The rapid growth and falling costs of public cloud mean that an increasing number of organisations are choosing to use it for some of their core applications. All the leading public cloud services are very capable, although billing models vary. Moving corporate email to a public cloud SaaS service such as Office365 or Google Mail is relatively straightforward: there are several high quality services available plus tools to simplify migration, and prices are acceptable when compared to in-house service provision.
Public cloud is also an excellent and cost effective option for disaster recovery (DR), as you only pay for data stored, and any servers as you use them. Public cloud providers allow you to copy data into their cloud for free. Apart from regular DR tests and any servers needed to manage data replication, all other servers can be held in a suspended state, not incurring charges, until DR is invoked. The major cloud providers also offer tools, scripts and frameworks to allow you to automate your DR invocation process. As DR environments are not live environments, except when DR is invoked, this enables organisations to test their systems thoroughly and learn about the appropriateness of services for the cloud without having to compromise delivery.
However, things are not as straightforward when it comes to so-called ‘legacy’ applications. This term encompasses everything from bespoke applications developed in-house to well-known applications which have been customised to organisational needs and where the software provider’s SaaS offering, if available, cannot accept the customisations. It also includes older versions of applications that cannot be moved to public cloud without first carrying out several upgrades, such as applications hosted on a ten year old SQL database.
Few public cloud services currently make it straightforward to transfer such legacy applications and all the associated data onto them. For example, most organisations will have tailored their ERP application to suit the needs and processes of their organisation, and they may then may be unable to find a cloud solution suitable to host the results. The same applies to local authorities, who use highly customised applications for services such as parking management and waste collection which cannot easily be hosted ‘as is’ by public cloud.
Many application providers are developing their own Software as a Service (SaaS) strategy, but these frequently only support the latest version of their software. One such company is Autodesk: it has a SaaS offer, but this currently only runs one version of the software and cannot accept customised applications or add-ins and extensions developed by third parties. We have investigated many such applications for our customers and all too often the vendor, while claiming to offer SaaS, will simply park and maintain a dedicated version of the user’s software on a public cloud service. They will then charge a premium price for doing so.
This does not mean legacy applications cannot be moved to the cloud. If there is a compelling reason for doing so, such as a move to new premises, closure of your datacentre, a need to refresh or replace existing infrastructure, the end of an outsourcing contract or a major organisational change, there are several cloud solutions available.
One option is cloud re-platforming an application onto Infrastructure as a Service (IaaS). The organisation simply moves its application, as-is or with minor enhancements, to operate from a cloud provider’s infrastructure. This enables organisations to free themselves from having to own, operate and manage the infrastructure on which their application is hosted and from the associated day-to-day responsibilities and costs of running it, while still maintaining their existing licence provision and support with the application provider.
The proviso with IaaS on public cloud is that the cloud provider only provides hosting, although this includes host and hypervisor patching and proactive infrastructure security monitoring. Patching, resilience, back-up, security and application support and maintenance inside the instance all need to be provided in-house, or by a trusted third party should you not wish to do it yourselves, plus the service will still need monitoring and management. For organisations who do not have this ability or do not wish to retain it, the best answer is Managed IaaS, offered by Fordway and a wide range of other suppliers. This typically includes provision of the operating system, monitoring, patching, authentication and specific security, including a dedicated firewall, as standard. Managed IaaS services effectively offer your legacy application back to you as a SaaS service.
A second option is Platform as a Service (PaaS), where the cloud provider provides both hosting and a secured and patched base application, such as a database or development environment, onto which the organisation installs and manages its own tailored application or code. Again, responsibility for maintaining the application remains in-house, and the in-house team is also responsible for access and authentication to the service plus application and code patching. As stated earlier, public PaaS services are generally based on the current versions, and so if development or migration to the latest version does not make business sense you will need to use IaaS instead.
Option three is managed cloud SaaS, where the organisation transfers responsibility for all aspects of the application to a third party provider. The provider customises the service to the exact characteristics required and provides a tailored service which includes securing any client data hosted within the service. The only responsibilities which have to be retained in-house are authentication to the service and data transfer between service providers. However, this usually requires significant customisation of the SaaS offering, or the organisation has to accept the loss of the customisations and enhancements it has developed.
As these examples show, organisations running legacy solutions can still find an appropriate cloud solution if that is required by their business strategy. They are likely to find themselves using private cloud or managed IaaS as a staging point for some of their applications until more appropriate public cloud services become available. For most, the optimum solution at present will be a hybrid of public cloud, managed cloud and in-house service provision or private cloud. Products such as Salesforce, Google Apps and Microsoft 365 integrated into corporate desktops can be considered as hybrid cloud, but they provide point applications and services only. Hybrid cloud is likely to be a staging point as organisations continue their cloud journey and public cloud services become more capable and resilient.
Whichever combination of cloud services is chosen, every organisation still needs to retain responsibility for ensuring that its chosen cloud provider offers and can meets the required SLAs and is suitably financially secure to continue to deliver the required service for many years to come.
For more information please visit our website (opens in new tab).
Richard Blanford, Managing Director at Fordway (opens in new tab)
Image Credit: Melpomene / Shutterstock