In this free Industry Snapshot report, Sr. Strategist Randy Kerns offers six critical elements to consider when deciding between public cloud or on-premises solutions. For more information, contact Evaluator Group here.
Considerations for storing and managing information are sometimes overlooked when planning for whether to move or deploy an application on a public cloud or on-premises. These can be critical to success and mitigation of risks for an organization. While the importance of different factors to consider may vary by organization, there are a number of important ones that need to be evaluated to make an informed and defensible decision.
A major failing is to not look at storing and managing information on-premises or in a public cloud from a TCO perspective over a set period of time. Just looking at initial costs without other factors that increase in costs as time progresses will be an incomplete analysis.
It is also prudent in the consideration to include information from experiences in making this transition. Expanding usage of cloud storage has yielded useful information that can be applied as a general guideline. Here are some elements to consider when making a decision for on-premises and cloud storage.
The cost of storing data is pointed out first in almost any analysis. At Evaluator Group, we look at the practices around storing and managing information, which is more expansive than just the cost of storage alone. Examining costs factors requires looking at several potential areas.
Cost comparisons are only one aspect while considering on-premises or cloud storage. However, it is the most cited element in determinations.
Security for information involves a number of different disciplines and crosses organizational boundaries. There have been significant advances with security capabilities for public clouds along with claims providers have made. The most important consideration for organizations/companies is that security is out of their control – the implementation and practices required for needed security lie with the cloud provider.
It is true that the cloud provider has staff with necessary expertise to address security demands. An organization/company can audit to the best available information provided regarding security but they must rely on assurances of the cloud provider that security practices are being maintained at all times.
Obviously having information available for use by applications and the infrastructure reliable so that usage when required is not impeded is very basic. On-premises environments have staff who work to make this the normal case and staff are available when an extraordinary situation arises. The cloud provider has staff to assure availability and reliability as well but experience has shown there have been significant impacts from different causes. The issue for many organizations is their helplessness in doing anything during an outage to regain business operations.
Data Protection is sometimes simply referred to as backup but is a more involved process to protect information assets which includes recovery capabilities. Because of threats to organizations through ransomware and other malicious acts, data protection is sometimes grouped with security but protection should be a normal business process and utilized when there has been some security incident. The security involvement should be to ensure that possible needs are being met through the data protection process.
Many of the initial usages of cloud storage was for independent groups with projects or applications. The assumption at that time was made that data protection provided by the cloud provider was adequate for their need. With IT organizations, the governance requirements for organizations overall and the security needs must be considered and determinations made as to whether the cloud provider offerings meet those requirements, are reliable, and can integrate into the corporate operational practices. This more detailed examination is required to make an informed decision regarding information asset protection.
Some information is under regulatory compliance regulations. It is the responsibility of the owner of the data to ensure that compliance requirements are met; not a task that can be transferred to another party such as a cloud storage provider. The cloud provider may provide storage that meets certain defined compliance requirements but the owner must constantly assure that is the case. Many of the requirements for regulations are about operational practices. This must also be taken into account when determining whether compliance requirements can be met.
Most companies are also concerned about privacy of data for many valid reasons. Related to compliance, assurances from cloud storage providers of maintaining privacy of data is important but the owner of the data must be responsible to verify that claim and provide the mechanisms to validate it.
Applications that do not seem to be performing to expectations require investigation and in the case of on-premises storage, this involves administrators with experience and skill to diagnose issues. In cloud storage environments, different tools are required because of the different environment. There needs to be staff with expertise to investigate. The considerations for dealing with perceived performance issues must also enter into plans and decisions.
This information covers the basics of considerations for on- and off- premises data storage. There are also the many options for cloud storage, including traditional data storage vendors and Public Cloud provider offerings, which need to be examined. Evaluator Group helps customers examine these considerations in light of their strategy, build the business case and understand the technical differences. Contact us to find out how we can help you create a sound, informed strategy.Contact Us