Multi-cloud is the new reality
Moving to a multi-cloud environment is undoubtedly the future, but what are the key considerations?
As organisations move more of their business to the cloud, many ask whether it’s necessary to have more than one cloud provider. The answer? Yes, it is. But the number is not fixed, since processing requirements vary hugely across industries and enterprises. Cost, performance, degree of global operations, concentration risk, hybrid, and scale can all influence this decision.
So says Jigyasa Singh, technology managing director for Accenture in Africa, adding that although the decision to select beyond, or expand from, a single provider brings associated complexity, companies can capitalise on the benefits of multi-cloud while minimising the complexity it introduces. “The key is to ensure that the company’s ability to manage cloud usage, control costs, set policy, and ensure compliance is universal, not provider-specific. Working with a small number of cloud providers can help prove out multi-cloud operations, balance risk across the ecosystem, and help compare and contrast cloud service providers to inform an organisation’s work,” says Singh.
Andrew Cruise, MD of Routed, says the benefits of multi-cloud are many. “It’s fit for purpose and offers a choice from best-in-class platforms to match a variety of business requirements. It also helps to efficiently allocate scarce capital by utilising the operating cost model of cloud consumption, and through multi-cloud, it’s possible to retain mature apps in familiar platforms, either on-premise or safe-harboured in local VMware VPC, to free up valuable expertise and resource to be directed to where business needs are best met. It also drives innovation and digital transformation with the agility, flexibility and scalability of new apps in hyperscale public clouds. Finally, multi-cloud can ameliorate risks of failure and vendor lock-in by load-balancing across multiple cloud platforms, and it enables IT to meet business needs by freeing up time to focus on where value is added.
If they have the right tool to access a multi-cloud environment, whether that extends into private, public, or a hybrid scenario, businesses can benefit significantly, agrees Ralph Berndt, sales and marketing director at Syrex. “Resilience, orchestration and the ability to spread risk across several providers become invaluable in a digital world. With access to tools that drive multi-cloud management in an agnostic manner, true high availability is possible. Having access to an effective solution to enable this means businesses can seamlessly switch between on-premise and cloud environments with zero impact on performance and operations. A company can, therefore, run both environments in sync and have the freedom to choose which side becomes active and which is passive.” Decide on where effort and resource should be focussed, where IT brings business value; use cloud infrastructure to free up internal resources and scarce capital to facilitate investment in these areas.
However, no benefits can be reaped without a solid multi-cloud strategy in place. To build such a strategy, Cruise advises to build out from familiar areas of expertise incrementally. “A big bang replatforming approach, particularly involving multiple unfamiliar hyperscale environments, is fraught with risk. You need to base digital transformation strategy on current expertise, use industry standard virtualisation platforms and in local clouds for core business-critical foundational workloads, adding cloud native apps in global hyperscalers in stages. Acknowledge the pragmatic nature of decisions being made by IT operations and IT development teams on behalf of their enterprise employers and implement realistic security policies and procedures to manage risk.”
For Berndt, it comes down to aligning the business to the right partner that provides a cross-cloud perspective. Such a partner will provide the organisation with multiple hyperscale options and can orchestrate technology and commercial scenarios that highlight the benefits of implementing the optimal solution. “Moreover, it’s better to work with a partner that provides an agnostic view and is not dependent on a specific environment such as Amazon Web Services or Microsoft Azure. This will also help facilitate the implementation of agnostic tools to help futureproof the infrastructure.”
The key is to ensure that the company’s ability to manage cloud usage, control costs, set policy, and ensure compliance is universal, not provider-specific.Jigyasa Singh, Accenture
Once an organisation has jumped on the multi-cloud bandwagon, it then needs to manage these complex environments. According to Cruise, it boils down to people, processes and control. “For people, an overarching view of an enterprise's entire IT estate is needed to apply blanket policies and procedures coherently. For processes and control, in the context of technical operations and management, sticking with a centralised control plane offering a consistent familiar experience across on-premise local and hyperscale cloud platforms will allow the organisation to extend its skillsets into the cloud, deploying usage metering, monitoring and reporting tools that integrate across all environments for complete workload lifecycle management, reducing sprawl, complexity and controlling costs.”
There are two critical aspects to successfully manage a multi-cloud environment, adds Berndt. “Firstly, you need an agnostic tool to help manage the organisational infrastructure requirements through a single pane of glass. Not every application and process can work in a multi-cloud environment. Having the right tool to manage this complex environment becomes a game-changer. Next, having a trusted partner that can advise the business is critical. They need to assist the organisation to successfully deploy a multi-cloud strategy and maintain it to ensure business stability and resilience.”
Security and compliance
Therein lies the rub, because Cruise stresses that no two cloud providers are the same. “They market and sell on what they do differently. Each of them has a unique set of services and tools, which, paradoxically, is where the value lies, but the drawback is that it also creates a barrier to multi-cloud due to incompatibilities. Enterprises should be circumspect in targeting these specific USPs in each provider as they will enforce a level of vendor lock-in and base their multi-cloud strategy on which providers will give them a consistent user experience across all platforms.”
Another potential hurdle for multi-cloud success is security and compliance. Richard Vester, cluster executive: Cloud and Security for iOCO, emphasises that when embarking on a multi-cloud journey, a well-defined security governance framework that aligns the security strategy with the cloud strategy of a business is essential. “It's also necessary to develop security into all aspects of the applications, data and infrastructure that is being deployed or consumed within the cloud (DevSecOps). There is also a need to maintain maximum awareness of all activity within the cloud and augment this data with advanced security tooling. Finally, it's important to regularly review cloud deployments and identify risks and mitigations. Cloud is about embracing change and any successful strategy needs to be able to adapt to new threats.”
A big bang replatforming approach, particularly involving multiple unfamiliar hyperscale environments, is fraught with risk.Andrew Cruise, Routed
Vester says security challenges in a multi-cloud environment can be addressed by having a strong framework before implementing a common set of security standards that can be deployed across all clouds and beyond. “Strong levels of reporting and analytics can quickly identify any potential challenges before a threat emerges. Companies are also leveraging common technologies and solutions that can be implemented across all their platforms to assist in enforcing these standards within a broader context of security skills and resources within a business.”
When it comes to cloud providers’ security measures, Vester says security should be at the core of any cloud provider's business, supported from the top down through good governance and practices and enforced in all levels. Organisations should also be willing to support any security positions they have taken through well-documented processes and procedures, backed up with strong certification standards.
Berndt adds that security is a critical building block in a multi-cloud environment. Organisations need solutions that can manage the real estate in any cloud environment or even multiple clouds. Agnostic solutions that can secure cloud migrations and make them compliant facilitate a more effective way of managing the cloud from anywhere in the world.
For Cruise, once again, multi-cloud security is a matter of people, processes and control. “A bird’s eye view of all IT is required to properly formulate a security strategy across all platforms. It must be acknowledged and understood that the use of multiple platforms increases the attack surface for cybercriminals; combined with the pragmatic approach to connectivity in particular, this increases security risks substantially. Enterprises should strive to keep their infrastructure across multiple on-premise, local and global hyperscale clouds as simple as possible without losing the business benefits of the flexibility and agility gained from using cloud services. Fully integrated security tools for threat management, alerting and reporting should be deployed with centralised management. Also, all new platforms and deployments should undergo rigorous feasibility studies with respect to extending current security tools and practices.
Resilience, orchestration and the ability to spread risk across several providers become invaluable in a digital world.Ralph Berndt, Syrex
So where to from here, and what does the future of multi-cloud look like? According to Berndt, the future is looking decidedly bright for multi-cloud. “Local companies are investing heavily into Platform-as-a-Service while there is a big drive for hyperscale providers to deliver more innovative services to the market. Of course, much of this is reliant on the application architecture for customers who are increasingly looking at moving everything into a more public multi-cloud strategy. Yes, there will be a few instances where organisations will want to maintain their own environment, but they will likely leverage the multi-cloud for the likes of disaster recovery and business continuity.
Cruise believes that the future is likely to be the pragmatic cloud and/or ‘dirty cloud’. “In other words, the path of least resistance leads to what works most easily. This is mixture of onsite, private-style cloud such as local VMware VPC, and public cloud from global hyperscalers. “The future is also likely to lend itself to multi-cloud connectivity through whatever is available and quickest to provision, such as private L2 circuits, SD-WAN, Direct Connect/Express Route/Google Connect to hyperscalers, private and public peering and exchange points, for example, Teraco Africa Cloud Exchange combined with L2 and L3 VPNs for security. This can end up being quite messy as what is most easy is not always best practice, and there are no settled industry standards to follow at this early stage, hence the term ‘dirty cloud’,” he ends.
* This feature was first published in the March edition of ITWeb's Brainstorm magazine.