INTELLIGENT BRANDS // Cloud
always better than fault tolerance, as any failure puts the
infrastructure at greater risk of outage.
4. What cloud management platform do you use?
Customer self-service through web GUI or API is part of the
definition of cloud and is a base-level requirement from any
cloud provider. Once again, enterprise data requires enterprise
hypervisors, virtualisation management and orchestration
tools. How comfortable would an enterprise be with a
cloud provider experimenting with a complicated, cutting
edge open-source software stack? Clients must demand
a mature, fully developed product set with established
security credentials. This needs to be purpose-built for cloud,
upgradeable and supportable by certified engineers, and
backed by a trusted vendor.
5. Do you offer the full suite of cloud services?
Although there is an argument that enterprises should use
multiple cloud providers to mitigate risk, it is also important
that when it comes to cloud services the provider is a one-stop
shop. Basic requirements include a virtual data centre, virtual
LAN, and routing/firewalling service. Integrated self-service
backup, archiving, and replication/disaster recovery services
to geo-redundant data centres should be the norm for any
leading cloud provider.
Andrew Cruise, Managing Director, Routed
be restricted in your choice of private or public connectivity
into or out of your cloud environment, or paying a premium
for Internet breakout due to vendor lock-ins. For performance
(latency) or compliance (e.g. POPI) reasons, it is better to be
located in-country.
3. What hardware is utilised within their
infrastructure?
Performance and availability SLAs with credit-backed penalties
for breach of contract provide comfort to enterprises and are
the minimum requirement from any reputable cloud provider.
Although there is an argument that this should be sufficient,
due diligence is also required to reassure a client that the SLA
can be achieved.
Similarly, minimum N+1 redundancy is a given (N+2 or 2N
is much more preferable), but is not on its own sufficient.
Enterprise workloads require enterprise hardware: for
performance, clients should expect guarantees (in particular
to counter ‘noisy neighbour’ in multi-tenant environments);
for availability, only established vendors with battle tested
products should be considered – failure avoidance is
50
INTELLIGENTCIO
Consider the provider’s willingness and flexibility to connect
to other service providers (e.g. storage services, Internet
and other private connectivity services) either physically
(open access) and/or virtually (using advanced routing and
networking technologies). What services are offered to enable
hybrid solutions, between a client’s premises and cloud; and
what options are available for bare metal dedicated compute
or isolated deployments? What overarching security solutions
are available?
6. What additional steps do you take to protect
my data?
It’s all about a client’s data. Apart from the base requirements
for redundancy and fault tolerance, and the additional paid
for backup and disaster recovery products, what else is being
offered for data durability and resilience? Is data kept in
single instance only, or snapshotted locally, or even replicated
across failure domains or geo-redundantly? What additional
security options are available: disk encryption? Two-factor
authentication? How can a cloud provider evidence that they
care about the data as much as you do? n
“While there is massive scope
for growth and improved cloud
adoption, decision makers
clearly need guidance in terms
of what to look for when finally
taking the leap into the cloud.”
www.intelligentcio.com