Pursuing a multicloud strategy offers a variety of benefits. When combining public cloud or hybrid cloud, enterprises seek to avoid vendor lock-in using a multicloud strategy. Others are looking to reduce cloud costs or want to use vendors' unique capabilities in artificial intelligence, serverless computing or augmented reality. Multicloud can also help companies improve reliability, security and compliance.
However, a multicloud strategy faces some significant challenges. For starters, it is far more complex than a single cloud, and it can be difficult to perform data integration and monitor applications that are spread across multiple cloud companies. Hiring staff with the skills necessary to manage a multicloud environment can be extremely difficult.
In order to maximize the benefits, experts recommend the following best practices for multicloud strategy:
Avoid vendor lock-in
A multicloud approach on its own isn't enough to avoid vendor lock-in. To make sure they maintain leverage over their vendors, organizations need to ensure portability by taking the following steps:
- Choose a portable software stack. "Organizations need to pick services and technology stacks that are available across different vendors and platforms," Andreas Grabner, DevOps activist at Dynatrace, told Datamation. "One of the reasons why Kubernetes, OpenShift and CloudFoundry are so popular is that they can run on all cloud stacks."
- Use containers. Along the same lines, deploying containers also makes workloads more portable. Because container technology packages an application together with all of its dependencies, it makes moving applications from one environment to another much easier.
- Learn about vendors' services before committing. Before putting a workload in a particular cloud, consider whether you'll be able to move that workload. Serverless services like Amazon Lambda and Microsoft Azure Functions offer benefits like faster development and deployment, but they also dramatically increase the possibility of vendor lock-in. Enterprises need to carefully weigh the potential benefits and risks.
- Avoid a siloed approach. Bill Fenick, vice president of enterprise at Interxion, told Datamation, "Simply housing one workload on one cloud platform and another on a different platform is not utilizing a multicloud strategy to its full potential. Rather, businesses must ensure that these efforts are connected. This enables them to benefit from the flexibility and cost savings of moving workloads around as needed to meet unique business requirements."
Given that multiple vendors are included, an effective multicloud strategy can reduce AWS costs and reduce Azure costs – and in fact cut the cost of any cloud provider involved. However, if customers aren’t careful, the increased management burden of a multicloud environment can actually drive up the total cost of ownership. The following best practices can help manage cloud costs:
- Match workloads to vendors. While public cloud vendors often offer similar prices for similar services, that isn’t always the case. Customers may be able to find better prices — or better services — by shopping around. It's always best to approach each new cloud project on a case-by-case basis.
- Adopt microservices architecture. For new, "cloud-first" applications, many organizations find that microservices architecture, which divides applications into very small pieces that can be reused for different projects, speeds development, decreasing overall costs. Often microservices applications also rely on serverless computing services, which can further reduce time and expenses. However, as already mentioned, the potential cost benefit of these services should be weighed against the risk of vendor lock-in.
- Consider a cloud services broker. For a large enterprise, the job of finding the right cloud vendor and service for each cloud workload could require a dedicated team. Cloud services brokers provide this service via software and/or consultants, and in some cases they may be less expensive than selecting the cloud service provider yourself. In addition, some brokers also offer integration or management services that can further reduce your total cost of ownership (TCO).
- Investigate cost optimization tools. Similar to cloud services brokerages, cost optimization tools find the best deal for each cloud workload. Many of these software tools can also perform functions like shutting down unused instances, rightsizing instances or moving to different payment options that can reduce costs further.
- Negotiate with vendors. Public cloud vendors offer upfront pricing, but that doesn't mean you have to pay the list price. Large enterprises with an abundance of workloads to move to the cloud may be able to get a better deal by contacting the cloud providers directly.
Design for reliability
Another benefit of a multicloud approach is that all of your applications and data won't become unavailable at once if one vendor or one data center experiences downtime. To maximize your available, experts recommend the following multicloud strategies:
- Do your due diligence. Before you sign up for a cloud service, make sure you understand your service level agreement, including any promised levels of uptime and how the vendor will compensate you if it fails to live up to that agreement. Also, be aware that some providers charge different prices for different levels of availability. Make sure you choose the tier that best meets the needs of each particular workload.
- Plan for disaster recovery and business continuity (DR/BC). A multicloud strategy can be an integral part of your DR/BC plans because it gives you the option of moving workloads from one data center and vendor to another in the case of an emergency. However, organizations need to make sure that their DR/BC plans cover all their cloud vendors and that they have tested their plans before a disaster happens.
- Don't forget about backup and archive. Your cloud-based data and applications need to be backed up, too. Many security experts say it's a good idea for organizations to use a different cloud vendor for backup and primary systems.
- Consider geography when choosing vendors and data centers. A multicloud approach won't help with availability if all your vendors are running your workloads in Virginia data centers when a hurricane strikes Virginia. Organizations need to find a balance: Nearby data centers can provide lower latency and better performance, but geographically dispersed data centers offer lower risk in the case of a disaster.
Ensure security and compliance
While cloud security isn't as big a concern as it once was, enterprises still worry about the safety of their data when adopting multicloud. In addition, many companies are bound by regulations that require them to keep some data in-house or within a particular region. Those needs don't go away when you are pursuing a multicloud strategy.
- Review relevant regulations. This year's adoption of the European Union's General Data Protection Regulation (GDPR) has encouraged many enterprises to revisit their compliance. Your organization needs to be aware of any laws or industry mandates that govern your data and ensure that any vendors you use can meet your regulatory needs.
- Control access to data and applications. When using multiple cloud vendors, ensuring that only the right people can access sensitive data becomes more challenging. Many enterprises choose to use an identity and access management (IAM) solution to make this problem more manageable.
- Encrypt data. No matter how secure your systems are or what kind of defensive measures your various cloud vendors have in place, you need to make sure that your data is encrypted both at rest and in transit. This is particularly important in a multicloud situation where workloads are moving from one cloud to another, because users sometimes forget about the need to encrypt data in motion.
- Deploy appropriate security measures. Your cybersecurity team needs to make sure that the other protections you have on your networks are adequate to protect a multicloud environment. Defending the perimeter is no longer enough when you are in a multicloud situation; you need to make sure that you have an agile defense and can detect and mitigate attacks in progress.
- Use a private cloud as necessary. For some data and applications, no public cloud will be adequate to meet your security and compliance needs. As a result, some organizations will always need to run a private cloud.
The biggest disadvantage of a multicloud strategy is that using multiple cloud vendors makes management much more complex. If you aren't following multicloud best practices, this can drive up your TCO.
- Start with an inventory. Before you can devise a plan to make your multicloud environment more manageable, you need to know what workloads you have running and where. A discovery tool can help you create an inventory and possibly highlight applications and data that are good candidates for moving to the cloud.
- Deploy automation and orchestration tools. The same automation and orchestration tools that DevOps teams are implementing in order to speed application delivery and improve uptime can also help tame multicloud complexity. While these tools carry some expense, the time they can save generally makes them very worthwhile from a cost perspective.
- Consider a multicloud management tool. Depending on how complicated your multicloud environment is, you might also want to consider a multicloud management tool. These products are designed specifically for multicloud, and thus often do a better job than traditional IT management tools.
- Control your growth. Whether you use a multicloud management tool or not, you need to make sure that you have policies, procedures and (preferably) software in place to prevent employees from spinning up new cloud instances as they see fit. This kind of shadow IT can dramatically increase cloud costs while exposing the company to unnecessary risk.
Consider your integration needs
When you have data and applications in multiple clouds, getting those pieces and parts to work together can be a challenge. These multicloud strategies can help:
- API management strategy. Using multiple cloud vendors means relying on a host of different APIs. Make sure you have a plan for keeping track of those tools and managing their use.
- Carefully select data and application integration tools. In a multicloud environment you will almost certainly need some middleware to get your applications to work together and get your data where it needs to be in the proper format. There are a host of different data integration tools on the market, so you'll need to do your homework to find the best fit for your needs.
Build your in-house team
Cloud computing experts are in high demand, and as a result, they command some of the highest salaries in IT. With a multicloud strategy, hiring becomes even more challenging because you not only need someone who understands one vendor, you need people who understand the intricacies of several different vendors.
- Hire experienced people. When you can, you should hire people who have previously worked in multicloud environments. They will be expensive, but their knowledge generally more than pays for itself by helping you save time and avoid common mistakes.
- Train your existing staff. You probably won't be able to meet all your needs by hiring outside people, so you'll also need to train some existing staff members. Fortunately, most IT staffers are eager to expand their cloud skills, but on the negative side, this will also make them more desirable to other employers.
Reevaluate your multicloud strategy regularly
Cloud environments invariably grow and evolve. The approach that worked for you six months ago may no longer be best, as cloud vendors update their offerings and your business plans change. Expect to revisit your strategy frequently.
But that doesn't mean you should spend all your time planning. Fenick said, "The greatest piece of advice I can offer to folks implementing a multicloud architecture is to stop waiting for perfection and just do it. You will find that you’re better able to learn what works and what doesn’t by doing versus spending time weighing the benefits and perfecting your plan."