Unit-4th

Cloud enabler
Cloud enabler refers to the technologies and manufacturers that serve as the backbone for
all cloud computing products and services. A broad term incorporating technology vendors
and solutions, a cloud enabler allows an organization to build, deploy, integrate and deliver
cloud computing solutions.

Cloud enablers are primarily IT firms that develop hardware, software, storage,
networking and other related product serving as a cloud environment component.
For example, an organization that develops virtualization hypervisor enables the
development of virtual machines, virtual private servers and other virtualization
based cloud solutions.
A cloud enabler differs from a cloud service provider, as the latter utilizes
technologies built by the former to deliver cloud services to end users and other
organizations.

Over the last decade, the rapid expansion of cloud computing has only been
possible through the key technological breakthroughs in related computing
technologies. As a result, major changes can be seen in the way the four
enablers of cloud computing technology - virtualization, multi-tenancy, web
services and cost effective hardware—contribute to the development of effective
and efficient cloud computing. These advancements have resulted in synergistic
enablement, low cost, high speed, and scalable computing.

Virtualization technology has been in existence since the days of mainframe

computers. However, it was recently adapted to cloud computing when it was
used to create an illusion of a physical computer with a set of defined system
resources. This enables the division of the physical resources of the machine
based on the application requirement and allows for dynamic reconfiguration of
resources as required. The virtual machine can be duplicated several times
mirroring the physical system to allow for greater computational power. It is an
independent abstraction between the actual hardware and the software
application. The main benefit of using virtualization is the portability associated
with the creation of n-numbers of virtual machines between different servers.
This improves efficiency in the use of existing hardware as well as creating
potential for rapid scaling up of resources on the fly.

The second component, multi-tenancy, refers to the way in which access is

given to several clients, who simultaneously use the same resource without
intruding on each other’s space or data stores. Often, multiple clients use a
single application on the server and artificial software authentication protocols
are set up to ensure privacy. This leads to optimal use of physical computational
resources. Depending on the deployment model of the cloud, there are varying
levels in the implementation of multi-tenancy concepts.

The third component is web services, which is a software system that enables
communication between two machines over a network. This system is agnostic
to the machine configuration and system firewalls of the various components
that are communicating. It provides a standardized platform to clients, allowing
them to access applications in the server through a network. It uses XML for
data tagging, SOAP for data transfer, WSDL for service description
and UDDI for available service. By default, this system does not have any GUI
features. However, most cloud service providers integrate this system to a web
page with a GUI based application to offer specific functionalities.

In the last decade, hardware costs have been reduced significantly while
efficiency and speed of processing has increased dramatically. These rapid
technological improvements have paved the way for high-density servers, which
pack lots of computing power into a small area. New multi-core processor
systems within these servers have helped perform high volume parallel
computations at high speeds, accurately.

These technologies have laid the foundation for the cloud computing revolution
and have transformed the way we develop software applications leading to the
ubiquitous spread of cloud computing, cloud backup and cloud storage.

Migration Paths for clouds

Cloud migration is the process of partially or completely deploying an organization's

digital assets, services, IT resources or applications to the cloud. The migrated
assets are accessible behind the cloud's firewall.
Cloud migration is also known as business process outsourcing (BPO), which may
entail migrating a total organizational infrastructure, where computing, storage,
software and platform services are transferred to the cloud for access.

Cloud computing is attractive to many organizations due to its scalability, ease of

management and low costs. Cloud migration facilitates the adoption of flexible cloud
computing.
An organization's cloud migration process often involves merging an on-site IT
infrastructure with a hybrid cloud solution, which may be accessed over the Internet
for a fee. Hybrid cloud solutions transition between one or more cloud providers and
usually provide on-demand and provisioned server space, applications and services.
Cloud migration is critical for achieving real-time and updated performance and
efficiency. Thus, cloud migration requires careful analysis, planning and execution to
ensure the cloud solution's compatibility with organizational requirements.

Cloud migration is the process of moving data, applications or other business

elements to a cloud computing environment.

There are various types of cloud migrations an enterprise can perform. One
common model is the transfer of data and applications from a local, on-
premises data center to the public cloud. However, a cloud migration could
also entail moving data and applications from one cloud platform or provider to
another -- a model known as cloud-to-cloud migration. A third type of migration
is to uncloud -- also known as a reverse cloud migration or declouding --
where data or applications are moved off of the cloud and back to a local data
center.

Benefits of cloud migration

The general goal or benefit of any cloud migration is to host applications and data in
the most effective IT environment possible, based on factors such as cost,
performance and security.

For example, many organizations perform the migration of on-premises applications

and data from their local data center to public cloud infrastructure to take advantage of
benefits, such as greater elasticity, self-service provisioning, redundancy and a
flexible, pay-per-use model.

Cloud migration process

The steps or processes an enterprise follows during a cloud migration vary based on
factors such as the type of migration it wants to perform and the specific resources it
wants to move. That said, common elements of a cloud migration strategy include
evaluating performance and security requirements, choosing a cloud provider,
calculating costs and making any necessary organizational changes.

Common challenges an enterprise faces during a cloud migration

include interoperability, data and application portability, data integrity and security,
and business continuity. Without proper planning, a migration could negatively affect
workload performance and lead to higher IT costs -- thereby negating some of the
main benefits of cloud computing.

Depending on the details of the migration, an enterprise may choose to move an

application to its new hosting environment without any modifications -- a model
sometimes referred to as a lift-and-shift migration. In other cases, it might be more
beneficial to make changes to an application's code or architecture before performing
the migration.

In terms of data transfers from its local data center to the public cloud, an enterprise
also has several options. These include the use of the public internet, a
private/dedicated network connection or an offline transfer, in which an organization
uploads its local data onto an appliance and then physically ships that appliance to a
public cloud provider, which then uploads the data to the cloud. The type of data
migration an enterprise chooses -- online or offline -- depends on the amount and type
of data it wants to move, as well as how fast it needs to complete the migration.

Review on-premises to cloud migration methods.

Cloud migration tools and services
There are various tools and services available to help an enterprise plan and execute a
cloud migration.

For example, public cloud providers, including Amazon Web Services (AWS),
Microsoft Azure and Google, offer cloud migration services to support
private/dedicated networks for data transfers, as well offline migrations.

Migrating to the cloud is a complex process, that must be customized to address the technical,
functional and operational needs of the organization. A successful migration strategy should
address short-term aims, like decreasing hosting costs, as well as longer-term goals like better
alignment between IT and business objectives. Here are the three main cloud migration
strategies businesses use to meet those goals.

Strategy #1: Homogeneous

“Lift-and-Shift” Migration

Lift and Shift migrations move compute from on-premise to the cloud.
Source & Target can be on-premise, private or public cloud.

A lift-and-shift migration is exactly what it sounds like: lifting an application or landscape out
of its current hosting environment and shifting it to another environment — for example,
from on-premise hosting to a public cloud. Lift-and-shift migrations transport an exact copy
of the top three layers: application, database and OS layer. Gartnerrefers to this as rehosting,
because it involves moving your stack to a new host without making extensive changes. This
enables a rapid, cost-effective migration, minimal disruption and quick ROI.

A lift and shift from on-premise to cloud hosting also increases agility, simplifying future
transformation. This makes it a good first step for businesses with a conservative culture, or
indecision about long-term cloud strategy. However, as Gartner points out, the lack of
modification to your system also prevents you from harnessing certain cloud migration
benefits in the short term:
“The primary advantage of IaaS — that teams can migrate systems quickly, without
modifying their architecture — can be its primary disadvantage as benefits from the cloud
characteristics of the infrastructure, such as scalability, will be missed”.

Companies need to weigh the quick payoff and low disruption of a lift and shift against the
greater benefits of a more transformative cloud migration strategy.

Replatforming
Replatforming is really a variation of lift and shift, involving some further adjustments to
improve your landscape in some way. In fact AWS General Manager Stephen Orban refers to
replatforming as “lift-tinker-and-shift.” Replatforming empowers businesses to
accomplishing important goals beyond rehosting without greatly expanding the scope of the
project:

“Here you might make a few cloud (or other) optimizations in order to achieve some tangible
benefit, but you aren’t otherwise changing the core architecture of the application. You may
be looking to reduce the amount of time you spend managing database instances by
migrating to a database-as-a-service platform… or a fully managed platform.”

For SAP users, replatforming can be a useful step for accomplishing particular goals like
increasing system performance or adopting a managed services. For example, it can enable
SAP ECC users in conservative organizations to audition a vendor and alleviate skepticism
about digital transformation, while laying the groundwork for a future HANA migration.

Strategy #2: Technical

Migration

Technical (SAP HANA) Migration: Source and Target can be on-premise, private or public cloud.

Technical migration maintains existing applications, but upgrades the OS and DB to meet
certain transformational goals. As a cloud migration strategy, this is often done in part to
harness cloud native features such as scalability or automation, but it also has other benefits.
For example, migrating from on-premise SAP ECC to Suite on HANA in the public
cloud gives organizations the benefit from HANA’s real-time visibility and dramatically
increased performance, in addition to the benefits of the public cloud.

A technical migration can also prepare organizations for a future application migration. In the
case of SAP, ECC users often migrate to Suite on HANA as a first step on the road to
S/4HANA. This enables the organization to minimize disruption and gain experience in the
cloud, which they can use to plan the next stage of their transformation.

Strategy #3: Application

Migration

Application (S/4HANA) Migration: Source & Target can be on-premise, private or public cloud

In an application migration, the application layer is transformed, along with the OS and DB.
There are three basic strategies for application migration: new system implementation,
system conversion and landscape transformation.

New System Implementation

New system implementation essentially means starting over. Although data is generally
preserved and transferred in this process, the applications are either rebuilt from scratch by
developers, or replaced with new, off-the-shelf applications.

Needless to say, this can be a complicated process. The organization needs to ensure that all
functionality is replicated by the new system, along with business process flow. Old data
must be audited, discarded where appropriate and reformatted to work with the new system.
On top of that, there’s the requirement to retrain the team in a new suite of applications,
which might function quite differently from the previous application stack.

However, in some scenarios this cloud migration strategy is the most cost effective choice.
For example, if an organization is upgrading from a highly customized legacy landscape with
poor documentation, auditing the code and designing an upgrade and migration path might be
more costly and time-consuming than rebuilding the landscape.
New system implementation is also the correct strategy for organizations who wish to switch
to a new application stack, rather than staying with their existing vendor. As Gartner points
out, the benefits of a new set of cloud-native tools often outweigh the costs of adapting to a
new system — particularly for development:

“Although rebuilding requires losing the familiarity of existing code and frameworks, the
advantage of rebuilding an application is access to innovative features in the provider’s
platform. They improve developer productivity, such as tools that allow application templates
and data models to be customized, metadata-driven engines, and communities that supply
pre-built components.”

System Conversion
Also known as brownfield migration, a system conversion transforms your application layer,
along with the DB and OS layers. The process may involve extensive changes to the way
your landscape is run and managed as well as the landscape itself. Your new, upgraded
system will likely have greater automation, and require different competencies than your on-
premise legacy system. That may warrant a change to a managed services model, and a new
approach to management emphasizing proactive planning. Properly handled, that means more
consistent performance, lower cost and less downtime in the future. It can also free up your
internal IT team to focus on strategic goals, rather than putting out fires.

Getting there is a complex process, however, which requires a reliable technical team. The
system conversion should be planned carefully, with downtime scheduled to minimize
disruption. Look for a partner who can accomplish the process with a single downtime — the
shorter, the better.

Brownfield migration is the most common path for an SAP cloud migration from ECC to
S/4HANA. It may be done as a second project following a technical migration to Suite on
HANA, or as a single, multi-stage process.

Landscape Transformation
Landscape Transformation is an SAP product and process, but it’s also a more general cloud
migration strategy. A landscape transformation combines a system conversion with a
significant change to the way your landscape is structured. Landscape transformation
scenarios include:

 Combining multiple ERP landscapes into a single system to meet the needs of a business
consolidation

 Splitting off segments of your data along with certain functional components for a divestiture

 Upgrading and migrating multiple regional Suite on HANA landscapes into a single, global
S/4HANA landscape

Landscape transformation enables you to meet business goals, technical and functional
upgrade requirements with a single upgrade process. This can significantly accelerate
transformation, reduce overall downtime and control costs when compared to multiple
projects.

Making Your Cloud Migration

Strategy a Success
Choosing a migration strategy is easy. Designing and implementing it is the challenge. Many
upgrade and migration projects run into delays, cost overruns and other problems that can
reduce ROI, or even disrupt your IT strategy. Protera’s FlexBridge Migration Services
Platform provides SAP customers with a proven, cost-effective path to the cloud, accelerating
migration by 70% — and eliminating the risks of cloud migration.

Migration to the public or private cloud is not an easy task. Cloud migration is a
process by which any organization or company shifts its resources, data, and
applications to the cloud platform. Well, shifting to a completely different
environment is not an easy task.

It is very important to look at each step of cloud migration as the implementation is

done in phases. There are many advantages of the structured and process-oriented
approach to migration but no much efforts across the industry have been put to
long-standing customer plan and make the strategy for top revenue earner of all
time.
 Seven Step Model of Cloud Migration

During the process of migration, there are chances that some of the useful
functionalities can be lost. Having done the augmentation, we will be testing and
validating components of enterprise applications on the cloud. The results of testing
can be positive or mixed.

Cloud Migration – Seven Step Model

It is best to first iterate through the Seven-Step model process for optimizing and
migration is both comprehensive and robust. The seven stages of migration are
outlined below.

 Assess

Assessment is the first step of a seven-step model of cloud migration and also it is
the most important of all the other steps. It includes assessment of issues and
reasons related to migration and understanding the need to shift your technology
and software on the cloud platform. This migration can be of application, design,
code and architecture level.

This is the most important and as migration starts with an assessment of the issues
and strategies related to the migration. The assessment can be of tools being used,
test cases as well as functionalities and configurations. The assessment can also be
 about the cost of migration and ROI (Return on Investment) that can be achieved in
the case of the production version.

 Isolate

In the second step of migration into the cloud environment, there is the isolation of
all environmental and systematic dependencies of an enterprise application within
the captive data center. The dependencies include the library, application and
architectural.

This step helps in better understanding of the complexity of the cloud migration.
This step helps in isolation of run-time environment, applications dependencies,
libraries dependencies and much more. Isolation of all the components is necessary
to make the system more reliable and atomic.

 Mapping

After complete isolation, the third step is to generate the mapping constructs
between what data shall remain in the local captive data centers and what shall be
shifted to the cloud. It is very important to first understand what exactly you need to
shift on the cloud platform as there is no sense of shifting all the data and
applications on the cloud environment.

 Re-architect

This is the fourth step in cloud migration which includes understanding which part of
the application is generally needed to be sifted and what not.

Moreover, a substantial part of enterprise application is generally needed to be

shifted as it is to be rearchitected, reimplemented and redesigned on the cloud.
There are also chances that in this step of cloud migration process, some of the
useful functionalities can be lost initially but later all of them can be regained.

 Augment

Augmentation of cloud computing application is done in this application. In this, we

leverage the intrinsic features of services of a cloud to augment our enterprise
application in its own ways.

 Test

After augmentation is complete, the applications needed to be tested and validated.

This is done using a test suite for the applications on the cloud. The test results can
be both positive and negative. In this step of cloud migration, new test cases due to
augmentation and proofs-of-concept are also tested.
 Optimize and Iterate

In this last step of cloud migration, we iterate and optimize as appropriate. After
several other optimizing iterations, the migration process is successful. It is best to
first iterate the seven-step model process for optimizing and ensuring that cloud
migration is both robust and comprehensive.

This seven-step model of cloud migration is used by small business for migrating
their resources and applications to the cloud platform.

Selection criteria for cloud models.

How to select the right cloud service provider

As more and more IT systems are externalised, making sure you pick the right cloud
providers has become critical to long-term success.
However, the available market is vast, with a myriad of providers offering an even larger
number of services. From market giants like Microsoft, Amazon and Google through to
smaller niche players offering bespoke services.
So how do you select the right cloud provider from so many? The answer is a defined
selection and procurement process appropriately weighted towards your unique set of needs.
We’ve distilled the key factors into a definitive list of 8 consideration areas.
For a complete and comprehensive cloud adoption guide, including how to assess cloud
service providers – see our online e-learning courses

Timing – When to select a cloud provider?

Before you can effectively select a suitable provider you need to understand your specific
business needs. This sounds pretty obvious, but clarifying your specific requirements and
minimum expectations, in advance of assessing providers ensures you are comparing them all
against your checklist, instead of comparing one against the other. This is the quickest way to
move from long list to short list.
Armed with clarity on technical, service, security, data governance and service management
requirements, you can more effectively interrogate your select group of potential providers.
It’s also worth noting, when migrating applications and workloads to the cloud, the specific
environments you choose and the services offered by your cloud service provider will
determine the configurations needed, the work you need to do and the help you can get from
the provider in doing it.
Ideally, therefore, you should choose your providers after you have identified your cloud
migration candidates but in parallel with analysing and preparing these workloads for
migration.
How to pick a cloud service provider? Use these 8
key areas for consideration.
When it comes to selecting a cloud provider, the requirements you have and evaluation
criteria you use will be unique to your organisation. However, there are some common areas
of focus during any service provider assessment.
We have grouped these into 8 sections to help you effectively compare suppliers and select a
provider that delivers the value and benefits your organisation expects from the cloud.

1. Certifications & Standards

2. Technologies & Service Roadmap

3. Data Security, Data Governance and Business policies

4. Service Dependencies & Partnerships

5. Contracts, Commercials & SLAs

6. Reliability & Performance

7. Migration Support, Vendor Lock in & Exit Planning

8. Business health & Company profile

Certifications & Standards

Providers that comply with recognised standards and quality frameworks demonstrate an
adherence to industry best practices and standards. While standards may not determine which
service provider you choose, they can be very helpful in shortlisting potential suppliers.
For instance, if security is a priority, look for suppliers accredited with certifications like ISO
27001 or the government’s Cyber Essentials Scheme.
 Extract from CIF E-learning module 8 – Cloud Service provider selection.

There are multiple standards and certifications available. The image above illustrates some of
the more common organisations that provide standards, certifications and good practice
guidance.
More generally, look out for structured processes, effective data management, good
knowledge management and service status visibility. Also understand how the provider plans
to resource and support continuous adherence to these standards.

Technologies & Service Roadmap

Technologies
Make sure the provider’s platform and preferred technologies align with your current
environment and/or support your cloud objectives.
Does the provider’s cloud architectures, standards and services suit your workloads and
management preferences? Assess how much re-coding or customisation you may have to do
to make your workloads suitable for their platforms.
Many service providers offer comprehensive migration services and even offer assistance in
the assessment and planning phases. Ensure you have a good understanding of the support on
offer and map this against project tasks and decide who will do what. Often service providers
have technical staff that can fill skills gaps in your migration teams.
 project.png

However, some large scale public cloud providers offer limited support and you may need
additional 3 party support to fill the skills gaps: ask the platform provider for recommended
rd

3 party partners that have experience and extensive knowledge of the target platform.
rd

Service roadmap
Ask about the provider’s roadmap of service development – How do they plan to continue to
innovate and grow over time? Does their roadmap fit your needs in the long term?
Important factors to consider are commitments to specific technologies or vendors, and how
interoperability is supported. Also can they demonstrate similar deployments to the ones you
are planning?
For SaaS providers in particular a features, service and integration roadmap is highly
desirable.
Depending on your particular cloud strategy, you may also want to evaluate the overall
portfolio of services that providers can offer. If you plan to use separate best of breed services
from a broad mix of provider then this is not as relevant, but if your preference is to use only
a few key cloud service providers, it is important for those service providers to offer a good
range of compatible services.

Data Governance and security

Data management
You may already have a data classification scheme in place that defines types of data
according to sensitivity and/or policies on data residency. At the very least you should be
aware of regulatory or data privacy rules governing personal data.
With that in mind, the location your data resides in, and the subsequent local laws it is subject
to, may be a key part of the selection process. If you have specific requirements and
obligations, you should look for providers that give you choice and control regarding the
jurisdiction in which your data is stored, processed and managed. Cloud service providers
should be transparent about their data centre locations but you should also take responsibility
for finding this information out.
If relevant, assess the ability to protect data in transit through encryption of data moving to or
within the cloud. Also, sensitive volumes should be encrypted at rest, to limit exposure to
unapproved administrator access. Sensitive data in object storage should be encrypted,
usually with file/folder or client/agent encryption.
Look to understand the provider’s data loss and breach notification processes and ensure they
are aligned with your organisation’s risk appetite and legal or regulatory obligations.
The CIF Code of Practice framework has some useful guidance to help identify relevant
security and data governance policies and processes as part of a provider assessment.
Information security
Ensure you assess the cloud provider’s levels of data and system security, the maturity of
security operations and security governance processes. The provider’s information security
controls should be demonstrably risk-based and clearly support your own security policies
and processes.
Ensure user access and activity is auditable via all routes and get clarity on security roles and
responsibilities as laid out in the contacts or business policies documentation.
If they are compliant with standards like the ISO 27000 series, or have recognised
certifications, check that they are valid and get assurances of resource allocation, such as
budget and headcount to maintain compliance to these frameworks.
Ask for internal security audit reports, incident reports and evidence of remedial actions for
any issues raised.

Service Dependencies & Partnerships

Vendor relationships
Service providers may have multiple vendor relationships that are important to understand.
Assessing the provider’s relationship with key vendors, their accreditation levels, technical
capabilities and staff certifications, is a worthwhile exercise. Do they support multivendor
environments and can they give good examples.
Think about whether the services offered fit into a larger ecosystem of other services that
might compliment or support it. If you are choosing a SaaS CRM for instance – are there
existing integrations with finance and marketing services? For PaaS – is there a cloud
marketplace from which to buy complimentary services that are preconfigured to integrate
effectively on the same platform?
Subcontractors and service dependencies
It’s also important to uncover any service dependencies and partnerships involved in the
provision of the cloud services. For example, SaaS providers will often build their service on
existing IaaS platforms, so it must be clear how and where the service is being delivered.
In some cases there maybe a complex network of connected components and subcontractors
that all play a part in delivering a cloud service. It’s vital to ensure the provider discloses
these relationships and can guarantee the primary SLAs stated across all parts of the service,
including those not directly under its control. You should also look to understand limitations
of liability and service disruption policies related to these subcomponents.
In general, think twice before considering providers with a long chain of subcontractors.
Especially with mission critical business processes or data governed by data privacy
regulations.+
The Code of Practice requires explicit clarification of service dependencies and the
implications on SLAs, accountability and responsibility.

Contracts, Commercials & SLAs

Contracts & SLAs
Cloud agreements can appear complex, and this isn’t helped by a lack of industry standards
for how they are constructed and defined. For SLAs in particular, many jargon-happy cloud
providers are still using unnecessarily complicated, or worse, deliberately misleading
language.
This is being addressed to some degree with the latest revision of the ISO standards for
Service level agreements ISO/IEC 19086-1:2016, this revision is a useful framework to use
when assessing providers’ agreements.
In general, agreements range from out of the box “terms and conditions”, agreed online,
through to individually negotiated contracts and SLAs.
The size of CSP vs the customer is a factor here. Smaller CSPs are more likely to enter into
negotiations but may be more likely to agree custom terms that they might not be able to
support. Always challenge providers that are prepared to offer flexible terms to provide
details on how they plan to support this variation, who is responsible for this variation and
what are the processes used to govern this variation.
We cover contracts, SLAs and cloud law in module 10 of our online training programme. Key
factors to consider with contracts are:
 risk.png

Service delivery
Look for a clear definition of the service and deliverables. Get clarity on the roles and
responsibilities relating to the service (delivery, provisioning, service management,
monitoring, support, escalations, etc.) and how that is distributed between customer and
provider. How is service accessibility and availability managed and assured (Maintenance,
incident remediation, disaster recovery, etc.). How do these policies fit with your
requirements?
Data policies and protection
Assess a provider’s security policies and data management policies particularly relating to
data privacy regulations. Ensure there are sufficient guarantees around data access, data
location and jurisdiction, confidentiality and usage /ownership rights. Scrutinise backup and
resilience provisions. Review data conversion policies to understand how transferable data
maybe if you decide to leave.
Business terms
There are a myriad of terms covered in the training module and your circumstances will
dictate which are important, but key considerations include:

 Contractual and service governance, including to what extent the provider can unilaterally
change the terms of service or contract.

 What are the policies on contract renewals and exit or modification notice periods.

 What insurance policies, guarantees and penalties are included and what caveats accompany
them.
  And to what extent is the provider willing to expose their organisation to auditing operations
and compliance to policies.

Legal Protections
Specific terms relating to Indemnification, Intellectual property rights, Limitation of liability
and warranties should be standard terms in providers’ contracts. However, the parameters
relating to each should be scrutinised. Typically these protections are often the most hotly
contended as customers look to limit their exposure to potential data privacy claims following
a breach and at the same time providers look to limit their liability in cases of claims.
Service level agreements
SLAs should contain 3 major components:

 Service level objectives

 Remediation policies and penalties/incentives related to these objectives

 Exclusions and caveats.

Service level objectives (SLOs) typically cover: accessibility, service availability (usually
uptime as a percentage), service capacity (what is the upper limit in terms of users,
connections, resources, etc.), response time and elasticity (or how quickly changes can be
accommodated). There are often others depending on how terms are distributed between
contract and SLA.
Look for SLOs that are relevant, explicit, measurable and unambiguous. They should also be
auditable if possible and clearly articulated in the service level agreement.
SLAs should also specify how issues should be identified and resolved, by who and in what
time period. They will also specify what compensation is available and the processes for
logging and claiming, as well as listing terms that limit the scope of the SLA and list
exclusions and caveats.
Close scrutiny of these terms is important, as often service credit calculations are complex –
ask for worked examples or better still give all shortlist providers the same imaginary
downtime scenario and compare the difference in compensation.
Cloud commercials
Each cloud service provider has a unique bundle of services and pricing models. Different
providers have unique price advantages for different products. Typically, pricing variables are
based on the period of usage with some providers allowing for by the minute usage as well as
discounts for longer commitments.
 Extract from CIF E-learning module 8 – Cloud Service provider selection

The most common model for SaaS based products is on a per user, per month basis though
there may be different levels based on storage requirements, contractual commitments or
access to advanced features.
PaaS and IaaS pricing models are more granular, with costs for specific resources or
‘resource sets’ consumption. Aside from financial competitiveness look for flexibility in
terms of resource variables but also in terms of speed to provision and de provision.
Application Architecture that allows you to scale different workload elements independently
means you can use cloud resources more efficiently. You may find that your ability to fine
tune scalability is affected by the way your cloud service provider packages its services and
you'll want to find a provider that matches your requirements in this regard.

Reliability & Performance

There are several methods you can use to measure the reliability of a service provider.
First, check the performance of the service provider against their SLAs for the last 6-12
months. Some service providers publish this information, but others should supply it if
asked.
Don’t expect perfection: downtime is inevitable and every cloud provider will experience it at
some point. It’s how the provider deals with that downtime that counts. Ensure the
monitoring and reporting tools on offer are sufficient and can integrate into your overall
management and reporting systems.
Ensure your chosen provider has established, documented and proven processes for dealing
with planned and unplanned downtime. They should have plans and processes in place
documenting how they plan to communicate with customers during times of disruption
including timeliness, prioritisation and severity level assessment of issues.
Be aware of remedies and liability limitations offered by the cloud provider when service
issues arise.
Disaster recovery
Look to understand the provider’s disaster recovery provisions, processes and their ability to
support your data preservation expectations (inc. recovery time objectives). This should
include criticalness of data, data sources, scheduling, backup, restore, integrity checks, etc.
Roles and responsibilities, escalation processes and who has the burden of proof, all must be
clearly documented in the service agreement. This is vital, as in many cases, your team may
be responsible for implementing some of these processes.
Consider purchasing additional risk insurance if the costs associated with recovery are not
covered by the provider’s umbrella terms and conditions.

Migration Support, Vendor Lock in & Exit Planning

Vendor lock-in, is a situation in which a customer using a product or service cannot easily
transition to a competitor. Vendor lock-in is usually the result of proprietary technologies that
are incompatible with those of competitors. However, it can also be caused by inefficient
processes, or contract constraints, among other things.
Cloud services that rely heavily on bespoke or unique proprietary components may impact
your portability to other providers or in-house operations. This is especially true if
applications have to be re-architected in order to run on a service provider platform.
Avoid the risk of vendor lock in by ensuring your chosen provider has minimal use of
proprietary technology or you minimise the use of services that limit your ability to migrate
or transition away.

Extract from CIF E-learning module 8 – Cloud Service provider selection

Ideally select value added services that have competitive and comparable alternatives in the
market and put policies in place to periodically review the options to minimise lock-in risk.
Also be wary of “enhancement creep”, where service providers modify configurations,
policies, technologies etc, and in doing so introduce lock-in factors as part of your service.
Finally, while there are some compelling benefits in working with one or a few key providers
you should balance these benefits with the risks of becoming too entangled with any one
supplier.
Exit provisions
Similarly, ensure you have a clear exit strategy in place at the start of your relationship.
Moving away from a CSP’s service isn’t always an easy or smooth transition, so it’s worth
finding out about their processes before signing a contract.
Furthermore, consider how you’ll access your data, what state it will be in and for how long
the provider will keep it.

Business health & Company profile

Assessing the technical and operational capabilities of a potential supplier is obviously
important, but take time to consider the financial health and profile of your shortlisted
providers.
The most compatible or most competitive cloud service is immaterial if the provider doesn’t
have a sound business. Make sure your main providers are a good fit for the long term.
As Microsoft say in their short guide on provider selection: ‘The provider should have a
track record of stability and be in a healthy financial position with sufficient capital to
operate successfully over the long term”. If a service provider gets into trouble it may not
have the financial resources to refund your losses, regardless of good intentions and contract
assurances.
Try and establish if the organisation has had any past legal issues, has been, or is being sued
and how they respond to legal challenges - ask directly or do your own research.
Ask about any planned corporate changes, mergers and acquisitions, or business aspirations.
Get a good handle on the competitive position and aspirations of the provider, use analyst
profiles, online reviews and market research to get a sense of their market status.
Sometimes looking at the history of the management team via networks like LinkedIn can be
very revealing – do previous roles show consistent performance and good corporate
governance.
What type of customers do they have and what markets do they count as important – vertical
emphasis may prompt investment in valuable niche offerings.

Summary
Include hard and soft factors in your assessment of prospective providers: recognise and
validate both the certifications and standards they adhere to, but also what their customers say
about them in case studies and testimonials.
Think long-term to avoid lock-in – avoidance of proprietary technologies and a clearly
defined exit strategy will avoid a lot of headaches down the line.
Take time to establish workable SLAs and contractual terms – they’re the main form of
assurance you have that the services will be delivered as agreed.
 For a comprehensive and extensive guide on how to assess, select and review service
providers access module 9 (Assessing Cloud Service Providers) and module 10 (Cloud
Contracts, SLAs and Cloud LAW) of our online training. For more information on our full e-
learning online training courses see here.

Many Models One Cloud: Overcoming the Jigsaw

Puzzle in Cloud Selection
As cloud computing is gaining adoption by organizations due to its immense
benefits, not all cloud models will work for every type of business. There are
subtle and major differences with each model and the working of each model
is unique. Each cloud model has its own advantages and shortcomings.
Organizations planning to implement cloud services in their operations must
carefully examine the pros and cons of each model and decide the most
appropriate model to suit their business and generate value in the long run.

Cloud computing is emerging as a potential driver for business innovation and

growth. Cloud computing promises new business models, planning for
business strategies to obtain competitive advantage in markets and offers
global business potential. All of us understand, cloud is a service model that
offers IT resources and services for any type of business and ensures
flexibility in terms of volume and scale. Users can access cloud services and
applications, using any web browser on a desktop, laptop or on a mobile
device connected to the internet. Some of the key enablers offered by cloud in
terms of business benefits include,

 Flexibility in terms of cost: The costing in cloud models is a variable.

Cloud implementations allow business companies to ‘pay for the resource as
and when needed.’ This offers the benefit of reduced capital expenditure in
upgrading and running an in-house IT infrastructure.

 Business scalability: Cloud provides flexibility. Resources in the cloud

can scale up or down to support business growth and in times when business
is lean. This is another benefit.

 Adaptability in the market: All cloud models enable faster time to

market, and provides scope for business innovations and explore new
opportunities.

 Context-driven variability:Increases the relevance of products and

services and enables user defined experiences.
 Connectivity with the existing ecosystem: Cloud models offer
capabilities to fully integrate into existing infrastructure.

In cloud models, business firms have the opportunity to leverage cloud

business enablers for achieving competitiveness in markets through
innovation across customer value propositions and in the industry value chain.
Cloud services are available in three major service models namely, Platform-
as-a-Service (PaaS), Software-as-a-Service (SaaS) and Infrastructure-as-a-
Service (IaaS). Cloud computing models are available in three deployment
types namely, Private Cloud, Public Clouds and Hybrid Clouds to suit the
requirements in different types of operations.
Making the right choice – Selecting the most appropriate model
It is highly important to have a closer look into the service offerings while
choosing the right infrastructure model.

 PaaS: This service allows applications and programming models to be

deployed easily. Specialized services such as authentication, payment
gateways, data access, etc. are implemented in PaaS. It offers the benefit of
creating web applications and eliminates the need to buy hardware and
software that is required in software application development scenarios.
System developers need not worry on how processing is done, how much
memory and storage is to be used, etc. these are taken care by the cloud
infrastructure. PaaS offers all the services required to fulfill the processes
(end-to-end lifecycle of development, testing, deployment and hosting
complex web based applications) of application development in order to
deliver it as a service. Creating and maintaining an infrastructure for
efficiency and scalability is time consuming and costs lot of money. PaaS
model help businesses to get rid of this major problem. PaaS is gaining
popularity and adoption by IT solutions companies, engineering enterprises,
etc.

 SaaS: This service offers the benefit of deploying applications online

thereby attracting consumers (users). In SaaS, applications and software can
be used by a web browser over the internet and the software is managed
centrally. Since applications are centralized, software upgrades, patches,
security, etc. are handled by the service provider or client. API integration is
possible between different software components. SaaS is very popular
because it provides various benefits for business companies. SaaS offers the
maximum benefits in scenarios such as, email applications and business
productivity tools, e-commerce portals, helpdesk/support services, data
processing capabilities over the web (payroll processing, billing, etc);
collaboration software, etc. Applications are available for multiple clients
using a variety of devices. SaaS model is widely used by businesses for the
purposes of e-mail, helpdesk/support services, logistics tracking, monitoring
progress in sales and marketing domains, financial management, customer
relationship management, etc. SaaS can be a viable option for SMEs looking
to maximize business value with minimal IT budgets.

 IaaS: Infrastructure as a service enables on-demand provisioning of

servers running several choices of operating systems and customized
 software. IaaS delivers the infrastructure (servers, storage, network and OS).
This is a fully outsourced service available for on-demand access and offers
to deliver resources, provides dynamic scaling, pricing model based on utility
usage, support for multiple users and so on. IaaS is suited for organizations
without capital to invest in hardware and most suited for organizations where
growth is rapid and there are problems in scaling up. IaaS eliminates the need
of maintaining expensive server hardware and network components within the
firm which is saves hardware costs. In fact, IaaS is a facility given to
businesses that allow users to leverage on compute, network and storage
space in servers and data centers.

Companies looking for the right cloud service must choose from PaaS, SaaS
or IaaS service models depending on their need and the chosen service model
must fulfill their business objectives. It is important to ensue the chosen
service model must blend seamlessly into their existing business operations.
In addition to choosing the service model, there are some factors to consider
by business in choosing their deployment model.
Factors to consider in Implementing Cloud Computing Services in Business
Deployment models available in cloud are private clouds, public clouds and
hybrid clouds. Firstly, companies must develop a blueprint which is developed
by exploring answers for the following questions,

 What is the current state of business and how well it operates today?

 Where are the efficiencies, gaps, risks, and opportunities for change?

 What is the plan to manage change and achieve the intended ROI?

When a company is considering a cloud for improving business outcomes it

should consider how the cloud can fit into its business strategy and
associated functions. Cloud implementations are not limited to one type of
deployment. There is a wide spectrum of choices available for a company to
choose from. Here are some more criteria to consider for selecting a cloud
deployment model.

 Criteria for Public Clouds: The public cloud provides a cost-effective

service to business services. Public service model helps businesses to
understand the missing components in existing IT portfolio such as outdated
applications, issues in extra processing, storage and capacity when needed.
The major reasons for adopting a public cloud model for business are cost,
speed and specialization. The public cloud offers pay-as-you-go pricing model
which gives substantial savings compared to capital expenditure (CapEx) and
operational expenditure (OpEx).

 Criteria for Private Clouds: A private cloud is deployed mostly by very

large enterprises and works on the notion of self-service on premise
infrastructure managed and maintained by in-house IT. The private cloud can
fulfill both the perspectives of business goals and the expanding IT workloads
due to increased business activity. A private cloud is designed to deliver
better service results, improve agility and efficiency and improve
 collaboration between the various departments within the organization. A
private cloud is designed to solve many of the IT and management problems
and offers service availability and centralization of data and applications.

 Criteria for Hybrid Clouds: Hybrid clouds are a mix of private and public
clouds. Hybrid clouds are often viewed by enterprises as an ideal solution to
fulfill compliance, avoid vendor lock-ins and to overcome data security and
privacy issues. Hybrid clouds are also seen as a strategic option when the
private cloud environment cannot always provide the resources required by an
application with unpredictable growth patterns. As the application grows the
available resources in a private cloud may not be able to support the growing
user base. In such cases a hybrid cloud is considered by the organization to
own some portion of the infrastructure and the public cloud is used for the
remaining resources. In order for a hybrid cloud to be effective, the company
must define policies for security loopholes.

A few architectural principles to consider when implementing cloud for the

business will include aspects such as

 Service Orientation

 Service Foundations for workload profitability between private and

public models

 Service Standards are maintained to ensure business operations

without disruptions

 Ensure Ecosystem alignment to mitigate issues in service or resource

availability

Despite the advantages and benefits offered by the cloud models one should
make a decision on the right model after carefully weighing the pros and cons
and examine service level agreements (SLA) carefully before adoption.