Use this concise checklist to keep migrations predictable across Azure, AWS, or hybrid setups.
Security & Identity
- MFA on all privileged accounts; break-glass account stored securely.
- Baseline policies: disable legacy auth, enforce conditional access, and restrict SSH/RDP via bastion.
- Scan images for CVEs; block unsigned or unscanned images in registries.
Networking
- Plan CIDR blocks to avoid overlaps with on-prem; document peering rules.
- Lock down security groups/NSGs to required ports; deny * by default.
- Test latency and throughput for critical apps; size VPN/ExpressRoute accordingly.
Data & Backup
- Decide replication (LRS/ZRS/GEO) per workload; encrypt at rest and in transit.
- Test restore drills for databases and file stores; document RPO/RTO per app.
- Clean up legacy backups once cutover is verified.
Performance & Observability
- Right-size instances with CPU/RAM targets; enable auto-scaling with sane limits.
- Ship logs/metrics to a central workspace; set alerts for errors, latency, and cost anomalies.
- Run load tests on staging before production cutover.
Cutover Playbook
- Freeze changes; back up source; validate rollback path.
- Run smoke tests post-cutover (auth, CRUD, email, payments).
- Monitor error rates and roll back if KPIs degrade beyond thresholds.
Need a migration dry run?
We model costs, build guardrails, and run rehearsals so your cutover is boring—in a good way.
Book a migration review