3 Tips for Your First Move from On-Premise to the Cloud

Some claim the cloud is “just someone else’s data center.” While there may be some truth to this, if you keep treating the cloud like a data center, you’re missing out on its full potential. Aside from the performance advantages, scalability, and cost-savings it provides, one of the cloud’s key transformative qualities is that it requires IT teams and C-suites to adjust mindsets companywide, resulting in introducing key players to innovative practices. Moving to the cloud catalyzes a recalibration in thinking that’s essential in today’s business environment.

on-prem-to-cloud

We commonly receive requests for tips on streamlining cloud deployments from companies of all sizes. As a Google Cloud Premier Partner, Maven Wave helps Fortune 500 enterprises with complicated data migrations daily: this work is part of our core business. Below are a few of our high-level, proven tips to keep in mind as you consider a move to the cloud:

1) Establish Your Cloud Strategy

The strategy and reasoning behind a major change must be understood by all involved to ensure success. Make sure you and your team are able to clearly grasp and articulate the practical reasons behind your company’s move to the cloud. Is your data center contract expiring and you need more scalability? Perhaps the CFO is demanding more of an OpEx versus CapEx spend? Going through the prep work to establish your cloud strategy prior to your first migration is a great way to simplify your effort. We suggest that enterprises consider three core areas to inform their cloud strategy:

  • Value proposition: which business goals will be accomplished by moving to the cloud?
  • Total cost of ownership: what is the price tag to transition resources to a cloud architecture and how does this cost compare to current expenses?
  • Cloud readiness: is your environment and staff positioned to make a move to the cloud as comprised today?

Having a well-defined and understood cloud strategy is a critical first step in ensuring a successful migration. However, it’s not enough. Initiatives often lose steam, and we have found that internal pushback is the #1 reason for a less than enthusiastic response to a move to the cloud. One essential additional step is to establish a budget for staff training and provide that training promptly. Doing so encourages involvement, early adoption, and also eases concerns about job security.

2) Prioritize Modernization

While a lift and shift strategy is a quick way to expand your cloud footprint, it may not always be the most economical option. As you plan your move to the cloud, first identify workloads that are good candidates to leverage cloud-native technologies.

For example, an application that executes a few functions each day likely does not need to consume resources and accrue cost year-round. Instead of rehosting workloads with ephemeral resource consumption footprints, consider leveraging containerization or serverless compute. Choosing either of these modernized cloud options could result in paying for minutes of compute rather than paying for a server that runs continuously.

As part of a comprehensive DevOps practice at Maven Wave, we build and deploy containers to Kubernetes environments to fit a variety of workloads to the cloud. Learn more about our DevOps approach and solutions here.

3) Implement Robust Security Controls

Security is another area in which teams need to shift their thinking as they move to the cloud. Without proper controls and tools in place, administrators can inadvertently introduce new vulnerabilities into both their on-premise and cloud environments. One simple way to help mitigate these risks is to proactively manage their most common cause: over-privileged accounts.

Maven Wave urges its clients to make use of Role-Based Access Control (RBAC) and the principle of least privilege as strategies for avoiding over-privileged accounts. Our guiding principle is that users and accounts should be granted only the access they need in order to perform the tasks required to complete their work.

Maven Wave also suggests that its clients create an auditable approval chain for changes to account and group permissions. When a new person joins the team and needs access to resources, access should be granted via a request process, approved by relevant stakeholders, and then granted to the requestor. Implementing and adhering to gated access controls is an effective operational strategy for limiting your exposure to over-privileged accounts.

Lastly, Maven Wave relies on a large suite of technical controls and tactics to secure its clients’ cloud environments. To help prevent data leaks, we recommend that our clients leverage the cloud-native tools in GCP, such as Forseti (a policy analysis tool) and Google’s Data Loss Prevention (DLP) API whenever appropriate use cases present themselves. We prefer to point our clients to cloud-native protective measures, but there are plenty of on-premise tools and processes that can be integrated with your cloud or hybrid cloud environment as well.

Once you’ve used these suggestions to establish your cloud direction, you can dive into additional strategic planning (e.g., backup, disaster recovery, CI/CD) and solidify your operational parameters (e.g., business continuity planning, risk assessment, policy development). We strongly encourage enterprises that are moving workloads to the cloud for the first time to enlist the help of a well-established, well-connected cloud migration partner. At Maven Wave, our Infrastructure team has helped hundreds of enterprises unleash the power of the cloud. Contact us to learn more.

About the Author

Michael Lombardo
Michael Lombardo
Mike Lombardo is an experienced architect and consultant who specializes in designing and implementing cloud architectures. He has proven ability to plan and execute migrations to the cloud and to help clients define cloud strategies that fit their business and technical requirements. Mike holds credentials as a Google Cloud Platform Professional Architect, Google Cloud Professional Security Engineer, CISSP, Certified Ethical Hacker, and AWS Associate Solutions Architect. He has also earned his master’s degree in Information Technology from Northwestern University.
November 21st, 2019
CLOUD & MOBILE APPS

Get the latest industry news and insights delivered straight to your inbox.

2019-11-22T09:03:32-06:00