted” to the public cloud, poor integration with other applications may result in reduced operational efficiency and productivity, ultimately increasing cost. Typically, it’s business-critical legacy applications that are best suited to a private cloud but with tight and fast integration into a wider public cloud.

3. Get security right:

Security is still a top-two cloud challenge for businesses, cited by three-quarters (73%) of organisations. Following best practice is essential here, because when migrating data and workloads, teams may unwittingly open up doors into their infrastructure for a prolonged period. It could be a local site that needs to be connected via VPN to cloud workloads in order to transfer data, for example. If that site gets compromised, then the threat actor will have a direct pathway to into the cloud environment.

Security solutions often won’t lift-and-shift into the cloud. It’s important to consider what new tooling and approaches may be required. Sometimes it’s simple things that could unwittingly expose cloud infrastructure to threats – right down to the way networking works in the cloud. Consider carefully which assets need to be restricted, and that security works differently in private and public cloud.

Having an IT partner with a proven track record in cybersecurity can be extremely useful, as its experts will be trained to monitor for any potential risks or gaps and advise which solutions can prevent breaches. QuoStar is supplier agnostic and understands that some components work well in certain situations but not in others. It’s all about ensuring the right for business outcome rather than supplier. Understanding the organisation’s shared responsibility obligations is also key.

4.Have the right skills to hand:

It goes without saying that any organisation migrating to the public cloud needs to understand what they’re doing. This is sometimes where in-house teams used to tried-and-tested on-premises ways of doing things may hit a barrier. Expert third-party help can sometimes be essential, especially if internal teams are being stretched to the limit by digital transformation initiatives. The right IT partner will guide clients through their entire transformation journey, partnering with internal teams to share knowledge and even grow in-house experience and capabilities.

5. Start from the workloads:

To ensure the proposed cloud solution is the right fit for your organisation, think carefully about the workloads it wants to migrate. If it’s a case of moving on-premises infrastructure to the cloud to run “as is” for resiliency reasons, then private cloud is probably the best option. However, if the organisation wants to transform its infrastructure with platform-as-a-service, then public cloud would be a better pick.

As mentioned, increasingly it is a mix of the two. But exactly what this mix looks like will come down to the type of workloads in-scope. QuoStar will always consider a multi-cloud environment to mitigate risks associated with a single cloud, or just to find the right fit for the workload. With access to Microsoft Azure, Amazon Web Services, Google Cloud and other providers, there’s ample opportunity to find the best fit for each client.

6. Choose the right MSP/IT partner:

For most SMBs, an MSP will be essential to augment in-house skills during cloud migration projects and beyond. It’s important to choose a vendor agnostic partner to ensure they always pick the best solution on the market for a particular client and project. And one that has a tried-and-tested, mature migration process. It also pays to talk to a prospective MSP’s client base proactively rather than reading references handed over by the service provider. Speak to three or four to get a good mix of views.

7. Consider ongoing support:

The cloud landscape continues to evolve at speed. That demands a dedicated team and a proper service representative. Consider MSPs that offer support packages specific to the cloud platform(s) the organisation chooses, to ensure that the cloud provider (CSP)’s best practices are always being followed. Automated tooling will ensure that this is a continuous process, even as those best practices change.

If the organisation is moving to a private cloud and their MSP is fully managing that environment, it pays to check their past 12-24 months of uptime before selecting one. Talking to other clients is the best way of getting an honest answer on this.

8. Regularly review cloud provision:

Organisations will evolve over time, and so must their cloud set-up. Here are some of the tell-tale signs that an audit is required:

• OpEx is spiralling
• Performance issues are starting to impact the business
• The business can’t grow or launch new services

Regular audits are also a good idea from a security perspective, given the constant innovation that happens in the cybercrime underground. It’s an industry worth trillions today, and as new threats emerge, organisations may need to evolve their cloud strategies.

Ensure any audit is completed by a third-party distinct from the MSP, to keep its findings as objective as possible.

9. Consider whether to repatriate data:

Research reveals that 76% of IT leaders plan to repatriate data from the public cloud back on-premises in the next three years. It could be for cost reasons, client demands, or simply to gain more control over their environments – so they’re not beholden to their CSP’s tech roadmap. Many organisations find they prefer dealing with a smaller, specialised MSP that understands their vertical.

If data is being migrated from a public to a private cloud, an MSP could help here too, by managing the underlying hardware up to the OS level. This saves cost and resource, enabling the in-house IT team to focus on higher value tasks. Whatever the final destination of the data, the project should be managed in the same way as before; in a carefully planned, phased approach based around a rigorous assessment of the relevant workloads.

10. Define the Cost

Assess the Costs and Complexity: QuoStar understands how to fully scope the migration, including the costs and skills required. Be aware that other quotes from a Managed Service Provider may not cover all the resources needed, potentially leading to significant cost increases if additional resources are required later down the line. especially with public cloud.

Cloud migration can be fraught with complexity, so getting a partner you can trust is the first step to success. At QuoStar, we’ve been helping clients to transform their business via cloud optimisation for over a decade.