Cloud Migration Authority - Cloud Transition Services Reference
Cloud migration encompasses the structured movement of data, applications, and infrastructure from on-premises environments or legacy systems to cloud-based platforms — a process governed by established frameworks from bodies including NIST and the Cloud Security Alliance. This page covers the definition and operational scope of cloud transition services, the mechanisms that drive migration decisions, the scenario types most commonly encountered in enterprise and mid-market contexts, and the decision boundaries that determine which migration path is appropriate. Understanding these boundaries matters because miscategorized workloads routinely produce cost overruns, security gaps, and compliance failures that structured methodology is designed to prevent.
Definition and scope
Cloud migration is formally defined within NIST SP 800-146 as the process of transitioning computing assets — including software, data, and services — from one computing environment to another, typically toward an Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), or Software-as-a-Service (SaaS) deployment model. The scope of a migration engagement spans infrastructure lift, application refactoring, data pipeline reconfiguration, identity and access management realignment, and compliance posture validation against frameworks such as FedRAMP for federal workloads or HIPAA for healthcare data.
The Cloud Migration Authority serves as the primary reference hub for practitioners navigating these engagements, covering migration pathway classification, vendor-neutral process frameworks, and terminology standardization. For a foundational glossary of terms used across cloud and broader technology services, the technology services terminology and definitions page provides standardized definitions aligned with public standards bodies.
Scope boundaries matter: a migration engagement is distinct from a cloud-native build, a disaster recovery failover, or a hybrid infrastructure design project, even though all four involve cloud platforms. NIST SP 800-146 draws the line at whether existing assets are being transitioned — if they are, migration methodology applies.
How it works
Cloud migration follows a structured sequence. The Cloud Security Alliance and major public frameworks converge on a five-phase model:
- Discovery and assessment — Inventory all assets, dependencies, and data flows. Classify workloads by sensitivity (e.g., PII, regulated health data, public-facing static content). Assign a migration readiness score to each application.
- Migration strategy selection — Map each workload to one of the six Rs (Rehost, Replatform, Refactor, Repurchase, Retain, Retire), a taxonomy popularized by Gartner and adopted in AWS, Azure, and GCP migration documentation.
- Environment preparation — Provision target cloud infrastructure, configure networking, establish IAM roles, and validate compliance controls before any data moves.
- Migration execution — Execute data transfer, application cutover, or containerization depending on the selected strategy. Downtime windows, rollback checkpoints, and parallel-run periods are defined in advance.
- Validation and optimization — Confirm functional parity, run performance benchmarks, validate security controls, and decommission legacy assets after a defined stabilization period.
For organizations requiring IT consulting support across the assessment and strategy phases, IT Consulting Authority covers vendor-neutral advisory frameworks applicable to cloud migration planning. Technical support continuity during and after migration cutover is addressed by IT Support Authority, which documents escalation paths and SLA structures relevant to transition windows.
The how technology services works conceptual overview page situates cloud migration within the broader taxonomy of technology service delivery models, providing context for practitioners who need to understand where migration fits relative to managed services, professional services, and product deployments.
Common scenarios
Lift-and-shift (Rehost) moves virtual machines or bare-metal workloads to IaaS with minimal application changes. This path is fastest and carries the lowest refactoring cost, but it typically does not reduce licensing or compute costs unless rightsizing is applied post-migration.
Replatform moves an application to a cloud-optimized runtime — for example, migrating a Java application from an on-premises application server to a managed PaaS container environment — without rewriting core logic. Cost reductions of 20–40% on operational overhead are frequently cited in AWS migration case documentation, though actual results vary by workload profile.
Refactor (Re-architect) restructures application code to exploit cloud-native capabilities such as serverless functions, managed databases, or event-driven architectures. This path carries the highest upfront cost and the highest long-term operational efficiency gain.
Datacenter consolidation involves retiring physical facilities and distributing workloads across multiple cloud regions. Organizations subject to FISMA must demonstrate continuous Authority to Operate (ATO) coverage across the transition.
Networking infrastructure supporting cloud-connected environments is covered in depth by Networking Authority, which addresses SD-WAN configurations, BGP routing for hybrid environments, and bandwidth planning for large-scale data transfers.
For organizations migrating smart building or facility automation systems — a growing category as building management platforms move to cloud-hosted control planes — Smart Building Authority documents the specific integration challenges between OT (operational technology) networks and cloud platforms. Advanced Technology Authority covers the broader technology infrastructure decisions that precede and follow cloud adoption programs.
Decision boundaries
The primary decision boundary in cloud migration is workload classification: not every system belongs in a public cloud, a private cloud, or a hybrid configuration.
| Factor | Public Cloud Suitable | Private/On-Premises Retained |
|---|---|---|
| Data sensitivity | Low to moderate PII | Classified, highly regulated |
| Latency requirement | >10ms tolerable | Sub-millisecond required |
| Compliance regime | FedRAMP-authorized service available | No authorized cloud service exists |
| Cost model | Variable usage patterns | Predictable, high-utilization steady state |
AI-driven workloads introducing machine learning inference at scale require additional classification. Machine Learning Authority provides reference architecture guidance for ML pipeline deployment in cloud environments, distinguishing between training workloads (compute-burst, ephemeral) and inference workloads (latency-sensitive, often edge-deployed). AI Technology Authority extends this into the governance and procurement dimensions of AI infrastructure decisions.
Vision-based inspection and surveillance systems present a distinct migration boundary: edge processing requirements often mean that camera and sensor data is processed locally, with only metadata or alerts forwarded to cloud storage. Machine Vision Authority covers this edge-cloud split architecture, and CCTV Authority addresses the compliance and retention requirements governing video data in cloud repositories.
Web-facing application layers — front-end interfaces, APIs, and user experience components — are typically the most straightforward candidates for cloud migration. Web Development Authority documents deployment models for cloud-hosted web applications, and UI Authority covers the interface design considerations that change when moving from server-rendered to cloud-distributed front-end architectures.
Technology consulting firms guiding migration decisions must account for the full stack of interdependencies. Technology Consulting Authority provides a reference framework for consulting engagement structures in cloud transition contexts, and Tech Support Authority addresses the operational handoff from migration project teams to ongoing support functions.
For call forwarding and communication infrastructure migrated to cloud-hosted UCaaS or CCaaS platforms, call forwarding Authority documents the specific protocol and failover considerations that differ from traditional PBX migration. Telecom infrastructure decommissioning — a common trailing workstream in cloud migrations — is addressed by Telecom Repair Authority.
Smart home and residential IoT ecosystems represent an emerging migration category as cloud-dependent device platforms evolve. National Smart Home Authority and My Smart Home Authority document cloud dependency models for residential automation systems, including what happens to device functionality when cloud backends are migrated or deprecated. AI Smart Home Services covers AI-driven home automation platforms that rely on cloud inference for voice control and predictive automation. Smart Home Service Pro provides practitioner-level guidance on maintaining service continuity during cloud platform transitions affecting residential systems.
The /index page for this network provides a full map of the 29 member sites and their coverage domains, organized by vertical cluster to support cross-domain research.
References
- NIST SP 800-146: Cloud Computing Synopsis and Recommendations
- NIST Cloud Computing Program
- FedRAMP Program — General Services Administration
- HIPAA — U.S. Department of Health and Human Services
- FISMA — NIST Topic Page
- Cloud Security Alliance — Cloud Controls Matrix
- AWS Migration Case Studies