To make the box below larger, you can drag the bottom right hand corner out to the desired size.
For better or worse, Covid-19 has accelerated the pace of cloud migration projects for many companies.
The benefits of getting key systems into the cloud such as remote worker flexibility, system availability, security and scalability cannot be understated – and are attractive to the board and management alike – but it is important not to take short-cuts when planning out the cloud migration work which may come back to bite you later down the line.
Careful planning is even more important in a climate of rapid change such as the current pandemic, as we are subconsciously pushed to make quicker decisions without always weighing up the options as closely as we would in less turbulent times.
What should you migrate?
The first step of any cloud or digital transformation project is working out what you should migrate first. If the project is being scoped or specified from board or senior management then you may not have a choice in this, but if you are leading the project then look at your current workloads and systems and determine the benefits of moving each of them to the cloud so you know which project to start first.
A cost-benefit analysis (CBA) is a useful process to run to evidence your decision with commercial input and should help determine which migration project is the most obvious starting point.
If you don’t run the full CBA process, at least allocate some time to grade each of your systems or workloads so that you end up with a prioritised list, as this will then drive your other decisions such as cost and time planning.
You may not manage to move everything
It is easy to get absorbed with the thought of moving absolutely every on-premise system to the cloud. While this is a fantastic goal to aim for, it is probably not realistic unless you’re in charge of a smaller SME network or work for an organisation that already has most of their systems in the cloud and you are migrating the stragglers.
Quite often, older line of business applications can be the biggest challenge.
This challenge is sometimes insurmountable if the software vendors are not supporting the installation of these workloads in a public cloud such as Azure or AWS.
If you do run into systems which simply cannot be migrated, add these to your IT planning roadmap. This will allow you to re-evaluate these systems at a future date and you can look at moving to other vendors or solutions that have a cloud-centric approach.
Hybrid cloud still has value
A hybrid cloud environment, where you have some workloads in the cloud and some on-premise, still has a place for some organisations.
Firstly, it is a handy migration tool when dealing with very large projects where you may not be able to logistically “cut over” to the cloud on an agreed day – for example in a large Microsoft Exchange to Office 365 migration where the movement of data from the on-site servers to the cloud may take many weeks, keeping the larger mailboxes on-premise and moving them person by person is the best approach.
Similarly there are times when having a local server with quick cached access to data, or facilitating seamless sign-on at a branch office with poor connectivity, makes the difference between a well-executed cloud migration project or a failure with stressed and upset end-users.
Re-using existing physical equipment, as long as it’s in warranty and up to date, is certainly something to think about during the planning stage.
Do you have the skills & tools in-house?
Before you go ahead and start the migration plan running, make sure you have the right skills and tools in-house to ensure the project is a success Third party tools exist to make many local to cloud migration projects easier to manage with a less technical team.
For example, Skykick facilitates the migration from on-premise or competing clouds to Microsoft 365. For migrations moving workloads to Azure, Nerdio can automate a lot of the more complex nuances of Azure configuration and scripting.
However, you do still need to have a good technical understanding of what is happening and how to sort out problems on the platform you are migrating to, even when using migration tools. Otherwise you can end up caught in a trap of trying to fix a failing migration without the full understanding of what is going on.
Unless you have many similar migrations to undertake, this is likely to be an ideal time to engage a consultant or managed service provider (MSP) who have both the tools and experience to work with your team to get the project completed.
Keep security front of mind
The flexibility of access to data in the cloud from anywhere brings a new range of security issues as you no longer have just the edge security of your network to worry about, so ensure that you account for security in all the stages of the migration process.
It can be tempting when things do not work properly to relax permissions to temporarily solve an issue, especially when the CEO cannot access their data or e-mails. However, these temporary workarounds are then often forgotten and can leave gaps in your security that can be exploited down the line.
On the plus side, the perfect time to re-assess current IT and operational security is now, while you are planning the cloud migration project, to ensure that the cloud platform is as secure as possible when you go live.
Multi factor authentication – MFA – should be mandatory on any company cloud platforms. This includes 3rd party web applications that may be in use by other departments, such as web-based finance and accounting systems.
Now is a great time to take stock of all your current cloud-based platforms, while considering future cloud plans, to allow you to look for a unified option for MFA that you can use on them all.
Using one single application for MFA, such as Duo or Okta simplifies the administration but also makes security less likely to be missed as you are not having to log into multiple sites to provision or offboard users.
Similarly, single sign-on – SSO – can also be tied into the same platforms and means your users have less passwords to remember, once again increasing security.
What happens at the end?
A common mistake that we see is companies having a great plan for their cloud migration itself, but with no plan whatsoever for what should happen post-migration.
Some key things you need to consider are who will be responsible for monitoring the cloud platform, who are the key support escalations are in case of future issues, and who can undertake a migration review.
The migration review should be a deep dive into the migration to learn what could be improved for the next project, and if there are any actions that may need to be taken that didn’t make the original plan.
As part of this process, allocate a team member, or your external IT support, to document the new cloud platform processes so you are able to support or handle key tasks with your internal team.
Finally, at the end of all this you may well have retired some hardware devices.
Ensure that you can dispose of them securely and in an environmentally conscious way. Where devices contain hard disks, a certificate of destruction should be provided by the recycler or data destruction firm and should be retained for at least 7 years in case of a data breach which is traced back to data from your previous systems.
Craig Atkins, Managing Director, 1-Fix Limited