Three Essential Questions for a Successful Cloud Strategy

From increased agility to enhanced security capabilities, the benefits of a cloud-first strategy are becoming increasingly clear. But what may be less obvious is how to tap into those cloud advantages in the best way possible. Especially with multi-cloud architecture being a popular route for many enterprise IT leaders (81% of IT leaders report already having a multi-cloud strategy in the works), optimizing on-premises, private, and public cloud resources for maximum benefits can be a challenge.

As adoption rates rise, and more operations shift to the cloud, new questions are cropping up around management strategy. Which operations should be migrated—and how? How will data be safeguarded from the get-go, and into the future? What are best practices for cloud management and governance?

Moving to the Cloud Is Not Always the Answer

Pressure to leverage the cloud often comes from the C-Suite, external pressures, and departmental SaaS requests. And one of the biggest claims or expectations is the promise of cutting costs by moving to cloud. However, this isn’t always the case in reality for two key reasons:

  1. Replacing CapEx on-premises infrastructure purchases with OpEx cloud bills does reduce initial capital expenditures cost. But the long-term costs of operating cloud services really depend on the specifics of the infrastructure that is provisioned. Depending on your capacity and performance expectations, the cloud isn’t always the cheaper option.

  2. Some applications, data, and/or infrastructure may indeed be more secure, less expensive, and easier to manage through the cloud. But others may not be. You can’t put a price on security in a world where ransomware attacks increase on a daily basis.

Instead of top-down decision-making, choose a more flexible approach that looks to the cloud’s greatest advantages, and maps them to your specific needs. This mindset will generate the best decisions for your organization.

The Cloud and Business Agility: Scaling Up and Down

A better approach to assessing your cloud strategy is to consider the cloud’s business agility, which enables users to provision business applications, tools, and infrastructure in minutes.

Business Agility and the Cloud

Today’s business climate requires enterprise IT leaders to be ready for change at any moment. The dynamic hybrid workforce coupled with increasing ransomware concerns has led to an IT infrastructure footprint that spans the globe. IT teams are responsible for managing and securing incredibly complex applications, data, devices, and user needs, and agility is a requirement. Adopting a cloud-first strategy empowers IT leaders to be more flexible, scalable, and nimble than ever before.

Self-service and orchestration automation enable end users to deploy systems and applications without direct involvement of IT personnel. The cloud’s ability to scale up or scale down applications, data, and infrastructure, or experiment with new applications without long-term infrastructure investments, also help make a business more flexible and competitive. It is therefore not surprising that a growing number of enterprises are using cloud infrastructure for testing and development and are now expanding it for use in production environments.

Three Essential Questions for Your Cloud Strategy

So, when you are developing your plans for the cloud, you will need to think about your larger business strategy and the needs of your organization where IT is concerned. The following are three key considerations.

  1. What should you migrate?
  2. What will be the true cost of implementing your cloud strategy?
  3. How will you keep your data storage and transmission secure?

Our consultants are experts in the design and migration of workloads for public, private, and hybrid cloud environments.

1. What should you migrate?

“Everything” is probably not the right answer. You will need to examine the different kinds of applications you use, including desktop, client server, Web, mobile, and legacy applications, taking into consideration their associated performance, security, scalability, integration, and portability concerns.

Other cloud migration considerations include:

  • Application criticality: Are you considering migration for an application that is central to business functionality and user productivity?

  • Compliance requirements: What security measures are required for the workload, and can you selected cloud provider meet your needs?

  • High availability and disaster recovery: In the event of an outage, what expectations does your business have for recovery?

  • Tools and monitoring needs: What visibility, control, and management capabilities do you want to retain for yourself and your team?

Bear in mind that you may underestimate the number of applications used by your organization, the levels of integration among them, and the performance impacts of local and/or remote data access by these applications. A thorough discovery and documentation process is essential to creating an informed cloud strategy and roadmap.

2. What will be the true cost of implementing your cloud strategy?

What is Cloud Governance?

Cloud governance refers to the critical steps of defining, monitoring, and auditing the guidelines, policies, and processes that surround your organization’s cloud presence. It’s a constantly-evolving job, and ongoing maintenance and evaluation are critical. Your cloud strategy must take security needs into account.

Cloud service costs include not just the subscription fees, but also the time and resources required to execute your strategy. Migration alone can be challenging, time-consuming, and costly. You will also need to maintain, monitor, and manage your environment. What this looks like will depend on your architecture: private, public, hybrid, or multi-cloud. A governance strategy is essential, and you may also need to invest in staff training to optimize your evolving environment.

Right-sizing is another issue—and one that’s often overlooked. Just because your data center has ten servers for a particular business use, that does not mean you need ten servers with a cloud service. It is easier to scale out than in, so it’s important to assess your requirements carefully and start small. Furthermore, cloud services are constantly evolving. Without close management, you may miss opportunities to obtain greater value by changing providers.

3. How will you keep your data storage and transmission secure?

As the major cloud service providers have improved their security frameworks, security has become less of a perceived concern. However, human error can undermine the built-in protections. Despite the availability of security toolsets provided by AWS, Microsoft Azure, and others, many organizations fail to fully enforce best practices such as using encryption or automated password policies. So, it is critical to ask the right questions and build governance and monitoring into migration planning.

Assessing Your Cloud Strategy

Colorado Beach’s Cloud Strategy Assessment is focused on helping you identify and plan for your highest-priority applications and workloads. Our cloud architects help you identify the best candidate migration candidates and lead you through a proof-of-concept cloud migration and training, designed specifically for your technical team.

Depending on your industry, you may also need to ensure that your cloud security is compliant with HIPAA, PCI, SOX, and other data privacy regulations. Secure storage is not enough—consider how you will control the transmission of sensitive information across networks that you do not own. An advanced, comprehensive security approach will be required to secure authorized access, isolate data transmissions, and protect storage across your networks, devices, and various cloud services.

Leverage Expertise to Optimize Your Cloud Strategy

Whatever your cloud strategy becomes, the intricacies of each step run deep. To keep in-house teams focused on the big picture, many enterprises find value in partnering with a cloud services and operations provider. From evaluating applications and owning migration plans, to providing ongoing governance and security, the right service provider can provide with appropriate advice, reduce your risks, and ensure that your cloud strategy achieves your objectives.

Software-Defined WANs Drive Strong Network Security Postures All the Way to the Edge

No matter where your organization is on its digital transformation journey, the end goal should be secure access for data and applications across the cloud. The explosion of remote and hybrid workforce requirements along with hybrid cloud initiatives and increasingly sophisticated cybersecurity threats have made this journey complex. The destination is even harder to reach—thus driving the need for IT leaders to rethink how they view network and security solutions.

Organizations can no longer view their network and security architectures as two separate technologies with point solutions managed in silos. Instead, a holistic approach must be taken.

This blog explores the options available to organizations looking to enhance their perspective on managing their network operations and security postures together as one. The focus should be on folding in security transformation and leveraging software-defined wide area networks (SD-WANs) as core elements when implementing Secure Access Service Edge (SASE) technology to arrive at the desired destination.

Starting with SD-WAN

According to a recent IDC MarketScape report, SD-WAN remains one of the fastest-growing segments of the network infrastructure market. This is due to the technology’s ability to deliver multiple benefits: (1)

  • Improves application experiences for users.

  • Integrates connectivity and security operations.

  • Connects networks seamlessly to cloud platforms and hosted applications.

  • Reduces network and security management costs.

This trend is likely rooted in SD-WAN reducing the need to deploy multiple standalone physical appliances to handle specific security functions. It also allows enterprises to simplify security by consolidating branches at the network edge.

An Agile Networking Alternative 

The increase in remote workers during these past two years and the increased use of the cloud and mobile apps means more endpoints are bypassing on-premises corporate virtual private networks (VPNs). To address this reality, networking and security technologies have converged under a collective security and policy management authority, delivered primarily through cloud-based services.

This approach uses software-defined networking (SDN) principles for configuring and implementing WANs. There are also principles for virtualizing physical infrastructure devices, so network functions run as-a-service rather than as hardware on-premises. This makes it possible to secure connectivity between endpoints and resources from any physical location, including remote worker devices.

SD-WAN is ideal for this paradigm. It’s cloud-friendly, providing organizations with an agile, affordable, reliable, scalable, and more secure alternative compared to MPLS (multi-protocol label switching) and VPN options. SD-WAN also provides higher network availability and redundancy that eliminates single points of failure.

SD-WAN Sets the Stage for SASE Success

Coined in 2019 by Andrew Lerner at Gartner, SASE is an extension of SD-WAN. The technology combines network security functions—such as web gateways, cloud access, firewalls, and zero trust—with SD-WAN capabilities. This approach supports the dynamic, secure access needs of organizations (2) as SASE is considered the next step in digital transformation. And SD-WAN is a critical component in setting the stage for this networking renovation.

Because SASE technology runs on a single cloud platform, organizations can simplify their WAN implementations. There’s also VPN functionality as part of the SASE architecture, which enables secure connections that are particularly helpful in addressing the increased demand to connect remote workers and branch offices.

Why Upgrade Network and Security Together?

Today’s requirements for security and scalability create the demand for organizations to improve both their network and their security—not one or the other. Some organizations, however, can start by upgrading one or the other.

Distributed networks require policy-based security at the network edge, so users can gain secure access from anywhere. SASE leverages zero-trust network access, which is critical to authenticating and authorizing users using a least-privilege model. SASE also helps prevent malware from infiltrating networks through segmentation and monitoring while delivering additional key benefits:

  • Streamlines network and security operations while improving security postures through centralized management across branch networks. SASE provides vital functions such as L7 deep packet inspection. IT gains complete visibility into all network activity with a single cloud platform and no silos of network and security infrastructure tools.

  • Reduces complexity by consolidating point security solutions into an efficient as-a-service model—with simplified policy enforcement throughout the network. In addition to eliminating the need to deploy and integrate multiple appliances, SASE provides a single interface to manage your SD-WAN connections, resulting in lower operating costs and giving IT more time to focus on other core business functionalities.

  • Generates higher capacity bandwidth with flexible optimization to change WAN connection types based on changes in traffic volume—through a flexible consumption model that scales to meet dynamic operating requirements. By abstracting network transport services and enabling a software-defined approach to WANs, SASE improves network performance to reduce the high costs associated with MPLS bandwidth and trombone routing.

SASE also supports multiple connection types to expand vendor options. This avoids the challenges connected to technology vendor lock-in and enables more cost-efficient connections compared to MLS.

Organizational Change: Climbing higher

Last year, long Covid prevented me from walking a block without losing my breath. But last week, I climbed my first mountain. A lot of hard work & training transpired in between. When the moment of truth arrived, I was scared but excited to accomplish the feat along with my (very fit) 17-year-old son.

As I reached the summit of Lookout Mountain, I reflected on my journey up the 14% grade. At the start, I had gone so fast to keep up, my heart rate reached a critical level. I felt extremely nauseous and dizzy. Instead of giving up, I rested and then took smaller, slower steps. I realized I could keep going, but I had to go slow to go fast.

At Burwood, I have the privilege of helping many organizations navigate change. Due to how fast our world moves, there is an appetite or even impatience for making big changes quickly. It’s difficult to convince some leaders to slow down just a bit, catch their breath, and think critically before ascending.

But just like climbing a mountain…the steeper the hill, the slower the climb. We must be okay with intentional change if it prevents overloading the system. In hiking, injuries and sickness can impede progress more than going slow in the first place. In organizations, lack of defined vision and purpose can harbor dissent and chaos.

Organizations that want to transform their entire operation overnight without first setting intentions and taking time to bring others along for the ride before ripping everything apart… may feel that they’re achieving quick motion. In reality, these companies will rarely make actual progress.

In contrast, organizations that first define what success looks like, spend time educating and inspiring those affected by change prove better results. These organizations methodically prioritize the steps needed to reach their goals and are more likely to reach the summit quicker…and on the first try.

At Burwood, we understand that driving a step-by-step business transformation across the enterprise can be a daunting task. Regardless of where our clients are on your transformation journey, we meet them where they are and work with them as a partner to drive critical change forward while providing our proven change management expertise.

Learn more about how you can drive your organizational change management initiatives forward with Burwood at

Shannon Wilder is a contributing author for Colorado Beach

Why Human-Centric Design is Critical to Digital Transformation

Today’s clients expect more. According to a recent Salesforce study, 66% of consumers expect companies to understand their needs and expectations. Moreover, 70% of customers say understanding how they use products and services is very important to winning their business. These expectations call for organizations to pursue new transformation initiatives that improve customer experiences and drive future innovation and growth.

To transform digitally, many organizations often focus on the technology capabilities that need to be adopted. However, while having the right technology is critical, it’s only part of the story. Digital transformation is the “rethinking” of how organizations use technology, in addition to both talent and processes, to pursue new business opportunities and revenue streams.

Human-centered design keeps the human experience as the core focus of digital transformation. This post highlights why organizations seeking to compete in the future must integrate their end-users’ needs with their technology capabilities and operating models today.

What Does Digital Transformation Look Like?

While digital transformation looks different for every organization, there are phases that most organizations undergo on their digital journey. The extent to which you should look to transform depends on where you currently are.

Digital Journey

Prior to 2020, it seemed that digital transformation was a “buzzword” with many different interpretations.  Enter 2020 and the landscape of digital transformation changed overnight. IT leaders already traveling down this road have since drastically increased their speed of transformation.

Organizations not already on this path had to pivot, redirecting financial and human capital to address the unique needs of the business.  For many organizations, the pandemic catalyzed digital business initiatives as we adapted to the demands of employees, customers, and other human stakeholders, who were forced into new digital options that they have now come to favor.

The end-goal for a digital organization is to drive coordinated innovation with continuous improvement, in support of employee and customer experiences. From a technology standpoint, organizations get closer to this goal through IT modernization, application modernization, and migration to the cloud. Put together, these IT initiatives deliver an environment that supports cloud-native application development for faster innovation and positive customer experiences.

How Operating Models Must Transform

As technology evolves, so too must operations and processes. DevOps initiatives and Agile frameworks must be adopted to realize the full benefits of new technologies, which can ultimately impact an organization’s culture.

As part of this operational shift, IT and business teams are more closely aligned to deliver greater value to customers. Large, siloed teams, need to break down into smaller agile teams that can provide a continuous integration/continuous delivery (CI/CD) pipeline against a product backlog with a set of defined metrics.

When organizations have an effective DevOps and Agile culture, they’re able to rapidly innovate to meet the evolving expectations of today’s customers. The end-to-end innovation process involves idea generation from various user inputs and design thinking to create products with end-user satisfaction as the top priority.

Innovation Governance

Talent Transformation

Digital Workplace Trends

The 5 Digital Workplace Trends of 2022 You Need To Know

So what’s continuing to drive change in 2022 and what technologies can help get you there? Through our work with organizations across different industries, these are the top 5 digital workplace trends we’re seeing this year that you should know more about.

The Great Resignation has further accelerated the need to integrate human-centric design into digital transformation initiatives. Following the unprecedented mass exit from the workforce in 2021, talent is becoming more and more scarce. Organizations must now rethink their methodologies for recruiting, engaging with, and retaining employee talent.

Hybrid work has become more commonplace in organizations, and business leaders are tasked with the challenge of driving collaboration and productivity across distributed teams. Digital strategies in technology and culture must be used to improve employee engagement and satisfaction, while at the same time keeping remote employees secure.

Progressing Your Digital Journey Forward

Ultimately, there are many different aspects to technology transformation that business leaders should consider when moving their digital journey forward. The organizations that transform most effectively are the ones that plan not only for technology and processes but also for the human elements in transformation. For many organizations, transforming culture while at the same time driving innovation is not a simple task.

Digital Transformation Pillars

No matter where you currently are on your digital transformation journey, the Colorado Beach team an help you where you are and take you where you need to go. Colorado Beach has proven expertise in helping organizations across industries align their business goals with transformation initiatives. In addition to our deep IT integration expertise and recognized partnerships with leading technology platforms, COBeach helps organizations develop culture and innovation frameworks that set them up for long-term success.

The 5 Digital Workplace Trends of 2022 You Need To Know

Change is the only constant in life. One’s ability to adapt to those changes will determine your success in life.

— Ben Franklin

Today’s workplace is going through more shifts than ever before. Employees expect to be able to work securely from anywhere, on any device, with tools that enhance their work experience and their effectiveness.

Organizations addressing these challenges are turning to digital workplace technologies to create a seamless delivery of apps and data that work across multiple locations while maintaining the security of their endpoint devices.

So what’s continuing to drive change in 2022 and what technologies can help get you there? Through our work with organizations across different industries, here are the top 5 digital workplace trends we’re seeing this year that you should know more about.

Market Trend #1 – Remote & Hybrid Workers

Hybrid and remote work has become commonplace in most organizations. And this year, unprecedented levels of the workforce are remaining remote or shifting to permanent hybrid work environments.

According to Gartner, the number of remote workers will have doubled to over two-thirds of digital workers by 2023. Gartner also found that hybrid and remote employees are forcing organizations to move forward with digital business transformation plans by at least five years.

It’s critical that employees in this new work environment have the tools available that allow them to be as productive and collaborative as possible. Employees expect to be able to seamlessly work from home and on the go, with apps and devices that help them do their jobs effectively.

As business leaders adapt to these changes and move forward with their digital business transformation plans, they will need to look to modern workplace solutions to promote positive and productive employee experiences.

Market Trend #2 – Cost Optimization

According to Gartner, through 2024, remote workers will use at least four different device types for remote working, up from three devices in 2019.

Organizations are leaning into cost optimization and consolidation more than ever. Business leaders have major opportunities to reduce unnecessary IT spending as they pursue transformation initiatives.

We’re seeing countless organizations repurpose devices that were previously used on-site, for remote workers instead of purchasing new hardware. This is especially the case with contact center offices that are now fully remote. Since digital workplace solutions can be delivered anywhere and on any device, you can deliver the same desktop experience to employees on both new and repurposed hardware.

Another cost-optimization driver is Bring Your Own Device (BYOD). According to Gartner, through 2024, remote workers will use at least four different device types for remote working, up from three devices in 2019. By leveraging BYOD strategies with digital workplace solutions, organizations can avoid upfront hardware purchases while maintaining secure networks and governance over employee desktops and mobile devices.

Colorado Beach and its partners can also help you drive the adoption of applications you already own, such as Microsoft 365, to minimize third-party license expenditures.

Market Trend #3 – The Distributed Enterprise

According to Gartner, by the end of 2023 three-quarters of organizations that pursue a distributed enterprise model will realize revenue growth 25% faster than their peers. In addition to remote and hybrid employees in organizations of all sizes, we’re seeing larger enterprises reproducing their central office into smaller remote sites and branch offices for hybrid work, to promote employee productivity.

Along with more distributed organizations come more geographically-dispersed endpoints. An effective enterprise digital workplace has an app and desktop delivery strategy that can efficiently scale to a large number of endpoints across remote sites and branch offices. Distributed enterprises should also have seamless operating system (O/S) deployments, such as on-demand Windows 10 to Windows 11 upgrades across large numbers of endpoints, as part of this strategy.

Distributed enterprises must also have a way to secure these distributed endpoints. Wherever endpoint devices are connected, businesses should also ensure that these devices follow a defined level of compliance standards that align with business objectives and industry regulations. An effective digital workplace solution can help organizations implement identity and access management (IAM), security monitoring, and endpoint security across all devices.

Market Trend #4 – Cloud-Based Solutions

In the past, all IT infrastructure was located on-premises. Now, cloud-based applications are absolutely essential for businesses to function with employees working fully or partially from home and using multiple devices. We have seen a record number of companies migrating their business applications to the cloud and adopting cloud-native applications in the last two years and this trend is only going to continue.

A robust digital workplace solution can deliver cloud-based collaboration solutions, such as Microsoft Teams, Cisco UCM Cloud, and Webex, to drive employee productivity. Our Modern Workplace can help you deliver these applications to end-user devices seamlessly through user environment management (UEM) capabilities.

Many organizations are also turning to desktops as a service (DaaS) in addition to virtual desktop infrastructure (VDI) solutions as part of their digital workplace strategies. DaaS is cloud-based, fast to deploy and manage, enhances security capabilities, and lowers costs of ownership compared to traditional on-premises solutions.

Market Trend #5 – Providing Secure Access

Cybersecurity measures that were employed even just a year or two ago are no longer adequate in today’s workplace where remote and hybrid set-ups are common and security threats are more sophisticated than ever. Organizations need to rethink their approach to security in an effort to protect key assets and sensitive customer data across a variety of touchpoints.

Today’s digital workplace should include employee remote access to data from anywhere, whether fully-remote or through a branch office, over a secure network connection. However, employees in different locations often need different security measures than they did when everything was on the company’s VPN.

While VPNs are critical in countless use cases, Cloud Access Security Brokers (CASB) are preferred for establishing secure network connections to remote workers who are bringing their own devices. In today’s digital workplace, brokers are delivered using virtual desktop infrastructure (VDI) connections and they’re also part of broader Secure Access Server Edge (SASE) strategies that look at network and security transformation holistically.

A SASE integration into today’s digital workplace can provide secure and seamless connectivity to apps and data from any location. SASE can authenticate remote users and ensure device health before establishing a connection, and lets you easily scale up and down service levels, features, and connections to protect hybrid work and branch office connections from threats.

Embracing Digital Workplace Trends

In the IT world, change is inevitable and organizations that embrace digital workplace strategies are likely to realize cost savings, improved security, and an improved employee experience. However, an effective digital workplace isn’t just about having the right technology available to drive productivity. Digital workplaces must be tailored to the needs of each individual organization, from design through optimization, and take the organization’s processes and people into consideration.

Modern Workplace solutions can be fully customized to include user environment management, virtual desktops, operating system deployments, remote access, identity and access management, enterprise mobility management, monitoring, and endpoint security. With our dedicated expertise, we’ll customize a digital workplace solution that’s tailored to your needs and build your roadmap to success.

Ready to learn more about how you can leverage Modern Workplace solutions to boost employee productivity while deploying apps and desktops in record time? Contact us today!

Get Educated Now: New E911 Compliance Requirements

Do you know what happens when your employees dial 911?

In an emergency situation, your employees may dial 911 to get the help they need. Did you know that your communication environment can control the level of detail and accuracy provided to dispatchers and emergency responders about your location? With the right parameters in place, you can improve your employees’ safe communication abilities. New legislation around Enhanced 911 (known as E911) technology mandates it. Read on to make sure you understand the requirements.

The Difference Between 911 and Enhanced 911 (E911)

911 sends calls to your local Public Safety Answering Point (PSAP), also known as your 911 dispatcher. Then, PSAP engages the appropriate police, fire, or ambulance services.

With E911, the 911 call is routed to the local PSAP based on Automatic Number Identification (ANI). ANI information and provides location information based on an ALI database to the PSAP operator.

Enhanced 911 was created to provide more accurate location information, along with a callback number, to the PSAP. This location and caller data has proven success in saving lives in emergency situations.

The New Standards: Kari’s Law & Ray Baum’s Act

There are two federal laws going into effect: Kari’s Law and Ray Baum’s Act. Each law has specific requirements and compliance expectations for corporate teams.

Kari’s Law: Enabling Direct 911 Dialing

Kari’s Law requires businesses to enable direct dialing of 911, without prefix or other digits required. (Businesses may provide additional patterns, such as 9911.) Kari’s Law also requires an on-site notification of the 911 call that includes the details of the dispatchable location, to decrease response time. Kari’s Law went into effect in February 2020.

What does this mean for your organization? It means that any 911 calls need to be sent out to 911 Services without any delay or prefix. Users within the organization need to be able to walk up to any phone, dial 911, and reach a 911 dispatcher outside of the organization. In addition, a notification of said calls needs to be sent to a central point of contact in the organization where the notification will be heard or seen (such as a front desk). This notification can be sent in many formats, as long as the notification does not delay the 911 call:

  • Computer application

  • Text message

  • Email

  • Other type of notification system

It is best to send the notification simultaneously, but it can be sent after the 911 call if sending simultaneously is not technically feasible. The callback number presented in the PSAP ALI database must be associated to an ELIN (Emergency Location Identification Number) that matches location information for the caller. This is a DID (Direct Inward Dial) number that the PSAP can call to reconnect with the caller if the call is disconnected or more information is necessary from the caller.

Ray Baum’s Act: Ensuring an Accurate Dispatchable Location

The second law is Ray Baum’s Act, which requires organizations to ensure that every 911 call conveys a dispatchable location and callback number to the PSAP (the 911 dispatcher). Organizations must comply with Ray Baum’s by January 6, 2021 for fixed locations and by January 6, 2022 for non-fixed locations.

A dispatchable location by definition is “the street address of the calling party, and additional information such as room number, floor number, or similar information necessary to adequately identify the location of the calling party.” Dispatchable locations need to be determined by the organization on how best to direct emergency responders to the correct location of the individual in need of emergency services. This rule applies to 3 different types of devices:

  • Fixed MLTS (multi-line telephone system) calls: These are stationary devices that do not move within the organization. They must provide a “dispatchable location” to the PSAP.
  • Non-fixed MLTS calls: These are devices inside the organization that will move, such as a soft phone or wireless phone. They may provide alternate location information to the PSAP.
  • Off-premises, non-fixed calls: These are devices that connect to the system from a remote site. They are outside of the organization’s control and rely on the end user for location information.

What does this mean for your organization? It means that, in some cases, more than just an address will need to be given to the PSAP when making a 911 call. This completely depends on the layout of the building and proper signage on premises.

For example, if the user dials 911 from a conference room on the 5th floor, how will dispatch know where to find that emergency if only a street address is given? In the case of a multi-floor building, floor number should also be given to the PSAP. Depending on the size of the floor, is the conference room easily identified with signage? If not, maybe a directional or room number will also need to be presented. Ray Baum’s Act is intended to get the emergency responder to the emergency site as quickly as possible.

How To Know If Your System Is Affected

These laws apply to any phone system installed, sold, or leased after February 16, 2020: on-premises, cloud, or hybrid.

If your current system was installed pre-2/16/2020, you do not have to be in compliance. However, it is highly recommended to keep up with these federal regulations. They improve the safety of all employees.

Many U.S. states have state-level E911 laws in place: check out our list of state-by-state requirements below. Kari’s Law and Ray Baum’s Act are federal laws. They must be followed if your state laws are non-existent or not as strict as these federal regulations.

Planning for Compliance: Three Key Considerations

If you are deploying a new phone system, you must meet the requirements for Kari’s Law. Ray Baum’s Act takes effect in 2021, but we recommend planning for compliance now. Take these important factors into consideration when designing your new system:

Dial Plan and 911 Call Routing

  1. Distributed vs. Centralized 911 Calling When introducing centralized call paths, consideration for local 911 routing in the event the centralized path is not available needs to be taken into consideration. In these scenarios, a local PSTN circuit to the location is highly recommended.
  2. Impact of Direct 911 Dialing to Your Dial Plan In most MLTS systems, internal extensions and DIDs are in use – sometimes one more than the other. What prefix is being used to access the PSTN? A large majority of organizations use 9 to access the PSTN, but others also use 7, 8 and other digits to access PSTN. This can sometimes alleviate confusion when dialing 911 as a common mistake when using 9 to dial outbound is a user will dial 91 to start dialing a long distance call, then accidentally dial a second 1 when typing out the 10-digit number. This dial mistake results in a call to 911. If the user panics and hangs the call up before the dispatcher answers, emergency services could still be dispatched as well as your business being hit with a fine. If a PSTN access code of 9 is in use, this mistake can be avoided with proper end user training. Standard protocol if a user does accidentally dial 911 would be to simply stay on the line and explain that the call was an accident and that they do not have an emergency. Another part of the dial plan to think about are user extensions and feature access codes. Do any of these start with 9? If so, the system might be subjected to a timeout leaving users confused. It would be best to not have any user extensions begin with 9 for this reason. Consider expanding the amount of digits for user extensions so they don’t begin with 9 or change the range for feature access codes to something else.

E911 Zones: Signage, Naming, and Assignment

  1. In-Building Directional SignageIf a new individual enters your business, how easily can they find their way around with current signage? Is there a receptionist that assists with finding the right locations, people, and offices? If it is difficult for someone to navigate with current signage and personnel, consider improvements. Alternatively, you can implement a workflow where someone who received the central notification meets the dispatchers at the proper entrance and directs them to the emergency.

  2. Internal Zone Creation and Naming

    If your organization is a multi-floor building or multi-building campus, consider providing floor number and building number or name with the location information included in the PSAP database. Directional information can help too (e.g. North, South, Billing Department, etc.).

  3. “Phone-to-Zone” Assignment If your new system is IP-based, users have the ability to physically move their IP phones within your campus. As an administrator, this can be a location-tracking nightmare. Ideally, you should track these IP-based phones based on network or zone tracking (vs. user phone number).

E911 Notifications: Assignment, Format, and Delivery

  1. Central Notification Assignment Have you identified the best person and/or location to receive 911 notifications internally? Ideal options are usually front desk personnel, security group, onsite emergency response teams, system administrators, or office managers.

  2. Notification Format and Delivery Method

    There are many third-party technologies available to achieve the 911 notification, in numerous ways. You’ll want to consider how your designated notification recipient operates on a daily basis. Are they sitting at a computer? Are they roaming with a wireless device or cell phone? Do they only have a desk phone available to them? Answering these questions will help you determine the right notification format: desktop, SMS text message, phone call, or email.

E911 Laws by State

Many states have established their own unique requirements for E911 compliance regulations. Our chart shows these state-by-state differences. It’s important to remember that in cases where state-specific requirements do not exist or are not as strict as the federal guideline, the federal guideline must be followed above all:

Federal E911 Guidelines: The dispatchable location must be conveyed with a 9-1-1 call, regardless of the technological platform used and including with calls from multi-line telephone systems. This means every 9-1-1 call requires adequate location information, which typically means the street address of the calling party, and additional location information such as floor and room number.

AlabamaNo state-specific legislation. Refer to federal E911 regulations for guidance.
AlaskaA municipality may require an Enteprise Communications Server operator to provide enhanced 911 service. AS 29.35.134. Multi-Line Telephone Systems.
ArizonaNo state-specific legislation. Refer to federal E911 regulations for guidance.
ArkansasEnterprise Communications Server operators must deliver to the PSAP the phone number and street address of any telephone used to place a 911 call. Ark. Code Ann. 12-10-303 (1997).
CaliforniaCalfornia E911 Legislation is pending.
ColoradoEnterprise Communications Server operators shall provide written information to their end-users describing the proper method of dialing 911, when dialing an additional digit prefix is required. ECS operators that do not give the ANI, the ALI, or both shall disclose this in writing to their end-users and instruct them to provide their telephone number and exact location when calling 911. Sec. 1. 29-11-100.5, Colorado Revised Statutes.
ConnecticutA private company, corporation or institution may provide private 911 service to its users, provided it has adequate resources, the approval of the Office of State-Wide Emergency Telecommunications and the municipality in which it is located, and a qualified private safety answering point. CT Statute 28-25b.
DelawareNo state-specific legislation. Refer to federal E911 regulations for guidance.
District of ColumbiaNo state-specific legislation. Refer to federal E911 regulations for guidance.
FloridaAll PBX systems installed after January 1, 2004 must be able to provide station-level ALI data to the PSAP. Section 365.175, Florida Statutes 2009 365.175.
GeorgiaNo state-specific legislation. Refer to federal E911 regulations for guidance.
HawaiiNo state-specific legislation. Refer to federal E911 regulations for guidance.
IdahoNo state-specific legislation. Refer to federal E911 regulations for guidance.
IllinoisRequirements vary based on residential vs. business and square footage. Private residential switch service providers must identify the telephone number, extension number, and the physical location of a 911 caller to the PSAP. Private business switch service providers must provide ANI and ALI data for each 911 call. Also, they must not require the dialing of an additional prefix (Kari’s Law, systems installed after July 1, 2015). Generally, a distinct location needs to be provided per 40,000 ft2 or each entity sharing a building. (Full Legislation PDF also includes City of Chicago E911 legislation requirements). 50 ILCS 750/15/5 et seq.

Kari’s Law: ECS operators must not require the dialing of any additional digits to access 911, effective after July 2015.

IndianaNo state-specific legislation. Refer to federal E911 regulations for guidance.
IowaNo state-specific legislation. Refer to federal E911 regulations for guidance.
KansasNo state-specific legislation. Refer to federal E911 regulations for guidance.
KentuckyResidential private switch telephone service providers located in E911 capable areas must provide ANI and ALI data for each 911 call, and must provide ALI that includes the street address, plus an apartment number or floor, if applicable. 65.752 Statutes.
LouisianaPBX systems installed after January 1, 2005 must be capable of providing station level ALI (Automatic Location Identification) to the PSAP. RS 33:9110.
MaineResidential ECS providers must deliver a distinct ANI and ALI for each living unit to the PSAP. Business ECS providers must deliver ANI or ALI to the PSAP; specific ALI data requirements are outlined. Also includes requirements for hotels/motels, exemptions and guidelines to establish a private emergency answering point. State of Maine – MLTS installed or upgraded after July 27, 2005 require a minimum of one ANI/ALI per floor, per 40,000 square feet. 25 MRSA 2934.
MarylandMaryland does not currently have E911 legislation in place for multi-line telephone system operators (MLTS).

Maryland has enacted Kari’s Law: ECS operators must not require the dialing of any additional digits to access 911 as of December 31, 2017. H.B. 1080

MassachussettsAs of July 1, 2009, all new or substantially renovated ECS such as Centrex, PBX and hybrid telephone systems must route emergency calls to the appropriate PSAP and provide ANI and ALI for every 911 call. The level of detail required for ALI data and exemptions are outlined as well. 560 CMT 4.00 et seq.
MichiganRequirements vary based on number of buildings and square footage. Generally, the specific location of each communications device needs to be provided unless an alternative method of notification and adequate means of signaling and responding to emergencies is maintained 24-hours a day. MLTS operators in violation of the act after December 31, 2011 may be assessed a fine by the Michigan Public Utilities Commission from $500.00 to $5,000.00 per offense. * E911 legislation is currently in effect in Michigan with a compliance deadline of December 31, 2019. – MCL 484.901 et seq.
MinnesotaOperators of ECS purchased after December 31, 2004 must ensure that their system provides ANI and ALI for each 911 call. Residential ECS should provide one distinctive ANI and one distinctive ALI per residential unit. Location identification requirements for businesses are outlined. Also includes requirements for hotels/motels, schools, exemptions and guidelines to establish a private emergency answering point.
MississippiService providers must provide callers with access to the appropriate PSAP. Anyone operating a shared tenant service is required to provide the ANI and ALI for each 911 call made from any extension. MS SEC. 19-5-359.
MissouriNo state-specific legislation. Refer to federal E911 regulations for guidance.
MontanaNo state-specific legislation. Refer to federal E911 regulations for guidance.
NebraskaNo state-specific legislation. Refer to federal E911 regulations for guidance.
NevadaNo state-specific legislation. Refer to federal E911 regulations for guidance.
New HampshireCurrently, there is not an enacted bill of legislation which required E911 for the State of New Hampshire. However, the New Hampshire has many regulations pertaining to MLTS. “When putting all of these regulations together, it is the opinion of the State of New Hampshire that each phone number is required to have accurate location information, including apartment, suite and floor information”.- State of New Hampshire – Department of Safety, Division of Emergency Services and Communications
New JerseyNo state-specific legislation. Refer to federal E911 regulations for guidance.
New MexicoNo state-specific legislation. Refer to federal E911 regulations for guidance.
New YorkKari’s Law: ECS operators must not require the dialing of any additional digits to access 911, as of May 24, 2017.
North CarolinaNo state-specific legislation. Refer to federal E911 regulations for guidance.
North DakotaNo state-specific legislation. Refer to federal E911 regulations for guidance.
OhioNo state-specific legislation. Refer to federal E911 regulations for guidance.
OklahomaKari’s Law: Business owners or operators using VoIP service must allow a 911 call on the system to directly access 911 without an additional code, digit, prefix, postfix, or trunk-access code, and must provie a notification to a central location when someone on their network dials 911. Effective January 1, 2017
OregonNo state-specific legislation. Refer to federal E911 regulations for guidance.
PennsylvaniaShared residential ECS operators must deliver 911 calls to the PSAP with one distinctive ANI and ALI for each living unit. Business ECS operators must deliver the 911 call with an ANI and ALI detailed to the building and floor location of the caller, or must establish a private emergency answering point. 35 PCS 5302 et seq.
Rhode IslandNo state-specific legislation. Refer to federal E911 regulations for guidance.
South CarolinaNo state-specific legislation. Refer to federal E911 regulations for guidance.
South DakotaNo state-specific legislation. Refer to federal E911 regulations for guidance.
TennesseeKari’s Law: ECS operators must not require the dialing of any additional digits to access 911 as of April 2016.
TexasECS operators who serve residential users and facilities must provide the same level of 911 service as received by other residential users in the same regional plan area, including ANI. Additionally, business owners or operators using VoIP service must allow a 911 call on the system to directly access 911 without an additional code, digit, prefix, postfix, or trunk-access code (Kari’s Law) and must provide a notification to a central location when someone on their network dials 911.

The state of Texas requires E911 for residential MLTS. In Tarrant County, ECS providers offering residential or commercial service to non-affilitated businesses must provide the level of 911 service as required under the appropriate regional plan. Businesses must provide the PSAP with ANI and ALI data for each 911 call. TX Health and Safety Code, CH. 771aAdditionally, the State of Texas enacts 9-1-1 legislation by county and each county has a 9-1-1 or emergency service coordinator that can be contacted for specific 9-1-1 requirements in the County.

UtahAny owner or operator of a multi-line telephone system added or upgraded after July 1, 2017, shall configure the MLTS system to include the street address, and if applicable, the business name, of the location of the communications device from which the call is made. Additionally, callback number, office, unit or building number, room number, and if multi-story, building floor. Utah Code Secs. 53-10-601 et seq.
VermontPrivately-owned telephone system operators must provide ANI signaling and station-level ALI data to the PSAP. 30 V.S.A. 7057.
VirginiaAll PBX/MLTS installed after July 1, 2009 must ensure that an emergency call placed from any telephone number is delivered to the PSAP with ANI and ALI, or an alternative method of providing call location information has been approved. VA Code 56-484.14.
WashingtonResidential service providers must ensure that an emergency call placed from any caller is delivered to the PSAP along with a unique ALI for their unit. Business service providers must ensure that an emergency call placed from any caller is delivered to the PSAP along with a unique ALI for their telephone (Businesses occupying over 25,000 ft2, more than one floor or multiple buildings need to provide automatic location identification in a format compatible with local 911 system RCW 80.36.560, RCW 80.36.555).
West VirginiaNo state-specific legislation. Refer to federal E911 regulations for guidance.
WisconsinNo state-specific legislation. Refer to federal E911 regulations for guidance.
WyomingNo state-specific legislation. Refer to federal E911 regulations for guidance.

Getting Started With Compliance

Colorado Beach works with mulitple vendors that can help with ensuring your organization’s technical compliance. From native capabilities in Cisco Unified Communications Manager (CUCM), to enhanced capabilities with manufacturers like Singlewire and RedSky – our collaboration consultants can help you navigate options and create a roadmap towards achieving federal compliance.

Even if you aren’t immediately affected by these dates with a new install or migration, these E911 laws are helping to improve emergency calling in all organizations. Phone systems are changing and providing many new and amazing features that enable the workforce to work smarter every day. Shouldn’t these advances extend to emergency calling?

Our team is happy to advise your enterprise on technology updates to meet E911 regulations. Contact our team to schedule a discovery session.

2020 State of the Cloud: 5 Cloud Adoption Trends and Takeaways

For the past several years, RightScale has been surveying hundreds of organizations across industries and sizes to learn about their adoption of cloud computing. The RightScale State of the Cloud Report (now owned and published by Flexera) has become a valuable annual benchmark for reviewing enterprise and SMB cloud adoption trends and challenges.

This year’s report highlighted multi-cloud adoption, top challenges, and the advantages of a centralized cloud management approach. Here, we take a look at five of our top takeaways. Read on and consider how your organization compares.

1. Organizations are Struggling to Manage Growing Cloud Spend

According to the report, organizations are over budget for cloud spend by an average of 23 percent and expect cloud spend to increase by 47 percent next year. Respondents estimate they are wasting 30 percent of cloud spend. While public clouds provide agility and easy access to powerful solutions, it’s a double-edged sword. As effortless as it is to spin up new instances, it’s just as easy to lose track of unused resources – trading server sprawl for cloud sprawl. With an explosion of new services and intricate billing models, IT teams face climbing, unpredictable costs and vendor lock-in.

Takeaway: Reviewing cloud bills is often complicated, akin to reviewing an intricate telephone bill. It can be difficult to determine which application, department, or resource is the source of a cost overrun. Some options to consider:

  • Identifying a cost management tracker or portal, whether from your cloud provider or a third party, is essential.

  • Most organizations aren’t taking advantage of all cloud provider discounting options. Public cloud providers like Google Cloud often provide discounted or free credits, depending on your monthly spend capacity.

  • Set up automated policies to shut down and rightsize workloads when you aren’t using them. For example, DevOps architects deploy infrastructure as code solutions to automate sizing.

2. Enterprises are Embracing Multi-Cloud

Enterprises are almost universally taking a multi-cloud approach to cloud adoption. 93 percent of enterprises have a multi-cloud strategy. 87 percent are taking a hybrid approach, combining the use of both public and private clouds. However: this doesn’t necessarily mean individual applications are spanning multiple clouds. The most common approach is siloed applications on different cloud. Yet surprisingly, more than one-third of respondents are using more advanced architectures, such as workload mobility between clouds.

To effectively plan for multi-cloud, even if your team is starting with one cloud, we recommend developing an overall governance model with defined policies and a suite of tools for how you will support new cloud account creation.

Takeaway: To effectively plan for multi-cloud, even if your team is starting with one cloud, we recommend developing an overall governance model with defined policies and a suite of tools for how you will support new cloud account creation. The governance model should include a standardized framework across multiple clouds, security, data access governance, and architectural standards.

3. Security Remains a Top Challenge

Enterprises are gaining extensive experience with cloud, which has led to a perceived decrease in many cloud challenges like resources and migration. However, this does not apply to security. Enterprises report security and governance as their top cloud challenges.

Takeaway: Maturity doesn’t mitigate all cloud challenges. One possible reason for the persistence of security issues is the very nature of the problem. Security is a moving target. Hackers become more sophisticated, legislation changes, and technology needs to keep up. Security is the issue that will never subside.

Identity management, access control, and data security are of utmost importance in the cloud, so developers should be equipped with robust security training. If you have moved to continuous integration and deployment, consider automating code and integrating a vulnerability review into the deployment process. Automated policy checking is also critical to ensure that identity management groups are set up correctly, SSH keys are secured, and storage buckets have appropriate access. Many cloud providers are building these policy-checking capabilities natively into their platforms.

4. Organizations are Centralizing Their Cloud Approach

As organizations adopt cloud-first strategies, many are creating a central cloud team or a cloud center of excellence (CoE) tasked with providing centralized controls, tools and best practices. The purpose of these teams is to accelerate cloud adoption by centralizing expertise while reducing costs and risk. Nearly 70 percent of organizations have a central cloud team or cloud CoE.

It’s notable that this trend is stronger with large enterprises. Many SMBs still have a de-centralized approach to cloud, with no plans for a centralized team.

Takeaway: A central cloud team can lift management burdens off the shoulders of individual departmental stakeholders and leaders. Typically this central team is responsible for overall cloud governance, spend, and migration planning. They also serve as advisors to individual stakeholders who want to leverage the cloud. If this sounds like it could solve pain points within your organization, creating a central team is something to consider in your strategic planning.

Another option is leaning on a third party, such as a cloud MSP, to provide this type of advisory oversight and cost management for your team. This may be a more reasonable approach for SMBs with fewer internal resources.

5. Containers Are Now Mainstream

As the adoption of DevOps practices grows within enterprises, so does the prevalence of container and configuration tools. 65 percent of organizations are using Docker for containers, and 58 percent use Kubernetes. AWS, Azure and Google container-as-a-service offerings are experiencing notable growth.

Takeaway: With the vast array of DevOps tooling, running the gamut from automated infrastructure provisioning and configuration, to testing and compliance, and software and infrastructure release management, many enterprises are finding that shadow IT isn’t just limited to multiple cloud providers but also lacks standardization of the tooling that’s used to manage this new world of public cloud, Infrastructure as Code, and DevOps. Traditionally thought of as a space exclusive for application developers, Enterprise IT is now able to leverage the same methodologies and technologies for managing cloud infrastructure, reaping the benefits of automation, standardization, and version control.

One area in particular where the two worlds of development and IT operations come together is Containers and Container Services, including those available from cloud providers. Containers provide enterprises with greater control, reliability, and scalability of their applications, through the use of development and deployment pipelines, which automate compliance, testing and deployment, and ensure consistency between environments.

2020 State of the Cloud: Mature, Yet Evolving

From increased agility to enhanced security capabilities, the benefits of a cloud-first, multi-cloud strategy are evident. This year’s report proves that cloud continues to become the primary, mainstream IT infrastructure priority. But what may be less obvious is how to tap into those cloud advantages in the best way possible. There are still many vendor choices and strategic decisions to be made that depend on your specific business needs and cloud expectations.

Download the full Flexera State of the Cloud Report here.

6 Reasons to Initiate a Network Assessment Now

Why do a formal assessment of your enterprise network?

Like a car, enterprise networks benefit from regular checkups. But too often, network assessments are left untouched at the bottom of the to-do list as daily urgencies pile up.

If left unchecked for too long, complex legacy systems can become a beast to manage and secure. They demand constant troubleshooting, with reactive tactics to smooth out operational bumps and fill critical security gaps.

When untamed, legacy systems also thwart the potential to implement the latest network technology trends, like SD-WAN, software defined access, and other automated solutions.

One simple way forward? Embark on a network assessment with a neutral, third-party partner you trust.

What is a network assessment?

A network assessment is an in-depth analysis of your current IT infrastructure that provides you with a comprehensive understanding of your existing environment and recommends improvements such as network consolidation, simplification, or automation.

When you engage a third-party partner to lead a network assessment, their objectivity is a benefit. With a fresh perspective, they can deliver unbiased recommendations to achieve improved capacity planning and performance. They can also help create a network infrastructure strategy aligned to your business goals.

Six key benefits of a rigorous network assessment

From greater agility to enhanced security, the benefits of a high-performance computing environment are easy to visualize. What can be harder to see is the value of taking a good, hard look at network health and laying out a clear road map for improvement. Following are the benefits of a serious network assessment:

  1. See what’s going on with your IT infrastructure. An in-depth analysis of your current IT infrastructure—from topology maps to local traffic pattern analysis—can help ensure you’re making informed decisions about network maintenance and upgrades. Armed with accurate evaluations of current infrastructure assets, such as maintenance status, capabilities and weaknesses, your team can improve survivability of optimal systems, and phase out those that aren’t passing muster.
  2. Create a strategic road map for your IT systems and people. After gaining visibility into the current state, your team can zero in on opportunities for network consolidation, simplification, automation and possible cost reduction. You’ll be able to move forward with a clear road map to a modern, software-defined and virtualized infrastructure.This frees up your team to focus on more strategic activities. Your IT employees will have the opportunity to transition from admins to engineers, working on value-added tasks without headaches from DR, backups, and administrative tasks.
  3. Improve security.It’s difficult to defend against cyberattacks without full visibility into your network, including an understanding of how people, processes and other technologies interact with it. A strong network assessment uncovers those behaviors and interactions, empowering a proactive and preventative security strategy that protects against global threats as well as end-user vulnerabilities.
  4. Uncover serious cost-savings potential. In a traditional, legacy computing environment, capacity is provisioned based on estimated peak resource requirements. This results in periods where expensive resources are sitting idle, and other periods where capacity is not enough. A network assessment opens the door to designing a new network architecture that includes cloud computing. In the cloud, you can access as much or as little capacity as you need and dynamically scale to meet actual demand, only paying for what you use.
  5. Identify protocol enhancements like network segmentation. Assessments can expose vulnerabilities in your current operations—and, in turn, uncover opportunities for improvement. For instance, when users access data on a flat network, a data breach can spread quickly across the enterprise. Network segmentation reduces the attack surface, and can simplify your organization’s compliance reporting.  
  6. Get C-suite support for improvements. With today’s enterprise leaders more invested in technology strategy than ever, a rigorous assessment can go a long way in making the case for the C-suite to sign off on meaningful upgrades. Strengthen your proposal for needed improvements by showing analytical data about how technical features will directly improve operations, support business goals and alleviate specific pain points.

Moving from assessment to opportunity

For enterprises seeking a hardened security posture, greater agility, and improved business results, a network assessment may be the big step forward that you need. Getting a handle on your current-state infrastructure and topology is only the beginning. Conducting a network assessment will give you the information you need to prioritize and pitch new investments in your enterprise. Your approach to new technology and projects will become data-driven and strategic, based on leveraging your current investments to their total potential.

If you’re ready to uncover new opportunity in your network, look first for partners who have specialization in the key areas you need, such as virtualization, networking and automation; and the expertise it takes to map out scalable, next-generation infrastructure.

How To Evaluate All-Flash Storage Array Vendors

In today’s business climate, most users expect data to be available instantly. Waiting for applications to open is not only an inconvenience—it can be a real drag on business performance. That’s one reason why all-flash arrays are becoming an increasingly popular enterprise storage solution. Flash memory offers faster data transfer and stronger performance than spinning hard disk drives.

Do you need an all-flash storage array upgrade?

Slow application performance can be a red flag indicating possible storage upgrade is needed. Watch out for departmental delay issues, or end user complaints. It all depends on the workload.

All-flash arrays can solve some problems in certain IT environments—but not necessarily all. Some points of caution:

  • All-flash storage arrays are generally too expensive to suit all needs. Hybrid arrays, combining flash memory and hard disk drives, are still viable for most environments.
  • You’ll derive the most value from an all-flash array that is purpose-built for a performance-intensive workload, like Oracle or SQL databases.
  • Your bottleneck may have less to do with storage than you think. In my experience, the storage system causes app-data gaps only about 40 percent of the time. Network issues and CPU exhaustion are also common culprits. There’s no point in investing in all-flash arrays if the bottleneck is being caused by something else.

Once you’ve identified the performance issues you want to solve, it’s time to dig deeper into the all-flash array features available.

5 considerations when evaluating all-flash array vendors

How do you choose an ultra-high-performance solution that’s right for your environment? Many worthy options are available, such as Nimble Storage, which offers great ease of use, and integrates well with hybrid arrays; PureStorage, a powerful, cost-effective product; and XtremeIO, with high performance and the cost to match.

Keep the following factors top of mind when choosing from today’s all-flash-array vendors:

  1. Throughput. Flash can handle countless input/output operations per second (IOPS)—but throughput is equally critical. Throughput is measured by the number of data bits read or written per second. So, you’ll need to understand how much throughput your workloads actually need to know whether and what kind of a flash drive is the best storage solution.
  2. Read-Write Ratio. How will write amplification (WA) affect performance when data changes? Since solid state storage cells must be erased before they can be written over, data and metadata are written multiple times—and a flash drive accepts only a finite number of write cycles before it fails. You’ll need the read-write ratio that best aligns with actual workload.
  3. Block Size. Can your all-flash array storage handle different block sizes without impacting performance? A vendor may claim a high IOPS rate—but the rate is based on a 4KB block size. Look at the actual block sizes required by your workloads to obtain a more realistic idea of an all-flash array’s performance.
  4. Feature Management. In some cases, certain features won’t always support best performance. For example, many all-flash array products have deduplication and data compression capabilities, but using these features will slow performance. And, not all applications or data types need deduplication or compression. Understanding how these features work will be critical to balancing write amplification and performance.
  5. Longevity. Performance will naturally change as an all-flash array drive fills up—it’s inevitable with any solid state drive. What is the vendor’s strategy to remediate inherent performance issues over time? Understand when you will need to consider upgrades, and also look for the product’s ability to scale.

Compare features, strategy, and trends before you make your decision

Many all-flash array vendors offer a feature checklist that will address these items. Make sure you look beyond their checklist to understand how the features will support your unique applications and workloads. Be sure to compare the best options, carefully considering read/write ratios, performance levels, and capacity—then document what you learn.

You’ll also want to consider your bigger picture backup and disaster recovery strategy. Do the all-flash array vendor capabilities meet the technology requirements in your business continuity plan.

And lastly: take into account industry trends and innovation. Your vendor should have an eye on industry trends for storage and data management and an answer for how they relate to their product road map.

For more about all-flash arrays, contact our team today.