Finding A Ray of Sun Among the Clouds – Selecting a Cloud Provider
The cloud provider market has matured, but there are still many providers out there, each with their own offerings and value propositions. Many of these providers are focusing on just one aspect of their service such as their technology stack or reliability claims, making it harder to focus on the ideal partner. Picking the right provider for your business can be tricky, so it’s important to conduct some due diligence to be sure the provider is the right fit. Here are several considerations your team should follow before choosing a cloud platform provider.
Aligning Business Objectives
After you have internally crafted objectives for what types of initiatives or outcomes you expect from the cloud, you should then share those goals with a prospective provider. You want to be sure the provider listens intently to your objectives and frames the entire engagement around how their services will help the business to succeed. Providers that only discuss uptime numbers or the technical back-end of the platform are missing the mark. How the provider’s platform can improve the customer experience and streamline your processes – those are the types of goals you want to discuss.
When choosing a provider, it’s also helpful to find one with direct experience in your company’s vertical. This provides them with some additional context and insight, further helping them to talk with you from a business objectives’ standpoint.
Reducing Security and Compliance Concerns
Security and compliance remain two of the challenges facing firms that want to move to cloud computing. Security and compliance standards can vary widely, so pick a provider that transparently shares cloud hosting information and understands the implications. You want to understand how the provider secures their network, and to see some openness from the provider on a discussion of the concrete processes they employ.
Non-compliance with standards such as PCI standards is another pressing challenge. In response to companies establishing compliance as a “must have” for the business, providers are conducting audits and generating whitepapers that tout their ironclad compliance requirements. AWS offers a considerable amount of information on its PCI DSS Level 1 compliant services, including an FAQ and list of current customers. Microsoft Azure has adopted the new international cloud privacy standard, ISO 27018 and launched Azure Government, to meet rigorous compliance requirements. Talk with your prospective cloud providers about their compliance standards and how they fit within your data needs.
The transparency in talking about security should ideally extend to cost discussions. It can be difficult to conduct true cost comparisons between providers, as there are no established industry standard metrics, and the providers are not typically eager to share all their performance and cost data. This lack of consistency among the providers is largely due to differences in their actual offerings. For example, different providers have VMs that feature varying CPU clock speeds or memory, so it’s difficult to lay costs-by-provider side by side. When reviewing cost, consider the provider’s reputation, especially among current customers that mirror your firm’s size and computing requirements.
Companies moving applications to the cloud understandably want high performance and agility. The cloud should bring agility to application development, so a company knows it can create and deploy applications with the provider quickly and without worrying about speed. Typical performance issues include accessing dynamic data, applications, multi-platforms, as well as speed issues between the compute layer and the data stores. Again, transparency is essential. Talk to the cloud providers about their performance metrics under various scenarios such as different locations and application use cases. You want a provider that offers consistent performance, especially for your user base and required applications.
Looking for Reliability
Referencing their SLAs is a common method that cloud providers use to demonstrate reliability. While an SLA functions as a guarantee, it comes into action only when there is a failure. On its own, it is not a reliability indicator. Talk to the provider about the infrastructure and redundancies it has in place for reliability, and engage with current customers and online comparison services to see how a provider’s claims match real-world conditions.
Integrating APIs and Ecosystems
The API of a provider is important because it defines how the infrastructure is accessed and various operations are performing. Choosing an API supported by multiple providers can eliminate your business from being locked-in and simplify any application amendment.
You also want an API with a mature and dynamic ecosystem of services that complements the management and expansion of cloud services. APIs of both Microsoft Azure and AWS have a robust ecosystem for monitoring and governance, and allow customers to develop in-house clouds for a dynamic hybrid approach, but be sure to evaluate both according to your specific needs During your initial needs assessment, the cloud provider should discuss their API and the different options it can provide and ways you can leverage the API for optimal business results.