Are you thinking about moving your business to the cloud? If so, you’ll need a cloud provider. The provider needs to be a partner that will collaborate with you on design, and build and support a tailored solution that meets your business requirements for security, compliance, reliability and customization. But how do you determine which provider is right for your business? Knowing the right questions to ask is half the battle. In this slideshow, Concerto Cloud Services has identified five questions organizations should pose to prospective service providers during the selection process. Charting this information on a scorecard with which you can base your final decision is a recommended way to approach the process.
Questions to Ask a Potential Cloud Provider
Click through for five questions organizations should asking during the vendor selection process to ensure they get one that’s right for them, as identified by Concerto Cloud Services.
What level of performance should I expect?
Before your cloud provider can answer this question, you should be prepared to demonstrate the level of performance in your current cloud or on-premise solution. Whether the performance you experience is optimal or not, this allows cloud providers to understand what is (or isn’t) performing, and what level of horsepower is required to achieve the needed performance. If this is a new implementation, use your legacy solution as a baseline and add an estimate for transaction growth as a buffer.
Cloud sizing should be approached with facts, as it’s easy to oversize or undersize an environment. Over-sizing an environment results in you paying for more than you need and under-sizing results in you not receiving the needed performance. Some of the metrics that should be presented to a potential cloud provider include CPU utilization, memory utilization, input/output operations per second (IOPS) and data growth. Ideally, you would provide this information on each server you are planning to launch in the cloud. If your environment’s performance is affected by seasonal peaks, talk to the cloud provider about these specifics.
How will my monthly fees be determined?
Next to performance, cost is usually the other top consideration when looking at cloud providers. While there are many one-off cost models in cloud computing, the three most popular cost models are: consumption, IaaS subscription and SaaS subscription.
- Consumption incurs a cost for usage of cloud resources. Most cloud providers define usage as the resource being powered on and accessible. You are incurring costs for every minute that the resource is powered on, regardless of whether it’s actually being utilized by anyone or any application. Due to the nature of this cost model, your cost will be variable unless you have all subscribed resources powered on for the same amount of time for each billing cycle.
- Infrastructure-as-a-Service (IaaS) subscriptions incur a set cost that covers all the cloud resources to which you are subscribed. Whether you utilize the cloud resources or not, the cost remains the same. In this fixed-cost model, you are paying for the dedicated availability of resources.
- Software-as-a-Service (SaaS) subscriptions incur a cost based on a metric. Most SaaS subscriptions set the cost at a user count, while others may set the cost based upon a transaction count, or some other controllable metric. This subscription model could be fixed or variable.
Is my data safe?
Data is only as safe as the monitoring and safeguards that are put into place to protect it, so it’s important to ask the cloud provider what they use to protect a customer’s data and what security packages are available as add-ons.
Data encryption is a layer of security that can reduce the likelihood of it being compromised, but is the encryption only available at rest or also in transit? Data-at-rest encryption protects the data where it is stored – on disk drives. If the network communications are not encrypted, then the data is at risk while it is transferred.
Moving further up the stack from the storage and compute resources, what measures are being taken to ensure unauthorized users are not allowed access into the cloud? Security monitoring and intrusion detection tools can look for patterns of failed access attempts and block those individuals from attempting access. These same types of tools can look for strange behaviors and lock down user access whenever an unexpected or questionable event takes place. Overall, it’s up to you to determine how much security you need based on whether the data you are housing requires that you meet certain compliance requirements or whether it is data that is not in need of tight security.
Backups and Disaster Recovery
Do you offer backups and/or disaster recovery?
In addition to knowing how well protected your data is from compromise, it is also important to understand how protected your data is from accidental removal or from a catastrophic event. You must determine the smallest time period you are willing to risk having unrecoverable data. For a real-world example, if backups are made once an hour, on the hour, and a user deletes a file at 59 minutes after the hour, then the last backup that would be available is the one from 59 minutes prior. Assuming that users had worked on that file for the last 59 minutes, all of the work being done to that file is now permanently lost. For some this may be an acceptable risk and a lower frequency may be requested, for example, every four hours. Alternatively, this may be very risky and your business could only withstand a 15-minute interval of lost data.
Backup frequency is only half of the answer. Backup retention is equally as important. If the backups are only retained for 24 hours, and it takes you 24 hours to realize you encountered a data loss, the backups have already been overwritten before you realize you have an issue. Backup retention could be as short as a day, or as long as a year or more. Backup costs rise significantly as you need more frequent backups and/or backups retained longer since it requires more storage to maintain the volume of data.
Finally, if the cloud has a catastrophic failure, is your data backed up to an offsite facility? Work with the cloud provider to understand what disaster recovery options are included or available, as well the geographic locations.
If I need support, what options are available?
Support package availability, offering and costs vary by cloud provider. It’s important that you anticipate the level of support you may need and ensure that the cloud provider you choose can offer that level of support. If you are a small shop, you and your users may be in need of support more often than a larger organization that has its own in-house support.