Unclouding










PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free
download
.

Unclouding

by James G. Barr

Docid: 00021032

Publication Date: 1805

Publication Type: TUTORIAL

Preview

"Unclouding," also known as "declouding" or "reverse cloud
migration," is the process of removing an information system or service from a
cloud environment. It can also refer to the movement of an information system or service from one cloud
environment to another. This is often due to a cloud provider’s failure to
deliver requisite service levels or the client’s exaggerated expectations of
the benefits to be derived from cloud computing.

Report Contents:

Executive Summary

[return to top of this report]

"Unclouding," also known as "declouding" or "reverse cloud migration," is the
process of removing an information system or service (hereafter referred to as
an "application") from a cloud environment.

Related
Faulkner Reports
Cloud Computing Concepts
Tutorial
Client/Cloud Computing
Tutorial

While the concept may seem strange (after all, isn’t the cloud the destination of choice for most enterprise officials?), unclouding
is a reality.

Unclouding Trends

According to a Datalink/IDG survey of more than 100 IT professionals,
almost 40 percent of organizations with public cloud experience have migrated
systems back from the public cloud to in-house data centers. The top reasons
were:

  • Security – 55 percent
  • Cost/pricing concerns – 52 percent
  • Manageability – 45 percent1

Unclouding Explained

Unclouding may entail a simple removal operation if the subject application is
being decommissioned. More commonly, however, unclouding involves
transferring an application from one cloud environment to another or from a
cloud environment to a non-cloud environment.

While the notion of unclouding may be new, owing to the fact that cloud
computing is relatively new, the underlying principle of application "reversion" has been
practiced since the mainframe era. Reversion recognizes that computing is
imperfect, with new or upgraded applications often suffering hardware,
software, or service provider failures.

Given the level of investment in modern-day applications, the normal response
to an application failure is remedial: Diagnose the problem and implement the
appropriate repair, all the while maintaining communication with end users and
other stakeholders.

In some cases, however, more drastic action is required, with enterprise
officials deciding to revert a troubled application to its prior state. This
requires
removing the application from the cloud and restoring it "on-premises," i.e.,
moving the application to an enterprise-operated data center, which may often be the same
facility where the application originated.

Unclouding requires careful planning to:

  • Prevent or at least mitigate customer impact
  • Protect and, ultimately, regain control of intellectual property
  • Limit costs
  • Avoid litigation

Importantly, the time to begin planning for unclouding is before, not after, implementing a
cloud application. By considering unclouding as a potential outcome,
cloud planners can craft agreements that make the prospect of unclouding
far less likely. In this regard, the most important instrument for any
cloud client is a negotiated service level agreement (SLA) that includes
aggressive and time-sensitive problem management.

Neverclouding

Unclouding decisions can be prevented by "neverclouding": never committing
certain enterprise applications to the cloud. As reported by analyst Erica Mixon:

  • Jeffrey Fidacaro, an analyst at 451 Research, asserts that applications
    involving sensitive customer data might be safer on-balance on-premises.
  • According to Matthew Eastwood, an analyst at IDC, "Mainframe workloads are typically strategic and are not necessarily easy to
    offload and move. It’s safer and potentially cheaper when you
    start to factor in risk to keep them where they are."
  • Scott Lowe, an engineering architect at VMware, believes that legacy
    applications that are fairly static and don’t require global visibility
    might not be worth offloading to the cloud.
  • Finally, little-used or seldom-updated applications are generally poor
    cloud candidates.2

The Basics of
Unclouding

[return to top of this report]

Pros and Cons

Unclouding should never be considered casually; it is a serious process
with potentially serious consequences if pursued unwisely or imprecisely.

As summarized in Table 1, there are numerous pros and cons.

Table 1. Pros and Cons of Unclouding

Reasons to Uncloud

Reasons to Resist
Unclouding

The enterprise’s current cloud
provider is providing sub-standard service in violation of the
client/provider service level agreement (SLA). Efforts to improve
service have proved insufficient.

Even with extensive planning,
unclouding is an untidy and disruptive process.

The enterprise has developed
its own private cloud capability, permitting public cloud
applications to be brought in-house.

In many cases, a poor
relationship with a cloud provider can be mended and poor cloud
service improved. A sincere attempt at client/provider reconciliation should proceed
any decision to divorce.

The enterprise becomes
concerned about the security and privacy of cloud-resident data,
particularly personally identifiable information (PII).

An enterprise may lack the
infrastructure to absorb an unclouded application.

In many instances, the
enterprise may have surrendered such infrastructure when the
application was migrated to the cloud.

Note: Where physical
resources are required, engaging a co-location facility might help an
enterprise avoid unwanted capital expenditures.

Predicted cloud savings have
not materialized, reducing the projected cloud return on investment
(ROI).

An enterprise may lack the
technical expertise to support an unclouded application.

Indeed, the general inability
of enterprises – especially small enterprises – to recruit and
retain talented technical staff has contributed to the cloud boom.

Regulations, especially those emanating from
the European Union, have imposed strict data residency requirements
– requirements that cloud providers may not observe or be able to
satisfy.

Cloud computing
is not a fad.
Cloud computing is the future of
IT, especially as enterprise executives seek to:

  • Reduce or at least render more
    predictable their IT expenses.

  • Shift their compliance-related
    responsibilities to third-party providers.

Enterprise officials should think twice before voluntarily retreating from an already-established
cloud position.

Complying with federal and
state information security and privacy statutes has become problematic,
i.e., difficult to demonstrate, particularly in highly scrutinized
industries like finance and healthcare.

 

Enterprise IT and security
staff are disengaged, owing to the cloud provider’s lack of
transparency.

Enterprise executives are
concerned about the loss of control over
outsourced IT operations.

Forms of Unclouding

As summarized in Table 2, the unclouding process can assume six different
forms, each principally defined by two characteristics:

  • Origin – where the application to be unclouded presently resides
  • Destination – where the application will reside after unclouding
Table 2. Forms of Unclouding

Form

Origin

Destination

Description

Public/Public

Public Cloud 1

Public Cloud 2

The public/public
option is invoked when an enterprise client is satisfied with cloud
computing but dissatisfied with the enterprise’s current cloud
provider.

Public/Private

Public Cloud

Enterprise Private Cloud

The public/private option is
invoked when an enterprise client is satisfied with cloud computing
but dissatisfied with the enterprise’s current cloud provider.

Unlike the
public/public option, the enterprise elects to transition to an
enterprise private cloud, becoming a cloud provider itself.

Public/Enterprise

Public Cloud

Enterprise Data Center

The public/enterprise option
is invoked when an enterprise abandons the cloud model in favor of
operating on-premises.

This option often represents
the return of a cloud application to its point of origin.

Private/Public

Enterprise Private Cloud

Public Cloud

The private/public option is
invoked when an enterprise outsources its private cloud
operations to a third-party public cloud provider.

Private/Enterprise

Enterprise Private Cloud

Enterprise Data Center

The private/enterprise option
is invoked when an enterprise abandons the private cloud model in favor of
local, non-cloud operations.

Pure Uncloud

Any Cloud Environment

None

The pure uncloud option
involves the elimination of an existing cloud application.

How to Avoid Unclouding

[return to top of this report]

Enterprises adopt cloud computing not as an impulse, but to achieve specific
objectives like lowering their IT spend or gaining new business functionality. Since unclouding may have the effect of sacrificing such objectives, enterprise
officials should enter into cloud arrangements with the goal of avoiding future
unclouding efforts.

The keys to avoiding unclouding are:

  • Selecting the right cloud provider, by leveraging the enterprise request
    for proposal (RFP) vehicle.
  • Negotiating a comprehensive service level agreement (SLA), eschewing any
    provider-supplied boilerplate contract that normally favors the provider’s
    interests.

Regarding the SLA, the document should contain provisions detailing:

  • Service level objectives, including performance and scalability.
  • Problem management objectives, including response time and problem
    escalation protocols.
  • Unclouding options, including client and provider responsibilities, how
    data security is maintained while unclouding, and how the provider intends
    to eliminate client data from its servers and storage systems after unclouding.

A reputable provider will understand the need to discuss unclouding options,
even though both parties – the client and the provider – are committing to a good
faith partnership.

How to Uncloud

[return to top of this
report]

While there’s no prescribed method for unclouding (each unclouding initiative
boasts its own peculiar challenges), the following constitutes a general
unclouding strategy – one that enterprise officials can employ to formulate a specific unclouding
plan.

Before Unclouding

1. Perform a Post Mortem. Determine why the cloud option
failed and why unclouding offers the best remedy. If alternatives to
unclouding present, explore them.

2. Select a Landing Site. Determine where (i.e., to what
environment) the unclouded application will be relocated. Consider all the
possibilities described in Table 2. Remember that the obvious approach –
"going home," or restoring the application to its point of origin – may be
impractical, particularly if the original supporting infrastructure is no longer in place. If the reasons for unclouding are rooted in the cloud provider’s performance and
not cloud computing itself, the best option may be to select a more
capable cloud
provider.

3. Start from Scratch. Behave as if the original cloud deployment had not
occurred.

  • Identify application requirements (which may have changed).
  • Identify potential application hosts.
  • Develop a request for proposal (RFP) and submit it to the host
    candidates.
  • Review the RFP responses and choose the best provider.

4. Create a Test Site. Deploy the application in its future
home and conduct extensive functional and performance tests. As
appropriate, invite select end users to "pilot" the application. As
analyst Tom Nolle advises, "

A cloud exit strategy should also emphasize
application lifecycle management. Organizations should test applications
in their new location, and validate workflows. If you made significant
application changes, or if the applications were in the cloud for an
extended period, run a pilot test to ensure they run correctly before you
cut over."3

5. Develop an Unclouding Plan. Working in collaboration with the present and
future application hosts, prepare an exhaustively detailed unclouding plan,
including the specific responsibilities of all stakeholders.

During Unclouding

6. Execute a Controlled Migration. Migrate one end user
group at a time. Some difficulties may be encountered, which is natural,
but if problems persist then suspend the unclouding process and resume it only when the
problems have been resolved.

7. Monitor Security Measures. Ensure that hackers and
other cyber miscreants do not exploit the unclouding process to steal or
otherwise compromise exposed enterprise data.

After Unclouding

8. Continue Routine Testing. Problems may manifest after unclouding. Try to detect them before the enterprise’s end users do.

9. Maintain the Origin Site. If practical, maintain the origin
site for thirty days post unclouding. Prepare to "snap back" in the event of
an emergency.

10. Oversee Data Disposal. Try to remove all remnants of
enterprise data from the origin site, including backup data.

Recommendations

[return to top of this report]

Unclouding is not an "IT project;" unclouding is an enterprise project and
requires enterprise-level involvement.

Think twice before unclouding. Cloud computing has gained considerable
momentum, especially among those enterprise executives who do not include IT
among their organization’s core competencies, interests, or assets. Before
engaging in any unclouding operation, ensure that all stakeholders are "on
board."

Appoint an independent project manager. Ideally, name someone with
unclouding or comparable experience. Hiring an outside consultant – an
impartial voice with state-of-the-art knowledge – would be prudent.

Consult enterprise general counsel. The legal department will be
indispensible in interpreting existing service level agreements (SLAs) and
negotiating new ones.

Bring enterprise experts onboard. Depending on the organizational
structure, assemble an interdisciplinary team, including the:

  • Chief Risk Officer (CRO)
  • Chief Security Officer (CSO)
  • Business Continuity Manager
  • Quality Assurance Manager

Give each individual broad latitude to monitor and measure the unclouding
process and to halt the process if, in their judgment, enterprise assets or
business interests are threatened.

Engage a diverse testing group. Application testing should be
supervised by the quality assurance department and include:

  • Quality assurance personnel
  • Internal end users (employees)
  • External end users (customers)
  • Penetration testers (to assess application and network security)

[return to top of this report]

References

About the Author

[return to top of this report]

James G. Barr is a leading business continuity analyst and

business writer with more than 30 years’ IT experience. A member of

"Who’s Who in Finance and Industry," Mr. Barr has designed,

developed, and deployed business continuity plans for a number of Fortune

500 firms. He is the author of several books, including How to

Succeed in Business BY Really Trying, a member of Faulkner’s Advisory

Panel, and a senior editor for Faulkner’s Security Management

Practices. Mr. Barr can be reached via e-mail at jgbarr@faulkner.com.

[return to top of this report]