For many organisations, moving enterprise applications to the public cloud can be a very attractive proposition. It enables them to dispose of the fixed costs associated with running large-scale IT infrastructure, including expensive data centers packed with equipment of different generations and levels of supportability.
It also allows IT professionals to focus more on the security, performance and availability of the applications that represent the real value IT brings to the enterprise.
But migrating applications to the public cloud involves some choices, such as whether to re-architect them for a cloud environment to achieve a streamlined user experience, or simply dropping them into a public cloud without making large design or platform changes.
There are a number of good reasons to explore a straightforward "lift and shift" model. It's estimated to be up to 10 times cheaper and is much quicker to deploy.
Here are some tips to help make a "lift and shift" migration go smoothly and successfully.
Move the application, not the mess
Most enterprise IT starts out beautiful, well designed and perfectly executed, but within a few years, the necessities of time and urgency have resulted in a knot of unlabelled, multicoloured Ethernet cabling that just needs to be taken apart and reconfigured.
Moving to the cloud is the perfect opportunity to move on from that jumbled patch panel and take back control of security and access management. While some infrastructure services will need to be moved along with the application, this is a good chance to rationalise, visualise and organise a coherent strategy of application and network access.
Hold on to user identities
The most important control that can be put in place is managing user identities in a cloud environment. As some applications are moved to the cloud, other applications should be retired in favour of Software-as-a-Service (SaaS) offerings, or re-written completely. This is the stage that several key decisions should be make about user identity management.
Running multiple identity services can be onerous, risky and inefficient and it can build some of the complexity which a cloud migration should eliminate back in. Identity management needs to be centralised, but access must be distributed into all the required locations.
But just as applications have become more dispersed, so have users. Adding controls that identify a user's location and devices, combined with options for two-factor authentication and one-time passwords, can provide defence against social engineering or other attempts to compromise an organisation's information security.
Stay focused on recovery strategies
Disaster recovery and business continuity (DR/BC) are mainstays of good data center infrastructure and application design. Using a public cloud does not remove the responsibility for keeping applications running and secure. However, it does lower the barrier to entry for DR/BC services.
Creating a physical disaster recovery location previously involved significant costs and lead times, but now infrastructure can be accessed from a separate vendor in a matter of minutes. Although the infrastructure may be far more readily available, creating a highly available application still requires significant planning and configuration.
Organisations should think carefully about a number of factors, from the risk and return on investment to managing access to storing and distributing transactional data to keep it consistent. Managing access to applications in the case of DR should also be carefully planned out by senior IT teams.
Lifting and shifting enterprise applications to a public cloud can allow organisations to save money, increase flexibility and move quickly into a cloud environment. However, recognising that enterprise applications still need a surrounding infrastructure is also critical to a successful migration.
