Look Before You Leap to the Cloud!

Ever since we heard the term “Cloud First”, we’ve been led to believe that cloud migrations make IT operations simpler and cheaper. Sometimes this is true, but not always. It all depends on your approach.

Organizations need to think strategically about the cloud. There are a number of factors to consider that too many people overlook.

The independent technology market research firm, Vanson Bourne, recently surveyed 1200 IT leaders, across 13 counties, about their cloud migrations. It found that the “Cloud First” strategy is alive and well. Most organizations (56 percent) operate with this approach when deploying new applications and managing workloads. Two thirds of respondents’ organizations use or plan to use two or more cloud service providers (CSP), while a quarter plan to use four or more.

However, the study found a lot of confusion around data management topics related to cloud migrations. For example, 69 percent of those surveyed wrongly thought data protection, data privacy, and compliance were no longer their responsibility after moving to the cloud. They mistakenly believed that responsibility for these core data management capabilities transferred to their CSP. This transfer of trust is all too common and unfortunately, very costly.

Given rising storage and egress costs for data, it becomes even more important to be able to think about cloud migrations and data together. There are several risk and cost avoidance measures that can be achieved by doing so.

Data Management Considerations for Cloud Migrations

Our data management imperative in government is not new, but it’s clear that not everyone understands how it applies in today’s hybrid, multi-cloud world. Data Management attempts to solve an old problem – the rapid growth of unstructured data, including emails, documents and image files, etc., makes it nearly impossible to derive information from our data. Unchecked, this data exposes organizations to cost overruns and potentially harmful personally identifiable information (PII) leaks.

First and foremost, you need visibility into your data. However, gaining insight into your data isn’t easy. Deploying data classification technology is crucial. These tools lets organizations quickly scan and tag data to ensure sensitive or risky information is properly managed and protected. Once you understand your data, you can reduce your risk by eliminating copies of PII that you don’t need.  This also supports a best practices approach to enterprise data governance.

By gaining insight into your data, you can take intelligent actions to only migrate useful information to the cloud. You can also find your redundant, obsolete, and trivial (ROT) data and remove it, or store it, on second or third tier, low cost storage retention platforms.

It’s Your Data…Own It and Protect It

Cloud initiatives must also consider data protection geared towards your applications and data managed by a CSP. Most organizations don’t give sufficient thought to how they would fall back from the cloud or avoid vendor lock in. So, it’s critically important to establish a capability to move applications and data between clouds.

Performing cloud to cloud migrations drives significant savings based on monthly CSP costs. Further, the ability to move the data back to an on-premise solution is equally important for critical data needs such as legislative inquiry, records retention policies, and eDiscovery. Perhaps most significantly, cloud migrations between clouds help you retain buying power with your provider.

Also, what happens when your CSP goes down? (There have been some notable outages.) The Vanson Bourne research study found that 55 percent of leaders surveyed mistakenly believe that application uptime is the responsibility of their provider. However, most cloud providers often include statements like the following in their terms and conditions.

You are responsible for properly configuring and using the Service Offerings and taking your own steps to maintain appropriate security, protection and backup of Your Content, which may include the use of encryption technology to protect your Content from unauthorized access and routine archiving your Content.

Clearly, it is up to you to implement a robust data protection and resiliency strategy for your cloud migrations.

Final Thoughts

Cloud migrations don’t have to be complex. However, they aren’t as easy as they seem. Planning and flexibility are necessary to move applications and data to the cloud, and importantly, between clouds.

Without a solid data management strategy, however, this is much harder. Don’t let your journey to the cloud stop before it starts.

You may also be interested in The Federal Government is Retooling its Cloud Strategy and Agencies Eye the Benefits of Cloud Beyond Cost Savings.

Jonathan Alboum is part of the GovLoop Featured Contributor program, where we feature articles by government voices from all across the country (and world!). To see more Featured Contributor posts, click here.

Leave a Comment

One Comment

Leave a Reply

Catherine Andrews

Really solid advice and perspective here. Time and time again we hear from our government audience it’s not necessarily that cloud as a technology is daunting, but figuring out the best way to get there, and the ‘why’ of it as well. Thanks for this post!