Cloud
has become the latest buzzword in Technology. In an effort to reduce
the operational costs, many companies are moving to Cloud providers such
as Microsoft, Amazon or IBM. All of these providers are expending lot
of effort to capture Cloud market share as much as possible. Many
startups are already preferring cloud based solutions to meet the need
of fast product development and quick time to market. They are hosting
cloud in-house or renting an instance on public cloud to meet the need
of operational, product and service offerings.With all these wind of
change coming to technology industry question quite often come to mind
is where does quality fit into this picture?
From
my point of view, one of the important factors is quality and its
management,keeping up with quality goals and objective,cost of product
and infrastructure availability for the smooth operation of a company’s
day-to-day business.
Many of the questions listed below must be answered when infrastructure and products are hosted outside of your control limit:
What happens when server loses the connectivity? Who will be first point of contact ?Cloud provider or in-house tech support ?
How
does Service level Agreement with Cloud provider will impact companies
?What happens to Service Level Agreement with customer?
How do we intend to protect the IP.In the order of priority actions must be taken to smoothly transition to Cloud?
What actions are required to secure your application from cyber attack?
What kind of control is required for the supplier management?
Do you have formal Risk Management in place?
How to protect the application,infrastructure from external attack ,such as data spoofing,denial of service attack etc?
To address the concerns above, the following actions can be taken:
Plan:This
is one of the important steps to take. One must spent enough time to
plan for migration, deployment of new product,timeline,resources
required,training requirement,risk and mitigation,identify stakeholders,
rollback strategy in-case migration or new deployment to cloud fail.
Quality Metrics: Identify
the quantitative metrics which will help you to track the progress of
cloud initiatives. Some of the Key Performance Indicators could be
number of applications to be migrated,planned vs complete,number of new
deployments plan vs complete,
incident and defect by type,severity and priority.Analysis of most common issues and actions taken to address those.
Alignment with standards: These
are company specific requirements. Many companies comply with ISO
standard,CMMI or internally established standard. Cloud migration or
deployment needs to make sure move is in accordance with these standard
and any deviation is properly signed off by Leadership or Management.
Risk Management:
All risks must be identified and documented as and when they are
identified and must have a mitigation plan in place to address the risk.
Acceptance,Transfer,Avoidance are few of the risk response type which
companies can use to stay on top of the risks.A proper Risk Management
Tool such as Risk Log,Risk Matrix,will help in tracking these risks to
closure in timely manner.
Supplier Management:
Since cloud providers are an external vendor supplier management
process must be established and suppliers should be audited to make sure
they are
in
compliance with standards and requirements mandated by the receiving
organization.Quality should be clearly outlined in contract with
supplier in accordance with overall quality goals and objective of the
company.
Hardening the Cloud hosting:When
you put infrastructure or application on the cloud, you are susceptible
for external hacking,spoofing,data loss and interception during data
transfers.This can be alleviated through proactive measure of setting
up the Intrusion Detection System,diverting the attackers from real
data.Public Key Infrastructure establish certificates and digital
signatures with pre-set validity period.
I
am all for latest technology usage however change must be
controlled,success and quality must be measurable to validate the
objective of Cloud initiative.At the end I would like to mention that
though Cloud seems like you are transitioning the company’s operations
and infrastructure management to some third party at the end of it
Quality,Customer Satisfaction,Security and IP protection is sole
responsibility of companies providing the product,services or
infrastructure.
References:
What Is the ISO 9000 Standards Series? http://asq.org/learn-about-quality/iso-9000/overview/overview.html