Moving to the cloud raises unique contingency planning challenges. Cloud providers typically have multiple partners and/or customers with competing demands. In the event of a business interruption or disaster, where do you rank among your cloud provider’s priorities and what can you expect from it? Do your internal resources understand the cloud environment and their tenant obligations, particularly in the event of a contingency?

If you’ve already written or are about to write a cloud contingency plan, here are a few “lessons learned” to keep in mind.

Lesson #1 – Train internal resources on the cloud paradigm
Make sure internal staff understands what the cloud is and how it’s different from traditional computing models. Explain the concepts of tenancy and shared services, the differences in managing a shared services paradigm, and the cloud’s unique security considerations. In addition, share the cloud benefits your organization is striving to achieve, such as cost savings, faster time to market, agility, etc.

Cloud computing involves moving away from a people-based IT environment to one that’s more automated and commoditized. Start with these fundamentals, so that internal resources are not surprised by the change and understand what it involves and requires.

Lesson #2 – Identify all of the cloud players and build a relationship with the prime cloud provider
Identify all of the players involved in delivering your cloud services. Who is the prime cloud provider and whom is it working with? Then, get on the prime provider’s radar screen and develop a relationship. Make sure it understands what you need and when you need it, so that in the event of a contingency, the provider is clear on your requirements.

Lesson #3 – Set expectations for your internal resources
Explain to internal staff what you plan to provide in your contingency plan, what kind of information and support you’ll need from them, and what the contingency planning timeline is. Assign a change agent to document the agreed upon commitments, so that if there are disagreements later on, you’ll have something in writing to refer back to. In addition, inform them of key service level assumptions in areas such as incident response and change management, so that in stressful times they’ll know what to expect from the provider.

Lesson #4 – Understand and improve your service management capabilities
Effective service management is key to cloud success. The more you understand cloud service management, the better your cloud experience will be. Assess your service management capabilities in terms of change management, incident response, security, etc. and identify areas for improvement.

Lesson #5 – Define and understand your tenant obligations
Cloud contracts typically define a “security” or “accreditation” boundary. This boundary defines the line between the obligations of the cloud provider and its client. Before writing a contingency plan, make sure you’ve identified and clearly understand your tenant obligations.

Lesson #6 – Understand the cloud provider’s management layer
Ask the provider questions about its management layer and, in particular, its disaster recovery objectives. Behind every cloud service is a physical facility that’s open to vulnerabilities. What is the provider’s approach to provisioning, de-provisioning, cost reduction, security, change management, etc.? What are its plans for managing service downtimes and how will downtimes impact your business?

Lesson #7 – Understand your cloud service level agreement
Read the entire service level agreement and make sure you thoroughly understand it. How do you escalate an incident? Who is your main point of contact? Where would you rank in the provider’s order of priorities should a business interruption or disaster occur? What kind of redress can you expect from downtimes experienced by the provider (e.g., service credit, partial refund)?

All of these lessons point to and emphasize the same principle—understand your cloud environment and contract before beginning contingency planning. Make sure everyone—both internally and externally—is on the same page and understands one another’s requirements and expectations. Doing so will ensure the development of a comprehensive and effective cloud contingency plan that will reduce your risks and ensure your cloud success.