20 Steps: How to know you're ready for the cloud

A guideline of everything you need to do before deploying the cloud.

20 things to do before deploying the cloud
Credit: Thinkstock

This is about the cloud. You want it. You've done the cost analysis. Here's the checklist you need to ensure a successful cloud experience:

  1. You fully understand and are ready to employ connection encryption, data in place encryption, and all of the components of key management.
  2. You understand and are ready to employ a secondary authorization or Cloud Access Security Brokerage/CASB method that's been fully tested, including all key management and vendor SLA considerations.
  3. You've chosen a vendor that will support immediate (or an acceptable time window of) tech support for connectivity and support issues.
  4. You've mastered IPv6, as the pool of IPv4 is essentially empty.
  5. You've mastered or attended to all firewall, network routing, port access, and Layer 2/3 issues.
  6. You have a working model of cloud backup, recovery, and archiving for the work to be performed in the cloud, and you've exercised the pilot, and have an ongoing plan to test it periodically.
  7. Your cloud provider can adhere to and acknowledged industry and legal regulatory and compliance issues that your organization and its data must comply with, and can readily demonstrate compliance for each step in a way that will satisfy your auditors.
  8. Everyone has been trained, knows the drill, and has documented it in case your bus falls from a cliff into the ocean.
  9. Growth has been fully applied to your cost model.
  10. You can extract 100% of your cloud data with glee, have successfully performed a pilot of this, and have an alternate storage or transactional vendor lined up as a backup.
  11. You fully manage your own keys and/or certificate authority, and correctly archive them, and can successfully generate keys for all of the use profiles with both your desired cloud vendor, and its alternate.
  12. Your current security has been tested to meet the needs of hierarchical key management by user control, and secondary authentication is used for all private keys and key generation control.
  13. Your legal department understands all SLAs and contractual obligations of your cloud use, as do your insurance companies/brokers.
  14. You documented everything to 100%.
  15. You have a disaster plan for each step above.
  16. You've tested the disaster recovery plan in No. 15 and have distributed it, and it's been correctly acknowledged by all participants in the plan.
  17. The disaster recovery plan includes completed and distributed documentation for its execution.
  18. Internal Go-To help desk, internal support, and security engineering have participated and are involved in steps 1 through 17.
  19. Your budget numbers were real, and not imaginary.
  20. You're not thinking of taking a holiday during deployment/cutover.

You might have additions to my list. Or groans. Please feel free to share. Or, just do like everyone else, and get a credit card and hit AWS after work.

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Related:
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.