View the other posts in the series:

What we learned from Migrating custom applications to the Cloud
Part One Key Learnings Overview
Part Two Discover and Assess
Part Three Plan and Migrate
Part Four Monitor and Report

Since 2010, UnifyCloud has been helping customers migrate custom built, line-of-business (LoB) applications to the Cloud (PaaS, IaaS and SaaS)¹. In this series we will share our key learnings, as well as best practices from our experiences of migrating custom built LoB applications to the Cloud. First, a quick review of why people are moving to the Cloud, and their concerns:

• 70% of CIOs are following a Cloud-first strategy as of 2016²
• Key drivers for the migration to the Cloud: first is reducing costs, second is improving business agility.³
• Primary concerns around moving to the Cloud include Cybersecurity, Privacy and Compliance.⁴

The key to a successful cloud migration is to develop a data-driven cloud strategy. Develop a detailed understanding of your existing infrastructure, and use that as the starting point for developing your cloud strategy. Once you have developed your strategy, create a detailed plan. We recommend a three-step process for migration planning, as outlined below. In this post we will focus on the first phase, Discover & Assess.

DISCOVER & ASSESS

The first phase in developing a Cloud Readiness Assessment is to discover and assess your current infrastructure, identifying what you ‘actually have’, as compared to ‘what you think you have’. We have had many customers assure us they did not have any Out of Service OS’ in their environment, only to discover many of them in their infrastructure. We recommend using an automated tool that can be run periodically, e.g. quarterly, and can provide detailed snapshots of your infrastructure, and changes between quarters.

A partial list of these infrastructure solutions includes the free Microsoft Assessment and Planning tool (MAP), SNOW, SCCM, SAM Live!, etc., and there are many others also available that may meet your needs. You want an infrastructure tool that provides you with a detailed technical analysis of your on premises IT environment including VMs, Servers, Databases, and Client machines, and what software and versions are running, etc. It is imperative that it include at least a month (more data is better) of actual usage data on CPU, Network, Storage, etc. This usage data is critical for you to be able to create a comprehensive Cloud Readiness Assessment on what and how to move to the cloud, and will be a key driver in developing your Cloud Strategy.

We have found that it is helpful to use a tool to create your Cloud Readiness Assessment. This assessment consumes the infrastructure data, and guides you through common scenarios of cloud migration planning, as well helping you to develop your Cloud Strategy. Otherwise you end up with a compendium of unactionable detail on your infrastructure, spend all your time trying to analyze the data, getting lost in the trees as you are not able to see the forest.

Your Infrastructure data provides you with a data-driven view of your current Cybersecurity maturity. This information can also be used to develop a Cybersecurity strategy, which is worthy of a separate blog post another day. For now, note that Cybersecurity can be a both a blocker and an enabler to cloud migration. Your Cybersecurity maturity can help to prioritize applications that should migrate to the cloud first, or that perhaps should be left on premise, depending on your environment, Cybersecurity policies, and GRC requirements. Having a detailed understanding of your Cybersecurity capabilities can dramatically improve your Cybersecurity posture. By completing this Infrastructure inventory process you are also fulfilling the two most important Cybersecurity recommendations from the Center for Internet Cybersecurity: https://www.cisecurity.org/:

• CSC 1: Inventory of Authorized and Unauthorized Devices
• CSC 2: Inventory of Authorized and Unauthorized Software

Your Cloud Readiness Assessment uses an inventory of applications and workloads that are candidates for the Cloud: SaaS (replace), IaaS (relocate), PaaS (modernize). There are number of additional factors that need to be considered for Application migration that may not be detected from your Infrastructure scan. These are likely to apply whether you are planning to migrate to PaaS, IaaS, or SaaS. Responses to these questions will help you to determine if you should opt for Private, Public or Hybrid Cloud:

• SLAs & Mission Criticality: The Service Level Agreement (SLA) for server, network, and storage infrastructure may influence an applications Cloud Migration strategy.
• User management: Multiple user roles may be required; Identity and Access Management (IAM) should be evaluated.
• Cybersecurity: When considering an application migration, the cloud service provider’s cybersecurity policies need to be examined. A framework to use to evaluate a CSP is available from the Microsoft IT Showcase site here, as well as the Cloud Cybersecurity Alliance STAR Registry.
• GRC: Governance and Regulatory Compliance of the CSP relative to your regulatory requirements. A key point here is to be sure the specific CSP services your application requires fulfill your regulatory requirements.

The Cloud Readiness Assessment answers many of planning questions for your journey to the Cloud:

• Which on premise applications can be retired and replaced with SaaS solutions?
• Which VMs and storage workloads can move to an IaaS environment?
• Which applications are candidates for, and what are the economics of, modernization to PaaS?
• How can a Cloud platform accelerate and reduce your costs around application development?
• How will these Cloud environments impact, and be impacted by, Cybersecurity risks?
• What are the OpEx, CapEx, TCO and ROI of moving to the cloud using PaaS, IaaS and SaaS?

Working with our customers, we have found the following typical breakdown in migrating applications to the cloud. About 30% can be retired or eliminated, and around 15% can be replaced or migrated to SaaS. About 50% can be migrated to the Cloud either as IaaS or PaaS, and the remaining 5% of the applications remain on premise.

UnifyCloud developed CloudRecon to provide a detailed Cloud Readiness Assessment which can serve as the starting point for your Cloud Strategy. The insights and recommendations from these reports would take several months for an architect to produce. The powerful Data Center Modernization Report (DCMR) available within minutes of importing your infrastructure data, providing you a dashboard of Cloud Migration scenarios, and the ability to drill down to view details on individual resources. For more information including a demo and free trial of CloudRecon, go to Microsoft’s AppSource here.

Below is a screen shot from CloudRecon. Immediately after importing the infrastructure data you are able to see the main dashboard. 162 applications have been identified as candidates for migration to PaaS. A drill down on the list of applications is provided, as well as other useful information, such as out of compliance OS’s and Databases that are no longer supported. The menu on the left shows additional cloud migration recommendations, as well as cost analysis, and cybersecurity maturity assessment of your infrastructure.

The DCMR includes recommendations on VM & SQL rightsizing and consolidation, as well as recommendations for which applications should be migrated to PaaS, IaaS, and SaaS. The DCMR also includes detailed cost estimates to determine your potential cost savings, TCO and ROI from moving to the cloud. The detailed VM sizing is based on your actual usage CPU, Network, Storage, etc. usage, and represent accurate, data-driven recommendations on optimizing your VMs for the cloud. All recommendations are based on your infrastructure, using your performance data, with drill downs available to you, down to specific machines and VMs. If you don’t agree with the CloudRecon recommendations, you can easily change them, and do a what-if analysis and make changes to the recommendation. All of the CloudRecon data can be viewed and downloaded for further analysis.

Lesson #2: A data-driven Cloud Readiness Assessment should drive your Cloud Strategy, providing you with a detailed roadmap for your journey to the cloud.

SUMMARY

Successful migrations to the Cloud require being data driven, and following a structured process. Our experience recommends using integrated automated tools for enterprises to manage the complexity of migrating application to the Cloud, through their application lifecycles, at Cloud Speed and Cloud Scale. Different Tools are used at different stages of the process. CloudAtlas looks at migration process and challenges holistically to support Cloud migration. The underlying knowledgebase ensures best practices are followed throughout the entire process for cost control, cybersecurity and compliance (GRC).

REFERENCES

¹ NIST Reference to Cloud Service Models starts on page 2: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf
² IDC CIO Agenda webinar
³ InformationWeek; September 29, 2016 & Seth Robinson; Senior Director, CompTIA
⁴ SIM IT Trends Study, 2017

View the other posts in the series:

What we learned from Migrating custom applications to the Cloud
Part One Key Learnings Overview
Part Two Discover and Assess
Part Three Plan and Migrate 
Part Four Monitor and Report