Sergey Nivens - Fotolia
More than a third of organizations in Nemertes Research's recent Cloud and Cybersecurity Research Study do not yet use public cloud infrastructure and platform services. Even enterprises that embrace the public cloud typically still conduct a significant portion of their IT workloads inside their data centers. On average, only about 30% of their overall enterprise workload is in IaaS or PaaS.
When looking at its overall enterprise workload, IT needs to take a systematic approach to decide how to provision each new workload, each system it's refreshing and its legacy portfolio. IT should evaluate every workload against the same balanced scorecard in order to minimize risk and maximize success in a cloud migration strategy. Just over 50% of organizations say they now have such a process in place.
Although each organization may have unique concerns to add to such a scorecard, the key axes for evaluating a cloud migration strategy include the following:
- Risk. The organization has to consider several categories of risk, starting with security and data privacy. But this should also include operational risks -- such as decreased ability to respond to performance problems -- and liability risks, because most cloud customers bear the entire burden of risk in the event of a compromised workload. IT must consider in each case whether a workload can go to the cloud and, if so, whether the cloud will deliver lower risk than internal resources.
- Performance. Can the workload deliver the performance users expect, based on where they are and how they will be reaching the application? This requires looking at network, compute and storage performance.
- Cost. How much will it cost to deliver the service from the cloud? IT must again look at compute, storage and network resource consumption, in addition to layered services -- such as backup -- or fault-tolerant deployment across multiple data centers or regions. It won't always be cheaper to run a given workload in the cloud. If it isn't, IT must explicitly decide how much of a premium the organization is willing to pay to get the workload out of the on-premises data center.
- Workload architecture and requirements. Is the workload cloud-friendly or not? In other words, can the workload take advantage of cloud-native strategies that respond to demand with dynamic and horizontal scaling? Is the workload able to control the amount of data it needs to send out of the cloud environment? If the answer is no to either of these questions, the workload may be significantly more expensive to run in the cloud, especially if demand is highly variable and the system always has to run at the resource level required to deal with peak demand. IT can refactor or rewrite some workloads to be cloud-ready, but other workloads cannot or will not be changed.
By evaluating workloads according to a consistent process, IT will be able to focus on the specifics of each job rather than general guidelines, like low-risk jobs first. Even a high-risk migration might make sense if the other rewards for moving to the cloud outweigh the risks. Similarly, a low-risk move might not make sense if the workload isn't well-suited to the cloud.