The cloud journey is an imperative part of any businesses’ IT strategy and everything the cloud promises should be considered as the ultimate endeavour. For many companies, migration to the cloud is already well underway but, for others, the journey is just beginning.
Like any great technological change, there are lessons to be learned from those who paved the way. Cloud services can be extremely beneficial, but there are still a number of areas that need significant review, and enthusiasm should be tempered to ensure correct decisions are made at the right time and for reasons that benefit the business.
With this in mind, we outline five incorrect assumptions that can lead to problems when migrating to the cloud:
Everything can be moved to the cloud
Many businesses are being driven to use cloud services without a proper understanding of what they are actually trying to achieve. Without a proper cloud readiness assessment this can stall or halt their progress and, in some cases, a migration may have to be aborted or even reversed.
Each system, application, service or product needs to be considered not only on its individual requirements but also on the interdependencies it has with other components of the existing infrastructure.
The internet supports all needs
The omnipresent nature of cloud services lends a lot of its capability to the internet, which typically allows easier access to services and a more flexible platform to manage them. However, attempting to manage a service this way may not always be the right thing to do.
A lot of existing applications don’t have the appropriate encryption or security considerations required for a safe transition to the cloud
A lot of existing applications don’t have the appropriate encryption or security considerations required for a safe transition to the cloud, while others do not perform across NAT boundaries. Put simply, these applications are better served by older protocols. Companies should, therefore, consider ways a move to the cloud can be facilitated without internet connectivity.
Networking is dead
Cloud service providers have made a concerted effort to ensure connectivity is a simple thing. Anybody who understands infrastructure, code, automation and scripting can get things working with relative ease. But it’s important to note networking isn’t dead, and a lack of skill can often create environments where ‘things just work’ without any real understanding of the best architecture from a networking perspective.
The basic networking components (e.g. network containers, routers, gateways, load balancers and security groups) offered by the major cloud service providers are functional but too simplistic.
A strong network architecture is arguably more important in cloud computing than it has been in more traditional environments, especially as there will likely be a ‘hybrid architecture’ in most organisations for a long period of time.
Security is just NSGs
Network security groups (NSGs) can be considered the most basic of Layer 4 firewalls. They serve in the main to shape the permissions for who or what can consume a service or application within a given part of the cloud environment. They are, however, not even remotely close to being appropriate for consideration as a valid security device. Despite this fact, they are often implemented as the only means of securing an infrastructure.
With a number of services being exposed to the internet, and with cyberattacks on the rise, security in cloud is paramount – and NSGs just do not cut it. They are too often used as an excuse to bypass the security posture within an organisation by falsely being represented as having dealt with security concerns.
With a number of services being exposed to the internet, and with cyberattacks on the rise, security in cloud is paramount – and NSGs just do not cut it
There are a wealth of security options within cloud services and these need to be considered in line with the network architecture, so as to provide the most appropriate protective measures for the business.
Everything is cheaper
Cloud computing has provided a wealth of commodity offerings. Businesses can scale up their infrastructure on demand, paying for only what they use at the times they need to use it. There are no costs to be considered for hosting and long-term contracts are limited or don’t exist, meaning no extended tie-ins.
With this in mind, the governance and control over spend is often overlooked or lost altogether. While a physical piece of infrastructure used to be subjected to rigorous spend controls before any purchase order was raised, purchases can now be achieved with the click of a button. This means financial controllers rarely have a firm grip on what is being purchased and why.
Carelessness can also creep into an organisation, with resources being wasted when they are not being used or simply not needed. Cloud service providers do have tools that can assist in alerting administrators to this fact but, as resources grow, it can become increasingly difficult to understand the landscape.
The most overlooked of all costs is egress data. For every gigabyte of data transferred out of a cloud service environment (sometimes even within the environment) there is a small charge. These charges quickly add up and are often completely ignored, sometimes even assumed to be a ‘necessary evil’ of using cloud services.
Depending on the business requirements for an application or service, migration to the cloud may not actually be the right thing to do.