A cloud readiness assessment is a process that helps you to understand your current IT infrastructure and identify potential gaps in compliance, security, and performance requirements. This blog post will provide you with guidelines for conducting an assessment of your company’s needs before moving to the cloud. It also includes actionable steps on how to complete this Cloud Assessment at your organization.
Steps of a Cloud Readiness Assessment
Scope and Business Cases for Migration
Decide which applications you will move to the cloud and why. You can refer to your existing business cases for these decisions or create new ones based on your company’s specific requirements.
You must identify any compliance, security, privacy, or other policy requirements that need to be met as part of an aws migration process before moving files into the public cloud environment. These policies may vary from industry-specific regulations such as HIPPA in healthcare settings or PCI DSS for payment card data storage. Make sure that all identified policies are supported by a current version of a Vendor Policy Statement (VPS) from service providers you plan to use, along with an outside review if possible. Additionally, make sure potential gaps between organizational policies and cloud vendor policies are clearly identified.
Data Storage Requirements
You must understand where, how, and for how long your company’s data will be stored in the public cloud environment before moving to it There may also be specific storage needs that need to be considered, such as encryption or availability requirements.
Determine Security Policy Compliance Requirements
Cloud security is a critical step in ensuring compliance with internal standards such as NIST SP-800. Review all current policies on information security at your organization, including any existing policies around multi-factor authentication (MFA), user access controls, remote session logging, etc., especially those related to physical presence at the time of login. A gap analysis between organizational standards and potential service provider policy options will help identify any potential security issues with cloud service providers (CSPs).
Network Connectivity Requirements
Network connectivity is an important part of the migration process because you must understand how your company’s applications and data communications over the internet. You need to know which sites, subnets, or IP ranges are currently in use by each application, along with current bandwidth requirements for different types of information, such as voice/video conferencing vs. email traffic.
Determine Performance Requirements
Performance can be measured in terms of various metrics depending on your organization’s business needs, but it also includes consideration for network latency, both internal and external to a CSP environment. This may require actual testing performance under load conditions within an isolated test environment before moving to the cloud.
Compliance Requirements for Data in Motion and Data at Rest
Data in motion refers to data being sent from one location to another over a network connection, while data at rest is when your files are stored on servers or disks within a CSP environment. Ensure that all requirements around compliance, security, privacy, etc., have been identified along with supportability of encryption standards for any required data-at-rest policies such as HIPPA protected health information (PHI) protection under HITECH.
Review Service Level Agreements From Potential Cloud Providers
Service level agreements (SLAs), which show an agreement between a service provider and a customer regarding services provided, can be critical pieces of reference materials during migration planning. They clearly define the levels of service provided to your company’s applications and data.
Identify Platform Requirements for Applications that Will Be Migrated
It is important to identify platforms (i.e., operating systems, web servers, etc.) needed by each application along with current version requirements before moving them into cloud environments. This information can help determine which CSPs may provide services or other options if a specific platform choice isn’t supported in an initial cloud environment configuration.
It’s important that you map out all of your possible scenarios or paths for migrating data from on-premises infrastructure into a cloud environment. This includes identifying what types of applications will be migrated and what migration method will be used.
Migration Readiness Level for All Data and Applications
This step requires you to understand your company’s development process and what types of data are being stored on-premise. This includes understanding if any legacy applications exist that would need special attention during a cloud migration project or require additional resources.
Migration Approach for Each Scenario
Identifying the migration approach requires you to understand how much control your company wants to maintain over each type of data. For example, if a certain application will be used in both on-premise and cloud environments, this would require building an entirely new app that could have unforeseen costs.