Moving to the cloud — how to get there without falling?

More and more companies realize that moving to the cloud will give them tangible benefits. But some of the advantages might be important to one company while being completely irrelevant to others. It is very essential to note that moving to the cloud is a process. You can’t just decide one day and say “let’s do it” — although I wouldn’t be surprised if some of the companies just did that — and failed.

Cloud computing adoption lifecycle

  1. Proof of concept / Pilot project — this stage lets you understand what you know and what you don’t know about the cloud, and prepares the organization for a more formalized planning and implementation process going forward.
  2. Cloud strategy and roadmap — the goal of this stage is to incorporate the lessons learned from the POC and pilots into a formal cloud strategy development plan. It is very important to formalize the cloud strategy regardless how long it takes.
  3. Cloud modeling and Architecture — the goal of this stage is to perform the necessary cloud modeling and architecture in order to execute the cloud strategy.
  4. Cloud implementation planning — the goal of this stage is to prepare for cloud implementation. It focuses on a selection of appropriate cloud technologies, cloud service providers, and cloud solutions to support your chosen cloud strategy. Deployment models and the necessary governance, operations, support, management, monitoring, and security challenges are addressed in this stage.
  5. Cloud implementation — actual implementation of the previous step.
  6. Cloud expansion — this step of the cloud adoption process is where the enterprise builds on its successful cloud reference implementation to expand its cloud capabilities.
  7. Cloud integration — the need to integrate cloud capabilities and deployment approaches and to ensure cloud interoperability as cloud computing matures.
  8. Cloud collaboration — requirements of cross-cloud collaboration, the composition of applications across clouds, orchestration of distributed processes across cloud deployments.
  9. Cloud maturity — the stage where the cloud matures and the next technology wave comes in — not any time soon.

Key steps of moving to the cloud

  1. Research and pre-planning
  2. Planning and purchasing
  3. Execution
  4. Operations

Now that we’ve specified the steps, we can go into more specifics.

Research and pre-planning

The most important question we should ask is “Why exactly are we moving to the cloud”. Even though the answer might seem simple, it certainly is not. If the move to the cloud does not support our business goals, the management will be disillusioned, the cloud will be perceived as irrelevant and ineffective, and the participation in future planning and implementation of the cloud will be reduced.

In this stage, critical things to understand are:

  1. What business problem will it solve?
  2. Who are the internal and external users?
  3. When, where and how will the cloud be accessed?
  4. Is it business critical?
  5. What are the consequences of the cloud being degraded or unavailable at any time?
  6. How will the use of the cloud change over time?

It is also important to do readiness assessments that will cover technology, people and processes. Why is it so essential?

  1. Assess business and technical readiness
  2. It is vital to a successful move to cloud
  3. Helps develop realistic expectations
  4. It can help
  • Prepare a detailed plan
  • Explain how to move to the cloud successfully
  • In what order events should occur
  • Minimize complexity

Planning and purchasing

The SLA should at least:

  • Describe the metrics of each service.
  • Detail the ownerships of data and the right to return to you.
  • Describe the IT infrastructure, security standards and the right to audit.
  • Examine your rights to continue or terminate the service and costs involved with this process.
  • Detail the roles and responsibilities of an organisation and CSP.
  • Detail specific deliverables.

At this stage, it is also very important to decide on the Cloud Computing architecture which is made up of three primary design elements: compute (the computing processing units), storage (the physical / virtual space where cloud data is stored) and networking (the networks that connect cloud technologies). As with other contexts of the word architecture, cloud computing architecture involves determining the needs of the user/system/technology, as well as creating a logical design and standards based on these needs.

The cloud architecture should be designed to provide users with access to required bandwidth, ensuring they have uninterrupted access to secure data and applications, on-demand agile networks with ability to move quickly and efficiently between servers and between different cloud environments.

It is also important to understand data location options before moving to the cloud:

  • Will data be moved outside the country?
  • Will data be moved to other legal jurisdictions?
  • What level of transparency will the CSP allow?
  • How will maintenance and hardware changes affect data?


  1. Security controls which should at least include:
  • Authorization and access control
  • Provisioning and deprovisioning
  • Directory services
  • User management

2. Risk assessment — careful analysis of cloud threats and vulnerabilities to determine the extent of adverse impact and the likelihood of occurrence.

3. Business continuity — a proactive process referring to the procedures an organization implements to ensure mission-critical functions can continue during and after a disaster

4. Disaster recovery — compromises specific steps an organization must take to resume operations following an incident. Response may vary from seconds to days.

The last three points are extremely important. Failure to do so can put our organisation at risk.

Operations and maintenance

  1. Cloud operations — optimization of performance and capacity per business requirements.
  2. Cloud governance — policies and guidelines establishing alignment of investments and security controls.
  3. Performance measures — key metrics to ensure the customer gets what they pay for.
  4. Continuous monitoring — confirms that the set of deployed security controls in a cloud information system remains effective.


  • Security — enforcement of security requirements across networks, data and asset configuration.
  • Resource consistency — consistent configuration across cloud resources: tools, applications, infrastructure.
  • Identity baseline — identity is consistently applied across all cloud deployments.

Performance measures

  • Response times
  • Business logic calculation times
  • Transaction processing times

2. Metrics to watch:

  • Service / system availability
  • Reliability:

MTBF — an average time a service runs before failing. It measures the operational time between failures.

MTTR — an average time to fix a failed service

  • Response time — a time to workload to be completed.
  • Security — access control, identity management, privacy — a priority.
  • Latency — a time between submitting a request and receiving a receipt of request.

Continuous monitoring

  • Checks service level against SLA
  • Detects compliance and risk issues
  • The goal is to:

Gain operational visibility

Managed change control

Incident response


human-centric software design & development. check out our website: