Context

Facts

– Cloud is getting a lot of attention

– Lots of buzz but little information on ‘What To Look For In Your Cloud Provider - Beyond the Software’

Today’s Objectives

– Talk about the top 10 considerations when choosing cloud partner

– Tell you questions to ask your cloud provider

Mainframe Web Cloud Client Server

IT Evolution

Private Public

Hosting Partners (like Bhumishq)

Rapid implementation

Anywhere-access

Rich customization

Microsoft Hosted

Control & ownership

Strategic capabilities

Advanced integration

On-Premises Partner Hosted

Outsourced IT

Industry / Vertical configuration

Packaged solutions

Talk Points

Introduction Vivek Mathur

Vice President - Technology

Bhumishq Group

1. Look For A Flexible Provider

Look For A Flexible Provider

Cloud is all about flexibility and agility

Most organization Cloud strategy is not well

defined yet

Providers needs to remain flexible.

A ‘rigid’ Cloud offering is a barrier to Cloud

adaptation

Ask for ‘no strings attached’ trial period before

committing

2. Geo-redundancy

Geo-redundancy

Cloud is about anytime / anywhere availability of

data

Single site data centre can be a potential single

point of failure

Cost of connectivity, shortage of bandwidth and

latency are the current determinant for data centre

geo-redundancy

Example - Microsoft runs multiple

geo-redundant data centres

(some disclosed, others not) worldwide.

3. Data Centre Facilities

Some of the key factors to consider in a Cloud facility

are –

Power

Cooling

Fire Detection & Suppression

Physical Security

CCTV Surveillance & Recording

24 x 7 Helpdesk and ops Centre

POWER Redundant utility power source Fully redundant power distribution with no single point of failure N+1 UPS system On-site full load capable power generator

Cooling Precision based air-conditioning units Grid failure protection on cooling units – dual chiller & DX based precision units Humidity control

Fire Detection & Suppression VESDA (Very Early Smoke Detection Apparatus) based system. Clear agent, non-residual gas. Environmental & human friendly.

Physical Security Secure and restricted access facility. Bio-metric based access control Presence of trained security guards

CCTV Surveillance & Recording CCTV video recording and archiving

24 x 7 Helpdesk and Operations Centre Round the clock technical support 24 x 7 data centre critical operations monitoring team

4. Data Centre Physical Location

Data Centre Physical Location

Location – avoid proximity to RFI (Radio Frequency

Interference) generating industries, flight paths, near

potential dangers from sea, chemical and other

hazardous plants

The data centre building should be within reasonable

commuting distance for employees, support vendors,

and other business partners

Data centres need redundant sources of

telecommunications, electricity, and water to eliminate

any single points of failure

5. Scalability

Scalability

‘Pay as you go’ model

Cloud provider should be capable of quick

provisioning of scaled up requirements around

storage needs

Flexible retention choices to manage capacity, cost

and regulatory requirements

Business Continuity Plan

6. Business Continuity Plan

7. Data Retention Policy

Does the cloud vendors’ Business Continuity plan

meets your Business Continuity requirements?

How does provider guarantee uninterrupted

services?

Can provider give you documentation of its BCM

plan?

When in doubt, ask for 3rd party BC audit

Data Retention Policy

What happens to my data when I cancel my Cloud

service?

7. Data Retention Policy

Is my data returned?

Is it deleted?

Service Level Agreement

8. Service Level Agreement

What are the agreed service delivery terms?

How they are measured & reported?

What happens if the agreed terms are not

delivered?

- Financial penalties on Cloud provider.

Industry Credentials

9. Industry Credentials

What are service providers’ Cloud industry

affiliations and partnerships - like Microsoft partner,

Microsoft hosting and online services

competencies, SPLA arrangement etc

Industry recognized certification & membership like

Uptime Tier based certification, CSA (Cloud

Security Alliance) membership etc

Local related authority licencing and other

requirement fulfilment

Compliance Requirements

10. Compliance Requirements

Gather legal and regulatory requirements first for a

feasibility assessment

Can your data be taken out of country?

Does regulations like PCI, SOX, HIPPA etc.

that’s mandates control over operations of

infrastructure & critical data affects you?

Other Legal And Contractual Issues

IP

Liability

Thoroughly vet your provider

Closing Thoughts

Cloud is the future Cloud means different to different persons One-size fits all approach may not work Try it before you commit

Q&A

Thank You

meet us at Microsoft mini world cloud exhibition area

Vivek Mathur

vivek.mathur@bhumishq.com