There has never been a better time for organizations today to move to the public cloud than there is today in 2018. Public cloud services from all the major players are more robust, mature, and full featured than ever before. Most organizations are looking to move at least part of their IT infrastructure to the public cloud if they haven’t already. This is certainly a trend that will not be going away any time soon.
The high cost of building out infrastructure and provisioning WAN circuits as well as the long procurement and provisioning time is certainly a deterrent to organizations staying inside of on-premise datacenters. Public cloud offerings allow organizations to be flexible, agile, and have access to world class technology, infrastructure, and services. However, there are certainly challenges for organizations looking to migrate to the public cloud. Additionally, what about migrating data “between” public clouds? There are certainly challenges with migrating between public clouds as many organizations may suffer from certain “vendor lock in” that takes place when services and virtual resources exist in one public cloud provider vs. another.
In this multi-part series, we will take a look at cloud migration and the challenges that exist in various scenarios of migrating to the cloud from on-premise, and between specific public cloud vendors such as between Google and Microsoft public clouds. First, we will look at the challenges in general of moving between on-premise environments to public cloud, and then between different public cloud vendors.
Table of Contents
Challenges for Organizations Migrating from On-Premise to Public Cloud
With the tremendous power, agility, and advantages that come with migrating to big vendor public clouds, what would stand in the way of any organization making the leap to public cloud infrastructure as soon as possible? Well, while migrating to the public cloud holds tremendous advantages as we have already mentioned, it also comes with a tremendous amount of challenges for many organizations who desire to relocate resources to public cloud infrastructure. Let’s discuss the following general challenges that can potentially stand in the way of organizations moving quickly to the public cloud.
- Lack of Cloud experience
- Existing Processes and Procedures
- Internet Connection Redundancy
- Disaster Recovery Processes
- Security Management
Lack of Cloud Experience
Certainly, a driving factor that can deter an organization from moving to the public cloud is a lack of cloud expertise. We generally fear what we do not know. When organizations and especially the IT staff in an organization are unfamiliar with cloud operations, processes, and even terminology, this hinders cloud adoption. Public cloud infrastructure certainly takes a new type of skill set when compared to on-premise infrastructure. Application deployment, server management, networking, backups, security, and many other aspects of public cloud environments are vastly different than managing these aspects of infrastructure on-premise.
Moving IT infrastructure to the public cloud requires that operational engineers and server administrators change the way they think about infrastructure. The new mindset that ops and admins must adopt centers more around the DevOps mentality where IT thinks about infrastructure more as a code base rather than physical entities.
Most public cloud offerings from the big players in the market space today provide untold access to public APIs that allow infrastructure engineers to access and manage infrastructure resources programmatically. This provides tremendous power and control over public cloud environments that often, are not available in on-premise environments.
Using both open source and freely provided tools that integrate with public cloud, organizations can often achieve greater efficiency with operations than with on-premise infrastructure. However, the challenge with this is that organizations and IT departments often do not have the skillset needed from the start to know how to operationalize cloud environments and to properly make use of the public APIs and tooling that are available to interact with these environments. There can certainly be a learning curve when migrating from on-premise to the public cloud with the new control mechanisms.
Existing Processes and Procedures
Quite often in small to medium sized businesses and even in enterprise scale organizations, processes and procedures can be a hindrance to moving to public cloud infrastructure. Changing processes and procedures that run the business can certainly be a challenge, especially during the migration phase of moving to the cloud. It is key for organizations looking at migrating to the public cloud to take a look at the business processes as they stand currently and the impact of the technical changes required to move these processes to the public cloud.
How do the processes need to change? How are business processes migrated? Is this a hard cutover, or a slow migration? If the processes coexist, how is data merged, etc? All of these questions are certainly important for businesses to think about when migrated services and procedures from on-premise to the public cloud.
Being able to think through how business processes and procedures are migrated requires that a very thorough assessment of the current processes is performed. Often, it can be found that no one really understands end-to-end how certain business processes are carried out and the technical requirements around those. By performing the assessment beforehand, any gotchas and other unexpected surprises can be avoided during a migration.
Internet Connection Redundancy
An increasingly important on-premise infrastructure resource that must be considered is Internet connectivity and redundancy. SMBs and other smaller organizations who may not already have redundant carriers and other redundant Internet infrastructure may find themselves in a sticky situation if business-critical resources are housed in the public cloud and a service interruption is experienced from the local Internet carrier. Public cloud infrastructure serves to exponentially increase the importance of on-premise Internet connectivity and any lack of redundancy.
With on-premise resources, business processes and other operations can often proceed even when there is an interruption with Internet connectivity. However, once those resources are no longer on-premise and located in the cloud, it is imperative to have Internet connectivity. Internet disruptions can then severely impact the business.
Depending on locations and markets, building out Internet redundancy can be quite expensive, especially if there are not a lot of providers in the area or there are geographic challenges that have to be overcome. When planning and assessing business procedures and operations, this is certainly an aspect of planning that needs to be addressed to determine which processes rely on connectivity at all times for the business to function.
Disaster Recovery Processes
Moving to the public cloud can totally disrupt disaster recovery processes for the organizations migrating their data. There are also common misconceptions that can lead to data loss disasters when organizations migrate data to the public cloud. Many may make the mistaken assumption that data moved to the public cloud is invulnerable to data loss. While public cloud infrastructure by the big players like Amazon, Microsoft, and Google Cloud tout impressive resiliency from hardware failure, public cloud vendors do not protect customers from data loss that is a result of user actions. While there are some mechanisms in place with public cloud vendors to recover data in the public cloud, this process is not easy and generally there are no guarantees or SLAs in place on restoring data lost as a result of end user actions.
Organizations must think about data protection not only when data has completed migrating to the cloud, but also during data migration. As soon as data touches the public cloud, there needs to be a solution in place to protect organization data. This way, on-premise solutions performing backups can continue to protect data as normal during a data migration, and an effective data protection solution in the public cloud can begin protecting data that is migrated to the public cloud environment.
More and more organizations are moving data to public cloud environments. Cloud environments are certainly an ever-growing target for attackers looking to steal or corrupt business-critical data. Organizations looking to move into the public cloud may find effective security challenging. With public cloud, traditional security and concepts do not really apply like they do with on-premise networks and environments.
Public cloud environments can exist in multiple datacenters around the world in different geographic regions with clients accessing those environments from a number of different types of devices coming from a number of different source networks. With that being said, securing networks and preventing data leak at scale in the public cloud can be foreign and challenging to traditionally oriented organizations who are securing traffic with the traditional edge firewall.
Additionally, there are decisions that organizations can make with Cloud Access Security Brokers (CASBs) to help enforce network and content policies across both on-premise environments as well as in public cloud environments. There are firewall based CASBs as well as API based CASBs. Which type of CASB do organizations choose for their particular environment.
Cloud Identity Access Management (Cloud IAM) is also a concept in public cloud that can be challenging for organizations to effectively implement, especially if trying to do single sign on authentication using certificates. The fear of not being able to control security effectively and implement recommended public cloud security best practices can certainly sidetrack or drastically slow down the process of migration to public cloud environments.
Challenges for Organizations Migrating Between Public Cloud Environments
Another challenge presented to organizations who already have a presence in one public cloud environment such as Google’s G Suite environment is migrating from one public cloud to another public cloud environment. There may be reasons that organizations choose to vacate one public cloud environment and migrate to another public cloud environment.
A different public cloud provider may be a better fit for services offered that more closely aligns with business objectives. One public cloud provider may offer a better service-level agreement and pricing for services that are actually needed by a business. Mergers can cause an organization to consolidate public cloud resources under one public cloud provider. Whatever, the case, this can present real challenges for organizations migrating between public cloud providers.
Cloud Migration Challenges that can be encountered include:
- Vendor lock-in
- Knowledge gap between public cloud providers
- Mismatch in public cloud provider services
- Migration or Recreation?
- Multi-cloud applications
Public cloud providers make it extremely easy to get into their environments, but exponentially more difficult to get out of their environments. Organizations tend to get “locked into” using a certain public cloud provider’s tooling, services, apps, and overall infrastructure which can certainly be proprietary. A customer’s entire public cloud infrastructure may be built around a certain public cloud vendor’s offerings and services.
This creates issues when organizations begin looking at migrating between public cloud providers as it often represents significant costs involved to completely redevelop those processes and services to fit another public cloud provider’s infrastructure ecosystem. This can be referred to as “Vendor lock-in” and can certainly stifle migration between public cloud providers.
Knowledge gap between public cloud providers
Very similar to the challenge organizations face migrating from on-premise to the public cloud where there is an experience gap that exists in carrying out operations in the public cloud, there can be similar knowledge gaps from one public cloud provider to another. Public cloud provider infrastructure, services, management tooling can be vastly different from one to the other. Even if an organization has knowledgeable staff in dealing with one public cloud provider, there can certainly be knowledge gaps in working with a different public cloud provider. This can certainly be a challenge for organizations looking to migrate between one provider to another.
Mismatch in Public Cloud Provider Services
As mentioned, there are certainly vast differences between public cloud providers. Services that are offered in one public cloud environment may not have an equivalent or similar service provided by a different public cloud provider. Organizations that may have built entire business processes and services around a specific public cloud provider’s services can meet with challenges in finding exact equivalents provided by a different public cloud vendor. This goes hand in hand with vendor lock-in and just how deeply organizations design public cloud infrastructure and business services around proprietary offerings by various public cloud providers.
Migration or Recreation?
Organizations looking to move from one public cloud provider to another must address the challenge of migrating data, applications, and services. There can certainly be challenges when migrating data, applications, and services and the offerings provided between the public cloud vendors may not align properly and incompatibilities may even be encountered. It may even be found that recreating applications and services is a faster route to bringing up production in a different public cloud environment. Assessing the source and target public cloud environments and analyzing the migration capabilities is a necessary step for organizations moving between public clouds.
If organizations make use of third-party applications, certain third-party vendors may only support one public cloud environment or may have differing capabilities depending on the specific public cloud environment. Businesses moving from one public cloud environment, utilizing a specific third-party application integration, must assess whether or not the third-party application is available and compatible with the target public cloud provider. This can certainly present challenges especially if the third-party application is an integral part of carrying out normal business operations.
There are certainly challenges with migration from on-premise environments to public cloud environments as well as migrating between public cloud providers. Either migration presents various challenges and are not to be considered trivial matters. Properly addressing and thinking about potential challenges beforehand can certainly shed light on potential challenges that may be encountered with migrations from on-premise as well as between public clouds.
In this Cloud Migration Guide Introduction, we have looked at general challenges that are encountered with both types of moves between environments. In the next part of the series, we will take a closer look at specific challenges that are encountered when migrating data and services from on-premise to the Google G Suite public cloud.