Cloud transition tip No. 6: Ditch Microsoft .Net. If you ever bought into it, that is. Oddly, whether it is Node.js or Ruby or Java, you enjoy a much wider level of support, lower expense, and more than with .Net. Even Microsoft's Windows Azure supports Java, but not everyone (to put it mildly) supports .Net. It really doesn't take long for a good developer to learn the basics of a new language with a little help.
Cloud transition tip No. 7: Upgrade your development methods. The shoddy way most companies develop software virtually ensures that applications will be vulnerable. "Let's hide behind the firewall and assume it's safe" is really a security antistrategy. "How cheap can I get those developers?" is plain silly. "I'm coding this in prod" is asking for disaster. Anonymous didn't do anything very sophisticated in most of its attacks; it used SQL injections, which are easy to prevent. Build your defense from the code up.
Cloud transition tip No. 8: Go HTTPS. We all love the idea of a VPN, but to have the maximum flexibility, our main form of encryption needs to be the most prominent method found on the Internet.
Cloud transition tip No. 9: If you are Java, go WAR file. Sure, everyone loves JavaEE's 20 layers of Zip files. It's so enjoyable to watch your code compile in five seconds, then take three minutes to package. Yet the cloud loves the WAR file. There certainly are vendors who support Java EE, but you'll have far more flexibility with WAR files.
Cloud transition tip No. 10: Deploy a private cloud that has a public version. If you're deploying a private cloud, make sure you have a public path. The great thing about plays like Cloud Foundry, OpenShift, and others is that you can think local and migrate global. This also may be a good way to start your cloud play while your company's lawyers catch up.
Cloud transition tip No. 11: Take baby steps. Your migration to the cloud won't happen in a day. Deploy less critical applications to the cloud first and see how it plays out.
Cloud transition tip No. 12: Do your homework. Research how you'll scale, what security standards are supported, and what SLAs are offered, along with the security certifications your provider must possess.
Ironically, when you move to the cloud, what you really need to do is what you should have been doing all along.
Greet all vendor claims with skepticism. When they tell you about their magic solution and that you shouldn't worry about a weird, proprietary non-HTTP protocol because their solution has the magic beans, ask them how well it works with autoscaling and how you'll connect it with your identity solution. Tell them you want standards. Consider whether secret-sauce software is secure and something you really want on your network.
A move to the cloud is like any other move: an opportunity to throw away stuff you don't need and clean up your act. In this case, doing so also ensures you won't end up stuck with a provider you wish you'd never met in the first place.
This article, "The developer's checklist to prepare for the cloud," was originally published at InfoWorld.com. Follow the latest developments in business technology news and get a digest of the key stories each day in the InfoWorld Daily newsletter. For the latest business technology news, follow InfoWorld on Twitter.