For years, cloud computing was the future. The ability to migrate core business services and infrastructure off site, without having to build and upkeep servers, secure them, etc., was a golden promise of the 21st century. Turning a massive infrastructure cost into an ‘as-a-Service’ expenditure would revolutionize the business landscape forever — and sure enough, it did. Small firms could lease just what they needed, without having to stand up costly data centers on their own. The barrier to entry was dramatically reduced, opening doors for companies the world over. But as cloud providers became larger and larger parts of the business world, the number of providers proliferated in kind.
Cloud computing has exploded in popularity. According the Gartner, one of the foremost market research firms, worldwide end-user spending on public cloud services is forecast to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion in 2020.
“The events of last year allowed CIOs to overcome any reluctance of moving mission critical workloads from on-premises to the cloud,” Sid Nag said, research vice president at Gartner. “Even absent the pandemic there would still be a loss of appetite for data centers.
“Emerging technologies such as containerization, virtualization and edge computing are becoming more mainstream and driving additional cloud spending. Simply put, the pandemic served as a multiplier for CIOs’ interest in the cloud.”
As more and more services move to the cloud, though, how do you if you’re selecting the right cloud provider for you and your company’s needs?
We’ve broken down your decision tree into four core areas, with the most important considerations under each:
The health and reputation of the cloud providers
- Financial health: Is the service provider on strong financial footing? Will they be there in 5 years? 10? If a provider is undercutting competitors on price, ask yourself — are they the real deal? And will they be here for us well into the future?
- Reputation: Does the provider have a sterling reputation in the space? Who are their partners? Are there a bevy of public, third party reviews attesting to their expertise and professionalism? Finally, talk to customers in a similar situation to you to find out what their experience has been.
- Good governance and risk management: Is it easy to ascertain the company’s management structure with clear lines of responsibility? Do they have well-established risk management protocols that you can see for yourself? Much as you need to know if the company is adequately capitalized, so too must it be well governed.
- Business/technology fit: Does the provider truly understand your business and what you’re trying to do? There has to be a strong fit between the provider and your firm’s goals.
Metrics and monitoring
- Service Level Agreements (SLAs): Any provider should be able to guarantee a minimum level of service that suits your needs, put it in a contract, and uphold said contract
- Performance KPIs: You should be able to pull performance reports with metrics important to you. If a provider doesn’t offer this, that should be a yellow flag at best.
- Resource & config monitoring and management: Your provider of choice should be able to monitor the services they’re providing to you as well as be able to update you on any changes made to said system.
- Cost controls and billing: Cost monitoring and billing ought to be automated and transparent. You have to be able to monitor what resources you’re using, at what pace and intensity, so you don’t end up running up unexpected bills.
Technical capabilities
- Deployment and change management: It should be easy for you to deploy, manage, and upgrade your software and applications. If a provider can’t prove their aptitude here, keep it moving. There also should be documented and formal processes for requesting, logging, approving, testing, and accepting changes.
- APIs: Any worthwhile provider should use standard APIs and data transforms. If it’s hard to connect to their cloud, again, it’s not worth your time or money.
Cybersecurity
- Security infrastructure: No matter the service or system you’re leasing from a provider, there ought to be a comprehensive and robust security infrastructure. Cloud services simply do not provide value to you if their security is anything less than exemplary.
- Security policies and documentation: There should be well-established and documented security policies and procedures with strict access control for both provider and customer systems.
- Identity management: Changes to any software or hardware system component should be authorized on an individual or group role basis; two-factor authentication should be required for anyone to change an application or data.
- Data backup and retention: Few things are as important as data backup and retention — if something infects your local network, you have to know your backups are in the cloud, protected and operational for a rebuild.
- Physical security: While a physical incursion to a server farm is unlikely, it must still be protected against. Furthermore, your cloud provider should have environmental safeguards to protect both equipment and your data from a disruptive event (hurricanes, floods, power outages, etc.). There should be redundant networking and power and a documented disaster recovery and business continuity plan.
There are, as you can see, a lot of factors to consider when you’re selecting a cloud provider for your business. When it comes time to build out your technology stack, update your systems, or launch a new digital product, many small to medium-sized companies hire a technology partner to help lead them through high-stakes choices like these (especially if you don’t have a deep reservoir of technology expertise on staff / don’t want to hire those kind of resources on a full-time basis). That’s where we come in — not only can we help you make the tough decisions, we can incorporate those decisions into technology plans and execution programs that put you on a path to sustained success marked by a sizable market edge.