How to Choose a Cloud Service Provider:
The decision to move to the cloud can be an overwhelming one, especially because different businesses require very different cloud vendors. There are several factors an organization should consider before committing to one Cloud Service Provider:
Security is a top concern when deciding on a cloud service provider. Before you start considering offerings, make sure you know exactly what your organization’s security goals are. It is important to know what security measures are offered by each provider, and what methods they use to keep your data and apps safe. Measures to look for include encryption, fire walls, antivirus detection, and multi factor user authentication. Look at your organization’s specific use cases, consider the needs of your industry, and then ask questions about how your data will be protected in the cloud.
Another important thing to understand prior to making a decision, is what security components would be the responsibility of the provider and what would be the responsibility of the consumer? For example, both AWS and Azure have a Shared Responsibility Model. With AWS, the provider is responsible for protecting the infrastructure and keeping it secure, while the consumer is responsible for securing the data, endpoints, account, and access management. A successful security implementation requires the understanding of where the provider’s responsibility ends and your organization’s responsibility begins. Avoiding gaps in coverage is key to protecting your data.
Organizations need to choose a cloud service provider that can help them meet their industry’s compliance standards. (Ex. HIPPA, FERPA, GDPR) It’s imperative that you know what is needed to achieve compliance once your data and applications are in the cloud. Choose a cloud service provider that is constantly working to stay up to date on the latest rules and regulations.
Before you commit to a provider, think about how the cloud architecture will integrate into your organization. If your company already heavily relies on Microsoft, Google, or Amazon consider proceeding with their cloud service offerings as this will likely provide the easiest integration. Be sure to also consider cloud storage architectures. There are multiple types of storage and archival storage based on how frequently you need to store and retrieve data.
Make sure you know what each cloud service provider will require your organization to manage before you make a decision. For example, will you have to hire additional team members to manage the platform? Pay attention to each offering’s orchestration tools. Each cloud service provider has different orchestration tools and integrates with various other services. It’s important to make sure that the vital services for your organization can be easily integrated with your chosen provider.
Service Level Agreements
Cloud SLAs create a contractual relationship between the cloud consumer and provider and will protect your organization in the event that something goes wrong. They specify how issues should be identified and resolved, by who, and in what time frame. They also define how the provider will compensate for any failure to meet defined standards. SLAs should have 3 major components: service level objectives, remediation policies and penalties, and exclusions and caveats. You look at how service accessibility and availability is managed and assured, and see how these policies would fit with your organization’s requirements.
It’s important to compare the level of support you would get with each cloud service provider. You want members of your organization to be able to get help quickly and easily when needed. Consider the level of support you will have access to before committing to a provider. For example, would you receive support via an online chat, over the phone, or through a dedicated resource? If your organization may need support on evenings or weekends, is a provider’s support offered 24/7 or only during business hours? It’s also good to ask cloud service providers about their average response and resolution times.
Vendor Lock-in and Exit Planning
Vendor lock-in happens when a consumer using a cloud service can’t easily transition to a competitor. Moving away from a cloud provider isn’t always an easy process so you need to make sure there is a clear exit strategy at the beginning of the relationship. You can avoid vendor lock in by minimizing the use of services that limit the consumer’s ability to migrate. Make sure to ask the provider how you will access data in the event that you transition to another provider? What state will it be in and how long will the provider keep it?
Your choice of cloud service provider should not be completely based on the cost, but that will be a factor in your decision. Look at your organization’s usage patterns to make sure you will only be paying for resources you actually need. Consider the base cost of all services as well as the associated costs of implementing that service into your organization.