How do I choose: 8 criteria to ensure you select the right cloud service provider How to select the right cloud service provider However, the available market is vast, with a myriad of providers offering an even larger number of services. From market giants like Microsoft, Amazon and Google through to smaller niche players offering bespoke services. So how do you select the right cloud provider from so many? The answer is a defined selection and procurement process appropriately weighted towards your unique set of needs. We’ve distilled the key factors into a definitive list of 8 consideration areas. For a complete and comprehensive cloud adoption guide, including how to assess cloud service providers – see our online e-learning courses Timing – When to select a cloud provider? Armed with clarity on technical, service, security, data governance and service management requirements, you can more effectively interrogate your select group of potential providers. It’s also worth noting, when migrating applications and workloads to the cloud, the specific environments you choose and the services offered by your cloud service provider will determine the configurations needed, the work you need to do and the help you can get from the provider in doing it. Ideally, therefore, you should choose your providers after you have identified your cloud migration candidates but in parallel with analysing and preparing these workloads for migration. We have grouped these into 8 sections to help you effectively compare suppliers and select a provider that delivers the value and benefits your organisation expects from the cloud.
Data Governance and security With that in mind, the location your data resides in, and the subsequent local laws it is subject to, may be a key part of the selection process. If you have specific requirements and obligations, you should look for providers that give you choice and control regarding the jurisdiction in which your data is stored, processed and managed. Cloud service providers should be transparent about their data centre locations but you should also take responsibility for finding this information out. If relevant, assess the ability to protect data in transit through encryption of data moving to or within the cloud. Also, sensitive volumes should be encrypted at rest, to limit exposure to unapproved administrator access. Sensitive data in object storage should be encrypted, usually with file/folder or client/agent encryption. Look to understand the provider’s data loss and breach notification processes and ensure they are aligned with your organisation’s risk appetite and legal or regulatory obligations. The CIF Code of Practice framework has some useful guidance to help identify relevant security and data governance policies and processes as part of a provider assessment. Subcontractors and service dependencies In some cases there maybe a complex network of connected components and subcontractors that all play a part in delivering a cloud service. It’s vital to ensure the provider discloses these relationships and can guarantee the primary SLAs stated across all parts of the service, including those not directly under its control. You should also look to understand limitations of liability and service disruption policies related to these subcomponents. In general, think twice before considering providers with a long chain of subcontractors. Especially with mission critical business processes or data governed by data privacy regulations.+ The Code of Practice requires explicit clarification of service dependencies and the implications on SLAs, accountability and responsibility. The most common model for SaaS based products is on a per user, per month basis though there may be different levels based on storage requirements, contractual commitments or access to advanced features. PaaS and IaaS pricing models are more granular, with costs for specific resources or ‘resource sets’ consumption. Aside from financial competitiveness look for flexibility in terms of resource variables but also in terms of speed to provision and de provision. Application Architecture that allows you to scale different workload elements independently means you can use cloud resources more efficiently. You may find that your ability to fine tune scalability is affected by the way your cloud service provider packages its services and you'll want to find a provider that matches your requirements in this regard. Reload Post: How do I choose: 8 criteria to ensure you select the right cloud service provider Remore Post: Choose the Right Cloud Service Provider Platform Remore Post: Comeback my home AKS.EDU.VN |