nabinj

Cloud Migration Risk and Mitgation

Table of Contents

1.      Purpose. 3

2.      Scope. 3

3.      Cloud Migration Risks. 3

4.      Mitigation strategies. 4

5.      Related Standards, Policies and Processes. 6

6.      Revision History. 6

References. 7

1.  Purpose

The purpose of this document is to provide SaveTheChildren Charity Organization with a state-of-the-art risk assessment that can support its current use and growth over the next 5 years in a hybrid model as the goal is to migrate to the cloud while maintaining an on-prem presence.

Goal – to move applications to the cloud for SaveTheChildren charity organization while accounting for their infrastructure in the on-premises. The risk assessment will consider both the on-premises and the cloud components.

2.  Scope

The scope of this document is to provide the SaveTheChildren with information related to Cloud migration risks and mitigation techniques

3.  Cloud Migration Risks

The identified cloud migration risks are as follows

  • Incompatibility of the Current Architecture
    • Many organizations find that the complex nature of their present IT architecture is one of the prime risks they face during cloud migration. It reduces the speed of their migration as they need to find individuals with relevant IT skills, so they can make the whole architecture precise for the cloud at the required speed.
  • Extra Latency
    • Extra latency is one of the underrated risks in migration to the cloud. This can happen when you access databases, apps, and services in the cloud. In case you have apps that need instant responses, delays in some seconds can create major damage to your business. It not just can cause disappointment and frustration but also affect your brand reputation.
  • Complexity Around Security
    • Transferring data to the cloud brings many security risks, such as insider threats, accidental errors, external attacks, malware, misconfigured servers, problems on the side of the cloud provider, insecure APIs, contractual violations, compliance breaches, etc. A few companies already know these risks and take some precautions for avoiding them. However, still many companies fail to do that. And as a result, they struggle for fixing security problems because they are not enough skilled to do that.
  • Inadequacy of Visibility and Control
    • Visibility in the public cloud is one of the major risks in migrating to the cloud. It impacts to network and app functionality. In case you depend on your on-premises data centres, take complete control over your resources incorporating data centres, networks, and physical hosts. However, when moving to external cloud services the responsibility for a few policies shifts to cloud service providers based on the service type. As an outcome, the organization needs visibility into public cloud workloads.
  • Wasted Cloud Costs
    • You need to pay for compute, data transfer and storage in cloud computing. And every cloud vendor provides several storage services, instance types, and transfer choices based on your price needs, use case, and performance expectations. Finding the right one can be difficult. Organizations that fail to find out what they require generally waste their prices because they don’t utilize the chances they get.
  • No Proper Cloud Migration Strategy
    • You should decide whether you choose a cloud provider or deal with many cloud platforms. Every strategy has some advantages and disadvantages. If you choose a cloud provider, you may face the risk of vendor lock-in. Besides, you can work with multiple cloud providers and balance workloads among many cloud platforms. Moreover, you need to determine what you will migrate to the cloud and what you will leave on the on-premises datacentres. In case you choose a hybrid technique, plan according to that. Not all parts of your infrastructure are perfect for migration. Don’t keep client’s data, financial records in the public cloud. In case you have sensitive data, store them on the on-premises data centres, and utilize a public cloud platform for flexibility, compute strength, scalability, and connectivity.
  • Data Loss
    • Before migrating to the cloud, ensure to back up all your data, particularly the files that you will move. During the migration procedure, you may experience some problems like missing, incomplete, or corrupted files. And in case you have backed up all your data, you can easily rectify the errors by restoring the data to its previous condition.

4.  Mitigation strategies

The mitigation strategies for the identified cloud migration issues are as follows:

  • Incompatibility of the Current Architecture
    • To make the architecture ready for cloud migration, you need to hire a team of IT experts that will fix tech debt, review the legacy architecture, make comprehensive documentation, and measure interdependent parts. In case you want to mix private and public clouds with on-premises assets for making a hybrid environment, you should re-design your in-house IT infrastructure for reducing interoperability issues and inconsistencies among several systems.
  • Extra Latency
  • To get rid of latency problems, you should first understand its causes: misconfigured QoS (Quality of Service) and the geographical distance between servers and client devices. Many ways are there to solve latency problems:
    • Divide traffic flows
    • Optimize and localize the network
    • Offload the internet at the end
    • Build multi-cloud connectivity
    • Connect with ecosystems and business partners for online business or data exchanges.
  • In case the aforesaid strategies are costly for you or do not help, ponder keeping such apps in the on-premises.
  • Complexity Around Security
  • Leading cloud service providers like AWS and Azure offer security. They make sure to protect your physical assets from unauthorized access. Maximum cloud vendors have a great portfolio of compliance services incorporating FIPS, CJIS, HIPAA, DISA, ITAR, etc. They spend much on security for safeguarding client data from cyber threats.
  • Moreover, they provide exclusive solutions to keep your client data secure while migrating to the cloud. Nevertheless, you should hire an experienced security team and some trained DevOps engineers who can make the required configurations and give assurance about the long-term data security in the cloud:
    • Allow multi-factor authentication
    • Encrypt data assets in migration and at rest
    • Establish user access policies
    • Configure a firewall
    • Train others on the ways of maintaining security in the cloud
    • Execute required controls
    • Set individual workloads apart for reducing every damage that could happen because of an attacker
  • Inadequacy of Visibility and Control
    • Now several tools can help you in the app and network performance monitoring. Third-party security vendors and cloud service providers provide many solutions for that. Here are a few demands for efficient monitoring tools:
      • Automatic response to some kinds of threats and alerts
      • A steep learning curves
      • Scopes for configuring various types of alerts
      • Strong analytics
      • A monitoring solution must integrate simply with other solutions
      • Fundamental monitoring capacities with no requirement for manual configuration
  • Wasted Cloud Costs
    • You should optimize your cloud costs. In case you are unaware of doing it, hire experts to help you. Some common cloud cost optimization practices are as follows:
      • Use discounts
      • Erase underused instances
      • Increase spot instances for serverless and stuff that do not need high availability
      • Administer your workloads
      • Spend on reserved instances
      • Take benefit of autoscaling
      • Check whether hosting in another region could lower costs
      • Fix alerts to cross pre-decided spend thresholds
      • Shift irregularly accessed storage to more inexpensive tiers
  • No Proper Cloud Migration Strategy
    • Don’t get hyped and rush into shifting your workloads quickly to a cloud platform even if somebody recommends it. What is beneficial for an organization can become destructive for your business. Without proper planning and a rock-solid migration strategy, you may end up with system failures and huge expenses.
  • Data Loss
    • Anything from a security violation to a power outage at a data centre may lead to data loss. So, if you store the backups of databases in the cloud or on a server, you can restore all the data fast. Moreover, in case you utilize many cloud providers, you don’t have to be worried regarding the sudden failure of the service of a specific provider. You always can distribute an independent replica of your app on the infrastructure of another provider. Make sure to configure the migrated data’s backup to save lots of time and money. Don’t forget to back up your old system so you can find every missing file if required.

Leave a comment