Since the advent of Cloud technology, there has been a big debate around whether an enterprise shall move their existing on-premise IT, Corporate & Business workloads (applications) to the cloud. Another key point of debate is around which workloads should be migrated versus kept in the org's data center.
In my personal experience of being part of similar transformation programs, there is a clear need to evaluate and understand the ROI of moving any of the workloads to the Cloud. There are multiple facets to this ROI exercise. A few important ones (but not limited to) are:
Business Impacts: One of the mandatory assessment areas is to understand the current and future business needs. Some of the key pillars for this assessment can be: Business Criticality, Data requirements, Other System dependencies, SLAs (RTO, RPO), DR requirements.
Current Technology Stack: The current system's technical capabilities also must be clearly recorded. Few of the important ones to consider are: System Language, deployment setup, Scalability, Licensing model, Environment setup.
Modularization: Application modularization is a critical factor in the overall migration strategy to clearly identify the right fit for each applications. Some important constituents to this are: App architecture tier (3 tiers, 2 tiers, Monolith, Microservices), middleware (commercial license, open source), database layer (open source, commercial, NA). The third party licensing can prove to be a costly affair in cloud considering the form factor, licensing restrictions in terms of current enterprise agreements with the third-party vendor.
Application Modernization: It is a no-brainer for most of the enterprises to consider app modernization as a common migration strategy. However, as a pre-requisite it is essential to consider the following aspects: Platform or Application modernization roadmap, support for Cloud re-hosting (Out-of-the-box, Customizations), Containerization support.
Cloud Operations: The long term strategy of the Application maintenance and operational efforts need to be clearly evaluated. This shall include: validating the integration capabilities for Application & Audit logging, Monitoring & Notification integrations to the Enterprise SOC for the relevant support teams.
Security: The security in cloud is another key pre-requisite for the enterprises having strict local data residency requirements and data privacy regulations such PDPA, GDPR etc. The overall defense in depth approach should be considered for controls based on IAM, Detection, Data protection, Incident response (capability to respond, manage, mitigate and restore during a security incident), Infrastructure security.
Although, the above list is not an exhaustive criterion for the migration assessment however, is a good starting point to develop a Cloud Migration Assessment scoring model. The model can be further enhanced by assigning a reference score against each factor. The overall cumulative score is a good initial indicator in terms of whether an application should be kept On-premise Or hosted On-cloud.
Apart from the above technical assessment, there are additional key factors such as - Total Cost of Ownership (TCO), Business benefits, People's Skills & COE, Project planning etc. that must be taken into account before a final go/ no-go decision is to reached.
P.S.: This is a personal blog. Any views or opinions represented in this blog are personal and belong solely to the blog owner.