PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free
download.
Unclouding
Copyright 2018, Faulkner Information Services. All Rights
Reserved.
Docid: 00021032
Publication Date: 1805
Publication Type: TUTORIAL
Preview
"Unclouding," also known as "declouding" or "reverse cloud
migration," is the process of removing an information system or service from a
cloud environment. It can also refer to the movement of an information system or service from one cloud
environment to another. This is often due to a cloud provider’s failure to
deliver requisite service levels or the client’s exaggerated expectations of
the benefits to be derived from cloud computing.
Report Contents:
- Executive Summary
- Related Reports
- The Basics of Unclouding
- How to Avoid Unclouding
- How to Uncloud
- Recommendations
- Web Links
Executive Summary
[return to top of this report]
"Unclouding," also known as "declouding" or "reverse cloud migration," is the
process of removing an information system or service (hereafter referred to as
an "application") from a cloud environment.
While the concept may seem strange (after all, isn’t the cloud the destination of choice for most enterprise officials?), unclouding
is a reality.
Unclouding Trends
According to a Datalink/IDG survey of more than 100 IT professionals,
almost 40 percent of organizations with public cloud experience have migrated
systems back from the public cloud to in-house data centers. The top reasons
were:
- Security – 55 percent
- Cost/pricing concerns – 52 percent
- Manageability – 45 percent1
Unclouding Explained
Unclouding may entail a simple removal operation if the subject application is
being decommissioned. More commonly, however, unclouding involves
transferring an application from one cloud environment to another or from a
cloud environment to a non-cloud environment.
While the notion of unclouding may be new, owing to the fact that cloud
computing is relatively new, the underlying principle of application "reversion" has been
practiced since the mainframe era. Reversion recognizes that computing is
imperfect, with new or upgraded applications often suffering hardware,
software, or service provider failures.
Given the level of investment in modern-day applications, the normal response
to an application failure is remedial: Diagnose the problem and implement the
appropriate repair, all the while maintaining communication with end users and
other stakeholders.
In some cases, however, more drastic action is required, with enterprise
officials deciding to revert a troubled application to its prior state. This
requires
removing the application from the cloud and restoring it "on-premises," i.e.,
moving the application to an enterprise-operated data center, which may often be the same
facility where the application originated.
Unclouding requires careful planning to:
- Prevent or at least mitigate customer impact
- Protect and, ultimately, regain control of intellectual property
- Limit costs
- Avoid litigation
Importantly, the time to begin planning for unclouding is before, not after, implementing a
cloud application. By considering unclouding as a potential outcome,
cloud planners can craft agreements that make the prospect of unclouding
far less likely. In this regard, the most important instrument for any
cloud client is a negotiated service level agreement (SLA) that includes
aggressive and time-sensitive problem management.
Neverclouding
Unclouding decisions can be prevented by "neverclouding": never committing
certain enterprise applications to the cloud. As reported by analyst Erica Mixon:
- Jeffrey Fidacaro, an analyst at 451 Research, asserts that applications
involving sensitive customer data might be safer on-balance on-premises. - According to Matthew Eastwood, an analyst at IDC, "Mainframe workloads are typically strategic and are not necessarily easy to
offload and move. It’s safer and potentially cheaper when you
start to factor in risk to keep them where they are." - Scott Lowe, an engineering architect at VMware, believes that legacy
applications that are fairly static and don’t require global visibility
might not be worth offloading to the cloud. - Finally, little-used or seldom-updated applications are generally poor
cloud candidates.2
The Basics of
Unclouding
[return to top of this report]
Pros and Cons
Unclouding should never be considered casually; it is a serious process
with potentially serious consequences if pursued unwisely or imprecisely.
As summarized in Table 1, there are numerous pros and cons.
Reasons to Uncloud |
Reasons to Resist |
---|---|
The enterprise’s current cloud |
Even with extensive planning, |
The enterprise has developed |
In many cases, a poor |
The enterprise becomes |
An enterprise may lack the In many instances, the Note: Where physical |
Predicted cloud savings have |
An enterprise may lack the Indeed, the general inability |
Regulations, especially those emanating from |
Cloud computing
Enterprise officials should think twice before voluntarily retreating from an already-established |
Complying with federal and |
|
Enterprise IT and security |
|
Enterprise executives are |
Forms of Unclouding
As summarized in Table 2, the unclouding process can assume six different
forms, each principally defined by two characteristics:
- Origin – where the application to be unclouded presently resides
- Destination – where the application will reside after unclouding
Form |
Origin |
Destination |
Description |
---|---|---|---|
Public/Public |
Public Cloud 1 |
Public Cloud 2 |
The public/public |
Public/Private |
Public Cloud |
Enterprise Private Cloud |
The public/private option is Unlike the |
Public/Enterprise |
Public Cloud |
Enterprise Data Center |
The public/enterprise option This option often represents |
Private/Public |
Enterprise Private Cloud |
Public Cloud |
The private/public option is |
Private/Enterprise |
Enterprise Private Cloud |
Enterprise Data Center |
The private/enterprise option |
Pure Uncloud |
Any Cloud Environment |
None |
The pure uncloud option |
How to Avoid Unclouding
[return to top of this report]
Enterprises adopt cloud computing not as an impulse, but to achieve specific
objectives like lowering their IT spend or gaining new business functionality. Since unclouding may have the effect of sacrificing such objectives, enterprise
officials should enter into cloud arrangements with the goal of avoiding future
unclouding efforts.
The keys to avoiding unclouding are:
- Selecting the right cloud provider, by leveraging the enterprise request
for proposal (RFP) vehicle. - Negotiating a comprehensive service level agreement (SLA), eschewing any
provider-supplied boilerplate contract that normally favors the provider’s
interests.
Regarding the SLA, the document should contain provisions detailing:
- Service level objectives, including performance and scalability.
- Problem management objectives, including response time and problem
escalation protocols. - Unclouding options, including client and provider responsibilities, how
data security is maintained while unclouding, and how the provider intends
to eliminate client data from its servers and storage systems after unclouding.
A reputable provider will understand the need to discuss unclouding options,
even though both parties – the client and the provider – are committing to a good
faith partnership.
How to Uncloud
[return to top of this
report]
While there’s no prescribed method for unclouding (each unclouding initiative
boasts its own peculiar challenges), the following constitutes a general
unclouding strategy – one that enterprise officials can employ to formulate a specific unclouding
plan.
Before Unclouding
1. Perform a Post Mortem. Determine why the cloud option
failed and why unclouding offers the best remedy. If alternatives to
unclouding present, explore them.
2. Select a Landing Site. Determine where (i.e., to what
environment) the unclouded application will be relocated. Consider all the
possibilities described in Table 2. Remember that the obvious approach –
"going home," or restoring the application to its point of origin – may be
impractical, particularly if the original supporting infrastructure is no longer in place. If the reasons for unclouding are rooted in the cloud provider’s performance and
not cloud computing itself, the best option may be to select a more
capable cloud
provider.
3. Start from Scratch. Behave as if the original cloud deployment had not
occurred.
- Identify application requirements (which may have changed).
- Identify potential application hosts.
- Develop a request for proposal (RFP) and submit it to the host
candidates. - Review the RFP responses and choose the best provider.
4. Create a Test Site. Deploy the application in its future
home and conduct extensive functional and performance tests. As
appropriate, invite select end users to "pilot" the application. As
analyst Tom Nolle advises, "
application lifecycle management. Organizations should test applications
in their new location, and validate workflows. If you made significant
application changes, or if the applications were in the cloud for an
extended period, run a pilot test to ensure they run correctly before you
cut over."3
5. Develop an Unclouding Plan. Working in collaboration with the present and
future application hosts, prepare an exhaustively detailed unclouding plan,
including the specific responsibilities of all stakeholders.
During Unclouding
6. Execute a Controlled Migration. Migrate one end user
group at a time. Some difficulties may be encountered, which is natural,
but if problems persist then suspend the unclouding process and resume it only when the
problems have been resolved.
7. Monitor Security Measures. Ensure that hackers and
other cyber miscreants do not exploit the unclouding process to steal or
otherwise compromise exposed enterprise data.
After Unclouding
8. Continue Routine Testing. Problems may manifest after unclouding. Try to detect them before the enterprise’s end users do.
9. Maintain the Origin Site. If practical, maintain the origin
site for thirty days post unclouding. Prepare to "snap back" in the event of
an emergency.
10. Oversee Data Disposal. Try to remove all remnants of
enterprise data from the origin site, including backup data.
Recommendations
[return to top of this report]
Unclouding is not an "IT project;" unclouding is an enterprise project and
requires enterprise-level involvement.
Think twice before unclouding. Cloud computing has gained considerable
momentum, especially among those enterprise executives who do not include IT
among their organization’s core competencies, interests, or assets. Before
engaging in any unclouding operation, ensure that all stakeholders are "on
board."
Appoint an independent project manager. Ideally, name someone with
unclouding or comparable experience. Hiring an outside consultant – an
impartial voice with state-of-the-art knowledge – would be prudent.
Consult enterprise general counsel. The legal department will be
indispensible in interpreting existing service level agreements (SLAs) and
negotiating new ones.
Bring enterprise experts onboard. Depending on the organizational
structure, assemble an interdisciplinary team, including the:
- Chief Risk Officer (CRO)
- Chief Security Officer (CSO)
- Business Continuity Manager
- Quality Assurance Manager
Give each individual broad latitude to monitor and measure the unclouding
process and to halt the process if, in their judgment, enterprise assets or
business interests are threatened.
Engage a diverse testing group. Application testing should be
supervised by the quality assurance department and include:
- Quality assurance personnel
- Internal end users (employees)
- External end users (customers)
- Penetration testers (to assess application and network security)
Web Links
[return to top of this report]
- Cloud Security Alliance: http://www.cloudsecurityalliance.org/
- US National Institute of Standards and Technology: http://www.nist.gov/
References
- 1 Esther Shein. "Unclouding: How One Company Reversed the Cloud Migration
Process." TechTarget. March
2017. - 2 Erica Mixon. "Five Questions to Guide a Cloud vs. On
Premises Debate."
TechTarget. September 11, 2017. - 3 Tom Nolle. "Build a Cloud Exit
Strategy in Three
Steps." TechTarget. January 2016.
About the Author
[return to top of this report]
James G. Barr is a leading business continuity analyst and
business writer with more than 30 years’ IT experience. A member of
"Who’s Who in Finance and Industry," Mr. Barr has designed,
developed, and deployed business continuity plans for a number of Fortune
500 firms. He is the author of several books, including How to
Succeed in Business BY Really Trying, a member of Faulkner’s Advisory
Panel, and a senior editor for Faulkner’s Security Management
Practices. Mr. Barr can be reached via e-mail at jgbarr@faulkner.com.
[return to top of this report]