IT Experts Weigh in on the Four Steps to Choosing a Cloud Services Vendor

IT Experts Weigh in on the Four Steps to Choosing a Cloud Services Vendor

  • By Sara Gates
  • May 30, 2014

IT Experts Weigh in on the Four Steps to Choosing a Cloud Services VendorWith so much attention paid to cloud services, you might be surprised to know that only 5 percent of the senior IT professionals we recently polled currently use cloud services for storage, and nearly half have no plans to migrate this year.

With so many practitioners still uncertain and weighing their cloud services options, our team at Wisegate got a roundtable together with senior IT practitioners in medium and large companies who have been through the selection process. Whether your organization is planning a full-scale migration or just moving in that direction with small amounts of data, here are four steps that your peers say should be taken to streamline the process of choosing a vendor.

Step 1: Determine clearly stated objectives for your organization.

There are an overwhelming amount of options when looking for cloud service providers. Having a well-scoped plan in place before you start your search will make it much more efficient. Part of this plan must include clearly-stated objectives outlining what purpose(s) your organization wants to use the cloud. Do you want to use the cloud for storage, development, disaster recovery, backup or testing? Some vendors are stronger than others in these areas and the cloud should not be used as a Band-Aid solution.  Your best bet may end up being a combination of several vendors; however, having your objectives clearly stated will ensure that you find the right cloud vendor.

Step 2: Cast a wide net, and include contractors in your search.

Don’t feel that you have to limit yourself to any certain vendor. Seeking multiple bids is vital to the search process. You may find it helpful to break up your RFPs by objective and seek bids from a wider pool of experts.

While Amazon Web Services is on everyone’s tongues of late, it is not the only option to consider. In addition to Amazon, Wisegate members identified Microsoft, Google and Rackspace as private cloud vendors with whom they are considering contracting. If you run a Microsoft-centric environment, for example, our experts advise you to consider Azure over AWS as a solution.

Once you’ve chosen your vendor, you’ll also want to identify a contractor to operate through. Our members recommend value-added resellers, like Smartronix and DLT Solutions, as valuable tools. Most vendors are generally hands-off when it comes to customer support and having a contractor can make a world of difference. While this may add an extra step to the cloud transition, it may well protect you later on down the line when your organization is actually using the vendor.

Step 3: Plan, plan, plan.

If we’ve found one thing from surveying our members about cloud computing and beyond, it’s that planning is key. Once you’ve chosen your vendor, be prepared to pump the breaks on migration while you re-architect applications. Forklifting large amounts of data into the cloud will only create more work and potential problems for you later. Realistically, you should budget at least a year for migration, and all applications need to be cloud ready before the move. Sensitive data should always be moved last in order to avoid potential security breaches doing major damage.

As any security expert knows, it all comes down to good planning. The cloud is no exception to this rule, and a good plan will help protect your organization.

Step 4: Run your own audits.

The services that are most commonly chosen have their own internal auditing systems. For example, AWS auditing is done through Cloud Trail that records API activity and provides customers log files, including the source IP address of the API caller, the request parameters and the response elements returned by Amazon. Many customers are satisfied with these results; however, the jury is still out on whether they are truly reliable.

Once your organization migrates their most sensitive data, you should be sure to run your own audits on a regular basis using your own PaaS tools. This reiterates the importance of putting sensitive data on the cloud last. Once you know your service is secure, you’ll feel better about moving your most sensitive data onto the cloud, and you’ll feel a greater sense of control over the security of your organization’s data.

Cloud computing should not be discounted as a possibility in your organization. It can be a valuable solution and doesn’t need to be a headache for you, nor does it have to jeopardize your information’s security. With careful planning and a hands-on approach to the search and migration processes, moving to the cloud is not an impossible task. One of the best ways to avoid the pitfalls and learn the real practices that work is to talk to peers who have been through what you are now going through. Our research shows that peers are the #1 most trusted source of information – so start there.

About the Author

Sara Gates is the CEO of Wisegate.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

Most   Popular

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.