Avoiding Pitfalls of the New Hybrid Cloud
By Justin Giardina, CTO, Iland Cloud Infrastructure
Companies are no longer asking if they should move to the cloud. The answer is now a resounding, “Yes.” In fact, Gartner projected that 2015 spending on Infrastructure-as-a- Service (IaaS) alone would hit $16.5 billion, an increase of 32.8 percent from 2014.
Naturally, the primary question about cloud adoption has evolved to be, “Which cloud should we move to?” For many, the answer is, “More than one.” EMA Research polled more than 400 IT decision makers in the US, EMEA, and APAC and found that, on average, companies are using three IaaS providers.
The trend introduces yet another interpretation of the term “hybrid cloud,” where the infrastructure is comprised of multiple cloud vendors instead of a mix of on-premise and cloud or private cloud and public cloud. While some companies end up with this type of hybrid cloud environment due to Shadow IT or department-level fragmentation, companies are increasingly turning to multiple vendors as part of a strategy to:
• Capitalize on varying benefits of cloud providers based on project needs
• Diversify to avoid vendor lock-in
• Protect business by running applications on one vendor and relying on another vendor for backup and disaster recovery
When evaluating cloud platforms – whether initially or when moving to a multi-cloud strategy – it is important to fundamentally assess business and technical needs and then match them to the provider. While some view cloud infrastructure as a commodity and pricing wars make for intriguing headlines, the reality is providers offer varying levels of native functionality, ecosystem extensions, and support.
Here are some of the key questions to consider when moving to the cloud or expanding a cloud environment:
What tools are available to monitor and manage my cloud environment?
Cloud gives teams the ability to quickly spin up environments to satisfy rapidly emerging business needs – whether it be deploying a new product offering, launching a new application, or executing test and development. That said, perhaps one of the biggest complaints about the cloud is that users do not get the same level of visibility and control as they are accustomed to form their own infrastructure. As such, it is difficult for the IT team to optimize resources and anticipate potential issues. Most cloud vendors – even market leaders – point customers to a vast third-party ecosystem to address the problem, often resulting in additional costs and resource expenditures.
Cloud gives teams the ability to quickly spin up environments to satisfy rapidly emerging business needs
For teams that need to limit man hours and budget spent on managing the cloud infrastructure, cloud platforms that include a comprehensive management console are most attractive. However, it is critical for teams to actually get a demonstration of the tool and clarity on what functionality is included and what costs extra.
How can we predict, control, and allocate costs?
Cost efficiency is one of the biggest promises of cloud, but that benefit is quickly diminished by clouds that do not provide insight into projected spend. Many times, users spin up environments and forget to turn them off which can quickly accrue unexpected costs. Once again, a native management console is the key to addressing the problem.
And what about billing? Organizations that need to easily understand costs and allocate them to specific projects or teams should ask their providers for an example bill.
What security is included as part of the platform? How easy is it to extend those capabilities?
We have found that many companies we speak to believe they have taken proper precautions when it comes to cloud security, but they are really flying blind. Because vendors do not typically provide detailed security reports or integrated security solutions, cloud customers are left struggling to figure out what is protected, where the gaps are, and how to fill those gaps with a host of technologies that do not always play nice with each other.
When evaluating a cloud vendor, companies should take security seriously and not settle for a simple assurance that the cloud is secure.
How easy is it to address corporate, industry, and government compliance?
As industry, corporate, and government regulations evolve, it is critical for companies to stay ahead of compliance considerations. The purpose of compliance is to mitigate risks for a company and its customers. Security plays a large role, but just because a cloud is secure does not mean it is compliant. Do not assume a cloud provider is bound by Business Agreements to handle data to the same standards as your organization.
Is the platform truly designed to meet enterprise needs, or was it an afterthought?
Today, many vendors tout they offer enterprise cloud platforms, but customers should take a closer look to ensure expectations can be met. The networking setup is one of the biggest indicators of whether a cloud was designed for enterprise.
For web companies or teams that do not have major security concerns, there is no real issue with having a cloud that uses a public IP address on the internet. This is a common practice for some of the low-cost clouds that play the biggest roles in pricing wars.
However, for most enterprises, this approach is not sufficient. Enterprise clouds should put networking considerations first, starting with a secure firewall and enabling customers to leverage network topologies that are very similar to what they used to in on-premise environments.
It is easy to stick the “commodity” label on the cloud, but industry survey numbers consistently show that cloud customers will not settle for environments that do not fully meet their business and technical requirements. The reality is, even within a single organization, one cloud platform may not fit all needs. By asking cloud providers these questions, teams can get a significant head start in getting the cloud benefits they seek. And it’s important to note that cloud providers should have fast, straightforward answers to these questions. The vetting process should not be a barrier; it should be validation your cloud strategy is the right one.