Call us on 0330 332 7933

Journey to the Cloud: 3 quick wins in cloud adoption

Is your company planning to do more with less when it comes to the cloud? If the answer is yes, then take a look at our quick guide which highlights 3 quick wins in cloud adoption that aren’t going to be disruptive, won’t cost a lot of money, or require a lot of commitment…

1. Storing workloads

Storing workloads the old way (in house) takes longer, costs more and needs more resource, but doing it the cloud way will make it quicker and cheaper. Yes, that sounds obvious, but you would be surprised how many companies are still storing workloads in the old way and have not even considered using the cloud.

Let’s say for example, the compelling event to move to the cloud is that in advance of the GDPR in May 2018 you need a new HR portal (i.e. containing all your internal personal data). The old system you have isn’t going to be compliant anymore, uses old software and sits on an ageing server so will no longer be fit for purpose.

The old way to approach this would have been to buy yourself new servers, which you would purchase, install and configure yourself. This means that: you would have to budget for the equipment and its upkeep; you’d need to find somewhere to put it; make sure you have the right software and employ someone to configure it.

The new way, you’ll be pleased to hear, is much simpler and can be achieved in just a few easy steps. Go to your chosen cloud service provider, tell them what your requirements are and then leave it with them to sort out. Essentially, you’re making it someone else’s problem, but not just anyone else – the experts. Your time is then freed up to get on with tasks that cannot be outsourced, whilst giving you peace of mind that your HR system is GPDR compliant.

2. Increasing internet bandwidth

You’re in the position where your company is increasingly using more internet access for various applications so you need more bandwidth for your internet and your firewalls no longer have enough capacity. This can be a tricky situation because if you have more bandwidth than firewall capacity your firewall becomes a pinch-point. As it approaches full capacity, it slows down, causing issues throughout your company as business-critical application response times (like CRM) increase.

So, what do you do? Again, the old, premises-based way could cause quite a headache (you’ll see there’s a pattern forming here). First things first, hopefully you’ve budgeted for this potential event, then you’ll need to think about your plan of action – are you just going to buy more capacity? Again this involves the old way of doing things: ordering, installing, configuring and maintaining…you get the idea. Alternatively, you could make life easier for yourself and find a Firewall as a Service (FaaS) provider, give them your requirements, including throughput requirement and the policies you require for your firewall. Then you simply leave this with the FaaS provider to implement.

This way, you take away the headache of doing it yourself by simply writing a specification of what you want and then handing this over to the FaaS provider. Then if you need any more bandwidth you have the flexibility – simple! This has the added advantage of taking away completely the issue of how much you need to buy because you can flex it at any time.

3. Moving office

If you’re moving, or planning to move office, there’s a lot to consider. A major challenge of relocation is removing and relocating existing IT infrastructure, including computers and servers. To keep things simple, most companies simply shift their old equipment from one office to the other. Many companies don’t consider that they could instead virtually move their core IT into the cloud. Doing this minimises the physical burden of managing equipment in-house.

If you’re moving office, now is the time to think about how you can do things a bit differently, most importantly how using the cloud from the get-go will make it cheaper and faster. You might not even need a comms room, for example, so before you start you’re already saving money because you don’t need to budget for all that extra space, power and cooling.

Along with a whole host of tangible benefits (savings) cloud computing delivers intangible benefits such as enabling companies to build and define a unique company culture. You can embrace new ways of working such as BYOD (Bring Your Own Device) and rolling out remote working to more of your staff. Using a cloud solution offers increased flexibility and mobility to employees, attracting new talent and boosting employee satisfaction.

Summary and Next Steps

Companies can improve collaboration, reduce office space and energy costs and quickly react to change owing to the scalability of the cloud.

If your company is trying to do less with more and the above quick wins have got you thinking about your next move, why not take advantage of our complimentary cloud audit and see how we can help you on your journey to the cloud…

 

Up next

Journey to the cloud: 7 steps to security

You’ve decided you’re moving to cloud-based services, so how do you go about it? We have put together a step-by-step guide to help you identify the appropriate level of security for the services that you will need to have in place.

1. Know your businesses requirements

Understanding what you want from your move to the cloud is essential. Do you need to manage fluctuating demand? Perhaps you simply don’t want to manage IT internally anymore or you’ve got legacy equipment and you need to update it.

If you review what’s led you to make the changes in the first place, this will help you work out your requirements. Ask yourself whether your requirements are business critical or not. If your requirements are business critical you will have certain expectations. For example, if your CRM system goes down and as a result you have a call centre with 100 agents unable to work, costing your business money, this is something that needs to be avoided. However, if on the other hand, you were to lose instant messaging, which isn’t as vital to day-to-day business operations, this might not be high on your security priority list.

2. Understand your information

What sort of information do you want to store in the cloud and how confidential is it? You need to identify all the information that will be processed, stored or transported by the service and therefore understand the legal and regulatory implications, for example, the Data Protection Act for handling personal data.

You’ve got to understand what you’re putting out there and this takes you back to your requirements in terms of how available it must be, how reliable it must be, all the governance around it and the kind of data you have and what it’s telling you.

3. Determine relevant security principles and understand how they are implemented

Based on your business requirements and risk policy, you will need to determine which cloud security principles are most relevant for your organisation and this is something you should work through with your cloud services provider.

For example, one of these principles might be securing user management; where your cloud service provider makes tools available for you to securely manage its use of the service. Management interfaces and procedures are a vital part of the security barrier, preventing unauthorised access and alteration of the customer’s resources, applications and data. Security isn’t just about attackers and misuse it can just as easily be about mistakes and human error.

Another principle might be operational security, which looks at operating and managing the service so that you impede, detect or prevent attacks, but ensure that this is done in a way that isn’t complicated, time consuming and expensive.

4. Understand the level of assurance offered

Different cloud service providers offer various levels of assurance; some just tell you what they’re doing, others provide a certificate which proves what they do and some provide evidence of regular testing to assure you that security measurements work. It’s for you to decide if this is enough reassurance. Ultimately do you need to get an independent third-party assessor in to give you their view on it? It’s all about understanding what your requirements are and what you’re going to put into this cloud service that needs to be secure.

5. Identify additional mitigations to apply

You have moved relevant workloads to the cloud, so what next? Note, the answer here should never be nothing. You should always have a plan B. At this stage, you need to consider any additional measures your organisation can apply to help reduce the risk to your applications and data, whether or not resulting from its handling by the cloud service.

You need to ensure that the service provider you are trusting with your precious information has a continuity plan and disaster recovery in place. You can’t rest on your laurels and think that these things might not happen to you, it’s not a question of if, it’s when and you need to make sure you’re ready and prepared.

6. Consider residual risks

Considering all the above points, if you still feel that there are some remaining risks, you need to decide whether you and your organisation can accept the potential outcome if they come to fruition.  If you can’t, you need to stop this process, start again and work out how to address these risks. However, if you decide to go ahead then don’t forget about the need for continuous risk awareness. The need for security never goes away. You need to make sure that it works, and continues to work at all times.

7. Continue to monitor and manage the risks

Regularly review the service and make sure it still meets business and security needs. Don’t just put this process in place and then forget about it and expect it to carry on working perfectly.  Things degrade and situations change and there are always innovative ways of attacking systems that crop up.

Make sure you keep reviewing how you are using cloud services and ask, am I still secure? If the cloud is something your organisation is going to depend on heavily then it needs to be robust and you need a recovery plan in place with a service provider that you trust.

If you’re at the stage in your cloud journey where you’re assessing security or you’re mindful that this is on your tick list of things to do before moving to the cloud, get in touch with us and let us talk you through the 7 steps of security.