IaaS checklist: Best practices for picking an IaaS vendor

Regulatory compliance, backups, testing, and pricing are just some of the factors to consider when deciding on an IaaS provider. Don't start the selection process without this handy checklist.
Written by Patrick Gray, Contributor
Image: iStock/Mathias Rosenthal

Infrastructure as a Service (IaaS) has fundamentally altered how we purchase, deploy, and manage IT infrastructure. For instance, provisioning infrastructure has gone from a complex, time-consuming process that culminated in crawling around dusty data center floors and plugging in new hardware to making a few keystrokes in a portal or even an automated API call, bringing thousands of hardware resources to bear.

When selecting an IaaS vendor, there are a number of considerations that should not be ignored. Here are seven important points to keep in mind when choosing an IaaS vendor.

1: Make sure you'll get the level of access you need

Buying infrastructure was relatively easy -- you'd pick your OS, buy the appropriate box, load up your applications, and then have access to the entire stack should anything need updating or modifying. IaaS gets a bit blurrier, as offerings range from what amounts to an outsourced data center, all the way to platform-oriented providers where you have minimal visibility into the underlying hardware and OS.

There can be benefits to both scenarios depending on your needs -- just ensure you know what you're buying, and that your expectations around what infrastructure you can 'touch' versus what's restricted to the provider align.

2: Know how much modification your software will require

In most IaaS models, the applications you run on the outsourced infrastructure will likely require some level of modification. In the simplest cases, this might be limited to extra administrative steps when deploying new applications; in the more complex cases, this could require code-level modification to applications to support your IaaS provider's ability to turn applications on and off and move them between infrastructure components. There's obviously a cost to these modifications, so make sure you understand the impact of any tweaks that your IaaS provider requires.

3: Know who owns the infrastructure you're buying

Various levels of application and infrastructure management have allowed vendors to repackage and resell offerings from various parties. In the best case, this allows for getting the right combination of services at the right price. In the worst case, a vendor might be simply 'reselling' someone else's infrastructure. This will become readily apparent when there's a problem, and your vendor can't do anything other than serve as a middleman.

Make sure you ask the vendor what their process looks like for responding to incidents, and try to tease out whether that vendor actually 'owns' the infrastructure they're selling you, or if they're merely an intermediary who might be subject to different SLAs and support procedures than what you think you're buying.

4: Be crystal clear about the vendor's monitoring and support process

Every vendor, IaaS providers included, has 'world-class' support during the sales process, but the story can suddenly change once you become a paying customer. What reporting and monitoring will be available to check the status of your infrastructure? How quickly can you provision or reallocate resources? Is that fancy control panel really a front-end for a slow, manual process? What Service Level Agreements (SLAs) are in place to ensure infrastructure problems are rapidly resolved? Be sure to get answers to all of these questions.

5: Know the vendor's backup plan and make sure it's in the SLA

Make sure you understand how your data are protected, and what redundancies are available should your IaaS provider have an outage. Some IaaS providers can create entire 'copies' of your infrastructure and associated applications, while others merely provide some limited hardware redundancy. For smaller IaaS providers in particular, understand where they have key points of failure and what scenarios might knock out significant portions of your infrastructure, as well as how to mitigate these effects should they occur.

6: Understand the pricing model and how to control usage

IaaS pricing can initially look very attractive, especially compared to procuring and maintaining your own infrastructure. However, in some cases, expected savings from migrating to IaaS never materialize. It can be almost too easy to provision new infrastructure on an IaaS platform, allowing developers and app admins to provision resources that are ultimately not needed.

Make sure you not only understand your IaaS vendor's pricing structure, but also what options you have for monitoring and tracking the resources you're using and deactivating unneeded resources when necessary.

7: Make sure the vendor can ensure compliance with regulations

Before IaaS became commonplace, the data center was a relatively unregulated domain. Now, concerns around everything from privacy to security have engendered regulations that cover what data you can store, where you can store it, and how it needs to be secured.

Even a simple web application can be subject to data privacy regulations, so make sure you understand the regulations you are subject to, and ensure your IaaS provider can deliver. Just because you've outsourced your infrastructure doesn't absolve you of responsibility for complying with government and industry mandates.

Plan what to do with existing infrastructure

Unless you're engaging in a 'lift and shift' operation where an IaaS provider essentially buys your infrastructure and takes over its management, you'll need a plan for how to retire or repurpose your existing infrastructure. This is often a key element of the business case supporting an IaaS migration, but an easy part of the plan to defer and endlessly delay as you focus on migration to the new infrastructure, ultimately eroding the benefits spelled out in your business case.

Also see:

Editorial standards