Getty Images/iStockphoto
4 common traps to avoid in a multi-cloud strategy
Multi-cloud strategies are popular, but they do require planning and management. Review some ways to sidestep these four potential pitfalls.
What happens when an organization tries to stitch together cloud components that work against each other?
Every major cloud provider offers countless innovative, scalable and flexible services. But many organizations don't want to be confined to the options of a single vendor, so they combine services from two or three clouds for different teams, users and use cases.
There are clear benefits to a multi-cloud strategy, including advanced capabilities and environment customization for individual apps and workloads. According to a recent study from Veeam, 91% of IT decision-makers increased their cloud services usage in the first months of the COVID-19 pandemic and 60% are planning to add more cloud services to their IT delivery strategy.
However, 40% of responders recognized economic uncertainty poses a threat to these initiatives. Without adequate visibility and planning, organizations can wind up with a costly, fragmented environment full of duplicate data and security risks.
Here are four types of problems that can arise in a multi-cloud environment, plus some basic tips to mitigate any potential harm.
1. Shadow IT
Organizations often see teams adopt public cloud services without approval from IT. The COVID-19 pandemic accelerated this, as employees experimented with new remote work conditions.
Shadow IT deployments inadvertently create a multi-cloud environment without the IT department's knowledge. This can cause asset vulnerabilities the security department isn't aware of until it's too late. Instead of trying to suppress shadow IT use, aim to strengthen visibility into shadow activity and build a culture of transparency.
Shadow IT can increase employee productivity and enterprise agility, so lean into it. Educate employees about data hygiene and cloud security best practices. Also, encourage them to proactively approach IT with requests for a new cloud service. This way, an organization can maintain full visibility of its multiple cloud environments to monitor security risks.
2. Cost
Cost optimization is an essential part of any multi-cloud management strategy. If you don't manage the financial implications of each platform, you will spend too much on services that cost less from a different provider.
To avoid financial strain, assess costs before you invest in a cloud platform. Research multiple options to find the services that best suit your business needs. While each cloud provider has specialties, many services are relatively standardized, so you should be able to find a more affordable option.
If finances have already become an issue for a given application, migration to a more cost-effective provider is worth looking into. Don't feel committed to one provider just because it's familiar.
With the appropriate planning and supervision, cloud-to-cloud migration can be more streamlined than migration from an on-premises architecture because well-architected cloud environments are built to be interoperable.
3. Access management
A multi-cloud environment increases compliance planning. As a result, organizations may have inconsistent security protocols in place for each cloud platform. This can make certain applications and workloads more vulnerable, especially in a shadow IT environment.
Amazon Web Services, Microsoft Azure and Google Cloud use different philosophies and architectures for identity and access management (IAM). Companies that use multiple providers need to learn and adapt to whatever providers' systems they use. They also need to learn how to manage them independently. This requirement isn't a deal-breaker, but it does require recognition and planning.
4. Cloud backup
A multi-cloud strategy can be an effective way to maintain business continuity. A large number of organizations use one cloud platform as the backup for another. However, the backup and disaster recovery processes do not support replication of the IAM permissions.
Organizations must be careful when building disaster recovery safeguards across multiple clouds because it may require a different architecture for each platform and could be a difficult technical challenge.
Proactively evaluate provider value
Don't wait for problems to arise to decide if it's time to move or relocate an asset to a different cloud platform.
It takes careful planning and supervision to reap the benefits of multi-cloud. When organizations increase visibility into shadow IT, continuously assess costs and strategically distribute assets based on its operational and security needs, they can get the best of multiple clouds.
About the author
Josh Quint is the senior director of cloud solutions at Deft. Deft offers cloud-native software development, AWS consulting, cloud infrastructure and global data center services.