Analysts consider migration to public clouds as an essential part of the digital transformation. According to statistics by the end of 2020, 67% of enterprise infrastructure will be cloud-based. In the last five years, more and more companies have migrated to the cloud. However, although the interest in public clouds is growing, the process of migration is proceeding at a slower pace than it was predicted. A large proportion of workloads still remain on-premise.
Both SMBs and large businesses see the obvious economic benefits of cloud migration. For example, with Infrastructure-as-a-Service small and medium-sized companies reduce capital expenditures and the cost of maintaining local infrastructure. For large enterprises, these factors are less important, the reason for cloud migration for them is the possibility to instantly build up and scaling the infrastructure. The public cloud provides access to a stack of technologies that are difficult and costly to implement in-house, and which are very expensive in terms of administration.
There are a lot of myths about cloud technologies, so there is still some distrust in them. In this article, we will dispel some of them.
Cloud migration is difficult and causes business downtime
Moving your systems from on-premise to the virtual server in the cloud can be challenging, but do not treat it as a disaster: in fact, the majority of migrations go smoothly and with minimal downtime. The key to success is to develop a strategy and implementation plan that meets business needs without downtime or disruption to critical business processes. During the cloud migration process, providers provide full technical support. In addition, the migration can be done in stages, at days and hours when your applications are minimally loaded (for example, at night). With careful planning and support from an experienced professional, migration will be successful even for business critical applications where downtime is not an option.
You do not have to move the entire infrastructure to the cloud. You can only move a part of it, for example, the most loaded nodes. This will allow you to offload your own infrastructure on the one hand, and on the other hand, will ensure that critical nodes can be quickly scaled up if necessary.
Deploying Company Assets in the Cloud will cause compliance issues
Data residency is an important factor. Many countries do not allow the export or storing of personal data in another country. To address this challenge, opt for a provider that offers services following the requirements of local laws, as well as services for personal data protection.
For example, if you offer services to Russian nationals, according to the Law on Personal Data no. 152-FZ you must protect their personal data.
Some think that such data should be stored only in-house. In fact, there is no prohibition to store data in the cloud, it just should be properly protected.
Enterprise cloud providers ensure data security – they install expensive software and sophisticated equipment, hire information security specialists. It turns out that data in the cloud is protected even more than on the company's servers. The main thing is that the infrastructure of the cloud provider must be certified. In the case of Russia, this is FSTEC's license for technical protection of information, and a certificate of compliance, confirming that its infrastructure meets the requirements for the storage of personal data.
The risk of violating the law on personal data is much higher if you store personal data on your own server.
The cloud is insecure
With the ever-increasing number of data leaks being reported worldwide, concerns about cloud computing security are becoming more urgent. It may seem that on-premise security is more robust than cloud security. In fact, however, the cloud is much more secure. When data is placed in a public cloud, it may really seem more vulnerable. But think about how many employees in your company currently control your data. Cloud provider is a team of experts who protect data stored in the cloud.
Since all data and business-critical workloads are stored in virtual environments, the impact of a single attack is significantly reduced with robust disaster recovery and business continuity strategies. As cloud security requirements become more stringent, providers have a wide range of policies, technologies, and controls that ensure a high level of security for data and applications.
Remember, the level of responsibility of providers and operators varies depending on the service. For example, IaaS (Infrastructure-as-a-service) assumes the greatest responsibility of the customer who fully controls cloud loads. The cloud vendor is responsible for managing the infrastructure itself – from the physical security of data centers to components of virtualization and service availability, while it is up to the customer to ensure security within a cloud environment. This is a so-called shared responsibility model.
When moving workloads to the cloud, discuss your security concerns and the ways to mitigate the risks with a provider. Be aware of security measures that will be applied, how data will be encrypted, and what access control measures will be provided to ensure that only authorized personnel has access to business-critical data.
The cloud is only for large companies, it is extremely expensive
This is one of the biggest myths about cloud computing. But that's not entirely true. Yes, the initial investment may seem significant, so you can move your workloads and applications iteratively: first, move email or storage, and then more complex business-critical applications. Once your business is running in the cloud, the capital cost is almost zero while the operating cost is nominal.
Since you only pay for what you use, your investment is not tied to expensive on-premise servers and data centers; it also helps you avoid high data center costs – including space, electricity, cooling, and maintenance. Your cloud applications can be optimized to scale on-demand, giving you much greater control over your IT costs.
Global providers are always better than small local ones
Providers such as AWS, Microsoft, and Google have been on the market for much longer than small Russian cloud service providers and have considerable experience in developing client services.
However, apart from the technological maturity of the cloud platform, when choosing a provider it is worth assessing the quality parameters of services provided. From a large provider, you will not be able to get a high level of technical support.
For foreign customers entering the Russian market which is unfamiliar to them, it is important to build partnerships with a provider which not only provides the necessary infrastructure but also assists in technical issues, anticipates opportunities for business growth and development.