Cloud Migration Checklist

  Has your company decided to move to the cloud? Making the decision to migrate to the cloud is the easy part because there are so many positive benefits but now comes transferring the data which can be no easy feat. Think about migrating to the cloud as a process, one piece of the process builds off the last and once you have completed the process you have a successful migration! Take our cloud readiness assessment to see if your cloud migration initiative is moving in the right direction.   

Phase 1 Gather

  • Systems:Initial inventory of existing systems that will be migrated – inventory Application Architecture, Hosts, Host Hardware Capabilities, Data Storage Capacity Requirements.
  • Architectures : Inventory of network architecture, hardware, application architecture, server and system components, system configurations, user and admin accounts, and dependent data stores of each migrating application.
  • Data Storage : Evaluate each Application´s Architecture for separation of Data Storage Layer from Application.

Phase 2 Analyze

  • Network : Review Existing System Network Boundary, Network Security Regime.
  • Operating Systems: Determine set of Operating Systems that will be supported and construct process to build and update secure OS master images for base host roles.
  • Security: Deeper Dive into Application Architecture determining Data Security Requirements, System Security and Management Requirements.
  • Roles and Dependencies: Identification of configurations, roles, user account and other dependencies of existing enterprise system fulfilling the role of selected cloud tools.
  • Application Enclaves: Select applications one by one to move into application enclaves building out infrastructure support in dev tiers.

Phase 3 Plan

  • Identity management: Determine Identity Management and Authentication Solutions for cloud offering.
  • Enclaves Security: Construct Security Architecture Overview of entire environment scoping out security and management roles for Security Enclave, Management Enclave, and each potential Application Enclave.
  • Services: Selection of SIEM, IDS, Identity Manager, Log Aggregation, Health Monitoring and other Cloud Security and Management Services.
  • CM and Source Control: Selection of Deployment and Configuration Management Tool Chain and Source Control Repository.
  • Storage: Select each Application Storage Component Solution SQL/No-SQL/General Storage.
  • Host Architecture : Design and Review Cloud Network Architecture using Cloud Host Best Practices.
  • Deployment Recipe: Construct Deployment Plays/Recipes to specialize OS AMI images into application role appropriate machines Web Server/App Server etc in Code Repository.
  • Infrastructure Code: Construct infrastructure code for production, staging, development environment tiers in each application enclave.

Phase 4 Execute

  • Root Lock Down: Lock down root account of Cloud service with multi-factor and other controls.
  • Provisioning: Provision lesser privileged accounts to access Cloud Provisioning Services.
  • Network Infrastructure: Deploy Network Infrastructure establishing distinct secure enclaves for Security and Management Services.
  • Data Migration: Begin migration of large data to cloud before compute considering dedicated hardware transfer device to data center.
  • Code Base: Begin segmenting each application code base into projects within the source repository.
  • App Configuration: Begin documented application architecture component configurations for each applications.
  • App Server: Construct infrastructure as code for each application server role specialization store in repository.
  • Chain Configuration: Begin configuring deployment tool chain configuration to build application servers in each enclave from code and configuration.
  • Testing: Rigorous development testing of initial migrated applications in cloud.
  • Change Control: Begin change control processes for each application as development environment is validated.
  • Production: Normal SDLC to production for each application and then de-provisioning of non-cloud version after cloud version is live.