5 Hidden Costs Of Cloud Migration4:00 PM EST Mon. Aug. 06, 2012
Cloud computing has business executives salivating at the savings potential and demanding that their CTOs jump on the bandwagon and get to the cloud.
But, managers should make sure they understand the hidden cost involved, according to a study by the Information Systems Audit and Control Association (ISACA), called "Calculating Cloud ROI: From the Customer Perspective."
"Cloud computing makes it easy to offer the same self-service that people love when they turn on their lights or air-conditioning -- it’s on-demand and pay as you go. In reality, cloud computing is like every other innovation," says Marc Vael, CISA, CISM, CGEIT, CRISC, international vice president of ISACA. "Security, cost and complexity don’t disappear -- they just need to be managed and accounted for."
Continue on to see the five top hidden costs of cloud migration.
In addition to paying software licensing and support fees, cloud provider fees, cloud system administration fees and data communication fees, there are also less known migration fees.
These include the costs of recoding apps to work in a virtualized environment, reformatting data to sync with SaaS provider formats, organizing federated identity and access management, and developing processes to manage the cloud.
These costs can surprise an IT manager. “People always have an optimistic view of the future until they run into an 'Oops, I didn’t think of that,' moment,’” ISACA's Vael said.
A business may need to bring some IT assets back on premise if new government regulations, say, set stricter data privacy rules or mandate more rigorous compliance that might make using the cloud impractical.
In such an event, a company may have to take back data from the cloud and account for its accuracy; shred or sanitize cloud storage data; configure in-house systems to replace cloud services; pay early termination penalties; re-apportion IT resources to support services being reverted; or buy physical resources to host services being returned.
“Bringing these services back to your company may be expensive,” Vael said.
Companies may have to take action to avoid risk, including buying data encryption tools, planning and testing mitigation strategies, and maintaining backups and auditing logs offline.
Managers may not always anticipate problems. “People think that with the cloud, they don’t have to worry, but people leave the company and suddenly an outsider has access to all their system,” Vael said.
Companies may use strategic in-house systems or applications that, if moved to the cloud, would lose their effectiveness.
“You might have solutions in-house that are so specific to your organization that you would lose a competitive advantage if they were off-premise,” Vael said. “For example, Dell has specific systems to match customer needs with its supply chain management system, and if you move it off-premise, you may lose the ability to customize it.”
The risk of being locked in to particular cloud providers or to proprietary service models may impede future adoption of open standards-based services as they emerge.
“Make sure you’ve thought of the end-game of the contract,” Vael said. “Make sure you can switch providers without having to pay a high cost.”