The recent network issues at Verizon Terremark that crippled the HealthCare.gov website is a scenario that could have been avoided with careful planning and thorough testing, according to experts, who say businesses frequently experience limited downtime and service disruptions with their cloud-hosted applications.
Human errors are the biggest cause of costly outages, said Mike Aquino, director of cloud solutions at Cetan Corp., a firm that specializes in enterprise automation and cloud hosting deployments and has partnerships with Microsoft, Salesforce.com and BMC Software. Aquino said cloud providers plan for technology failures and have backups and system redundancy to solve technical snafus quickly. The vast majority of cloud bottlenecks happen because the business didn't do its due diligence, he said.
"Often times the processes internally weren't properly documented and you have to do workarounds that can cause disruption or stall projects," Aquino said. "It's usually a correlation between a piece of hardware or software that no one knows about, and then when it's discovered, it's not part of the scope of a project."
Connectivity problems are at the top of the list of cloud computing concerns identified in a survey of 240 information security professionals, network operations and applications owners conducted by security vendor AlgoSec. More than two-thirds of organizations experience application connectivity disruptions in data center migration projects, according to the study's findings, issued Tuesday.
Security experts and IT executives involved with cloud projects told CRN that network outages represent the biggest threat to businesses that have migrated to the cloud. If a business doesn't do its due diligence with the provider, it may have little recourse when an incident takes place, said Jim Reavis executive director at Cloud Security Alliance, a non-profit that provides education and best practices on cloud computing issues.
"A lesson learned from previous cloud provider outages is that they will happen, and customers who suffered from them generally did not purchase the available 'high availability' options," Reavis told CRN. "Customers need to own the requirements and the systems architecture at a high level."
The AlgoSec survey found businesses moving hundreds of critical applications to the cloud, but migration projects can be complicated and lengthy, causing costs to add up. Data center migration projects involving critical applications took more than five weeks to deploy, and more than a quarter of those surveyed said it required more than an 11-week deployment.
Change requests to handle load variations on business applications happen frequently but are processed slowly, the survey found. Nearly 60 percent said it takes more than 8 hours to process each application connectivity change request, with 31 percent indicating that it takes more than one business day per change.
NEXT: Planning Around Disruptions, Outages
The length of time a project takes to complete runs the gamut, said Pete Zarras, president and CEO of Cedar Knolls, N.J.-based Cloud Strategies, a solution provider that is involved in hosted email deployments and migration to SaaS applications. The service-level agreement (SLA) is a big factor in how a cloud provider will respond to a client, Zarras said.
"You have to define your business objective, the scope of the app and audiences, and define your tolerances around risk and outages and interruptions, and you have to plan around all of those things," Zarras said.
The bulk of Cloud Strategies business is with Microsoft Office 365 deployments, but larger firms are increasingly turning to private cloud hosting for mission critical applications, even enterprise resource planning software, Zarras said.
High-profile outages and disruptions, like the HealthCare.Gov site, don't reflect positively on the cloud, but the cost savings and efficiencies gained by leveraging cloud services minimizes the impact of high-profile problems, Zarras said. Businesses are tired of capital expenditures every four or five years and are attracted to paying a monthly fee for continuity of services and technology upgrades, he said. If those firms are contracting out to maintain the data center, they typically have strong SLAs, vetted by legal teams, to define how strong security, network monitoring and incident response procedures are to be carried out, he said.
Any delays in migrating to the cloud are the result of previous application migration problems, according to the AlgoSec survey. One in five survey respondents said they are expecting to have more than 40 percent of their business in the cloud with one-third planning to migrate at least 20 percent of their applications in the next 12 months.
"Depending on what the availability requirements are for the client, everything can be planned for and anticipated," Zarras said.
PUBLISHED OCT. 29, 2013