According to a recent Gartner survey – 2019 CIO Agenda: Secure the Foundation for Digital Business – 49% of CIO(s) agreed that they have either moved their business to Cloud or are actively thinking about it. And many more agreed that working with a trusted cloud service provider is crucial to the success of their digital transformation objectives. This also means that there is a huge untapped potential in the managed cloud service offering, and choosing the right partner is a very important step in this journey.
But what does that mean from a cloud service management perspective?
And how does selecting a right MSP (Managed Cloud Service Provider) catalyse your digital business outlook?
Let’s look at some of the most important factors in choosing a right cloud partner for your business.
Cloud Technology Certification and Standards
Reputable cloud solution providers need to comply with national and international regulatory requirements around data management and processing. Therefore, it becomes pertinent that the selection of the providers is based on the following pointers:
- If security is a top priority of the business then shortlisting providers accredited with certifications like ISO 27001 is a must.
- The SOC 1 certification for quality of control on financial reporting, and SOC 2/SOC 3 reports address security, availability, processing integrity.
- The Cloud Security Alliance’s STAR certification program is another general security standard which gives a good indication on the standards maintained by the provider.
- Similarly certifications like HITRUST and PCI DSS are critical for healthcare and payment card industries.
Reliability and Performance
This seems like a no-brainer but there are many aspects to reliability, and one must understand the implication of factors like redundancy and cross geo data replication before shortlisting potential service providers.
- Look for providers with multiple data centres that include redundant power, cooling and network carriers. Ensure that the monitoring and reporting tools work round the clock and are in congruence to your existing tools and management processes.
- Identify providers based on their performance against their SLAs for the last 12-36 months. Check for documented and proven processes for dealing with planned and unplanned downtime.
- Choosing a provider that can consistently deliver and compute storage performance at scale is critical. For example, factors like CPUs and GPU accelerators and high-speed networking with minimum 10 Gbps connection to the cloud and similar fast connections between cloud instances are an important indicator for judging the provider’s performance.
Service Flexibility and Partnership
Cloud providers normally offer a bouquet of flexible solutions such as the ability to select the right machine for the type of jobs you will run or mixing of physical and virtual machines whenever needed.
- Tools for auto scaling and persistent disk storage should be part of the providers landscape.
- The provider should offer variety of data storage options including file systems, RDBMS, key-value stores etc.
- For PaaS offering, the provider should have the ability to offer connection to the marketplace from which complimentary services that are preconfigured to integrate effectively on your platform can be procured.
- Similarly, for SaaS offerings the provider should offer existing integrations between finance and marketing services.
- Quite often there is a network of 3rd party contractors and subcontractors involved in delivering a service. It’s critical to understand the various relationships, internal dependencies and SLA(s) agreed across all the parts of the service.
Data Governance and Security
Client data protection is the riskiest aspect of moving to the cloud and clarity needs to exist by all parties before embarking on this journey. Therefore, a relatable service provider must take you through the internal process and steps enabled to protect data.
- If location of data is a requirement then providers should give choice and control regarding the jurisdiction in which data will be stored, processed and managed.
- Check the provider for its data encryption services (data at rest and data in motion) and how these services integrate with file-transfer or data replication solutions.
- Business policies documentation should clearly lay out user access, security roles and roles & responsibilities such that all activities via all routes are completely auditable.
- As already discussed adherence to standards like ISO 27000 series along with assurances of resource allocation, including budget and headcount is needed.
Cost and Value
While some cloud vendors come up with very lucrative pricing offers, there are many hidden and unsuspecting charges lurking behind post signing of contract. One needs to be very diligent in going through the fine print. As Microsoft says in its short guide on provider selection: ‘The provider should have a track record of stability and be in a healthy financial position with sufficient capital to operate successfully over the long term”.
- An ideal service partner should provide you flexible pricing such that it allows you to scale up and down according to your immediate IT needs.
- Important to consider are the current licensing costs of software and the change in licensing contract and its prices due to the migration to a service provider.
- Watch out for providers that offer and rely on custom or bespoke components as this may impact your portability to other providers and would lead to vendor lock-in.
- Calculate the cost of data storage, data access, data transfer upfront.
Business Continuity and Disaster Recovery
The cloud service provider should have a well thought out strategy for business continuity in the case of any network or system outage. Outages can be natural, or man induced and are bound to happen over time, therefore an intractable vendor is a dead investment. It is very important to select a vendor that provides multi-channel support. This support should be 24/7 across social media, electronic chat, traditional call or email.
- Checking the provider’s disaster recovery provisions, processes, disaster recovery runbook, SLA(s) etc. is a good starting point.
- The provider should also demonstrate processes laid out for post recovery checks like maintaining criticality of data, data sources, scheduling, backup, restore, integrity checks, etc.
- Also make sure that the providers have well established and proven processes for dealing with planned and unplanned downtime including the communication structure sent to the customers.
So, if you are still the 51% of those, who have not moved your business yet to cloud or haven’t thought about it yet, our experts at CirrusLabs can help you take informed decisions and help trigger your digital transformation.