By Roger Nolan, CTO, OnApp

Let’s assume you’re ready to take the plunge with a cloud provider. How do you choose?

Choosing a cloud provider is no more difficult than choosing any other kind of service provider. In other words, it can be a long, confusing and painful process - for a mere mortal. But that’s why we have sourcing specialists, right?

There are plenty of things to consider when you move to the cloud, and we can’t possibly cover all of them in a few hundred words. However, I’d like to offer a few thoughts on some of the issues you might not immediately think to include on your checklist.


Some of the better-known cloud providers still require a fair bit of technical nous to set up and use. Finding a provider who offers a simple graphical way to manage your cloud (through a web interface, for example) isn’t just beneficial to any non-technical users you may need to cater for: it reduces the management overhead for your IT staff, too. Your something-as-a-service might not be quite as simple as turning on a tap, but it shouldn’t be too far off.

Failover and resilience:

If a server fails in a properly-designed cloud, you shouldn’t notice (or not for more than a minute or two) — the rest of the cloud should just take up the slack. Whether you’re looking for infrastructure, software or development platforms as a service, you should definitely investigate failover: is it automated, and how quickly does it happen.

Pricing model:

pay-as-you-go might be an attractive option, but if you make heavy use of utility cloud services you might end up paying more. For many businesses a plan-based model (e.g. monthly pricing) makes more sense, anyway. There are plenty of cloud providers out there, so if the pricing model doesn’t suit, look elsewhere.

Support & SLAs:

The best general advice is to examine the small print and truly understand what it will mean for your cloud service in action. Everyone guarantees ninety-nine point something uptime, but the devil is in the detail: SLAs sometimes preclude the things that will actually impact your service, like emergency maintenance and DoS attacks, or they allow a small (but significant) amount of downtime without compensation.

Finally, I suppose we have to address the enormous elephant-shaped cloud in the room: security. Here’s a slightly different take on the subject. There is no such thing as “cloud security”.

I shall repeat that, for emphasis. There is no such thing as cloud security - there is just security. There is no fundamental difference between security in cloud services and security in any other kind of Internet-based service delivery. Your data and applications still live on servers. Those servers still live in a datacenter or server room somewhere. You’re still placing your trust in the people who operate those facilities, whether it’s your own IT department or a third party.

If you’re worried about putting your data in a public cloud, don’t! That’s what private clouds are for. If you’re worried about handing over data to a private cloud provider, you can always build your own. If, when it comes to the crunch, you’d really prefer to know that "this" data lives on "this" server in "this" place, you might be better off sticking to a dedicated server model, and host the boxes in your own secure facilities.

In some cases you might have to, anyway, for legal and regulatory compliance. Sometimes, even though there is nothing in principal to stop you using a cloud provider, you need to make sure your data won’t actually leave a specific geography. If that’s the case you’ll be looking for a local provider with the capabilities (and assurances) you need. This is particularly true in the public sector.

Join us on
Follow @freshbusiness