Cloud migration is a must for business today, here’s how to be sure you choose the right cloud services provider.
Key Takeaways:
- It’s important for businesses to choose the right cloud service provider (CSP) to ensure their organizational success today and in the future
- There are no definitive standards for picking a CSP, but there are organizations the provide standards for best practices and security, as well as those that provide certifications
- The best provider is the one that meets your business needs and has the maturity and expertise to align with your objectives
- Among the things you should look at when assessing a CSP is compliance and governance, security, the vendors used by the CSP, and performance
- The health of the company should also be on your radar, as well as performance, reliability, and cost
- Amazon Web Services is top of the heap with the required maturity, expertise, cost, and scalability
While Amazon Web Services is the world’s largest cloud services provider (CSP), it’s not the only choice for businesses moving to the cloud. Microsoft, Google, IBM, and Alibaba, along with many other companies, offer cloud services with different features. As COVID-19 forced many businesses into the cloud, choosing the right provider for long-term organizational success has become essential.
The International Standards Organization (ISO) published two international standards regarding cloud vocabulary and terminology, as well as architecture. But they described cloud computing as an “evolving paradigm” and did not specify criteria or processes for assessing CSP useability. However, there are a number of organizations that provide standards for security as well as best practices.
So, just how do you pick the CSP that is right for your business? There are a number of factors to consider, including how much experience they have, cost, tools, reliability, and security. However, aside from the basics, it’s also important to find a provider that has the offerings and expertise that aligns with your unique business requirements today as well as in the future. Here are some tips to help you pick the right CSP for your company.
8 things to look at when selecting a CSP
As we mentioned, there’s no one standard for CSPs, but there are a number of groups such as the National Institute of Standards and Technology and DMTF that are providing guidance. Look for a provider that observes industry standards and best practices, especially when it comes to security. Look for a provider that is Code of Practice certified. These cloud services companies have made a commitment to transparency and quality services that build trust in those wanting to do business in the cloud.
Certifications are just the start. Other things you must consider include:
1. Technologies and a service strategy that support your objectives
Take a look at how you manage your workloads and make sure the CSP you’re considering is aligned with how you do things and supports just what you want to get out of the cloud. Otherwise, there may be coding or customization required to use a particular platform.
The provider’s path of service development also needs scrutiny. As they continue to innovate and grow, it’s important that their future plans square with yours.
2. Compliance and governance
It’s important to secure all data, but it’s particularly important if your company handles sensitive data that requires legal compliance to specific standards such as HIPAA, PCI, DSS, or other standards. What will it take to fulfill compliance? In most cases, compliance means encrypting data not only in the cloud but while it is being sent and received. Additionally, there may be requirements about where (city, state) your data is stored, managed, and processed. Can your CSP meet those criteria?
3. Security
Security is a word on everyone’s lips as cybercrime skyrockets in the wake of COVID-19, and securing your data cannot be overemphasized. Begin by defining your security goals. Then review the security measures offered by each CSP and make sure you understand the shared responsibility model – this means that your provider is responsible for the security of the cloud while you have the responsibility for security in the cloud.
4. Partnerships and service dependencies
CSPs often rely on vendors for hardware and services, and it’s critical to validate their relationships with them and to assess accreditation and technical capabilities. Are there some overlaps or pre-configured services your company can benefit from?
Be sure your provider discloses any vendor and subcontractor relationships, how they play a part in delivery of service, and that the cloud service company can guarantee fulfillment of services, even those they don’t control. Understand liability limitations as well as service disruption guidelines as they relate to vendors or subcontractors. In general, it’s best to look for a CSP that does not rely on a long list of subcontractors.
5. Service level agreements
There’s no industry standard for service level agreements (SLAs), although a partial framework for assessing an SLA can be found from the International Organization for Standardization. SLAs range from boilerplate terms and conditions to individually negotiated contracts.
The size of the CSP is worth a close look here: A smaller firm is more likely to negotiate, but they might agree to custom configurations that they cannot support, so it’s important to make sure they can. Require a clear definition of all services, deliverables, roles, and responsibilities – both with the CSP and in your company. Assess how the CSP’s policies dovetail with your requirements, especially when it comes to service accessibility and management.
Every SLA should contain language that addresses service level objectives, penalties and incentives for remediation, and any caveats and exclusions.
6. Performance and reliability
Every CSP will experience downtime, and it’s important to know how they deal with it. Make sure your provider has a proven process for addressing downtime. They should provide monitoring and reporting tools. Also, look at the CSP’s disaster recovery plans and whether they can meet your expectations for data preservation. When it comes to performance, ask your provider for their performance compared against their SLAs for the past six to 12 months.
7. Business health of the CSP
It doesn’t matter if the CSP has everything you want or the best price if they are not on sound business footing. Do your research: Does the provider have current or past legal issues? What are their plans around mergers, acquisitions, and leadership changes? Check their case studies and testimonials as well.
8. Cost
Different providers have different price structures. Let’s look at the top three:
- AWS: You pay for what you use with no upfront cost, or you can reserve instances with an upfront cost based on your utilization, or you can bid for extra available capacity.
- Google Cloud: You pay-as-you-go, but pricing varies by product and usage. There are minimums, and minutes are rounded up.
- Azure: Their pricing plan is similar to Google’s, and they round up the number of minutes. You can prepay to get a discount.
Now that you know what to look for, what is likely the best CSP for you?
AWS leads the pack
There’s are very good reasons why AWS, which marketed the first cloud service in 2006, has the largest share of global cloud infrastructure, dwarfing competitors such as Azure and Google Cloud:
- Cost: You pay for what you use with no upfront cost to build your storage system, and you don’t have to estimate how much you might use.
- Adaptability and scalability: Whether your business is large or small, AWS can help build your business with the tools you need to get started in the cloud. They also provide low-cost migration services to seamlessly move your infrastructure, and flexible usage means your company never has to worry about computing usage.
- Reliability and security: Dozens of data centers worldwide are continuously maintained and monitored, and with so many data centers, a disaster in one region will not cause permanent data loss across the globe.
The bottom line? Aside from the basic criteria, AWS offers businesses the tools and agility they need, along with technical experience, maturity, reliability, security, and performance you can depend on.
From cloud consulting to managed services and beyond, contact the CloudHesive team today to learn how we can help you build a robust cloud strategy.
