Two things make me nervous: waiting in a dentist’s office for my turn and sitting in a meeting and hearing everyone stating how multi-cloud adoption is going to be simple and straightforward.
The experience of waiting for my turn in a dentist’s office is a bit like what some organisations face with multi-cloud adoption. At first, it might seem like a routine check-up – just another IT project to be implemented effortlessly. However, as we know, a trip to the dentist can quickly become a complex and sometimes painful process, just like managing multi-cloud environments when the challenges start to pile up.
Although the first might require a conversation with a therapist, the second is a topic I can share my experience in. Let’s get to it!!
A large retailer adopted a forward-thinking multi-cloud strategy three years ago. The goals were to increase IT agility, lower costs, and drive innovation. New customer-facing apps are quickly deployed on one cloud provider platform and leverage data science workloads on another. Legacy order systems migrated from on-prem into a third-cloud service provider.
This worked well initially. But over time, challenges emerged in managing distributed systems, security, data, and ops. A minor outage in one cloud crashed the website for half a day due to tight coupling. Customer satisfaction dropped due to performance lags. Security audits flagged dozens of vulnerabilities. The multi-cloud environment became an unmanageable jungle instead of the nirvana envisioned!
This story is all too common. The accelerated adoption of multi-cloud has led many organisations into the complexity maze. A 2023 survey by Flexera showed that over 87% of enterprises have a multi-cloud strategy, with over 80% citing multi-cloud management as second more pressing issue (cloud overspend came first which is related to second issue).
While decentralization enables speed, lack of cohesion slows progress in key areas:
- Networking – Suboptimal performance, reliability and risk
- Data Management – Inconsistent and scattered environments
- Security – Dangerous gaps and blind spots
- Observability – Lack of end-to-end visibility
- Orchestration – Disjointed connections and poor automation
- Governance – Inconsistent policies, controls and overspend.
- Architecture – Short-term decisions that increase complexity.
This uncontrolled complexity across networks, data, applications, and services slows innovation, decreases stability, and increases cyber risk. What’s the solution?
Leading Practices to Tame Multi-Cloud Chaos
Hybrid/Multi-Cloud Management
A large financial services infrastructure spanned both on-premises and multiple public clouds but lacked unified management and abstraction layers to bridge the gaps. This resulted in disjointed systems, inconsistent policies, and limited workload mobility across environments.
A cloud management platform enabled the organisation to centrally administer hybrid infrastructure and multi-cloud with shared visibility and control. The abstraction provided portability for data, applications, and security policies across their cloud, multi-cloud, and on-prem footprints.
With the consistent network, data, and security architectures spanning environments, the organisation could now seamlessly operate multi-cloud infrastructure as a unified whole vs disjointed parts.
Data Management
A manufacturer’s siloed data lakes caused reporting inaccuracies and delayed analytics initiatives. A data fabric solution consolidated access, security, and governance for distributed cloud data, providing a “single source of truth.”.
Observability
When a bank’s mobile app crashed, the lack of observability made troubleshooting difficult. A monitoring solution providing multi-cloud end-to-end transaction visibility allowed a much faster diagnosis, thus minimising customer impact.
Inconsistent Governance
Inconsistent policies and standards increased the risk for an organisation that aggressively adopted multi-cloud. A permissions management platform delivered a unified governance across their multiple cloud environments.
Orchestration
A large airline struggled with disjointed connections between cloud services for booking, check-in, and scheduling. An API gateway solution provided a unified interface to orchestrate and integrate the microservices-based applications across different cloud providers. This improved the automation and reliability of their systems.
Security
A healthcare provider’s cloud environments had security gaps due to tool sprawl. A cloud-based security platform integrated with their multi-cloud infrastructure to provide unified visibility, threat detection, and automated response across environments. This reduced their blind spots and strengthened their security posture.
Implementing Multi-Cloud Control
Consistently implementing governance, security, operational, and financial controls across clouds is equally crucial. Well-designed controls provide guardrails through policies and automation.
Cloud access controls should be centralised instead of fragmented. Compliance policies and protocols must be unified. Cost controls right-size usage across environments. Formal change approval processes reduce the risk of changes.
With standardised controls applied across clouds, organisations gain consistent visibility, security, compliance, and better-optimised costs.
The whole is greater than the sum of its parts – Aristotle
These examples demonstrate that a holistic multi-cloud strategy, underpinned by tailored technological solutions, can master complexity, and unlock greater business value. However, point solutions alone provide limited benefits. We must take a comprehensive approach grounded in strategy. The key steps include:
- Developing an overarching multi-cloud strategy aligned to business goals and use cases.
- Creating a structured decision framework to optimize workload placement across clouds.
- Conducting thorough risk assessments to identify and mitigate complexities early.
In conclusion, failing to plan to gain control over multi-cloud complexity exposes organisations to an array of risks that threaten operations, security, compliance, costs, and strategic goals. Fragmented architectures frequently cause performance and reliability issues that disrupt customers. Misconfigurations create security gaps that lead to breaches. Inconsistent policies make compliance difficult. The lack of cohesion requires constant firefighting, which slows innovation. Poor visibility enables waste and cost overruns. Ultimately, these risks impact revenue, reputation, competitiveness, and the ability to transform digitally. However, taking decisive action now to reduce multi-cloud complexity can mitigate these dangers and realise the full potential of the cloud.
I hope you found the post informative. Thank you for reading.
Regards,
Nick
Ramos
October 9, 2023I can totally relate to the analogy between multi-cloud adoption and waiting at the dentist’s office! Both situations can start with good intentions but quickly become nerve-wracking. I know I have a dentist phobia and a messy multicloud pushed on us by no techies!
Mike
October 10, 2023An insightful article Nick and I appreciate the suggested solutions. However, I’d like to delve deeper into the aspect of implementing controls across multiple clouds. Could you provide more specific guidance or best practices on how to establish and maintain consistent governance, security, and operational controls in a multi-cloud environment? This is a crucial aspect of our multi-cloud strategy, and I’m interested in your views on the subject.
Virtual Tarzan
October 12, 2023Thank you Mike for reading and the insightful comment. A consistent framework with centralised visibility and policy enforcement is key for managing multi-cloud complexity. You need to define standards across clouds for identity management, access controls, encryption, network security, and monitoring. Also you need to Use consistent taxonomy for resource tagging, service catalogues, image management, and CI/CD pipelines. I suggest you adopt unified standards for cost allocation, high availability SLAs, disaster recovery RTOs/RPOs, patch management schedules, and compliance controls like access reviews and log retention. Favour cloud-agnostic solutions over proprietary features where needed. Automate deployment of baseline controls. Regularly review configurations for adherence to standards. Centralise logs for analysis. Test disaster recovery across environments. Assign clear responsibilities and establish procedures for cross-cloud change management. With well-defined standards in these areas and the right tools and processes, organisations can achieve consistent governance, security, and operations across multi-cloud environments at scale. The key is bringing consistency to the critical areas that span cloud boundaries.
I hope that helps.