Hybrid cloud is becoming more and more prevalent and is gaining increasing traction in the IT industry. In this brief article, excerpted from Oracle’s Profit publication, Irfan Saif, Leader of the Postdigital Enterprise Initiative at Deloitte & Touche touches on five decision criteria for evaluating and selecting hybrid cloud solutions.
1. Maturity. Does the solution have a clearly articulated and well-established security, privacy, and risk management program? A mature cloud provider should employ—and be able to clearly articulate—a strategic, programmatic approach to manage and secure its platform and customer data. Its program should leverage leading practices and frameworks with the appropriate resources and supporting tools along with elements to execute effectively.
2. Flexibility. Does the solution have a rich, customisable ecosystem of services and functionality? The solution should offer a full set of capabilities and functionality that can be reasonably tailored to meet immediate and future business circumstances, as well as agility to switch components based on enterprise demands. Ideally, the platform should provide or integrate with a federated single-sign-on experience. It should also provide dashboard or reporting functionality to satisfy operational and compliance requirements.
3. Performance. Do you have confidence that the cloud provider’s infrastructure will meet and scale to your long-term business demands within appropriate service-level tolerances? Vendors should provide performance metrics and performance guarantees that can, and should, be measured and incorporated into service-level agreements.
4. Resiliency. Does the provider have the appropriate redundancy and protections to address a broad range of business-impacting events? The vendor should provide reasonable details on redundancy and recovery plans and intended service levels during a disaster. Cloud architectures inherently follow a different model than typical IT platforms with respect to redundancy and recovery, and this should be factored into due-diligence activities.
5. Commitment. Are you comfortable with the investment the provider has made in people, resources, training, infrastructure, and communication? The cloud provider should have an established, experienced, and accountable platform security function guided by formalized principles, policies, and practices. The provider should collaborate with customers in understanding and configuring security measures to protect the confidentiality, integrity, and availability of the platform and the customers’ data.
Security, privacy, and risk need not be a roadblock to cloud adoption. With the right considerations, executives can make informed decisions about how to accept and manage risk appropriately. Adopting cloud computing is not about delegating responsibilities to a cloud provider. Rather, it is about incorporating these platforms, and their potential benefits, into a broad strategy.
Content sourced from Oracle Proft Online.