Cloud Engagement Model
Synechron's cloud evangelist team partners with the client CTO/CIO (or designated technical stewards) to discuss the strategy on moving to cloud. Often these discussions will be with key business stakeholders to devise a road map on migration of existing applications/services on cloud or development of new applications using cloud. The team will carry out an assessment of the current state of architecture (if any) and provide recommendations. It will be constantly engaged to ensure that the solution built around the chosen cloud service is in sync with standards and adheres to cloud governance. It conducts trainings and workshops for client's team at the onsite location.
The cloud engineering team follows the agile model so that our customers gain early feedback on their cloud adoption. Synechron has proven expertise in cloud computing technologies. It has the skills required to design and develop solutions using Amazon AWS, Microsoft AZURE, Force.com, Google App Engine etc. This team ensures the best use of technology by keeping ROI as reference. For example, to save on the data transfer cost, it is really important to understand how data will flow across instances and the amount of Data-in and Data-out of cloud network (to reduce Opex).
In case of migration projects, Synechron’s cloud engineering team will be involved in devising migration strategies for existing applications and databases based on the blueprint.
The cloud support team can be leveraged to provide 24x7 support on cloud applications on all flavors of cloud (SaaS, PaaS, IaaS). Synechron’s cloud support team helps support the applications/services on cloud based on defined SLAs. This team is responsible for monitoring services, applications and infrastructure. The cloud support team will also open up direct communications with the cloud provider’s technical staff in case of service failures from the cloud provider.
Cloud Capacity Planning
Capacity Planning of cloud computing resources are tricky and need experience to cross check all possible situations. Synechron helps customers to capture Non Functional Requirements, for example, capacity planning for cloud-based deployments. For a cloud-based environment, it is essential to understand the capacity requirements at the initial stages of cloud adoption, so that the architecture is cognizant of scaling requirements.
Some common points to be considered are:
- Volume of user traffic (Per month, Per hour etc.)
- Data foot-print per request/ per session
- Queue throughput in case Messaging services are used (Amazon SQS, Amazon SNS, Windows Azure AppFabric Service Bus etc)
- Amount of Data at Rest (In database, or volume storage like S3)
- Amount of Data in Motion (inter-node data transfer within closed VLAN)
- Number of load balancers required.
- Number of static IPs required.
- Should the database be available in multiple zones and fronted by read-replica?
- Using caching mechanisms (e.g., memcached based Amazon Elasticache) for better throughput at reduced data transfer cost.
Cloud Security: The "Don't Trust Model" of Cloud Computing
- Business is highly dependent on services enabled by the cloud provider
- Data Security risks
- Network & Data outage
- First thing: Don’t trust your public cloud provider.
- Its advised to ensure the chosen cloud provider is SAS-70 certified
- Ensure that the platform’s security architecture, data center operating procedures, and adding service-side security options like encryption and strong authentication are well documented and declared by the chosen cloud provider.
- Manage cloud redundancy: If the budget allows, you should always try to setup redundant servers on different availability zones, or completely with a different cloud service provider. Make sure that your redundant setup can be triggered up any time with a script and you can switch DNS to the redundant location any time.
- Put your own security controls on-premises: Synechron recommends using Cloud data gateways for sensitive data over cloud. They provide solutions that encrypt and tokenize data stored in the cloud.
- Integrate your cloud with enterprise security platforms: Implement any of the security mechanism for requests routing to your servers (SAML, SSO, CAS, OpenAuth etc.)