For any organization considering its first venture into on premise to cloud migration of data and legacy applications, management will find no shortage of introductory literature on the subject.
The problem, however, is that much of the existing literature is just that – an introduction. It tends to take the form of generalized overviews, summaries of best practices and checklists with numbers of steps that vary depending on the source.
These guides create an overly simplistic and superficial impression of what will almost certainly be a complex project for your enterprise. On-premise to cloud migration is more complicated than simply ticking off items on a step-by-step checklist and declaring that your cloud migration is complete.
We’ve noticed that companies frequently run into the following issues:
- Cloud security problems stemming from assuming the same on-premise practices apply in the cloud environment (they don’t)
- Less than optimal performance in the cloud, due to lack of awareness of best practices in development
Here we explore in more depth some of those issues: cloud security, container technology, and crucial distinctions governing your eventual cloud migration strategy.
We’ll draw on our experience working with over thousands of companies over 10 years, many of whom were migrating an on-premise system to the cloud.
Note: You can learn more about our security as a service offerings here. Or sign up to get a free security and compliance assessment whether you’re still on-premise and looking to migrate or have already migrated to the cloud.
Cloud Migration – Not as Straightforward and Simple as It Seems
In our experience, we’ve seen many organizations make the mistake of oversimplifying the cloud migration process, reducing it to: “Move Object X from Point A to Point B.”
This generalization misses a lot of critical nuance and detail. It stems from being stuck in an “on premise mentality:” where all of an organization’s IT functions and data storage emanate from one dedicated physical location.
In this traditional model, the responsibility for supervising those functions rests with a restricted number of individuals.
Many companies erroneously assume that the decision to undertake cloud migration must then mean an easy, one-shot bulk transfer of all existing infrastructure and data from their current site to the cloud.
Under that same assumption, the burden for dealing with cloud storage that will continue to fall to just a few key personnel.
This fails to take into account that successful migration demands navigating multiple interrelated technological, logistical and even staff-related challenges that can cause serious future setbacks if not properly addressed at the outset.
Let’s start by discussing security and the key differences you’ll encounter when moving to the cloud.
Security Changes from Centralized to Democratized When Migrating from On-Premise to the Cloud: Here’s What That Means For Your Organization
Prior to the advent of cloud computing all of your data infrastructure, development tools and technical support resided on site. This meant whenever a new project was deployed all aspects of it ran exclusively and out of necessity through your IT professionals.
Hardware and software were provisioned, a server was added to a rack in your data center and someone was tasked with overseeing coding, configuring, testing and ensuring proper security settings. It was all centralized.
Now, thanks to the cloud a development project that might have taken weeks to complete can now be set up and initiated often within a day, sometimes even within the hour. Cloud computing has democratized the development process: you can now get moving immediately on your projects.
Greater speed and ease in development, testing and deployment of applications via the cloud allows anyone across your company access to your newly cloud-based data infrastructure.
Be aware that this brings new challenges.
It likely will reduce the skill sets of the individuals touching your data infrastructure to the lowest common denominator. Not everyone accessing the cloud has the same level of familiarity and experience with public cloud platforms.
This means your organization can be exposed to significant risk due to misconfigurations, improper port settings or even simple mistakes.
Some questions to consider:
- Do you know, and can you keep track of all the people within your operation now deploying projects into your cloud?
- What are they working on?
- Are they doing it correctly?
- Are they making critical mistakes or leaving holes in data protection that can put sensitive customer data or applications in jeopardy?
- Have you put consistent security policies and procedures in place?
- Do all the people across your various departments know what these policies are?
- How do you enforce this across the entire organization?
These are questions that you never needed to ask in your previous on-premise environment, when everything was tightly controlled. Now these will be questions you can’t afford to avoid.
When thinking about cyber security the default reaction is to focus on the threat posed by intentionally malicious hackers, ransomware, malware and the like. Yet we find increasingly that accidental risks posed by inexperienced or inattentive users can be every bit as devastating to your enterprise as bad actors.
Talk Security with Your Cloud Providers, Too
The security conversation needs to extend beyond your staff to all of your cloud providers (and we say “all” because it’s likely you’ll contract with multiple vendors). Some are surprised to discover that your cloud provider is not solely responsible for locking down the security of your data and applications.
Specific terms of those responsibilities likely vary from provider to provider. Cloud providers are typically only responsible for their own physical brick and mortar facilities and all the infrastructure within.
You, by contrast, are on the hook for securing all of your own data and applications.
The nature of the relationship with cloud services the cloud provider is based upon a presumption that you both share the burden for data security. If you don’t know the fine print of the contract with your cloud provider, read it and understand your respective roles.
Again, if you want to explore this further, you can sign up for our free security assessment to have our team help guide you through the questions you should be asking in this process.
Want to Take Full Advantage of Cloud Migration? Consider Using Container Technology
Data Migration to the cloud offers significant new advantages and benefits to the application development process and in the way data and applications can be leveraged.
But to fully understand and appreciate those benefits, it is first important to get a basic comprehension of the technological innovation known as containers. Unfortunately introductory literature does not broach this topic.
Definition of a Container in Programming
Within the context of programming, you can think of a container as a logical “storage box” that bundles and houses software, code and any other related components on which that software depends.
Containers as a concept have been around for a very long time, but it is only with the exponential growth in cloud computing that actual demand for containers as one of the mosta practical migration tools has skyrocketed.
From the standpoint of application development, this is a real game changer: with applications housed in a container, they’re no longer dependent on a server and its operating system.
Should a server go down, you haven’t lost everything. It’s easy to spin up a new server with the same container that the old server had, with minimal downtime or hassle.
In contrast, on-premise servers have traditionally been deployed on a more ad-hoc basis. A single server failing could be catastrophic. By adopting containers and cloud technology, you can have a more reliable and robust IT infrastructure.
The Benefits of Using Containers in Application Development
This allows developers the freedom to build an application once, and then run that application anywhere, on any platform.
As cloud computing emerged and companies needed to deploy new applications from on premises to a cloud provider like Amazon Web Services (AWS),, or perhaps even move across platforms such as AWS to Microsoft Azure, there arose a need to package software and ensure that it resided and ran consistently and reliably.
Containers quickly and easily allow data and applications to be moved from one environment to another, and to be compatible when they get there.
Containers bring scalability – the ability to replicate what is on a server infinite times. If you need ten servers that are exactly the same as the one sitting in your data center, you simply deploy the same container ten times.
Rapid Testing and Deployment
Developers also favor containers because they ultimately allow for the rapid testing and deployment of applications without the complications and overhead associated with configuring and managing the underlying servers or operating systems.
By running trials and pilot projects on the cloud, it affords them a degree of freedom and speed they never had on premises.
Cloud Migration is Not an All-or-Nothing Process: Consider What is Best For Your Organization
Another misconception we see organizations having is that the decision on migrating from on-premise to the cloud means drawing a sharp line in the sand for your organization – the belief that you are either in the cloud, or you are not.
Nor is migration a one-and-done proposition, or even an exclusive commitment to a single vendor.
There are actually multiple variations on cloud computing, with many enterprises favoring a hybrid cloud configuration.
Some companies opt to perform one major migration of data to a public cloud, and then afterwards a series of other migrations split among various cloud platforms, as projects, priorities and organizational goals dictate.
Still others choose to place limited data in the cloud yet keep certain proprietary and particularly sensitive applications in house, within the confines of their own private data centers.
Others determine that they’ll use one provider for one specific function (for example all projects related to retail operations go through AWS) and an entirely different one for another (the Google cloud platform will handle warehouse management).
Yet another wrinkle is that it’s possible to shuttle data cloud-to-cloud (AWS to Azure, for example) and for some businesses that could prove to be useful.
Whatever form cloud utilization eventually takes, we believe that a multi-cloud strategy is likely inevitable for most enterprises.
We have also found that it is now common for the average company to perform multiple migrations. For other organizations, cloud migration becomes a long-term, ongoing evolution as projects and priorities also evolve.
Migration Next Steps: Questions to Ask
There are a variety of options and no “one size fits all” solution to on premise to cloud migration. This makes it important prior to executing this to clarify with specificity the business justifications and motivations behind utilizing cloud technology in the first place.
While that may seem self-evident, we emphasize the point because we notice that some get caught up in the urgency of scrambling to the cloud without taking the time to fully perform that necessary first step of self-assessment.
Getting to the cloud should not be an overriding objective in and of itself, and certainly shouldn’t eclipse your larger business objectives.
Consider the cloud as an enabling technology, a powerful tool available to help you achieve key business goals. Define what it is you need to get out of cloud computing on your way to those goals.
Some questions to ask to help you determine next steps:
- Are you seeking to achieve greater speed in your IT operations?
- Is your main goal improving the customer experience?
- Do you want to enhance internal efficiencies?
- Are you migrating to gain a more nimble response to changes in technology?
- Should you budget for a cloud migration partner that can bring expertise to the table? (If so, ask about our network of migration services partners)
- How will you ensure security in the cloud?
Your cloud migration strategy will naturally flow from the answers to these kinds of questions. You should also ask what implications a migration plan has for your existing legacy applications.
An organization may consider a “lift and shift” strategy to migrating their existing applications or data. This means they’ll move everything to the cloud without using any new technology to get it done. Essentially they’re recreating the same systems in a new place.
By contrast, they might want to consider “re-architecting:” re-coding your applications to adapt to newer technology, like the cloud. This takes more time and effort, but may be worthwhile.
You may find that there is a benefit to “containerizing” your data or applications because doing so will help you find efficiencies or gains in performance.
Finally, don’t forget to ask how you will handle shifting away from antiquated on-premise security practices, and toward new cloud-based security protocols.
It is far preferable to make cloud security a priority up front and bake it into your cloud migration from the beginning, instead of bolting security on after the fact.
Note: You can learn more about migration and security here. Or sign up to get a free security and compliance assessment whether you’re still on-premise and looking to migrate or have already migrated to the cloud.