15 Questions to Ask When Choosing Cloud Service Providers
2Does This SLA Fit My Needs?
A service-level agreement (SLA) only exists to protect you financially. Don’t simply look at percent uptime; technology failures will happen with any provider (technology is imperfect by nature). What’s more important is whether someone will be there to support you through those events. Does the provider offer managed services, and will they enable you to recover sooner? Are you willing to do self-service, or are you looking for someone to call in the middle of the night when things go bump, as well as someone who can manage patching and change management for you as well?
3Are My Applications and Systems Compatible?
Get an understanding of how the providers have architected their platforms for compatibility. What capabilities will you gain or lose in a transition and what access (online, API) and automation of service creation do they provide you as a customer? Check the provider’s automation plans and API specs. The service provider should be able to assess which applications are cloud-ready, which ones have potential and which ones should stay put. Consider factors like information security and data privacy needs, compliance requirements and technical architecture. Then, based on your risk tolerance, budget, and the sizes and types of applications you’re looking to move to the cloud, you can design a solution tailored specifically to your organization.
4Do the Cloud Service Providers’ Security and Resiliency Standards Hold up to Mine?
This one is seemingly obvious, but it’s critical to address security, infrastructure resiliency, the number of disaster recovery sites as well as RPOs and RTOs. Can the provider detail its security practices and services and do they align with your compliance needs? If a disaster strikes, will recovery be automated, managed or manual? Will you have the ability to simulate a disaster? A scenario-based test works well because it lets you use the most challenging potential situations so you can determine how long it takes to get an application operating in the cloud. Make the test as close to a real-life incident as possible.
5What compliance standards are in place?
Does the provider have audit results to provide for compliance? Who owns the data and infrastructure? Do you agree on best practices and standards? Is the provider willing to talk about what’s under the hood in relation to its platforms, standards and compliance certifications? Differing views on these questions of trust and protection are often a deal-breaker.
6How are migrations handled?
If you and a cloud provider align on the first four questions, consider how the migration will go. The first step is a readiness assessment of your ability to move to the cloud. Does the provider offer such an assessment, as well as a long-term strategy for a phased cloud migration? Don’t believe the provider who says everything will be taken care of on day one. Find out how long downtime typically lasts, the level of data integrity assured and the roles and responsibilities of each party. Migrating to the cloud should be viewed as part of your overall business strategy. That means understanding how the provider will act through the life of the agreement. The migration is only the start.
