Phoenix has been delivering IT services and technology to UK businesses since 1979. It’s in a unique position that it’s a “complete end-to-end services provider”. One moment it’s cabling a data centre and the next it’s helping clients migrate to the flexibility and availability of the cloud. BCW spoke to Martin O’Donnell, Phoenix’s Hosting and Cloud Services Director, to get his thoughts on what’s important when deciding on a cloud provider.

Who are you and what does Phoenix do?

I am Hosting and Cloud Services Director at Phoenix. My areas of responsibilities are Cloud computing, hosting, product development and service delivery. Phoenix prides itself on being a leading provider of hosting, Cloud and managed IT services. Established in 1979, the business has recently rebranded bringing together the strengths of both the ICM and Phoenix IT Services brand.

Under the new umbrella, Phoenix delivers IT infrastructure services across a selection of wide ranging technologies focused on optimising both Cloud and more traditional environments. It’s this approach that has allowed us to offer our customers the highest level of productivity and cost efficiency, in order to drive their business.

What is Phoenix’s position on Cloud computing?

Cloud computing is proving to be a transformational force that is rapidly changing the vendor, user and service provider landscape. By moving services to the Cloud, users are able to work more closely with colleagues across the business in order to reduce costs, free up capital and even drive new business.

At Phoenix we are excited and actively embracing these changes by offering customers a complete solution enabling them to reduce capital expenditure and cut operating costs while benefiting from the highest levels of speed, application and systems performance, availability and security.

By complementing and extending our on-premise approach, the Phoenix Cloud Services include flexible and highly cost-effective ‘pay as you go’ and on-demand delivery of IT. This means customers can access and consume the services and resources they depend on via the Internet, as opposed to the traditional on-premise way, using public, private and hybrid Cloud approaches. We also offer virtual servers and storage and IaaS (Infrastructure-as-a-Service) through our mature and reliable Virtual Shared Platform (VSP).

What are the different types of cloud models available?

Today there are three Cloud models available – public, private and hybrid. A public Cloud represents the cheapest option, but in return you share storage, and access it through the Internet. A private Cloud delivers greater security but without the economies of scale of the public Cloud.

The hybrid Cloud is a combination of both. It gives users the choice of putting critical and core applications into a private Cloud, with any non-critical data being placed in a public Cloud. The big appeal of the hybrid Cloud is ability to achieve the best of both worlds – the security of a dedicated private Cloud with the flexibility of a public Cloud.

How does a firm know which model is best suited to their business?

The decision to move to a Cloud-based infrastructure is one, which should not be taken lightly. While the benefits of moving to a hosted platform are well publicised, customers can often be left a little perplexed as to which platform and offering is best suited to their business needs.

As a result of this, customers can often be left at a bit of standstill as to how to progress. At Phoenix we’ve identified six clinical steps that aims to help customers select a Cloud partner that suits their business needs.

The first step is to align the benefits of Cloud to the goals of the business. Developing a plan for adoption provides an excellent opportunity to familiarise an entire organisation with the benefits of moving to the Cloud. It allows different departments to see where capital costs can be reduced as well as operational expenditure. In addition, the development of new products and services can help drive the business into fresh segments and territories.

The next step will be to set goals and outcomes for Cloud adoption. Specific objectives can be set against business needs. These could be soft targets such as end-user satisfaction or organisational responsiveness, or more measurable objectives such as financial and performance metrics.

Once this has been complete the next step is to identify the risks and what can be done to address them. This will take into account security, reliability, service delivery and the transition of moving into the Cloud.

Once the risks have been identified its important to assess the organisational and service delivery impact of Cloud adoption. This will involve taking a skills audit assessing the current capabilities of the staff and where gaps lie. It’s also important to look at the organisational structure too, to see if changes will need to be made to maximise the full potential that Cloud computing has to offer.

Once this has been complete, the next stage will be to develop a Cloud timeline outlining the transition to the Cloud. It might be unrealistic to migrate all data to the Cloud. Users may decide initially to move less sensitive data, while keeping others in-house. A hybrid Cloud represents a sensible starting point for this.

The finally stage is implementation, which builds on all of the previous five points, by delivering a secure end-to-end solution. Users will have a clear understanding of the obstacles of Cloud adoption and what needs to be done to overcome them.

Are there any unspoken considerations customers should take into account when deciding on a cloud provider?

Security is a top concern for those considering moving to the Cloud. Enterprises need to know where their data is being stored and processed, and how it is going to be protected. Businesses need to know the implications of locating UK data in an offshore data centre, as well as laws existing around data protection and corporate governance.

Control is also a concern. Handing over data to a Cloud provider could mean that the end-user is no longer in direct control. In the case of thousands of pounds being spent on developing applications, you need to ensure that the Cloud provider is able to deliver on the requirements.

Also, some of the ‘commodity’ Clouds offer services without warranty meaning there’s no resilience built in, and there is nowhere to go if outages occur. Even if the provider does offer SLAs, what is the strategy for delivering support to a UK business? Finally if a firm signs up to a provider and the service fails to satisfy, will there be a practical exit strategy?

A lot of Cloud providers, tend to be start-ups and can often fail to make it past the first year. In the event of this happening there needs to be a strategy in place as to how they can get their data back. This is something not being practiced in the industry and more firms need to have a frank discussion with Cloud providers to ensure necessary strategies and policies are in place to account for this.

In light of this what can an end-user do to ensure control, when migrating data to the cloud?

Buying into a Cloud solution is like making any other business decision. It’s imperative you move beyond the benefits, drawbacks and costs involved, and evaluate the Cloud provider itself. Look at the contractual agreement and the T&Cs in place. In terms of data laws it’s not about where the servers are located, it’s about the country’s legal system the contract is governed in. The laws in place in the US differ significantly from that of Europe.

Under the US Patriot Act, for example, Cloud service providers can keep data anywhere in the world, but the US government has the right to access it. Some organisations feel very uncomfortable with law enforcement agencies being able to access their data, so Cloud customers need to be aware this is a possibility.

UK regulations state that personal data cannot be stored offshore, so companies should check where Cloud provider servers are located. With the right contracts, Cloud services can provide better security than customers could independently. Providers can take responsibility for keeping up to date with industry standards and legislation, ensuring clients are aware of regulations.