IT Experts Weigh in on the Four Steps to Choosing a Cloud Services Vendor

IT Experts Weigh in on the Four Steps to Choosing a Cloud Services Vendor

  • By Sara Gates
  • May 30, 2014

IT Experts Weigh in on the Four Steps to Choosing a Cloud Services VendorWith so much attention paid to cloud services, you might be surprised to know that only 5 percent of the senior IT professionals we recently polled currently use cloud services for storage, and nearly half have no plans to migrate this year.

With so many practitioners still uncertain and weighing their cloud services options, our team at Wisegate got a roundtable together with senior IT practitioners in medium and large companies who have been through the selection process. Whether your organization is planning a full-scale migration or just moving in that direction with small amounts of data, here are four steps that your peers say should be taken to streamline the process of choosing a vendor.

Step 1: Determine clearly stated objectives for your organization.

There are an overwhelming amount of options when looking for cloud service providers. Having a well-scoped plan in place before you start your search will make it much more efficient. Part of this plan must include clearly-stated objectives outlining what purpose(s) your organization wants to use the cloud. Do you want to use the cloud for storage, development, disaster recovery, backup or testing? Some vendors are stronger than others in these areas and the cloud should not be used as a Band-Aid solution.  Your best bet may end up being a combination of several vendors; however, having your objectives clearly stated will ensure that you find the right cloud vendor.

Step 2: Cast a wide net, and include contractors in your search.

Don’t feel that you have to limit yourself to any certain vendor. Seeking multiple bids is vital to the search process. You may find it helpful to break up your RFPs by objective and seek bids from a wider pool of experts.

While Amazon Web Services is on everyone’s tongues of late, it is not the only option to consider. In addition to Amazon, Wisegate members identified Microsoft, Google and Rackspace as private cloud vendors with whom they are considering contracting. If you run a Microsoft-centric environment, for example, our experts advise you to consider Azure over AWS as a solution.

Once you’ve chosen your vendor, you’ll also want to identify a contractor to operate through. Our members recommend value-added resellers, like Smartronix and DLT Solutions, as valuable tools. Most vendors are generally hands-off when it comes to customer support and having a contractor can make a world of difference. While this may add an extra step to the cloud transition, it may well protect you later on down the line when your organization is actually using the vendor.

Step 3: Plan, plan, plan.

If we’ve found one thing from surveying our members about cloud computing and beyond, it’s that planning is key. Once you’ve chosen your vendor, be prepared to pump the breaks on migration while you re-architect applications. Forklifting large amounts of data into the cloud will only create more work and potential problems for you later. Realistically, you should budget at least a year for migration, and all applications need to be cloud ready before the move. Sensitive data should always be moved last in order to avoid potential security breaches doing major damage.

As any security expert knows, it all comes down to good planning. The cloud is no exception to this rule, and a good plan will help protect your organization.

Step 4: Run your own audits.

The services that are most commonly chosen have their own internal auditing systems. For example, AWS auditing is done through Cloud Trail that records API activity and provides customers log files, including the source IP address of the API caller, the request parameters and the response elements returned by Amazon. Many customers are satisfied with these results; however, the jury is still out on whether they are truly reliable.

Once your organization migrates their most sensitive data, you should be sure to run your own audits on a regular basis using your own PaaS tools. This reiterates the importance of putting sensitive data on the cloud last. Once you know your service is secure, you’ll feel better about moving your most sensitive data onto the cloud, and you’ll feel a greater sense of control over the security of your organization’s data.

Cloud computing should not be discounted as a possibility in your organization. It can be a valuable solution and doesn’t need to be a headache for you, nor does it have to jeopardize your information’s security. With careful planning and a hands-on approach to the search and migration processes, moving to the cloud is not an impossible task. One of the best ways to avoid the pitfalls and learn the real practices that work is to talk to peers who have been through what you are now going through. Our research shows that peers are the #1 most trusted source of information – so start there.

About the Author

Sara Gates is the CEO of Wisegate.

Featured

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

Most   Popular

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.