9 Mistakes to Avoid When Choosing a Cloud

Mistakes to Avoid When Choosing a Cloud

According to Gartner, the worldwide public cloud services market is forecast to grow 17% in 2020 to total $266.4 billion, up from $227.8 billion in 2019. While the benefits are too compelling to ignore, every mix of private, public, and hybrid cloud infrastructure comes with a new set of challenges and risks. The industry is learning that increased flexibility also means rethinking availability, security, and compliance procedures.

These challenges present themselves at the very outset, when IT managers evaluate the best cloud provider(s) for a given set of applications.

Cloud landscape 2020

(Source: ChiefMartech 2019 SaaS landscape)

Without an in-depth understanding of the new mindset cloud technologies demand, it’s easy to build a new cloud application stack on a rocky foundation by making these common nine mistakes when choosing a cloud:

1. Assume all clouds offer the same services.

Simply making the decision to “move to the cloud” is just a first step. Beyond private, public, and hybrid cloud environments, every cloud setup and provider comes with a set of predefined services along with respective cost/performance levels. The right cloud mix depends on your specific requirements, in addition to the applications and infrastructure in which you’ve already invested. For example, a private cloud will deliver increased flexibility but will also be less scalable. On the public end of the spectrum, if you’re already invested in a vendor (for example, IBM or Microsoft), you are likely better off working with the public cloud offering of the same vendor for a smoother cloud migration ride.

(Source: Gartner)

2. Ignore varying performance of different cloud providers

Expect different cloud providers to produce different performance levels for a given application. Moreover, the same cloud provider will deliver different performance in different regions – depending on how you take advantage of the provider’s infrastructure and services. For any given setup, your application will behave differently. It’s up to you to plan for specific performance levels and prepare to tweak them until you reach your goals.

3. Expect any application to run on any cloud infrastructure

Cloud providers are not OS-agnostic. If your infrastructure is heavily dependent on Windows, Google is quite simply not an option. In fact, some legacy systems aren’t supported by any cloud provider. Do your homework before committing to a provider!

4. Forecast the same cost distribution for different resources among provider

Every application stack will consume different levels of resources. A storage management system is a very different animal from a graphic processing engine. The more specialized your application, the more likely your cost is to vary considerably across different providers.

5. Assume cloud providers commit to similar SLAs

Similar to performance, every provider has its own SLA, and even specific SLAs per service. For example, while AWS commits to virtually no long-term data loss, you should expect 99.95% availability at best when it comes to compute resources.

6. Ignore 3rd party service support across different cloud providers

If your application is based on specific virtual appliances (e.g. payment gateways or security firewalls), it’s unlikely every cloud provider will be able to provide the same level of support. Review your application components carefully to avoid missing that critical component at an advanced implementation stage.

7. Design an application in advance without considering unique cloud provider characteristics

Every cloud provider offers a different mix of services, supported 3rd party services, and data center architecture. If you ignore these unique characteristics, your setting yourself up for a project that is virtually impossible to predict in terms of cost, performance, and maintenance requirements.

8. Take an all or nothing approach

Choosing a cloud doesn’t mean you need to move all your applications to a single environment. For each part of every application you run, you may choose a different approach.

9. Ignore disaster recovery and automated migration requirements

Application downtime is a challenge in cloud environments at least as much as in bare metal infrastructure. It is up to you to ensure your applications remain available through cloud outages, and that it is easy to migrate to the cloud from your existing setups. While specific tools and 3rd-party services exist to help you manage this process, not every cloud provider will support these tools. It’s up to you to plan for RPO (Recovery Point Objective indicating acceptable data loss), RTO (Recovery Time Objective indicating maximum time limit until system is up and running with recent data), and automated migration requirements for the long term.

By Leonid Feinberg

Jonathan Custance
IoT and cloud computing are on the increase High-profile cybersecurity breaches are increasingly in the news, a prime example being the NHS incident of May 2017 when services were brought to a standstill for several ...
Drew Firment
Here’s How to Make Sure Your Skills are Cloud Ready This year will be a period of meteoric growth for the cloud industry. Research from Gartner suggests that global spending on public cloud services in ...
Sofia Jaramillo
Augmented Reality in Architecture Augmented reality (AR) is a growing field of study and application in the world of architecture. This useful tool can help us visualize architectural designs by superimposing them onto real-world scenes ...
Bitcoin electricity
Bitcoin Heating? Bitcoin mining or cryptocurrency mining has been widely vilified for it’s environmental impact. Why it does draw a huge amount of energy, more and more of it is coming from renewable sources and ...
Metasploit-Penetration-Testing-Software-Pen-Testing-Security
Vulnerability Scanners Cyber security vulnerabilities are a constant nuisance and it certainly doesn't help with the world in a current state of disarray and uncertainty. Vulnerabilities leave businesses and individuals subject to a wide range ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.