Today, more and more organizations are hosting their applications on cloud environments.  Organizations are strategically migrating cloud ready applications.  Also, most new development projects in Social Media, Analytics, Cloud, Mobility and IOT, are being developed on the cloud. 

Depending on the industry and regulatory requirements, the choice of cloud could vary – Public, Private, and Hybrid.

The key drivers include

  • Need to consolidate geographically spread data centers to a single cloud environment
  • Reduce upfront infrastructure investment
  • Ease of availability and ease of disaster recovery
  • Ease of scaling up/down

(1)   Need for Validating Applications for Cloud Migration

While the benefits of cloud hosting are compelling, there is need for assessing the migration plan and carry out required validation to ensure successful transition.  One would ask, what additional or different validation needs to be carried out while migrating application hosting to cloud?

The validation objectives, approach and rigor could vary based on

  • Whether the application is native on the cloud or migrated from physical servers
  • Number of applications migrated.  For large number of applications migrated, the validation plan needs to be aligned to migration plan and tools/accelerators should be used for validation.
  • Criticality and complexity of application including any compliance requirements

(2)   Key Testing Focus Areas in Cloud Migration of Applications

Migrating applications to cloud requires a formal validation for functional, integration, security, scalability and performance aspects.  Cloud hosting adds new dimensions to application validation compared to conventional testing.  The table below highlights specific focus areas of Testing of Applications migrated to cloud compared to traditional testing –  

(3)   Key challenges in validation during Cloud Migration of Applications

Some of the challenges in validation for cloud migration include –

Application Security

  • Lack of testing and Quality of Service standards that address cloud and SaaS security. 
  • Different aspects for application security testing include testing of

o   Data Security

o   Application transaction security

o   Business Process security

o   User privacy

Application Performance

  • Public clouds are shared across multiple users and it could pose bandwidth issues in access or cause outages

Integration Testing

  • Lack of control on underlying environment (Network, Database, servers).
  • In case of interactions between network, database and servers, there is increased challenge as the tester would need to assess risk of crash, network breakdown, and defunct server.

Environment Compatibility

  • Certain server, storage or network configurations may not be supported on cloud. It makes it difficult to emulate cloud environments.

(4)   Application Migration Validation – A holistic Approach

It is important to verify that all aspects of the migrated application are performing as expected for the application to be certified as “Cloud Ready”.   Following checklist with validation for key objectives can be handy to assess production readiness of migrated applications –

 

i. Application Availability for Use

Validate whether the authorized users can access the application and its services

ii.  Response-time as per SLAs

Validate whether the application and service performance under various loads is meeting the SLA consistently over a period of time.

iii.  Environment & Data Management

Validate whether the application reference data, master data and the transaction data transitioned to cloud.

iv.  Application Functioning

Validate each component of each application functions as expected

v. Automated Lifecycle Management

Validate whether application instance is restored automatically in case of hardware failures.  Also if application data is restored automatically in case of crashes

vi. Application Coordination with Environment

Validate whether application is well coordinated and configured to ensure redundancy and fail-over

vii. Data Management

Validate cloud providers ability to meet compliance requirements relating to data

Validate data security during transit and storage

viii. Disaster Recovery and Business Continuity

Validate backup plan in the event of cloud outage

Validate business continuity plan for business critical functions in case cloud cannot be accessed

ix. Protection of Data Property Rights

Validate whether private cloud provider has right to access data

x. Security of Application and Data Assets post transition

Validate whether security controls have been enlisted, verified and evaluated

Validate encryption of sensitive data

Validate encryption of remote connections

(6)   Conclusion

  • Testing objectives/validations and approach should be carefully considered based on target Cloud platform.
  • Testing challenges should be carefully examined and addressed
  • Testing objectives/validations vary based on application criticality/type, type of target cloud and whether the application is native to the cloud or migrated to cloud.
  • Validation checklist should be deployed for each Application migrated to be “Cloud Ready” for production usage.