Cloud Migration Prescriptions for Healthcare

Updated on September 7, 2023
Cloud computing, technology connectivity concept

When designing your cloud computing strategy, it’s important to understand that no two healthcare systems are alike, even when in a large network. There are varying areas of expertise, team structures, responsibilities, functions, and so on.

In healthcare, the majority of organizations are driven to the cloud from either “push factors,” such as critical infrastructure products, or “pull factors,” such as lack of CapEx available for investment in physical servers. During this cloud migration process, part of  or all of an organization’s data, applications, and workloads will move to a cloud infrastructure, and it is important to adhere to high-level cloud migration strategies in order to help you choose the most appropriate approach.

Identify Your Goals

Laying out your goals and areas to address through your cloud migration strategy can help ensure your business and technology strategies are aligned; such as, are you trying to cut costs, are you struggling to attract and retain skilled staff, do you have compliance requirements that need to be met when moving to the cloud?

Are you trying to improve your company’s agility? Cloud computing can help organizations become more flexible by making deploying new applications and services easier. This can help your organization respond quickly to market changes and customer demands.

Do you want to enable innovation in your company? Cloud computing can help organizations in this aspect by providing them access to various development tools and services. Moreover, cloud migration can help organizations develop new products and services more quickly and efficiently.

These factors are critical for determining what your cloud migration strategy should look like. Moreover, when setting cloud migration goals, ensure they’re aligned with your organization’s overall business objectives for strategic planning. Prioritize them accordingly and set realistic and achievable targets. It’s also crucial to communicate the goals to all stakeholders and track the progress of the migration to make the necessary adjustments.

When selecting a vendor, the size of your healthcare organization and IT deployments matters. For smaller organizations with a homogenous set of workload requirements, a single-vendor cloud strategy might be most appropriate. For much larger organizations, such as large healthcare networks with diverse workloads and varying levels of technical requirements, a multi-cloud strategy would be a better option, as that would give each project team the flexibility to choose the vendor that best fits their requirements. Regardless of organizational size there are specific internal and external compliance requirements to fulfill, and these may require the ability to move workloads between cloud vendors at relatively short notice.

Screen Shot 2022 05 07 at 11.09.33 AM

Source: 2022 Cloud Security Report, Cyber Insiders

Realistically, there will be a hybrid strategy where both a traditional data center and cloud vendors are involved, especially if the cloud migration occurs across a number of years. This strategy may also be relevant if there is a need to evolve your cloud migration tactics more dynamically as you learn more about the implementation of cloud technologies within your business.

The Six Rs in Your Cloud Migration Strategy

The next step is deciding how to go about migrating your workloads to the cloud. This is where the six Rs come into scope: rehost, replatform, repurchase, replatform/ rearchitect, retire, and retrain.

Once you audit your existing applications, you will have a better understanding of the nature of work required to move to the cloud, and can classify the applications you want to move to the cloud. 

  • Rehost. “Lift and Shift” is the simplest strategy for rehosting your applications and involves moving them from physical servers to virtual servers running in the cloud. This generally requires no code changes and limited changes to processes and surrounding technologies. This enables you to develop the cloud skills and experience needed for other cloud-native practices.
  • Replatform “Lift, Tinker and Shift” is similar to rehosting, but also integrates a number of fundamental cloud services at the application level. For example, AWS IAM (Identity and Access Management) might be integrated into your application to replace or complement more traditional data center-oriented IAM systems.
  • Repurchase “Drop and Shop”involves replacing an existing on-premises application with a licensed cloud-based service. This may involve changing the licensing model your business uses, lowering the cost of maintenance, and potentially allowing a quicker and easier path to upgrades. 
  • Refactor/Rearchitect This is a cloud-native approach–taking your existing codebases and modifying or extending them to work within more modern cloud services. Containerization of your healthcare applications code is an excellent example. This may involve substantial rewrites to your existing codebase to enable it to function and to increase scalability; a complete rewrite may even be required in order to use truly cloud-native tools. 
  • Retire Your workload audit may uncover systems that are either redundant or no longer worth maintaining. These applications can be retired.
  • Retain This strategy involves keeping your application running and choosing not to migrate it to the cloud for the foreseeable future. There a number of possible reasons to retain your application outside the cloud, including:
  • Regulatory constraints on where applications can run or high internal compliance demands on security;
  • Mission-criticality of software that can make planning a move to cloud technologies earlier in the migration cycle too risky and uncertain;
  • No business case for the disruption; 
  • Legacy systems not supported in cloud environments.

Where to Begin

Next you need to plan how you will build your cloud infrastructure to support the movement of workloads. As a best practice, it is recommended to create a type of centralized “center of excellence” or cloud infrastructure team. This centralized team can choose to lay down the core systems on which other teams can run their workloads, and establish guardrails that can be implemented across the healthcare network.

Key design elements that should be prioritized over others.

  • Accounts- Using one account across your organization almost always fails to scale as there are often account limits, so it is important to establish account boundaries. Will the account be used to represent a particular business unit, an individual team, or a grouping of software services? How will this operate with your finance department? Who should receive the bill? It’s important to figure this out early on, as costs can rack up quickly.
  • IAM–  As your cloud infrastructure grows, you will need to consider the security implications of user access to the various cloud services and data. It is imperative to start this process early, as imposing IAM rules retrospectively on systems that are already running can be complicated.
  • Networking– Cloud migration involves either the virtualization of your existing network or a complete redesign. The VPC (AWS) or VNet (Azure) service allows you to set up an isolated network to run a separate set of services within your account. Careful consideration needs to be given to internetwork communication between your organization’s services and basic network resources such as IP addresses.
  • Data Migration– Migrating data to the cloud can prove challenging as it often includes Personally Identifiable Information (PII) or regulated data which has compliance stipulations. This is most problematic for large, complex healthcare infrastructures. The planning team needs to have a deep understanding of the implications prior to migrating data to the cloud to ensure compliance, but also to ensure there are no operational or performance implications.

When it comes to cloud data migration, file copying programs like Robocopy are being utilized to hasten the process, albeit each option has its shortcomings. For instance, Robocopy from one server to another involves copying files on non-windows and Windows file systems. But this particular command doesn’t support real-time file sync, and the errors during the procedure are hard to diagnose, possibly leading to sync failure. So, it’s best to have your file synchronization solution to address and prevent this issue.

Reliable file synchronization software encrypts data during transmission and prevents unauthorized data. Moreover, using this tool, you can track cloud migration progress and obtain real-time reports on the results.

You can begin the migration process once you’ve chosen file synchronization software, although it varies from one healthcare company to another, depending on the software.

Once you are clear on your high-level cloud strategy, developing a successful cloud migration strategy requires meticulous planning and consideration of every aspect of your business. Choosing the right cloud vendor strategy for you—be it a straightforward single-vendor migration, a multi-cloud vendor approach, or a hybrid strategy—is the next step. Finally, you’ll want to architect your cloud migration by first considering the key infrastructural components before beginning to onboard applications.

Author:

Screen Shot 2022 05 07 at 11.10.28 AM
Yuval Shchory
Global Head of Cloud Security Product Management, at Check Point Software Technologies

Yuval is the Global Head of Cloud Security at Check Point and has a long history of helping organizations find the delicate balance between solving customer problems, building a product strategy and growing the business. I am passionate about leading amazing product teams that build awesome products in the Enterprise IT, Cloud and Security spaces.