5 Things A Cloud Provider Should Offer – Part II

5 Things A Cloud Provider Should Offer – Part II

5 Things A Cloud Provider Should Offer Part II

I recently posted an article for the CloudTweaks community on “Cloud-Enabled Managed Hosting: 5 Things a Cloud Provider Should Offer” and many readers have since asked me to expand upon this list. So, as a sequel to my first article, here are another five things I believe a cloud provider should offer.

Transparency to Performance and Monitoring Tools

As a paying customer you should have access to the same monitoring tools your provider is using to track performance and usage. Often, providers will not make these systems available to their customers, masking potential issues and thereby limiting the customer’s ability to troubleshoot their systems and perform proper capacity planning. If your provider does not let you access their monitoring tools they are most likely trying to hide something and they should be eliminated.

Cloud, Big Data, IoT Security and Compliance

Your cloud provider should have the ability, knowledge and skillset to provide the level of security required for your business. I am not a big believer in these “pre-canned” providers that state they are HIPAA or PCI compliant. These regulations, especially HIPPA, are very subjective in nature with responsibilities on both parties (customer and provider) to achieve compliance. So, I hesitate when I see advertising for HIPPA or PCI compliance Clouds. There are definitely controls that can be offered to help achieve compliance, but to make an absolute statement without knowing the nuances of each customer seems a bit bold. So, you should look for a provider with a strong security background capable of architecting a security program that fits your needs.

cyber-security

(Image Source: https://twitter.com/laurentimedici)

Providers should offer intrusion prevention, encryption of data at rest and in motion, data leakage prevention, two-factor, log aggregation and retention, security information management and other controls to help you achieve the required level of compliance needed. The ability to manage these security controls is also a big plus in the event you do not have one year but that directly translates into their lower customer startup and acquisition cost. The problem with a three-year contract is by the last year of that contract you are most likely paying rates well above current cloud rates for IaaS. The cost of servers, RAM and storage constantly go down and as these cloud providers leverage these new technologies their cost goes down as well. So, a respectable provider should allow the customer one price negotiation per contract. The only caveat is with the negotiation comes the terms of a new 3-year contract from that date. Upside, that new contract will also allow one price negotiation.

Participate in your Change Control Process

Magic Cloud

When looking for your next cloud provider make sure they are willing to take the time and effort to integrate into your change control process. Your change control process should incorporate all systems, managed by you or your providers, with all changes being reviewed by both parties. There are often system interdependencies that exist which can be overlooked when change control processes are separated. This often leads to unnecessary downtime and confusion during the troubleshooting process when issues arise.

Getting all teams on the same page and working in unison provides better feedback for changes and possible issues while ensuring a more successful outcome. Also, in the event of an issue, all parties feel ownership to resolve with less finger pointing due to the fact they all participated and had input prior to the change. This is an important and often overlooked point.

Provide Value Beyond Contract

cloud-spending

(Image Source: Spiceworks)

Twenty-five percent of outsourcing customers will actively seek to eject their current provider if they have not effectively helped them standardize, automate or transform their processes over the next two years. Thirty-seven percent will fire providers for failing to meet compliances, 28 percent if the provider cannot provide greater flexibility to achieve scale and 27 percent will be fired if they do not lower operating cost.

Outsourcing and managed services is not just about cost reduction and getting basic tactical operations functional; it’s about moving clients into a future state that is much more effective than the current one. Customers should be looking for more technology-enabled business value from suppliers. Forty-eight percent want improved analytics to improve operation and access to strategic talent, while 47 percent stated that access to new technologies are important.

Service providers need to embrace the mentality of value and show how value is synonymous with the partnership. Customers should think about the three main ways value is exchanged between them and their provider. First, there is value exchange – customer pays $1 for a given unit of service. Secondly, we have value extraction – companies that use their power and leverage to get that same unit of service for $0.80 cents. Lastly, and what needs to promoted not just in service delivery but throughout the sales cycle is helping customers move away from the prevalent “cloud mentality” (where all cloud providers are the same and it’s all about cost) to a create additional value mentality. A create value is the customer and provider working together to optimize the $1 so it drives efficiencies, effectiveness market share and cost reduction to create $.50 cents in additional value.

This is where the service provider’s focus should to be and what you as a customer should expect. How to jointly create $1.50 worth of value for the $1 you are paying?

By Marc Malizia

About Marc Malizia

Marc Malizia is co-founder and CTO of RKON Technologies, responsible for the company’s overall technical vision and strategy. Since he helped start the company in 1998, Malizia has played a key role in creating many of RKON Technologies’ products and professional service offerings, as well as building the company’s internal computing platform, which serves as the basis of the brand’s cloud and managed services portfolio.

Prior to RKON Technologies, Malizia was director of engineering at LAN Systems.

Malizia holds a bachelor’s degree in computer science and mathematics from University of Illinois and a master’s degree in telecommunications from DePaul University.

View Website
View All Articles

Sorry, comments are closed for this post.

Comics
How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

2017 Brings DLP Technology and IoT’s Weaknesses to Light

2017 Brings DLP Technology and IoT’s Weaknesses to Light

DLP Technology In regards to data loss prevention (DLP), in the last five years many companies rushed to implement DLP solutions without taking the time to first identify the data that should not transit egress points. Most of these rushed implementations have not been successful. Security analysts, in particular 451 Research, have been recommending that…

7 Common Cloud Security Missteps

7 Common Cloud Security Missteps

Cloud Security Missteps Cloud computing remains shrouded in mystery for the average American. The most common sentiment is, “It’s not secure.” Few realize how many cloud applications they access every day: Facebook, Gmail, Uber, Evernote, Venmo, and the list goes on and on… People flock to cloud services for convenient solutions to everyday tasks. They…

How The CFAA Ruling Affects Individuals And Password-Sharing

How The CFAA Ruling Affects Individuals And Password-Sharing

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

3 Keys To Keeping Your Online Data Accessible

3 Keys To Keeping Your Online Data Accessible

Online Data Data storage is often a real headache for businesses. Additionally, the shift to the cloud in response to storage challenges has caused security teams to struggle to reorient, leaving 49 percent of organizations doubting their experts’ ability to adapt. Even so, decision makers should not put off moving from old legacy systems to…

Four Trends Driving Demand For Data Security In 2017

Four Trends Driving Demand For Data Security In 2017

Data Security Trends 2017 will be a hallmark year for security in the enterprise as all industries have reached a tipping point with respect to cloud and mobile adoption, forcing more and more data beyond the corporate firewall. Over 100 IT executives weighed in on their plans for 2017 in our latest survey; buried among…

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…