top of page
  • Writer's pictureDaniel Ruggles

Who is responsible for risk mitigation in the Cloud?

Updated: Dec 28, 2022

Cloud migrations should be based on risk-based business decision. Ensuring that your assets on the cloud are safe is crucial to the overall cloud performance of your organization.

Cloud Migration Strategy

Settling for a single cloud vendor creates the risk of your applications getting locked in the proprietary platform of the vendor. You also need to assess what you need to migrate to the cloud and which ones to retain on-premises. Based on the workloads, data you have, compliance requirements you may be required to use a hybrid strategy. Not being able to frame the proper strategy for the cloud implies that you are exposed to vulnerabilities in security, disaster recovery and others.


To mitigate such a situation, you need to create the cloud strategy after having addressed the following questions

  • What are my business objectives and how could a cloud strategy complement them?

  • Do I have sensitive data that should be stored on-premises?

  • Do I have some mission-critical infrastructure?

  • What would be the cost of refactoring applications or containerization? This should also include possible retraining and supplemental contract staff for the interim.

  • What is the expected availability, latency and throughput? i.e., nonfunctional requirements

  • Should I go for multiple cloud vendors and for what parts of the journey to cloud?

Complex existing architecture

Complex existing IT architecture pose risk while migrating to the cloud. Companies having microservices architecture can use tools like Kubernetes or Docker to orchestrate the containers and migrate with ease to cloud.


Have a complete audit of your IT infrastructure (TOGAF) and map dependencies.

Scaling and Provisioning

How much computing, storage would be required or what would be the best performance to be expected at an optimal cost often causes financial waste.

  • Right size the workloads and scale horizontally

  • Move data storage which is less used to cheap tiers

  • Create alerts to activate when your spending crosses the threshold level

Latency causing damage

While you are accessing services or applications on the cloud, you may face latency issues. This reduces the speed of the workflow, which in turn decreases productivity.

  • Refactor the applications to make them cloud native. Sometimes, the legacy applications are not compatible with the cloud environment, thereby increasing latency

  • Create intelligent routes between the cloud and the processes

  • Use multi-cloud connectivity

  • Monitoring to identify and remove the network links which are getting congested

  • Employ end to end QoS on your network

  • Segregate the traffic flows

A number of posts and comments on these risks would lead many readers to believe that cloud computing (private or public) might never really get off the ground.  A couple of counter-points to that impression is that many businesses will explore this option as yet another means of reducing their IT costs, the U.S. government is a big proponent of this concept, as are local and state governments.  Time will tell whether the latter point is good or bad for this concept.

What remains as the final argument to these risks is that aside from greater use of virtual technology, which does in fact have more inherent risks in shared environment, these threats are the same in most outsourcing agreements.  Due diligence, sensible contract terms and market pressure will improve security and economics will pull the adoption along.


bottom of page