Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Managing the transition to the cloud

p pat phillipsPat Phillips, practice director at independent IT and business change professional services firm Xceed Group, talk through how to manage and prepare for the move to the cloud

CIOs and IT Managers are turning to the cloud in droves, with Gartner suggesting that cloud computing will be a $207 billion industry by 2016[2].
But as with any new deployment or implementation IT needs to approach cloud investment with its eyes wide open. When moving more IT to the cloud there are a number of areas enterprises must address:

Service Level Agreements (SLAs): Define the SLA required should be defined and the options available compared against the opportunities, risks and costs. A balanced approach should be ensured to managing the risks and carry out scenario planning with cloud service providers.

The SLAs required can vary from business-to-business. Some organisations have business critical IT to deliver and may need very high service levels. In these circumstances the public cloud may not give it sufficient cover, as the cloud service providers can’t guarantee the end-to-end performance if the delivery is relying on the Internet. However, if availability isn’t business critical then a cloud service option may be good enough and will be far cheaper.

Data Protection: it is vital that data strategy, standards and policies are documented before making the decision to move services into the cloud.

An organisation will have data which is a vital asset for the business, perhaps containing IP (intellectual property), personal data and commercially or regulatory sensitive information. It is paramount that organisations can articulate their data protection requirements to the cloud service providers clearly to secure these assets. The organisation cannot abdicate responsibility for managing and protecting its data. It must ensure a cloud service provider can demonstrate how they will help mitigate the risks.

Virtualisation: the risks and options need to be weighed carefully in a heavily virtualised cloud environment.

Virtual computing is already widely adopted within many organisations and the challenges of managing IT support for applications are largely understood within the confines of the enterprise. However, part of the value in moving to the cloud is that it uses virtual servers (potentially multi-tenanted) in co-located environments at scale. The risk profile of virtualisation and co-location needs to be understood and mitigated. Different ways to mitigate the risk of co-located environments could be physical segregation with hybrid or private cloud environments.

Performance Management: the application design needs to be focused on to ensure they are able to test, measure and tune the performance without necessarily having sight of the end-to-end delivery.

Historically organisations have struggled with measuring performance of applications in the traditional enterprise as commercially available tools are limited. As such a compromise on accuracy has to be accepted or a bespoke measurement tool developed and deployed. Any IT manager will know bespoke means expensive, both to design and run, and the task of measurement becomes even more difficult in the cloud.

Security: robust security policies must be in place. Organisations need to work closely with cloud service providers to get alignment and potential improvements in their risk profile. 

Security in the cloud is a huge topic in its own right with many elements to consider. Both users and vendors have to take into account the fact hackers are becoming ever more sophisticated and able to exploit all manner of vulnerabilities. Denial of service (DoS) attacks are rife and can be extremely disruptive and costly. In the cloud, which is heavily virtualised, cloud service providers have been investing in security to protect themselves and their clients. That investment has been more significant and better targeted than organisations may have been able to provide individually. Consequently there have been some major advances, particularly in the protection of virtualised services. Having this investment and protection added to an organisation’s on premise security firewalls is complimentary and beneficial in the war against hackers. Web based applications are arguably one of the largest security vulnerabilities. With more people and businesses making use of social media, the cloud service providers must be able to allow access to sites such as Facebook but still be able to block access to elements such as gaming. Irrespective of moving services to the cloud, organisations must ensure their security policies cover their staff’s responsibilities.

With thorough preparation IT managers and CIOs can reap the rewards of transitioning to the cloud. However without negotiation, preparation and risk assessment along the way the benefits of the cloud could be lost to high costs and poor control.

[2] http://www.gartner.com/newsroom/id/2074815