Is this a familiar scenario? Your CIO just got back from an industry conference and spent four days talking to experts and learning all about the benefits of the cloud.  The organization has now adopted a cloud first strategy, but it’s on you to make it happen.  There are both compelling business cases and many reasons to go to the cloud.

There may be some immediate use cases that come to mind.  Companies may be tempted to just jump right into those opportunities. I would recommend tapping the brakes for a strategy discussion.  Before diving in, we want to make sure we understand what we want to achieve.  Do we want to use Infrastructure as a Service (IaaS), Software as a Service (SaaS), Platform as a Service (PaaS) or some other “as a service?”  Do we want to consume commercial services?  Are there compliance, licensing, or region requirements that force us into a particular service? Does our IT staff have the required skills to maintain these environments? Is there a governing policy for acceptable use of cloud services?  I cover these and other pre-requisites in an additional blog, “Cloud Ready?”  If that’s where you are in your journey, read that here.

If you are cloud ready, the next step is to migrate. The steps and methodology below are what CastleLock uses to migrate workloads to the cloud.  In an effort to aid you along in your cloud journey, here are the steps CastleLock utilizes: 

Step 1. Plan

Goal: Why are we doing this?

Deliverables: Budget, ownership, and success criteria

In the planning phase of cloud migration, identify stake holders, applications, infrastructure, and use cases that bring immediate value to your stakeholders. Organizations will need to have a comprehensive asset and application inventory. It is important to know costs and depreciation schedules for hardware and software. It will be important to have hardware and application owners identified.

Step 2. Evaluate

Goal: What are we going to do?

Deliverables: Cost, complexity and risk valuations

During this phase you will identify which applications, services, or infrastructure will be rehosted, refactored, revised, rebuilt, replaced, or retired.  Keep in mind, fork lift or lift and shift approaches are effective, but could consume your budget quickly.  Understand how complex each workload is, the cost associated with each, and the risk to the business. 

Below are some examples for consideration during the evaluation phase.

Costs- licensing fees, compute fees, region, bandwidth, and depreciation

Risk- number of users, external consumption, availability, type of data, security, compliance, skills acquisition and training

Complexity- number of releases, number of nodes, architecture, connectivity, number of users, administration.

Architecture especially around legacy applications can be especially complex and involve modernization efforts to effectively optimize the move.  There are options here in approach to ensure an optimal migration such as an incremental phased approach.  For example, IaaS to PaaS or hybrid approaches.  Let’s not get ahead of ourselves as far as what will be raised during the design phase but at this stage, we can start to address feasibility concerns.

Step 3. Prioritize – Rock, Paper, Scissors

Goal: When are we going to do it?

Deliverable: Schedule

Now that we know the why and the what, armed with cost, complexity and risk values, we can determine the timetable and build a migration schedule.  During the prioritization phase, the organization must define which prioritization method is most important.  Is it cost, complexity or risk?  Dependencies should be considered here.  Once decided, this value will become the tiebreaker (rock wins!) The prioritization of workloads is extremely important. If for any reason a workload cannot be migrated, the team can move on to the next thing on the list. Given the priority has been identified, there is no need to churn on what to do next.   

Step 4. Design

With the exception of overall design, Steps 4 – 6 (design, implement, validate) repeat for each workload.  Connectivity, subnets, availability zones, security tools, resources, etc. are all identified and earmarked for implementation.

Step 5. Implement

You’ve done most of the hard work; now it’s time to implement.  Spin up those resources!  Migrate that data!  Setup those DNS records!  Configure those firewalls and routes! Encrypt that data!

Step 6. Validate

You may be tempted to kick those feet up on the desk or take the team out for a victory lap, but we still have work to do.  User acceptance testing (UAT) is paramount. And, while you’re waiting for that….ensure any agents are reporting in properly.  System logs are going to the SIEM. Systems are enrolled in monitoring systems.  FIM is turned on. Backups are working. Kick off that vulnerability scan!  Now, take that victory lap and get ready for the next one.

Sound too simple?  We can get your workloads to the cloud quickly, seamlessly, and securely. Whether you need advisory services, technical guidance or for us to partner with your existing IT resources, CastleLock can help.  Our methodologies allow you to achieve your cloud migration goals and be able to focus on the thing that matters most, your business. 

James Hill

James Hill

With over two decades of technology experience, James has established comprehensive cyber security programs for many public, private and government sector organizations and serves in an advisory capacity to CISO's and CIO's across North America. An avid learner, James holds many industry certifications, including certifications from AWS, SANS, Cisco, Palo Alto Networks and ISC2.

Leave a Reply

Welcome to CastleLock

We offer cybersecurity, compliance, and cloud services.

Contact CastleLock

CastleLock
13155 Noel Rd.
Suite 900
Dallas, TX 75240

T: 888-600-0117
E: info@castlelock.com