Fundamental Analysis
Step One: Understanding Your Current Setup
The first step in transitioning to cloud storage is to determine what is currently running and on which servers. We need to identify which applications require their own environment and which can operate concurrently, sharing hardware resources.
Moreover, there are servers that run even when you don't need them (e.g., a license server for software used only on weekdays, typically CAD software). Nevertheless, you pay for them. The advantage of AWS is that such servers can be turned off during downtime, saving operating costs since you don't pay for hardware when servers are turned off in AWS.
Service Availability
We need to understand the level of service availability the customer requires. For example, if you need your service to be available under any circumstances, it can be configured to run in multiple locations (regions) simultaneously. In case of an error (server overload, application crash, or other critical error), the application will switch to a backup system. This process is called failover recovery. High availability involves multiple servers operating simultaneously, which also means higher operating costs.
Are You a Developing Startup or an Established Company?
Different Needs, Different Solutions
Amazon offers various types of instances (servers) with different configurations of CPUs, memory, cloud storage, and network resources. Companies choose those that suit their needs. The on-demand model allows scaling up or down according to fluctuating demand but is more expensive than reserved instances, which require a commitment to future use.
For startups, which typically evolve quickly and thus need room for expansion and growth, it doesn't make sense to prepay for server instances years in advance as it would not be cost-effective. They need flexibility to scale and also to cancel instances and deploy new ones, which AWS allows virtually on-demand.
Conversely, for an established company with a steady number of employees and predictable IT requirements, where a linear increase is expected, it makes sense to subscribe to server instances for several years in advance, as subscriptions can save considerable money.
For example, Amazon's Amazon EC2 Reserved Instances service offers a significant discount (in the order of tens of percent) on the subscription of instances (also EC2) for, say, the next 3 years. Yet it allows some flexibility – at least the convertible "convertible" type of subscription, which allows changing the attributes of RI if the exchange results in the creation of reserved instances of the same or higher value.
Network Infrastructure Analysis – A Crucial Step for Protecting Data in Cloud Storage
Understanding Network Protocols
Understanding network protocols can enhance network security and potentially save time and money. For each application, we determine which network protocols and ports it uses, which systems it communicates with, and whether it needs access to the external network.
What does this mean? We can allow certain servers to only use services that you will use (such as a database system), but prohibit others. Such measures reduce the risk of attacks, virus infections from dubious websites, and similar threats.
Within AWS and VPC, network security is defined using Security Groups, Network ACLs (network access lists), or network and domain firewalls.
Additional Protection
You can also use AWS WAF, which protects web applications from malicious external attacks—such as distributed denial-of-service attacks. If you are unsure about the proper security settings, you can use AWS Inspector for a check-up, which through various tests verifies that everything is correctly set up and alerts to sensitive points in the configuration.