MAJOR CHALLENGES FACING CLOUD MIGRATION

Organizations are increasingly dependent on IT (Information Technology) as they seek to invest in technology to improve relationships with customers, suppliers and employees. Looking for improvements in the form of relationship they come across the term Cloud Computing, which is a technology that has made it possible to make work more collaborative, agile, flexible and secure. With all these innovations generated by Cloud Computing, Cloud Computing is gaining more space in the market, but migrating to the cloud requires care and attention. Thus, this paper aims to provide an overview of Cloud Computing and to identify the main challenges faced in cloud migration, serving as a basic guide for cloud adoption.


I. INTRODUCTION
Technological evolution has directly influenced the evolutionary process of organizations, new formats and standards are emerging to establish the correct use of IT (Information Technology) in the decision making process. IT is critical to performance improvement and can be considered the backbone of many businesses and used as a competitive differential in the marketplace. Nowadays it is impossible to imagine a company that seeks to optimize its processes without using IT resources, with all this importance comes the need to make it more flexible by incorporating strategies so that it can optimize the expected results. In this modern scenario where IT is directly connected with the companies' strategy and objectives, it is necessary to reduce costs and risks generated by its use.
Cloud computing may be an alternative to meet the need for more flexible, aligned with organizational policies IT, although it is a new and evolving concept. Cloud computing is no longer a trend but a reality, it is responsible for changing how organizations relate to their customers, suppliers and employees. This new way of relationship, provided by Cloud Computing, allows data, information and IT resources to be accessed from any devices, such as a computer, smartphone or tablet, that have network access. It can reduce costs with acquisition, operation and equipment maintenance, it is also possible to ensure greater flexibility with regard to infrastructure, as resources can be increased or decreased according to business needs quickly and ensuring continuity of services.
Research by Forrester Research shows that the global cloud computing market is expected to grow by $ 241 billion from 2010 by 2020. In Brazil, industry-leading companies are 71% more likely to use the cloud. 65% of leading companies use the cloud for decision making [1].
Cloud computing represents a break from the conventional way companies acquire and use technology [2]. The traditional IT infrastructure model is all the hardware, software, and networking resources needed to store, process, and analyze data, typically these resources are centralized in large data centers that have large computers, these environments require a rugged, non-stop, high-power cooling system, tight access control is also required, and a skilled and trained staff to keep the environment running smoothly all these factors make the traditional model very complex and expensive. With the adoption of the cloud there is a huge paradigm shift and IT infrastructure, computing resources are consumed as a service through a network where you pay for what you consume, all this paradigm shift makes the process of migrating to cloud a arduous task to accomplish.
This article will identify the challenges encountered in the complex task of migrating to the cloud, serving as a basic guide for organizations looking to adopt cloud-based services.

II.1 CLOUD COMPUTING
Despite all the repercussions and popularity that cloud computing has gained in recent years, its real operation is not yet well known, even among information technology professionals there is still much doubt and lack of clarity, knowing the concept, characteristics and the working way is key to planning a cloud migration.
According to [3], Cloud Computing is a set of easily usable and accessible virtual resources such as hardware, software, development platforms and services that aims to improve resource usage and make IT operation more cost-effective.
ISO/IEC 17788: 2014 defines Cloud Computing as a paradigm that allows internet access to a group of physical or virtual resources, with provisioning and administration on demand.
Basically Cloud Computing is the term used to describe different ways in which computing resources are shared as a service over a network connection.
The [4] determines five essential characteristics for a cloud service:  Self service on demand  Broad network access  Resource Group  Fast elasticity  Measurable services The concept of turning IT products into services is named Everything as a Service or Enterprise as a Service. This concept where everything can be put as a service is divided into three categories, Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS).
Another model has been considered by some players in the IT market, such as Business Process as a Service (BPaaS), in which consumers outsource part of the business process to an external provider [2]. Also according to [4] the cloud computing implementation forms are divided into four different types: These models are basically the way services are delivered. Each type has unique characteristics and advantages. Choosing the implementation model requires a clear definition of what kind of application the customer needs, and what kind of implementation will meet their needs and expectations.

II.2 SERVICE MODELS
Cloud computing service models are a substitute for conventional IT infrastructure, with the distinction of the commercialization model, which instead of licensing uses a model that pays only for what is consumed.
We'll look at what cloud computing service models are and how these service models work.

II.2.1 SaaS (SOFTWARE AS A SERVICE)
This service model is aimed at the distribution of applications or software over the internet, on demand, usually based on subscriptions. The Software as a service model offers a complete product, run and managed by the service provider, typically end-user applications. In the SaaS model, you don't have to think about how the service is maintained or how the underlying infrastructure is managed, you just need to think about how you will use this particular type of application. According to [4] in the SaaS model, [...] applications are offered as services by providers and accessed by customers by applications such as the browser. All control and management of the network, operating systems, servers and storage is done by the service provider. In this model, organizations reduce costs with software and development resources, upgrades are simplified and interactive, availability is independent of geographic location, there is less investment in infrastructure and people management.
Microsoft defines Software as a Service (SaaS) as the model in which the user uses cloud-based applications connected over the internet. The SaaS model is probably the most commonly used model, if you use a web based email service then you have certainly made use of SaaS.
In short SaaS is the model that makes an application or set of applications available through a cloud service provider. The model is characterized when the service provider makes the application available, which includes all the infrastructure required to use the tool. The features offered meet a wide range of needs. Examples are seen in e-mail tools and software for CRM (Customer Relationship Management), human resources, accounting, among others.

II.2.2 PaaS (PLATFORM AS A SERVICE)
The PaaS model is a model that offers a complete cloud development and deployment environment. The PaaS service model, which focuses on application and data management rather than the structure needed to deliver it to the end customer, basically enables you to deploy and manage your own or third-party software or applications using your provider infrastructure. Cloud In other words, the provider provides and manages the entire hardware and software infrastructure, as well as the suite of applications and programming languages needed to support customers' application deployment.
According to [2] PaaS is between SaaS and IaaS. In this view, the software layer is above and the infrastructure layer below. As such, PaaS occupies an intermediate space between the three main types of cloud offerings available. In general, PaaS is characterized by offering a robust and flexible platform that allows the execution and development of various application services (middleware). This includes the use of application, integration, process management, business, and database services platforms.
The model has many advantages, but the most outstanding are the very high level of programming, low complexity, the possibility of decentralized development and within the same standards of quality and safety.

II.2.3 IaaS (INFRASTRUCTURE AS A SERVICE)
According to [2] in the IaaS Infrastructure as a Service model, the cloud service provider is responsible for providing full capacity for processing, storage, networking and other key features. With these features, the customer utilizes the operating system and applications that allow them to deploy and run software freely. IaaS is characterized when a service provider's computing resources make infrastructure, storage, and network tools accessible to customers' demand. It is a standardized, flexible and highly automated offering that allows customers to provision through a simple self-service interface.
The infrastructure as a service model basically guarantees the operation and performance of cloud computing, in this model a hardware capacity is contracted, the contracted package may include servers, routers, racks and other equipment.
Amazon Web Services describes the IaaS model as containing the basic components of cloud IT, often giving access (on virtual or dedicated hardware) to network resources and computers, as well as space for data storage. Infrastructure as a service gives you the highest level of management flexibility and control over your IT resources and closely resembles the current IT resources that many IT departments and developers are familiar with today.
In this model, organizations reduce capital expenditures on hardware and human resources, improve business continuity and disaster recovery, reply faster to changing needs, and increase business focus.

II.3 CLOUD DEPLOYMENT MODELS
As described in section II.1 last paragraph, cloud deployment models determine how services are delivered, in more detail models addressing access, constraints, and availability of cloud computing environments.
Currently three models stand out, but a quarter is growing and being widely used by organizations, we will describe the operation of these models and their characteristics.

II.3.1 PUBLIC CLOUD
In the public cloud model, the service provider makes shared resources, such as hardware and software available to multiple customers, these resources are accessed via the internet. This model basically modifies the standard concept of IT infrastructure. It is a resource sharing model with well-defined access and utilization layers.
The [2] Defines public cloud as a cloud environment with ample data processing and storage capacity, offered by public organizations or large industry groups. It is made available through the "pay per use" model. It features IT capabilities and capabilities that are easily scalable and resiliently enabled. It is a service linked to the use of the internet and directed to external customers. Public cloud models, such as Google Compute Engine or Amazon Web Service models, share a gigantic computing infrastructure with different users, business units, or companies.

II.3.2 PRIVATE CLOUD
Also known as internal or corporate cloud private cloud is a model that is not open to the general public, is managed by an organization or group of organizations with common goals. [3] Defines private cloud as the model that comprises a cloud infrastructure operated and almost always managed by the client organization.
The services are offered for internal use by the organization itself and are not publicly available for general use. In some cases it may be managed by third parties. By providing services to a limited number of organizations, the private cloud creates greater security and ensures direct control over data, so the private cloud model differs from the public model, in the public model IT infrastructure is the responsibility of the service provider. In the private model, the cloud is managed by the internal IT department, generating the same personnel, management and maintenance expenses as the traditional infrastructure model.

II.3.3 HYBRID CLOUD
The hybrid cloud model is basically a junction of the private cloud and public cloud models, the ability to allow workloads to be balanced between private and public cloud gives organizations greater flexibility and more data deployment options.
Conceptualize hybrid cloud as a composition of two or more clouds (private, public, or community) that remain single entities but are connected through proprietary or standardized technologies that provide data and application portability [3].
Gartner research reveals that the hybrid model is the model that best fits the needs of organizations of all segments and sizes, and that by 2020 90% of organizations will adopt the hybrid cloud model. According to Gartner Research Director, DD Mishra, as greater the demand for agility and flexibility, more organizations will embrace the hybrid cloud. Organizations adopting hybrid infrastructure will optimize costs and increase efficiency. However, there is increasing complexity in selecting the right set of tools to deliver end-to-end services in a multifunctional environment. Figure 1 graphically represents the concept of hybrid cloud, highlighting the characteristics inherited from the junction of the public model with the private model. Source: [8].

II.4 CHALLENGES IN THE CLOUD MIGRATION PROCESS
Despite all the benefits that cloud adoption generates, it is also possible to identify some aspects that can be seen as limitations or even challenges encountered in the cloud migration process.
It is important to make clear that the challenges faced in migrating to the cloud are different from the risks inherent in cloud computing, which according to [10]  The challenges faced in migration are basically steps that must be taken and performed with extreme caution in order to be successful in the cloud migration process. Bibliographic research has led us to three fundamental challenges for migration:  IT Governance Maturity  Plan the migration  Select Supplier

II.4.1 IT GOVERNANCE MATURITY
IT governance is a concept derived from corporate governance, its role is to facilitate strategic alignment between business and IT by providing decision support and business strategies. IT governance addresses not only the definition of decisions and responsibilities in this area, but also its aspects and forms of control over service procurement, application development standards and general procedures to ensure better alignment and compliance corporate demand.
During the literature search we found statements in the analyzed texts that made clear the need to have maturity in IT governance before migrating to the cloud. According to [11] it is mandatory that companies are able to control the use of productive capacity that will be acquired in the cloud and, in turn, keep in mind that the increased maturity of IT governance must be improved to ensure the follow up each step of using these features. Already [2] points out that the migration to cloud computing has a significant business impact, reflecting on the IT technical base used to operationalize organizations.
The [5] describes that the Information Systems Audit and Control Association (ISACA) suggests that when adopting and using cloud services, companies should: Treat the adoption and use of cloud computing as a strategic business decision.
Make informed decisions, considering the operational, business needs and benefits that can be gained from cloud computing.
Based on all of this information found in the literature review, we realize that the decision to migrate to the cloud must be directly linked to the organization's strategic goals and that quality IT governance will facilitate this alignment between IT and organizational goals, enabling The user company is able to focus on the core business and that migration follows the focus of the organization, matching the models offered by cloud computing with the objectives of the organization Source: [11].

II.4.2 PLAN MIGRATION
Adopting cloud computing is a process that involves many changes, risks, and benefits. To be successful in the cloud adoption process, it is critical to plan for the decision to invest time and money in a new project.
For [14] the planning process is responsible for defining the ways in which project objectives are achieved, and that the depth and complexity of planning is directly linked to the size of the project. It is crucial when it comes to reducing waste, which provides a higher return with the lowest possible investment. Before you start migrating to the cloud, you must have a welldesigned strategy for everything to happen safely and quickly. The strategy should take into account what should be migrated to the cloud, rate costs and risks, define a pilot project.
The selection what will work in the cloud is a critical process for the success or failure of the cloud migration project, [2] highlights that not all applications or services are eligible for the cloud and organizations do not migrate data and applications to the cloud overnight as there are solutions that require dedicated hardware or proprietary solutions that cannot take advantage of cloud benefits, based on this statement we realize that a rigorous assessment of today's IT infrastructure is needed to determine the which should go to the cloud and what should continue offline. For [2] when a service or application is "mission critical" and may affect strategic value or is integrated with other applications, cloud migration is not the most appropriate or needs to be evaluated with the utmost care. Applications that do not have such complexity are the best candidates to be transported to the cloud environment, it is recommended to migrate software that is completely independent and that do not require data or applications from other programs. Also according to [2] the assessment of cloud computing adherence goes beyond the technical issues it is necessary to make a comparison between costs and benefits. The analysis must go beyond the competitive return, also looking at the financial return on the investment, but one cannot close the eyes to all the investment already made by the organization over time. It's hardwares, servers, peripherals, computers, softwares, licenses, and even all the time and money invested in developing specific, business-critical applications. Each deployment of cloud resources needs to consider the need to retrofit or redo the existing structure and the financial cost of it. To measure costs and the way investments are used, we recommend using financial indicators with ROI, CAPEX or OPEX.
Inside the migration's planning a key factor to take into account is the risks associated with adopting cloud computing, according to [11] the risks associated with adopting cloud computing should be taken into account when assessing the benefits of using cloud computi, understanding this technology is the best way to prepare for and ensure a stable environment, especially at this step of migration.
Efficient cloud migration planning requires a pilot project that enables the migration team to learn how applications will behave in the cloud environment, what errors are presented, and how those errors are corrected. It is not recommended to perform migrations by Big Bang project (all at once) to prevent the amount of errors from making the migration path to the cloud unviable [11].
According to [2] knowledge and antecipate learning about cloud technologies for practical verification are the fundamental objectives in carrying out a pilot project. Some steps are fundamental for the implementation of a pilot project, the first is the implementation stage where the organization will be prepared for practical learning, allowing to verify the real potential of cloud utilization, in this stage goals, objectives and metrics are established, which will determine whether the focus of the analysis was successful or not. Business models need to be simulated and tested, even at a smaller size and controlled scope, to create a foundation that provides statistical data. The second stage is the learning stage where the organization creates a knowledge base based on the experiences gained in the implementation stage creating conditions to develop the learning, in order to consolidate a defined position for evaluation, this stage should provide answers to questions such as: Is the organization ready to use this new feature? What is the learning got from this cloud pilot? Were the tests enough? Did the cloud solution deliver effective solutions to technical and operational challenges?
Are the organization's business and IT aggregated in the solution?
The third and final stage of a pilot is decision making [2] in this step, the answers obtained through the experiments need to be organized. This will be the main input to the conclusions about the projected benefits of meeting business requirements. By reaching this point, there is clarity about the conditions and potential of technical and operational solutions, as well as the risks involved. From such an analysis, the impediments, if any, can be understood. In this process, obstacles such as governance requirements and the level of knowledge and training required to use the cloud tool are detected. Obtaining these definitions, such an implementation will move from theoretical projection to technical reality, making executions plausible and perfectly achievable.

II.4.3 SELECT SUPPLIER
After maturing IT governance and planning to migrate to the cloud comes the challenge of selecting the provider, it is critical to select providers that have a service model that meets the needs of the organization, in the selection process it is not enough to consider only technical issues It is critical to assess the capacity and reliability of the provider that the organization intends to hire. For [5] selecting a provider is very complex and requires a lot of effort.
In the current scenario of cloud computing there are several providers, among which we can mention the main ones as: (Brasil). It is important to note that these providers automatically provision and release resources, key features for cloud computing providers, [15] points out that some traditional data center hosting and outsourcing providers insist on presenting their offerings as "Cloud Computing", which makes it difficult for the market to understand the difference between this new model and the traditional one.
Microsoft suggests that organizations evaluate four key areas for selecting a cloud computing provider:  Business Processes and Integrity  Administration Support  Technical Features and Processes  Safety Practices Each of these areas has requirements that must be evaluated in the provider selection process. Within the area of processes and integrity should be evaluated: The financial health of the provider should keep a record of stability and have a sound financial position with sufficient capital to operate successfully in the long run.
The provider should have a clear management structure, well-established risk management policies, and a formal process for evaluating third party service providers, thereby ensuring the organization, governance, planning and risk management.
Trust is another fundamental requirement in this area, the provider must have a good reputation among its partners, the provider principles should be aligned with the principles of your organization so it is crucial to find out the level of experience of this provider. Read reviews and talk to customers whose situation is similar to yours.
Business and technical knowledge, providers must understand their business and objectives and be able to relate all this information to their technical knowledge. The provider should be able to validate compliance with all of its requirements through a third party audit, which characterizes a provider's compliance audit requirement.
In the support area to administration we should evaluate the following requirements, service level agreements (SLAs) providers should be able to promise a basic level of service that you are used to, there should be sufficient controls for the provider to track and monitor customer service and changes to their systems to ensure resource monitoring and configuration management. The billing and accounting process must be automated so that you can monitor which resources you are using and their costs so that you do not accumulate unexpected accounts. There should also be support for billing issues. The provider should also be able to provide performance reports.
The functionalities area and technical processes require ease of deployment, management, and upgrade requirements, the provider must have mechanisms that facilitate the deployment, management, and upgrade of their software and applications. The provider must use standard "APIs" interfaces and data transformations so that your organization can easily compile cloud connections, you also need to have a formal event management system that is integrated with your monitoring / management system. The provider must have formal documents and processes for requesting, logging, approving, testing, and accepting changes to ensure change management. Even if you do not plan to use a hybrid starter cloud, you should be sure that the provider can support hybrid functionality. This model has advantages that you may want to explore in the future.
The security practices area may have the most important requirements in the provider selection process, in this area the security infrastructure requirement should be evaluated, the provider must have a comprehensive security infrastructure for all levels and types of cloud services Provider must have well-defined security policies, there must be comprehensive security policies and procedures in place to control access to client and provider systems. Changes to any application service or hardware component must be authorized on a group or personal role basis, and authentication must be required for anyone changing an application or data to ensure identity management. Another very important requirement is data backup and retention, the provider must have policies and procedures to ensure the integrity of customer data must be in place and in operation.
Controls ensuring physical security must be in place, including for access to installed hardware. In addition, data centers must have environmental protections to protect equipment and data from disruptive events. There must be redundant networks and power, as well as a documented business continuity and disaster recovery plan.

III. CONCLUSIONS
Because it is a technology that is expanding the boundaries of its adoption, there needs to be constant work to improve governance and also the adaptability needed to support this adoption curve. Information technology professionals today devote much of their time to gaining more and more knowledge and skills required in a cloud computing migration job. Based on the three major challenges found in the research we can see that the cloud migration process is not one of the simplest tasks, it is important for organizations to mature their IT governance by aligning business and information technology with this makes the decision to migrate to the cloud a strategic decision for the business, thereby gaining the benefits of using the cloud. It has also been noted that in order to realize all the advantages offered by cloud computing, detailed planning is required before performing the migration, planning will be responsible for ensuring the success of the project avoiding waste and minimizing risks. You can say whether or not your organization is ready to migrate to the cloud. It can be concluded that the provider selection process is the most complex challenge faced by organizations wishing to migrate to the cloud, selecting a provider that does not have a service model that meets the needs of the organization will lead to the steps IT governance and planning have been carried out in vain, so it is critical that the provider has the capacity and reliability. In the vendor selection process it is important to note whether the provider automatically offers provisioning and release as these characteristics are critical for cloud based services, otherwise this provider does not actually offer cloud based services. It has become clear that the stages of maturing IT governance, planning, and vendor selection are essential to successfully migrate to the cloud. These steps are complementary and must be well designed to achieve a successful migration, enabling a migration under the cloud the facet of the lowest risk of negative impact and even more likely to succeed on this journey.