What to Consider When Using a Cloud or Managed Service Provider
To manage information and application data, clients have a few options: store workloads on a company-owned server, tap the storage space of a managed service provider or go with a hybrid model.
Workloads are getting bigger. To manage all of this information and application data, businesses have a few options: store workloads on a company-owned server, tap the storage space of a managed service provider (MSP) or go with a hybrid model that combines a private, on-premises cloud with an MSP.
So, how does a business decide? “There’s no black or white, nor an absolute right or wrong answer,” says Laura DiDio, principal, Information Technology Intelligence Consulting (ITIC), a Massachusetts-based technology consultancy and research firm. As an industry analyst, DiDio offers insights on the considerations and caveats organizations should weigh when deciding how to manage their workloads.
Recent changes in IT and data storage affect the ways nearly all businesses operate their IT functions.
The problem of sufficient storage space, for example, is fairly new, DiDio notes. In the early dot-com days, the internet seemed to easily accommodate all of the bits and bytes generated online. But in the past 10 to 20 years—the big data era—more workloads have been offloaded or outsourced into the cloud. “I don’t know of any shrinking applications,” DiDio says. And as workloads increase, many organizations are running out of physical space for additional servers.
“If you’re going to remain competitive and ensure a smoothly running organization, your IT system must incorporate high reliability, high availability, strong security and encryption.”—Laura DiDio, principal, Information Technology Intelligence Consulting
Some small and midsized businesses (SMBs) also have limited resources to devote to IT. Why build an on-premises private cloud when an outside vendor can provide the same types of services at a lower cost?
To decide whether to keep all workloads in-house or move some of them to an outside MSP, determine what your enterprise needs, both now and in the future.
Make an Assessment
“Every organization, regardless of vertical market, must perform a thorough analysis and review of what its workloads look like,” DiDio says. Assess your IT environment by measuring how many servers it has and how much bandwidth it’s consuming. She advises constructing a three- to five-year plan that anticipates any and all possible disruptions, changes and growth possibilities. “Otherwise, you’ll be hanging a going-out-of-business sign.”
Then, check your needs in terms of the budget and technological expertise of your IT staff. All of your organization’s technology stakeholders must be involved in creating this deep dive into the business—C-level executives, network administrators, facilities people, and the company’s telecom and connectivity professionals.
“A lot depends on what’s going on at the level of expertise and support you have in your internal IT department,” DiDio explains. “If you’re going to remain competitive and ensure a smoothly running organization, your IT system must incorporate high reliability, high availability, strong security and encryption.”
Besides talking with your IT managers to determine whether your company has the experience and head count to accomplish these tasks, talk to your developers. If, for example, a company hopes to build a custom application—it could be one targeting a specific vertical, such as a specialized medical accounting application—its staff might have the expertise but not the time to test and retest the application. The servers must be robust enough to accommodate current and future workloads, and the company needs the physical space to accommodate additional servers and racks if necessary. A lack of server space—along with a lack of funding to add such space—can delay release of a groundbreaking, money-making product by weeks or months.
Current and Future Needs
DiDio recommends looking at your current application environment workloads and future workload predictions per year. Storage needs and workload sizes are growing year over year, even in companies where the head count is static. Meanwhile, she notes, many companies—particularly SMBs—simply can’t increase their budget for internal technical services.
Compliance and Security
Another major consideration is regulatory compliance, a particular concern in the healthcare and financial services industries. While many companies have internal counsel who can keep on top of changes or new regulations, if your business doesn’t, “can your organization keep up with regulatory compliance on its own?” Didio asks. “Is it worth it?”
An issue for all businesses is the growing threat of cybercrime. This includes not only the expense of preventing a breach to your system but also the potential costs a breach could inflict.
In short, in approaching the decision of whether to outsource workloads, you must determine what makes the most sense to your particular business and budget. “For a lot of people, it’s going to be a hybrid environment,” DiDio says. She believes that more than half of U.S. businesses will manage their workloads through a hybrid setup within a few years.
A hybrid model offers multiple advantages. Some workloads can be kept in-house to securely protect proprietary applications. To keep IT costs under control and not overtax your IT staff, other workloads could be managed by an MSP.
If your organization transfers workloads to an outside service, DiDio says, you must have oversight. “Otherwise, the reality may not match your expectations.”
Based on independent, web-based surveys and first-person customer interviews ITIC has conducted, only 26 percent of businesses actually make sure their vendors are meeting the service-level agreement requirements. That could mean that if a power outage occurs or you need more server space, you might not get the type of service you need. “Offloading workloads that must be in compliance with government regulations may not be a panacea,” DiDio notes. “You have to make sure your MSP has that expertise.”
She suggests looking at a potential MSP as a landlord, comparing it to an apartment building. “The infrastructure is great, you have laundry services on the premises, beautiful appointments, copper pipes and so on,” she says. “But what good is that going to do if you’re living next door to people who party all night?”
Ask a cloud provider or MSP whose data shares tenancy with yours. “Your applications, resources and workloads are going to reside on a server with other businesses,” DiDio explains. Ask how much of that server’s capacity is going to be devoted to your company. If you get stuck on a server with a resource hog, this can prevent your company from accessing added capacity when you need it most. If an MSP says it would never let that happen, DiDio suggests you reply, “Great. Put it in writing.”
Also ensure the MSP isn’t mixing certain types of applications and workloads on the same server. Cloud-based and MSP environments will almost always feature virtualization. “Applications are not one-size-fits-all,” DiDio notes. A web server will have different memory, storage, performance, capacity, availability and uptime, scalability, backup and disaster recovery, and growth requirements from a line of business. The cloud provider must also have a thorough understanding of the business and technical requirements for every application and each virtualized instance.
Make Security a Priority
Security is always a consideration. A data breach or a service outage in a shared virtualized server environment will result in greater collateral damage. If all of your company’s mission-critical applications and services reside in the same virtual server, your organization will be crippled in the event of a direct hit or failure. DiDio suggests you ask these questions:
- What happens if a service outage or other problem occurs?
- How quickly will your outside storage provider respond?
“A lot of these service contracts are written to be deliberately nebulous. The service contract will often only say that the MSP will make best efforts to resolve an issue,” DiDio notes. She strongly advises businesses to ensure the vendor’s responsibilities are specifically outlined in the terms and conditions.
DiDio also recommends having a legal specialist review the service agreement to make sure nothing’s hidden. And don’t be afraid to challenge the contract terms and conditions. “Push hard and negotiate for better deals,” she says. “If the MSP truly wants your business and values your firm as a customer, it will bargain in good faith.”
Once you’ve signed an agreement with an outside cloud services provider, it’s essential to connect stakeholders in your organization with their counterparts working for that provider. That way, if something goes wrong, everyone involved can work together as seamlessly as possible to ensure everything gets back on track quickly.
“Your in-house network engineers, IT departments and software developers have to work closely with the MSP or cloud vendor,” DiDio says, “because you’re going to need seamless integration and interoperability between the two environments—your on-premises environment and your external, outsourced cloud environment.”
Should something go wrong, that interoperability must also occur within your organization. Your company’s stakeholders must work together and know who does what should an emergency occur. “How well your company survives and gets back up and running with minimal damage is going to depend upon cross-silo process interactions and shared responsibilities,” DiDio explains.
The decision to outsource workloads to an MSP or cloud services provider depends on a company’s understanding of its business—its financial resources, in-house talent, and future challenges and opportunities. And it requires asking a lot of questions—some directed to the potential MSP, others to the organization itself.
“You have to look at everything about your workloads from a business perspective,” DiDio says. If your business remains successful, those workloads won’t shrink.
Cloud Computing Due Diligence
Getting your organization’s legal department involved in service agreement decisions may bring valuable questions such as:
Does the cloud provider explicitly recognize your ownership of any intellectual property stored with the provider?
Backup of Data
Are you able to easily retrieve your data from the cloud provider?
Are you able to maintain a local backup of your data?
Is the retrieved data in a usable, non-proprietary format?
Does the cloud provider employ encryption during transmission of your data?
How frequently does the cloud provider have their security audited?
Does the cloud provider offer remedies in the event of data breaches and service availability failure?
Clio, a cloud-based practice management platform for the legal industry, compiled the checklist above. Learn more at bit.ly/2bMToBK.
Sponsored Advertising Content: One Cloud to Rule Them All
Over the last few years, cloud computing has crossed the chasm and has entered the early majority phase of adoption. Businesses of all shapes and sizes have implemented cloud solutions into their environments because of the flexibility and agility cloud computing offers them.
However, as more businesses utilize cloud computing for their systems, including IBM Power Systems*, it’s important to coordinate and plan how this shift in architecture will change the relationships of all your computing systems.
When moving your Power Systems servers running IBM i to the cloud, you may consider moving additional related systems to the same cloud network for performance reasons.
You must think of systems holistically and not as individual pieces. It’s important to utilize a cloud service provider that can provide service and support for all of your systems—Windows*, IBM i, AIX* and Linux*. This is an important consideration allowing you to architect your environment and integrate cloud solutions to provide the highest performing and most agile platform possible.
Regional Vice President of Cloud Solution Sales, mindSHIFT Technologies
Deepak has been selling infrastructure managed cloud services for IBM Power Systems for mindSHIFT Technologies for over 15 years. He leads a team of industry veterans helping customers transition to the cloud.
Sponsored Advertising Content: Is a Move to Managed Services Right for You?
As your IT department is asked to do more with less, there is a shift to move systems administration activities to managed service providers (MSPs). This enables the technology staff and leadership team to focus on strategic efforts that drive business value while the MSP keeps the lights on in the data center.
In addition to this trend, we have heard a lot about the graying of IT staff in recent years. Those staff members take a tremendous amount of technical skills with them when they leave.
Staying up to date on the myriad technologies IT departments support is challenging, and MSPs who specialize in IBM i can help you take full advantage of your system’s capabilities. MSP technology specialists can ensure you keep current on industry best practices and provide the necessary skills to keep the IT environment running at peak utilization and performance.
A high-quality MSP has the necessary tools, skills and system monitoring capabilities to reduce systems downtime and eliminate risk to your business.
President, iTech Solutions Group
Pete is an IBM Champion, a past president of COMMON and team member that writes the IBM technical certification tests.
Sponsored Advertising Content: When Selecting a POWER8 Host, Choose Wisely
Migrating to a hosted POWER8* platform makes sense for many reasons. For starters, it’s easier to manage your environment without having to manage your hardware. Eliminating high up-front hardware costs and easily ramping compute needs up or down are additional benefits.
Companies are increasingly realizing the need to virtualize their POWER* environment and often turn to a third-party vendor to host their data. But while many vendors offer POWER8 solutions, not all vendors are alike.
When selecting a host, choose a company with plenty of cloud experience, with options including BRaaS, DRaaS, firewall and co-location. You may not need these services now, but it’s great to know they’re a phone call or mouse click away when you do.
Next, your provider should be compliant with standard industry benchmarks, notably HIPAA, SOC 2 and PCI.
Lastly, check with colleagues regarding reputation. What’s their service record? Are their data facilities secure with dual authentication? Staffed 24-7? What are their service-level agreements like? Who are some of their clients?
Choose a host as you would any close business partner.
CTO, Oxford Networks
Ronald previously served as president and CEO of Norton Lamb and Co., earning IBM Premier Business Partner status.
Gene Rebeck is a freelance writer based in Duluth, Minnesota.
See more by Gene Rebeck