by Thor Olavsrud

5 Signs Your Cloud Service Provider Can’t Handle Tier 1 Apps

News Analysis
Aug 24, 20125 mins
Cloud ComputingOutsourcingPrivate Cloud

Is your cloud hosting provider really ready to handle your mission-critical application? Here are five danger signs that the service provider doesn't have the experience it needs.

Migrating mission-critical applications to the cloud is fundamentally different from migrating less critical applications and processes to the cloud. Picking the right cloud hosting provider is among the most important decisions you’ll make when planning the migration of your Tier 1 applications. After all, cloud providers that typically focus on developer services can quickly find themselves out of their depth when dealing with production applications.

“The requirements and capabilities that an organization needs when running a production application are very different than one that’s catering to developers,” says Craig McLellan, cloud architecture author and chief technology officer of

[Related: How to Choose Your Cloud Service Provider]

[Related: 10 Disaster Preparedness Questions to Ask Your Cloud Services Providers]

[Related: Is Your Cloud Provider Exposing Remnants of Your Data?]

Tier 1 applications often stand to benefit the most from the efficiency and scalability offered by a cloud environment:

  1. Consolidation and infrastructure efficiency
  2. Faster provisioning of applications and better configuration management
  3. Universal high-availability services
  4. Automated resource optimization, and dynamic scaling of applications.

However, the applications themselves are often the most complex and most critical to a business, and questions around stakeholder buy-in, architecture, and ISV support and licensing must be addressed before taking the plunge. Unlike Tier 2 applications, which can usually be virtualized in a self-contained manner, your Tier 1 applications touch on many people, processes and technologies.

Also, by their very nature, they tend to have been around for a while. They tend to run on legacy hardware, which can make the whole process more challenging.

Look to Your Disaster Recovery Plan First

As a first step, before even considering cloud providers, McLellan recommends CIOs take a look at their disaster recovery plan for the application in question.

“When was the last time you exercised your disaster recovery plan? When did you last test it? The easiest way to migrate your application is to treat it as if it were a disaster recovery exercise,” McLellan says. “If you don’t have a disaster recovery plan for that particular application, it’s going to be very hard to migrate because no one has really thought about how to recover it.”

He also notes that applications designed with disaster recovery in mind lend themselves to straightforward migrations, while applications that had disaster recovery plans bolted on after the fact generally lead to much more complex and time-consuming migrations.

“It’s important that the customer have a realistic perspective early,” he says. “The merits of cloud should still generally outweigh those challenges of migration from a long-term perspective.”

Five Signs a Cloud Provider Isn’t Ready for Mission-Critical Apps

When it comes time to choose your cloud provider, McLellan says CIOs should look for five signs that service providers are blowing hot air when they claim to be ready to handle your mission-critical applications:

  1. Does the cloud providers pitch focus more on billing and provisioning time rather than reliability? If so, McLellan notes, it’s a sign the provider’s real focus is providing developer services, not hosting for Tier 1 applications.
  2. Does the provider have a documented change management process that is well understood and adhered to throughout the entire organization? “In a cloud environment, change is inevitable,” McLellan says. “If they don’t have a change management process that’s mature, you can get into a lot of trouble.”
  3. Does the provider understand the importance of runbooks, and can they show you examples of runbooks they use today for other customers? Runbooks are a compilation of procedures and operations you expect the hoster to perform. “You need to be very clear on what the role of each party is for each task in the runbook,” McLellan says. “The reality is that the large majority of cloud hosters today don’t do that because they cater to non-mission-critical workloads where that stuff typically doesn’t get documented.”
  4. Does the cloud provider offer an SLA for each product it provides—managed firewall, storage, cloud, etc. —or does it offer a single SLA at the application layer? If the host provides SLAs for each product, it becomes difficult for you to appreciate the risk of those SLAs because any individual device can fail at any particular time and trigger one of the SLAs, but the failure of any one of those devices could bring down your entire application. “I believe you should have an SLA at the application layer itself,” McLellan says. “Is the application available for its intended users or not? If the host you’re working with is not prepared to provide you with an SLA that’s easy to understand, it’s time to look for a new cloud hoster.”
  5. Does the cloud provider offer access to complementary services like patch management, application performance monitoring and so on? “If I’m going to move a mission-critical application to the cloud, I can’t just migrate it and hope for the best,” McLellan says. “If you’re the CIO of a mid-size enterprise with a mission-critical application, you are very concerned with the performance metrics of that application. If the cloud provider doesn’t have those tools, you aren’t really getting much because you still need to buy those tools. And they can be very expensive tools.”

Thor Olavsrud covers IT Security, Big Data, Open Source, Microsoft Tools and Servers for Follow Thor on Twitter @ThorOlavsrud. Follow everything from on Twitter @CIOonline and on Facebook. Email Thor at