There are two ways to get started with Multi-Cloud – by accident or on purpose. By accident means that people start using different clouds for different things with no road map for a common management, security, compliance, or cost-optimization strategy. Aiming for multi-cloud on purpose means having these ducks in a row.
Let’s not focus on people who have a strategy, however. If anything’s clear, it’s that many more organizations end up with multiple clouds by accident then walk into it with their eyes open. How does this happen, and how do you rescue yourself when it does?
Accidentally Stumbling into the Multi-Cloud.
The average company uses six cloud computing services – and it’s highly likely that many of those clouds aren’t chosen via any kind of directed strategy. Cloud services are now so easy to consume that many purchase decisions are now made by business unit directors, not CIO's. A 2016 survey by Ernst & Young shows CIO's and IT directors now only make 75% of software purchasing decisions – and that they expected their purchasing authority to decline to 66% within 3 to 5 years.
In a nutshell, multi-cloud environments get started when one business leader purchases one SaaS app, and then realizes they need to get that app’s data onto another app. Neither app connects to each other natively, but they can both connect onto one of the “big 3” clouds – AWS, Azure, or Google. So, now they have a Multi-Cloud environment where one application backs up its data to a cloud where it’s then passed on to another app.
Righting the Multi-Cloud Ship
In the example above, you have a sketch of a Multi-Cloud environment that technically “works,” – but it doesn’t consider:
• Who has ultimate control of the data being passed between clouds?
• Whether unauthorized third-parties can see this data?
• Whether this data is sensitive under PCI-DSS, HIPAA, or the GDPR?
• Whether you could be paying less money for a different solution that works as well?
What’s more, the people purchasing and consuming this environment aren’t compliance, security, or networking experts – there’s no guarantee that anyone will look at these questions before they turn into problems. How can IT experts intervene?
IT professionals have traditionally been concerned with two things, as far as SaaS in concerned – making sure that they keep the total number of vendors as low as possible, and then making sure the applications don’t violate policy. “Giving business units exactly what they want” has taken a back seat to those priorities.
What’s clear, however, is that business units can now purchase exactly what they want regardless of what IT would prefer. To create a secure environment with a low cost of ownership, it may become necessary for IT to reverse their priorities. First, they should let business unit’s purchase the applications they need to become successful, and then they should figure out how to make it all functional, secure, and compliant. In other words, IT needs to accept a larger number of vendors in order to exert a larger amount of control.
If you would like to about more about our Multi-Cloud offering, please visit https://www.biosme.com/multi-cloud