Académique Documents
Professionnel Documents
Culture Documents
provider and solution for their cloud migration journey. Without of implementation programs over the last 5 years across industries
and geographies have been cloud-based solutions. Further, these
proper due diligence, cloud migration programs can prove
implementations have been supported by corresponding investments
expensive in the long term, limiting the ability of organizations
and offerings from product companies, systems integrators and client
to achieve real cost benefits, agility, scalability and portability.
organizations.
This paper provides an assessment framework that can be used
The current breed of cloud service providers ranges from the oligopoly
by organizations, product vendors, implementers, and systems
of global giants to a rapidly evolving cluster of local providers. However,
integrators while evaluating cloud migration. By focusing on despite the buzz around cloud migration, there is an alarming trend of
non-functional aspects such as security, sovereignty, resilience, inadequate due diligence, particularly for non-functional aspects. Low
storage, on-going maintenance, and cost of operations, this entry barriers, nominal initiation costs and sales to aspirational clients
framework acts as a guide to ensure that cloud migration meets by cloud providers coupled with newly formed IT cloud strategies
organizational requirements and supports future growth. frequently result in cloud migration decisions being made without
crucial due diligence.
1. Local data center availability – selection decision in their favor. It is strongly only over the Internet. While application
Having a locally-available data center recommended that such dependencies programming interfaces (APIs) provide a
is an important consideration for be avoided and de-coupled right at the quick and flexible way for integration, these
organizations moving to cloud. Many beginning. Companies must also assess often lack the right level of authorization.
countries have strong legal requirements readiness of a locally-available disaster Thus, cloud vendors may have serious
around data sovereignty that prohibits recovery site where legal regulations do not vulnerabilities in their products that often
the storage of customer data outside allow data back-up to reside outside the do not meet the client organization’s
their physical boundaries. Thus, this is a country’s boundary. This criterion is best security architecture and operations
critical assessment criterion that should applied at the inception (pre-discovery/ requirements.
be considered during the vendor selection discovery) phase to avoid any regret spend
Further, there may be different levels of
process. Unfortunately, this aspect is often down the line.
security controls and gaps for software-
overlooked during the selection process,
2. Security – Typically, cloud solutions as-a-service (SaaS), infrastructure-as-a-
resulting in costly future consequences.
introduce additional risk to a company’s service (IaaS) and platform-as-a-service
There are instances where the cloud IT landscape and operations. In many (PaaS) offerings from the same cloud
provider prematurely commits to providing instances, there is limited control over vendor. Such gaps need to be identified
a local physical data center within a network and connectivity for externally- at the beginning and assessed for fitment
certain timeframe to skew the client’s managed data centers is normally possible accordingly as there is a high chance of
References
1. http://www.gartner.com/newsroom/id/3616417
2. https://go.forrester.com/blogs/17-06-08-cloud_security_spending_will_grow_to_35_billion_by_2021/
3. https://aws.amazon.com/message/41926/
4. https://www.alliedmarketresearch.com/cloud-storage-market
5. https://www.cisco.com/c/dam/en/us/solutions/collateral/service-provider/global-cloud-index-gci/white-paper-c11-738085.pdf
6. https://cloudharmony.com/status
© 2018 Infosys Limited, Bengaluru, India. All Rights Reserved. Infosys believes the information in this document is accurate as of its publication date; such information is subject to change without notice. Infosys
acknowledges the proprietary rights of other companies to the trademarks, product names and such other intellectual property rights mentioned in this document. Except as expressly permitted, neither this
documentation nor any part of it may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, printing, photocopying, recording or otherwise, without the
prior permission of Infosys Limited and/ or any named intellectual property rights holders under this document.