Blog Post

Evaluating Cloud Service Providers

In this article we discuss some critical points to consider when assessing and evaluating cloud vendors.

Cloud adoption has continued to push the momentum on digital transformation. The initial apprehension within enterprises on managing the disruption caused by the ongoing pandemic has slowly waned. Enterprises now have a clearer picture of the situation and are moving forward. The need for online collaboration and online meetings has forced most enterprises to rely more on cloud services for managing their workforce and to provide an environment that allows employees to work remotely. According to Forrester, the top three cloud providers, Amazon Web Services, Microsoft Azure, and Google Cloud, registered strong growth in the first quarter of the year.

If you are planning to expand more services to the cloud or planning a fresh migration from scratch, then consider the following critical points while assessing and evaluating cloud vendors.

  • Performance and availability
  • Reliability and SLAs
  • Technology stack and cost
  • Security and compliance

Performance and Availability

End-user experience is a crucial factor for most enterprises, so it is important that the cloud vendor is able to maintain performance even in a highly distributed system. With multiple third-party components and integrations, it is difficult to keep track of performance through every level in the application delivery chain.

Application performance, availability, and reachability is a concern when services run from the cloud, there are multiple variables that can be a potential bottleneck. The cloud service provider must be able to provide some level of visibility into network performance and performance data, such as response time, load time, latency, DNS and CDN performance, from every critical point in the service. This data and end-to-end visibility are key when monitoring performance and service availability.

When comparing vendors for performance and availability, ask the following questions:

  • What is the average response time/latency? That is, the amount of time it takes for a site or application to respond to a user request.
  • Does the vendor provide geo load balancing so that application requests are distributed across cloud resources in multiple locations?
  • Is the vendor allocating cloud resources efficiently to deliver optimum performance?
  • Is a digital experience monitoring (DEM) tool provided by the vendor or do they integrate with another DEM platform? And how well do these DEM solutions work with your existing monitoring strategy?
  • What level of control and visibility does the vendor offer when it comes to third-party services?

Reliability and SLAs

Cloud vendors usually commit to network performance-based service level agreements (SLAs) that cover downtime and outage issues. Upholding the SLAs keeps the service reliable and ensures the quality of service at critical points in the application. The agreement also details how the vendor will compensate in case of a service failure. But to ensure the could vendor is maintaining the promised uptime levels; you will need actual service reliability data from the vendor, and this is more than just a system health dashboard. When comparing cloud provider SLAs, you must consider the following:

  • Understand the definition of the services and deliverables clearly.
  • Understand the roles and responsibilities for each service offered (provisioning, monitoring, support, etc.)
  • Understand how service availability is maintained and what is involved when it comes to disaster recovery and incident resolution.
  • Are the policies outlined in the agreement in line with your requirements?
  • Does the vendor allow you to audit the performance data in case of an SLA breach?

Technology Stack and Cost

Most cloud providers offer services based on a specific technology stack. Cloud vendors are not limited to offering Infrastructure as a Service (IaaS) providers, it has transformed into Platform as a Service (PaaS). Signing up with a cloud platform that aligns with your application’s tech stack will take care of all the infrastructure setup, configuration, and maintenance. Your developers will rely heavily on the technology offered by the cloud vendor to build and innovate, for example, robust database, serverless services, AI, and machine learning. So, consider the following when evaluating the cloud provider:

  • What are the different user roles and account management available?
  • What level of infrastructure management is possible?
  • Does the vendor offer a comprehensive and efficient developer experience and development services?
  • Does the vendor have an active developer and support community?
  • Does it support third-party integrations and customizations?

Cloud providers offer a range of services with varying pricing models. For SaaS-based services, the cost is typically determined by the period of usage – per user/month basis, the data storage requirements, advanced features, and additional configurable features. On the other hand, PaaS and IaaS pricing depend on specific resources consumption.

Fig 1

Fig 1 is an example of different service bundles and options provided by cloud service providers. It is recommended to choose a vendor that provides a scalable application architecture with a higher degree of control over cloud resources.

Security and Compliance

A major concern for enterprises, when it comes to cloud adoption, is security and compliance. The cloud provider’s data and system security policies must align with your organization’s policies. The basic security features a cloud provider must have are:

  • Data security and data encryption.
  • PaaS, serverless security in a multitenant environment.
  • Network security.

The vendor should have the necessary security certifications and must provide detailed incident reports and security audit reports. In addition, user activity must be auditable, every role should have the required access privileges and security.

Leading cloud providers are offering comprehensive security features, but you may still need the advanced features of a third-party cloud security tool especially if you are building a multi-cloud strategy. Fig 2 outlines a typical cloud security strategy across different types of cloud services provided by most leading cloud vendors, the terms mentioned in the advanced security section are explained below:

  • Cloud access security broker (CASB) is required to secure SaaS-based cloud applications.
  • Cloud security posture management (CSPM) tools aid in risk identification and compliance alerts.
  • Cloud workload protection platforms (CWPPs) secures IaaS deployment.
  • Secure access service edge (SASE) architecture is widely implemented as part of cloud security measures as it handles network, application, and data security.

Fig 2

Read more about cloud security architecture and concepts here.

Conclusion

Cloud adoption has helped enterprises a lot more than just cutting infrastructure costs. Cloud platforms support a distributed multitenant infrastructure and offer rich developer experience, scalable network services, comprehensive security, and compliance. Leading cloud service providers are offering:

  • Varied technology stack
  • Data governance and management
  • Analytics capabilities
  • Migration services and support
  • Easy infrastructure management

The services, advanced features, and additional capabilities can make the process of evaluating vendors confusing and difficult. Whether you are planning a fresh cloud migration or looking at implementing a multi-cloud system, use the key points we have listed to compare different cloud service providers.

Download our eBook on Cloud Migration to understand how you can maintain performance when moving to the cloud.

Synthetic Monitoring
Network Reachability
DNS
CDN
API Monitoring
DevOps
Cloud Migration
SLA Management
Workforce Experience
SaaS Application Monitoring
IaaS
Enterprise
This is some text inside of a div block.

You might also like

Blog post

Traceroute InSession: A traceroute tool for modern networks

Blog post

The cost of inaction: A CIO’s primer on why investing in Internet Performance Monitoring can’t wait

Blog post

Mastering IPM: Key Takeaways from our Best Practices Series