Five hybrid cloud challenges
Hybrid cloud isn't the panacea that business thought it was going to be, but that doesn't detract from its usefulness if certain key challenges are taken into account during implementation.
Lee Jenkins, Head of Technology at ETS, says: "The hype of public cloud adoption has passed the Gartner 'Trough of Disillusionment' phase, while the cloud 'everything' hype of 2011 has never eventuated. Companies are now using a measured approach to determine which core business functions they will migrate to the cloud, and which will remain on-premises. This hybrid computing model, using a mix of on-premises and third-party 'public' cloud services, is going to become the de facto standard.
"In fact, many companies already use cloud services like Salesforce without even realising these are public services," Jenkins says.
However, he cautions that the adoption of hybrid cloud comes with its own set of issues and challenges. He lists five critical challenges faced by businesses migrating to a public cloud model as security concerns, compliance risks, migrations complexities, scheduling and execution issues, and access to management and monitoring tools. "The use of a multi-cloud strategy to consume services from different cloud providers (AWS/Google/Azure/IBM/Oracle) exacerbates the complexities and challenges. The good news is that all of these issues can be addressed with the correct design and constant monitoring."
The security threat of a data breach or data loss is perhaps the biggest challenge facing hybrid cloud adoption. One of the main reasons for having an on-premises cloud is to protect sensitive data. Potential transfer of this sensitive data needs to be strictly controlled via policies and procedure, together with network security. Existing security controls such as authentication, authorisation and identity management need to be seamlessly implemented in the both the private and public clouds. This can be done by replicating controls in both clouds, or by using a single identity management service for both clouds.
Ensuring compliance with government regulatory bodies and industry standards on the handling of sensitive data (think the General Data Protection Regulation and the Protection of Personal Information Act) is one of the most important considerations facing hybrid cloud adoption. Establishing comprehensive compliance in one cloud is difficult enough, but hybrid clouds introduce additional complexities. To ensure compliance, the components of a hybrid cloud model should be evaluated as completely separate environments, as well as a holistic environment. In addition, compliance should be an early consideration in the implementation process, as adopting compliance at a later stage could prove disastrous, not to mention expensive.
Matching service level agreements
Jenkins says: "You need to consider how you will present SLAs to your business. Your private cloud implementations cannot meet the current public cloud SLAs of 99.9999% uptime (unless you have very deep pockets). The lowest common denominator is the on-premises private cloud, and your SLA needs to reflect this service level."
Research into multiple previous security data breaches has shown that of all the threats associated with cyber attacks, more than half can be traced back to human error. This includes e-mails with sensitive data going to the wrong people, using unsecured devices to access data, and even incorrectly setting up core infrastructure. Ongoing education and training of all employees is the best protection against this threat.
Seamless management and monitoring
Most public cloud providers have their own suite of management and monitoring tools. Some of these are available by external facing API services. However, these will need to be integrated into existing monitoring and management on-premises tools. Vendors are feverishly striving to integrate public cloud providers into their products. "Integrating public cloud services into existing support procedures requires effort, and is often trial and error, with mixed success rates," says Jenkins.
While it's clear that the hybrid cloud model comes with its own set of issues and challenges, some of the benefits include reduced costs, ability to shift workloads between clouds, scalability and protecting sensitive data by local isolation. "By understanding and addressing the obstacles faced, successful hybrid clouds are possible," concludes Jenkins.