A 10-point guide to derisking cloud platform migrations

A 10-point guide to derisking cloud platform migration

The benefits of migrating data and workloads to the cloud are by now well understood. But cost, complexity and skills are often a barrier. An estimated 72% of global organisations run hybrid environments today, meaning they blend public cloud deployments with private cloud and/or on-premise datacentres. That can add flexibility, but also risk.

Fortunately, help is at hand.

What are the risks of failure?

The public cloud is often seen as a more cost-effective option. But this isn’t always the case. A reasonably priced quote from an MSP may look good on paper and a contract is signed. It’s during the migration or in the early days that performance issues start to occur, and the costs start to ramp.

Additionally, if any one part of the cloud migration piece doesn’t work as intended, it could have a major impact on employee productivity, morale and even lead to data loss. That could feed quite quickly through to a negative hit on brand reputation and the bottom line. No organisation wants to be forced to fail back workloads after making the strategic decision to go to another cloud platform.

From planning to execution

With that, here are some key things to bear in mind to de-risk any cloud migration strategy.

1. Plan, plan, plan:

It sounds obvious, but successful cloud migration projects begin with thorough planning. It’s not just about a project manager describing what’s going to happen. It’s essential to begin with a clearly defined scope, understanding the workloads that need moving and ensuring they’re going to the right location in the right cloud. The type of workload will dictate where and how migration should happen. Remember: even small changes can have a big impact on end state.

Most critically, any cloud initiative should be aligned with business strategy. That’s why it’s important to start with a tailored assessment of the business and current IT systems, business priorities, future vision and key challenges. From there, the MSP should be able to create a personalised cloud solution that meets the client’s specific needs. QuoStar will create a comprehensive plan that outlines the scope, resource requirements, and project deliverables. This will always include accurate costs and a detailed plan of action.

2. Back-up and integrate:

If it’s a case of migrating from on-premise to a private cloud, this means ensuring the organisation has the right replication tool sets. If it’s about migrating to the public cloud, the organisation will need backup capabilities properly tested through to recovery for the solution that’s being migrated. Consider migrating to a development environment first, and/or moving a small handful of non-key workers’ services. A phased approach like this will help to surface any potential issues early on.

Another potential hurdle relates to core management system applications. If they’re simply “lifted and shifted” to the public cloud, poor integration with other applications may result in reduced operational efficiency and productivity, ultimately increasing cost. Typically, it’s business-critical legacy applications that are best suited to a private cloud but with tight and fast integration into a wider public cloud.

3. Get security right:

Security is still a top-two cloud challenge for businesses, cited by three-quarters (73%) of organisations. Following best practice is essential here, because when migrating data and workloads, teams may unwittingly open up doors into their infrastructure for a prolonged period. It could be a local site that needs to be connected via VPN to cloud workloads in order to transfer data, for example. If that site gets compromised, then the threat actor will have a direct pathway to into the cloud environment.

Security solutions often won’t lift-and-shift into the cloud. It’s important to consider what new tooling and approaches may be required. Sometimes it’s simple things that could unwittingly expose cloud infrastructure to threats – right down to the way networking works in the cloud. Consider carefully which assets need to be restricted, and that security works differently in private and public cloud.

Having an IT partner with a proven track record in cybersecurity can be extremely useful, as its experts will be trained to monitor for any potential risks or gaps and advise which solutions can prevent breaches. QuoStar is supplier agnostic and understands that some components work well in certain situations but not in others. It’s all about ensuring the right for business outcome rather than supplier. Understanding the organisation’s shared responsibility obligations is also key.

4.Have the right skills to hand:

It goes without saying that any organisation migrating to the public cloud needs to understand what they’re doing. This is sometimes where in-house teams used to tried-and-tested on-premises ways of doing things may hit a barrier. Expert third-party help can sometimes be essential, especially if internal teams are being stretched to the limit by digital transformation initiatives. The right IT partner will guide clients through their entire transformation journey, partnering with internal teams to share knowledge and even grow in-house experience and capabilities.

5. Start from the workloads:

To ensure the proposed cloud solution is the right fit for your organisation, think carefully about the workloads it wants to migrate. If it’s a case of moving on-premises infrastructure to the cloud to run “as is” for resiliency reasons, then private cloud is probably the best option. However, if the organisation wants to transform its infrastructure with platform-as-a-service, then public cloud would be a better pick.

As mentioned, increasingly it is a mix of the two. But exactly what this mix looks like will come down to the type of workloads in-scope. QuoStar will always consider a multi-cloud environment to mitigate risks associated with a single cloud, or just to find the right fit for the workload. With access to Microsoft Azure, Amazon Web Services, Google Cloud and other providers, there’s ample opportunity to find the best fit for each client.

6. Choose the right MSP/IT partner:

For most SMBs, an MSP will be essential to augment in-house skills during cloud migration projects and beyond. It’s important to choose a vendor agnostic partner to ensure they always pick the best solution on the market for a particular client and project. And one that has a tried-and-tested, mature migration process. It also pays to talk to a prospective MSP’s client base proactively rather than reading references handed over by the service provider. Speak to three or four to get a good mix of views.

7. Consider ongoing support:

The cloud landscape continues to evolve at speed. That demands a dedicated team and a proper service representative. Consider MSPs that offer support packages specific to the cloud platform(s) the organisation chooses, to ensure that the cloud provider (CSP)’s best practices are always being followed. Automated tooling will ensure that this is a continuous process, even as those best practices change.

If the organisation is moving to a private cloud and their MSP is fully managing that environment, it pays to check their past 12-24 months of uptime before selecting one. Talking to other clients is the best way of getting an honest answer on this.

8. Regularly review cloud provision:

Organisations will evolve over time, and so must their cloud set-up. Here are some of the tell-tale signs that an audit is required:

  • OpEx is spiralling
  • Performance issues are starting to impact the business
  • The business can’t grow or launch new services

Regular audits are also a good idea from a security perspective, given the constant innovation that happens in the cybercrime underground. It’s an industry worth trillions today, and as new threats emerge, organisations may need to evolve their cloud strategies.

Ensure any audit is completed by a third-party distinct from the MSP, to keep its findings as objective as possible.

9. Consider whether to repatriate data:

Research reveals that 76% of IT leaders plan to repatriate data from the public cloud back on-premises in the next three years. It could be for cost reasons, client demands, or simply to gain more control over their environments – so they’re not beholden to their CSP’s tech roadmap. Many organisations find they prefer dealing with a smaller, specialised MSP that understands their vertical.

If data is being migrated from a public to a private cloud, an MSP could help here too, by managing the underlying hardware up to the OS level. This saves cost and resource, enabling the in-house IT team to focus on higher value tasks. Whatever the final destination of the data, the project should be managed in the same way as before; in a carefully planned, phased approach based around a rigorous assessment of the relevant workloads.

10. Define the Cost

Assess the Costs and Complexity: QuoStar understands how to fully scope the migration, including the costs and skills required. Be aware that other quotes from a Managed Service Provider may not cover all the resources needed, potentially leading to significant cost increases if additional resources are required later down the line. especially with public cloud.

Cloud migration can be fraught with complexity, so getting a partner you can trust is the first step to success. At QuoStar, we’ve been helping clients to transform their business via cloud optimisation for over a decade.

Public, Private, or Multi-Cloud: Getting the right mix for your business

Public, Private, or Multi-Cloud: Getting the right Mix for your Business

For many businesses, the challenge with IT generally and with Cloud specifically, is one of complexity and choice. There are simply too many options to choose from, leaving firms uncertain about how to make good strategic choices.

Competitive pressures, cost control and a need for businesses to be more agile and responsive are all good reasons to invest in Cloud. The pandemic only accelerated this trend with new investments in IT projects promising to deliver radical improvements to core business processes in terms of greater control and reduced costs. Alongside this, a Cloud platform can also bring with it new threats, most obviously to security, with ransomware a persistent and growing risk which can threaten the reputation and even the viability of an enterprise. More broadly, new challenges in Governance, Risk Management and Compliance (GRC) arise for which most businesses are ill equipped.

The Risks of Following the Herd

Against this background, making the right choice is challenging, as it is unlikely that an internal IT team is up to speed on the best options as well as the challenges and pitfalls which can arise.

Fear and uncertainty can then become the main drivers behind Cloud investment and “strategy” sometimes amounts to little more than following prevailing wisdom in the sector. This very often means a wholesale commitment to a Public Cloud platform from one of the globally recognised brands such as Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP).  Whilst this often seems like a safe choice, an exclusive commitment to one provider or platform can result in a spiralling costs and IT systems which drift from the specific requirements of a business.

A common problem arises when proprietary applications which are essential to the smooth running of a business, are transferred to a Public Cloud platform and poorly integrated with other applications. Far from improved productivity, this often leads to poorer performance which can impact profitability.

All of his can lead to a stand-off between frustrated IT teams and sceptical senior management.

Choosing a Cloud Platform which fits your Business

At QuoStar, we do not think there is a “one size fits all” approach to Cloud.  Every business is unique with its own specific challenges and its own commercial strategy. We have been designing, building and managing Cloud platforms for over 15 years, in each case ensuring that our clients get platforms which are fit for purpose.

We always start with understanding what a business is trying to achieve.  With a clear business context, we apply analysis to assess the requirement for Cloud or, if Cloud platforms are already in place, to uncover opportunities for better security, stability, and effectiveness. Our assessment also delves into licencing and resource allocation to find ways to reduce spend whilst maintaining quality.

A Platform Agnostic Approach

Crucially, we are platform agnostic which means that we will always propose the right mix of Public, Private and Multi-Cloud to fit the needs of a business. Whether the need is for a single virtual server in a Private Cloud, or a global hybrid environment incorporating Public, Private and on-premise platforms, we can deliver a robust managed service. This is underpinned by our true purpose-built Multi-Cloud platform which, together with our clients, our engineers can deploy over the short or long term.

At the heart of our service is an elite team of Cloud professionals, each with 10 years’ experience in delivering Cloud platforms. We know that no single enterprise can have all the specialist IT skills to keep their systems running, so QuoStar can support IT teams through their transformation journey and help them to develop.

Empowering Businesses to Exploit the Potential of Cloud

We are committed to empowering clients to exploit their expanding Cloud capabilities and have earned recognition for our comprehensive Cloud training programs which bridge the skills gaps in their IT teams. We partner with these teams and facilitate knowledge sharing as demands on them increase. Our selection as a nominee for Cloud Services Provider of the Year Award at the 2023 CRN Channel Awards highlights the quality of service we consistently deliver to our clients.

We also recognise that the success of our solutions extends beyond the technology itself. For example, GRC is second nature to us, so we make it a priority to support our clients with systems and processes which embed best practice and provide year-round support.

Schedule a non-committal initial consultation with one of QuoStar’s dedicated Cloud specialists.

Why an Azure Managed Service is essential

In today’s fast-paced digital landscape, more and more businesses are turning to cloud solutions be that private or public to streamline their operations and stay competitive. Azure is one of the most popular cloud computing platforms on the market, providing a wealth of benefits for businesses of all sizes. However, managing Azure can be complex and time-consuming, especially for organisations without in-house IT resources. That’s where an Azure managed service from a managed service provider (MSP) like QuoStar comes in. In this blog post, we explore why an Azure managed service is critical for any business using Azure.

Cost Control

One of the primary benefits is cost control. Azure provides a wide range of pricing options and services, making it easy for businesses to overspend if not managed carefully. An MSP can help optimise Azure usage, identify unnecessary costs, and recommend cost-saving measures. They can assist in selecting the right Azure services based on specific needs, adjusting usage patterns, and leveraging cost-saving opportunities such as reserved instances.

Furthermore, an Azure managed service helps accurately forecast Azure expenses, enabling effective budget planning. This aspect is particularly crucial for small and medium-sized businesses that may lack the resources to handle unexpected costs.

Security

Security is another crucial consideration for businesses utilising Azure. As cyber threats evolve and become more sophisticated, having a robust security strategy in place is paramount. An Azure managed service can help implement best practices for Azure security, including identity and access management, network security, data encryption, and more. They also keep you updated with the latest changes, security patches, and updates to minimise the risk of security breaches and data loss.

A sophisticated Azure managed service, provided by the right MSP, can monitor your Azure environment for suspicious activity and proactively address security threats. This capability is especially important for businesses operating in regulated industries where data security is critical, such as legal or finance.

Technical Landscape

The technical landscape of Azure is constantly developing, with new features and services introduced regularly. For businesses, this presents both opportunities for innovation and challenges in keeping up with the ever-changing Azure ecosystem. An MSP can help navigate this landscape, stay up to date with the latest Azure features, and provide recommendations on how they can benefit your business. They can also help you avoid common pitfalls, such as overprovisioning or underutilising Azure services.

Automation

Automation plays a crucial role in an MSP’s services. Implementing automation on their own can be challenging and time-consuming for businesses. Automation saves time and resources, increases efficiency, and reduces the risk of errors. An MSP can automate routine tasks like patching, backups, and monitoring, allowing businesses to focus on their core operations. It also facilitates the deployment of correct frameworks and enables quick responses to security threats, minimising the risk of data loss or downtime.

Why QuoStar’s Managed Service

At QuoStar, we offer a comprehensive Azure managed service that blends automation and advanced monitoring, ensuring consistent and high-quality support. We’re committed to delivering personalised assistance to each of our clients, taking the time to understand their unique needs and tailoring our services accordingly. Here’s what sets us apart:

  • Azure expertise: Our seasoned team of Azure experts goes beyond the basics, covering everything from Infrastructure as a Service (IaaS) to Platform as a Service (PaaS). Benefit from the depth of our Azure knowledge.
  • Microsoft Solutions Partner: We’re not just another service provider; we are a Microsoft Solutions Partner for Infrastructure (Azure).
  • Industry recognition: Finalists for Cloud Services Provider of the Year at the CRN Channel Awards 2023, which shows that we’re among the best at what we do.
  • 24/7/365 support: Count on our UK-based support team to be there when you need them, ensuring your cloud environment runs smoothly around the clock. Rest easy knowing expert assistance is always within reach.
  • Risk-free assessment: Take advantage of our complimentary Azure assessment; if no significant issues are found, there’s no charge.

Don’t let the complexities of Azure management overwhelm you. With QuoStar’s Azure Managed Service, you can confidently take control of costs, ensure security, and smoothly navigate Azure.

Experience Azure’s benefits for cloud success.

Start a conversation with us or book your risk-free assessment today. Whether you need Azure consultancy or ongoing managed services, we’re here to assist you at every phase of your Azure journey. Take the first step towards a more efficient Azure solution, supported by a trusted partner.

Microsoft Solutions Partner for Infrastructure and Finalists for Cloud Services Provider of the Year at the CRN Channel Awards 2023

Why you need an Azure Landing Zone

If your business uses Microsoft Azure, you also need a well-designed and structured Landing Zone. A Landing Zone is a key component of the Microsoft Cloud Adoption Framework, helping organisations to better manage and scale their public cloud environments.

What makes up a Landing Zone?

In terms of Microsoft Azure, a landing zone is a combination of multiple subscriptions within an Azure Environment. These subscriptions are already set up for all areas of the platform that may be required to support the environment, whether that’s Infrastructure as a service or Platform as a service.

You could view a Landing Zone as foundations, built on solid practice and design considerations, which you can build on, expand and scale as required. The design of these foundations will differ, and the basics can be laid out differently from one Landing Zone to the other, as there is not one single design for all types of infrastructure.

While Landing Zones can vary due to their modular design and business requirements, they usually cover certain design areas, as below:

alz-design-areas

Landing Zone Design Areas

No matter what type of deployment you are designing, be it enterprise, hybrid-cloud, or a simple, small POC (proof of concept) environment, each design area listed should be considered within a Landing Zone.

  • Enterprise enrolment – have we set up a tenant that will support growth and scale? How will we license it?? CSP, EA etc?
  • Identity – How are we going to control identity and access? Serious consideration should be given to how this is managed.
  • Network topology and connectivity – What will our network look like now and how will this scale and grow? What design considerations, such as segregation, do we need to consider?
  • Resource organization – How will we organise our resources to allow for growth without red tape? What are our needs around business areas, different teams, subscriptions? And how we implement this within management groups?
  • Governance disciplines – How do we stay compliant? How do we enforce security requirements? How do we ensure our data sovereignty?
  • Operations baseline – How will we manage, monitor and optimise our environment? How will we maintain visibility within our environment and ensure it operates as required?
  • Business continuity and disaster recovery (BCDR) – How will we plan and design for continuity and protect our data? Have we considered the need to replicate data or provide a method of restoration? Do our proposed methods meet the RPO and RTO objectives of our organization?
  • Deployment options – How will we deploy our Landing Zone and resources moving forward? Will this be a manual process? Will we consider Infrastructure as Code? What methodologies for deployment could we use? 

We’ve helped several customers get their landing zone to good by deploying QuoStar’s best practise landing zone framework, which implements current governance best practises, cost management protection and parameter security. This has helped them to get to a position where they have the correct foundations build upon, future proof expansion and allow adoption and implementation of a continuously evolving best practise frameworks.

As a leading Microsoft partner, contact one of our Cloud specialists today to find out more about our services.

Cloud adoption: Understanding and avoiding the challenges

Cloud adoption

 

QuoStar’s Rob Rutherford shares a few helpful hints and tips.

Certain issues can arise around cloud adoption. However the risks can be mitigated when you know what to look out for.

 

The increasing popularity of cloud services and software.

There’s been a huge move onto the cloud recently, particularly around providers such as Microsoft’s Azure and the Modern Workplace stack. Microsoft Azure has, for example, reported growth of 51% in Q4 of 2021. This is a huge leap as businesses look to the cloud to improve their hybrid working environments and security.

Many organisations already on the cloud have been transitioning into a public-private hybrid model, or between two public providers to get the right workloads onto the platform to balance performance, security, and cost.

Inter-cloud high-availability and Disaster Recovery environments are areas where we’ve also seen a lot of interest, in order to protect cloud platforms from the failure of one provider or environment. In the longer term – considering state-sponsored attacks and skirmishes will likely become more prevalent in the future – we can expect to see businesses relying more and more on those types of inter-related environments to ensure a greater level of protection.

 

Cloud adoption: the challenges and barriers.

IT used to be solely seen as a supporting element of the business. One of the main challenges to cloud adoption now lies in the fact that many organisations have built up a technical debt over the last five years. They are trying to transform their businesses rapidly to catch up with the digitalisation of their sector.

Without a true grasp on how to deliver transformation strategies, many businesses have not been undertaking business focused requirements, analysis or mapping projects into a clear roadmap. Instead, they’ve tried working things out themselves. Often this can hold organisations back as they struggle with interoperability and performance issues.

A significant challenge in the actual process of migrating to the cloud is finding a reputable and experienced partner to assist in the cloud transition journey. Unfortunately, on the one side, a lot of cloud providers simply focus on getting the deal signed, and not necessarily on delivery. On the other side, many buyers are too focused on flat costs. Buyers may end up choosing those providers who appear to be the cheapest on paper. As a consultancy, we’re then often brought in to unpick a situation that has been created by rushing through deals.

 

Balance between cost efficiency and performance.

Preparation is key to any migration. It’s essential that an organisation doesn’t simply take the word of a salesperson on how long a migration is going to take, how much it’s going to cost in the first instance, and then on an ongoing basis.

All too often migration projects need to be pulled back on track. Performance issues might need to be addressed in an environment (ideally without a price increase from a customer’s point of view). Which can be hard – if not impossible. Quite frequently the ROI stated in a cloud provider’s proposal falls away as the realities of a complex workload bloom. This is where an organisation has signed an order and gone through significant (and often horrendous) migration, only to be left with a screaming user base and/or customers. The pain they’ve incurred often means they make drastic decisions. Such as wiping out ROIs, increasing the security risk profile or getting into further contractual obligations.

Most cloud providers will give an organisation some form of free trial on a workload. The larger the workload the more complex this gets; however commercial deals can be made.

It’s critical that organisations do their due diligence and build in contractual obligations. This will help to ensure the supplier delivers the desired outcome they expect. It may even be advisable to bring in external consultants, and/or lawyers to take some accountability for the project delivery. Especially when looking at large scale migrations.

 

Avoiding performance issues during cloud migration.

It’s always a good idea to over-resource when undertaking initial migrations. A large percentage of environments take up more resource, especially in the early stages of a heavy migration.

One of the biggest areas people typically under-resource is disk speed, in terms of IOPS (Input/Output operations Per Second). Too many organisations throw memory (RAM) and processor power at an underperforming environment. While it’s the disk speed that is the bottle neck. This isn’t a new cloud-related issue. However, too many IT teams spend time chasing their tales when the speed issues are in fact related to disk IO. Often many cloud provider support teams don’t seem to understand this in the lower support tiers, so be aware.

It’s worth being careful if you are paying for disk IO and/or network ingress or egress traffic. This is often where cloud costs start to spiral away from the original quotes first agreed upon. The public cloud often appears cheaper than private platforms when you go light on these costs. It’s worth checking these beforehand. It’s important testing your environment under load or having the cloud supplier make some guarantees around costs.

 

If you’d like some advice on cloud adoption get in touch with our experts today.