Criteria for selecting cloud providers

Selecting a cloud provider can prove to be a daunting challenge as most vendors provide a
lot of services and features. Yet, picking the right cloud provide is of paramount importance
as it can define the long-term success or short-term failure of an enterprise. Selecting the
right cloud platform can be distilled down to these six factors:

 Certifications and Standards: Cloud vendors will have to adhere to industry-

recognized standards such as ISO 27001 or the Cyber Essentials Scheme. Standards
help cloud providers stick to best practices which in turn can aid an enterprise in
shortlisting probably future partners [ CITATION 8cr20 \l 5129 ].

Figure Standards Organizations and Frameworks [ CITATION 8cr20 \l 5129 ]

More precisely, search for standardized systems, efficient data processing, strong
information control and awareness of the business status. Also, consider how the
organization aims to fund these requirements and to promote consistent commitment to
them.

 Tech Roadmap: Ensure that the provider's platform and preferred technologies align
with your existing environment and/or support your cloud goals. Do the cloud
systems, protocols and resources offered by the vendor suit your workloads and
priorities for management? Assess how much you may have to re-code or customize
 to make your workloads suitable for their platforms. Many service companies
provide robust relocation programs and also provide support during the processes of
evaluation and preparation. Be sure you grasp the help on offer and map it against
project activities, then determine who should do what. Service providers also have
professional personnel capable of covering capability holes in the teams for
migration.

Fig Example share of project work [ CITATION 8cr20 \l 5129 ]

 Data Governance and Security: Make sure the cloud vendor has a proven track
record of providing proper classifications to types of data. They should know what
data is sensitive and what is not and provide security regardless of sensitivity. The
enterprise should be wary of data privacy and regulation laws.
The enterprise should also make assessment of the cloud vendor’s levels of system
and data security. They have to make sure all activity is auditable before submitting
for partnership.
 Service Dependencies and Partnerships: Service providers can have several,
necessary to understand vendor partnerships. It is a worthwhile exercise to evaluate
the provider's relationship with key vendors, their accreditation levels, technical
capabilities and personnel certifications.
Also, it is important to uncover any service dependencies and partnerships involved
in cloud service provision. SaaS providers, for example, will often build their service
 on existing IaaS platforms, so it needs to be clear how and where the service is being
provided.

There might be a dynamic network of linked modules and subcontractors in certain

situations that all play a part in delivering a cloud service. Ensuring that the company
discloses all agreements is essential and should guarantee the key SLAs recorded in
all areas of the business, including those not explicitly under their jurisdiction. You
should also look to understand the limitations of liability and disruptive service
policies with relation to these subcomponents.
 Reliability and Performance: The enterprise has to make sure the cloud provider has
met Service Level Agreements for the last year. If they have not yet published this
information, make sure it is asked of them.
The enterprise should not assume perfection: downtime is unavoidable and at some
stage, any cloud provider must encounter it. It is how the company is coping with the
critical downtime. Ensure that the tracking and analysis resources on sale are
adequate and can be incorporated with the overall information and management
processes.
Also, make sure that the cloud provider has proper to good Disaster Recovery
Management policies and practices in place.
 Migration Support, Vendor Lock-in and Exit Planning: Enterprises should make sure
of technologies and applications the cloud vendor offers as moving to a new
platform can mean change in databases and program codes that will make
movement or migration to another provider difficult, and thus avoid vendor lock-in.

Fig Examples of vendor lock-in candidates [ CITATION 8cr20 \l 5129 ]

Similarly, at the start of your relationship make sure you have a clear exit strategy in
place. It's not always an quick or seamless change to switch away from a CSP
operation, and it's worth reading out about their procedures before signing a deal.
Also, consider how you will access your data, what state it will be in, and how long it
will be maintained by the provider.