28 August 2016

5 Mistakes You Must Avoid When Buying Cloud Services


Whether you’re a startup, a midsize company, or a well-established leader in your industry, you’re likely moving to the next stage of your cloud sophistication and increasing your company’s exposure to this technology. In contrast to most types of purchases, however, established cloud services are hard to come by; there isn’t a Kelley Blue Book or Good Housekeeping Seal of Approval for cloud computing, storage, or infrastructure services.

Some best practices, however, are beginning to emerge.

1. Security: Don’t assume that your cloud provider has the right resources and policies to secure your data—legally.

It seems like a day doesn’t pass without some security incident or other being reported. Most of those cases involve companies or government agencies that have taken the responsibility of securing their own IT infrastructure. “That’s not their primary business,” says Rajan Krishnan, Oracle group vice president of cloud applications development. Cloud service providers, on the other hand, “are better prepared, enabled, and positioned to deliver security.”

Cloud services

But not all cloud providers manage security equally well. According to Krishnan, customers should ask any vendor the following questions:
  • Do you provide multiple levels of security, such as data encryption upon entry, transportation, and at rest?
  • Do you provide active identity management that allows administrators to ensure only authorized users are accessing data? What type of security do you offer to ensure that those same administrators don’t abuse their privileges? Can any of a cloud provider’s staff see your data? For example, at Oracle, data stored in our data centers are encrypted such that even employees who set up and maintain apps or infrastructure can’t access the data.
  • Does your organization provide embassy-grade (Tier 4) physical security for your data center? And are your data centers distributed in such a way that our storage and use of data won’t run afoul of various data residency regulations around the world?
  • Does your cloud provider allow customer data to co-mingle on the same database, or does it use “secure data isolation” that allows for sharing of computing resources where it makes sense, but isolates the data into separate databases?
Physically isolating customer data gives you peace of mind when it comes to compliance and risk mitigation. It also reduces the “noisy neighbor syndrome” — the risk that batch processing of financials or other heavy workloads impacts your own compute performance.

It also means you can accept upgrades to your instance based on your business’s individual schedule.

2. Adaptability: Don’t get trapped in an ecosystem that doesn’t let you easily add new and even custom-built features to extend cloud applications.

Most cloud services come with plain-vanilla functionality. (For example, contact information fields are pretty standard in any form.) But some businesses want to fuse functionalities together that are entirely of their own invention, so they need to look for a provider with an open-standards cloud platform as a service. “SaaS plus PaaS becomes strategically very important,” notes Tim Jennings, chief research officer at consulting firm Ovum IT.

Thus, it’s all the more important that SaaS and PaaS technology be developed using standards-based languages like Java, ensuring that you can seamlessly integrate extensions into your SaaS applications.

3. Integration: Don’t let your cloud provider isolate you in yet another data silo, or force you to work with only one provider.

Companies have been taking small bites out of the cloud, in the form of isolated business applications. Now that the time has come to take stock and make the most of these, companies are looking for ways of linking apps to create harmonized business processes.

In other words, says Krishnan, “fragmentation of business processes and storage in the cloud has led to the need for integration among cloud applications, and between cloud and on-premises applications.”

Ask your providers if they can address these issues:
  • Can you integrate data with third-party software? What are the complexities and costs associated with these integrations? Who maintains them. Is it standards based?
  • Do you offer pre-built application flows so that data and processes from one application (such as customer data) can flow into another (such as a supply chain application)?

4. Upgrades and modifications: Don’t let your provider decide when and how you’ll get an upgrade.

One of the major benefits of cloud technology is that technology providers can iterate more quickly, bringing customers more innovative technology quicker. But that comes with a trade-off, which is downtime.

And remember, Saturday morning in Rabat is not the same thing as Saturday morning in Topeka. And Tokyo is already back at work while London is still dancing. So when is downtime good for your organization? “Cloud can give you ready access to innovation at a pace that your customers demand, but without disrupting your business,” says Krishnan.

How does Oracle do it differently? By allowing customers to pick when to accept an upgrade. Oracle allows customers the flexibility to plan their upgrades when their business dictates. For example, having a customer-facing application get an upgrade when it’s peak sales time, such as November or December, is not a smart idea.

5. Standards: Don’t let your provider force you into applications written in a proprietary programming language.

Whether it’s writing on-premises applications or creating extensions to cloud apps, you want to be able to leverage skills already in your shop, and hire from a readily available talent pool. Look for cloud applications written in industry-standard languages. “Students of computer science are being taught Java in schools—and that means a much greater number of resources compared to proprietary languages,” says Krishnan. And, “if you want to move away from provider A, standards and architecture become even more important.”

Jennings at Ovum encourages business leaders to think about how their cloud strategy might change. “Flexibility is one of the key benefits of SaaS adoption, but when you’re planning and thinking about potential pros and cons, there’s also consideration of how I might react to certain scenarios—say, move an application from on-prem to cloud at a later stage,” Jennings says. “Or what are the implications of moving away from a provider? That’s where standards and flexibility of the service come into play.”

And as enterprises move selectively to the cloud they expect consistency in architecture and infrastructure across both their private cloud and public cloud environments.

Yes, cloud computing is relatively new (at least compared to established on-premises business technology), but that doesn’t mean there aren’t already some best practices.

And in fact, one of the promises of cloud technology is that it makes providers more responsive to their customers and the competitive pressures their customers face. Oracle has certainly adapted to this new environment—can you say the same about the cloud provider you’re using?

This article was originally published by Forbes under the title "Don't Make These 5 Mistakes When Buying Cloud Services" here.

1 comment:

  1. BlueHost is ultimately one of the best web-hosting company for any hosting services you require.