Skip to content Skip to site navigation Skip to service navigation

Cloud Services

Technology Consulting Group offers comprehensive support for building, rearchitecting, deploying, and migrating all sorts of servers, software, and applications in any cloud. We support systems in Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. We can also help choose and integrate Software-as-a-Service (SaaS) solutions with campus infrastructure and your team's workflow.

With every cloud engagement, we follow a multi-step process: consult, sketch, propose, build, operationalize, and tune.

Consult

We start all our engagements with a professional consultation. We guide our clients through different considerations, such as project priorities, budget, data risk classifications, established workflows, and any technical compatibility concerns that will influence the project. Because different schools at Stanford might have internal IT initiatives, we also try to align our clients' projects accordingly. TCG is agnostic about which cloud vendor to use; we choose AWS, GCP, or Azure based on what's in the client's best interests.

Sketch

The next step is to sketch out a solution based on everything we discussed. We might include a cost-effective serverless solution, like Lambda and microservices; we might use containerization to speed development and reduce support overhead. If we deploy a virtual server, we might propose a load balancer with multiple geographic zones to ensure availability. We can also integrate campus resources like Shibboleth and Git repositories. We architect to ensure compliance with Stanford's Minimum Security Guidelines (MinSec). The technologies we use depend on what our clients prioritize.

Propose

Because estimating ongoing costs can be particularly challenging with the cloud, we do the research to make a reasonable prediction of a monthly spend. We include unique discounts that Stanford may enjoy and identify cost-saving measures such as using reserved instances and sustained use credits. We also factor in ongoing operational activities that might need to occur regularly, like monitoring, patching, and off-hours emergency work.

Build

Building a system starts with establishing the cloud account; we set up individualized per-client accounts, dedicated for the project. A workgroup's PTA is associated with the account to capture the monthly spend, and expenses are recovered through Stanford's Oracle Finance billing mechanism, instead of using credit cards. All the necessary security controls are put in place, and we tie the account with the enterprise cloud account management tool called CloudCheckr. This provides clients with access to their billing and inventory dashboards and an additional layer of security and insight. Finally, throughout the build process, we keep in touch with clients using Stanford Slack.

Operationalize

Once we are in production, there's usually ongoing month-to-month work to do. TCG uses modern cloud-based monitoring tools like DataDog and StatusCake to gain deep insight into the processes and resources of the systems we manage. When an event is detected, these tools automatically page our on-call staff members, who can investigate and troubleshoot 24 hours a day. We scan for new security vulnerabilities and work with clients to remediate issues by patching or making necessary configuration changes.

Tune

Throughout a solution's lifecycle, different events might make us rethink, enhance, and tune aspects of the cloud technologies we use. To protect against overspending due to over-provisioning of resources, TCG's cloud tools provide insight into actual past use patterns to make evidence-based recommendations on where we can make prudent changes in the infrastructure. In other words, if your system is being used less than expected, we can safely shrink things to save money without impacting performance. Conversely, if we need to scale up, we can make enhancements to handle greater usage.

TCG will also tell you when you might benefit from a new generation of technologies. For example, when the sixth generation of virtual machines is available, we can analyze whether migrating might save money and enhance performance.

Last modified October 3, 2019