Enterprise cloud strategy: Improve agility while avoiding risk

ra2 studio - Fotolia

Multicloud environments are everywhere, but managing them is just beginning

Organizations have steeped themselves in all sorts of cloud services -- whether public or private infrastructure or cloud software. Now comes the hard part.

Think about a day in the not-so-distant future: You're preparing your company for cognitive computing applications, connecting sensors and other devices to billions of devices on the internet of things -- and moving infrastructure and software that has been running in the cloud for years back into the data center.

It sounds far-fetched, as more and more organizations shed the responsibilities of sheltering and cooling and maintaining servers for subscriptions to cloud computing services run in far-flung data centers. But IT consultant Judith Hurwitz said people are talking about it.

The problem: Getting multicloud environments -- essentially, mishmashes of externally run services -- to connect and work together so business can go on in a seamless fashion.

"I'm actually starting to hear some companies say, 'Well, we're rethinking this whole cloud thing. This is getting way too complicated,'" said Hurwitz, president and CEO of consulting outfit Hurwitz & Associates and a prolific author of IT books. "'Let's go back to the good ol' days when we didn't have to worry about these crazy cloud services.'"

It's not hard to understand that frustration. With handy access to cloud services, organizations are running all sorts of things, with developers signing on to, say, Microsoft's Azure cloud infrastructure service to pilot nifty new software or a business department choosing Google Cloud Platform as a backup for an application running in Amazon Web Services (AWS). When something goes wrong, they turn to the folks in IT, who have to scramble to uncross the wires and clean up the mess.

Judith HurwitzJudith Hurwitz

The answer, Hurwitz and other cloud watchers say, is managing this patchwork of cloud services -- along with internal computing environments such as data centers and internal private clouds -- as though they were one computer, one system. That's no small undertaking, and most organizations are just beginning to understand the problem, let alone tackle it.

"They really don't know where to start," Hurwitz said. "I think there's a lot of confusion and, 'How do I get my hands around this?'"

Of course, shadow IT -- tech projects that go live without IT knowing about them -- isn't the only reason organizations need to integrate their cloud services. Cloud computing, which promises cost benefits as well as a way to quickly experiment with new technology and respond to business demands, is incredibly popular, with organizations moving to it at an ever-quickening pace.

But as a 2016 Forrester Research report points out, "Not every app or workload is right for cloud, nor should it be." So organizations will continue to look to on-premises hardware to run highly sensitive data or mammoth data sets that need to move at lightning-fast speed. That means they'll have to do the onerous work of connecting systems, integrating data and optimizing resources.

David SmoleyDavid Smoley

"It's a challenge," said David Smoley, CIO at pharmaceuticals manufacturer AstraZeneca, based in Cambridge, U.K. Over the past few years, Smoley brought nearly $600 million of outsourced IT in-house, which cut IT spending while boosting performance. Then he began a colossal migration to the cloud. "It is a different skill set and a different attitude and even a different daily task than five or 10 years ago."

Moving parts

Managing multiple cloud services is challenging because each service has a different underlying architecture, and each has a different management console and requires different tools for setup and monitoring. So adhering to policies on things such as regulatory compliance, security and data storage can be arduous, forcing organizations to build them into each service separately.

With a multicloud management strategy, organizations can lasso the various parts of their cloud environments and then corral them into one management regimen, said Murali Balcha, founder and CTO of Trilio, a Hopkinton, Mass., company that sells a data protection service for clouds built on the open source computing system OpenStack.

Managing cloud services makes IT operations more efficient -- "you spin up the resources and spin down the resources when you don't need them," Balcha said at the OpenStack Summit in Boston in May. It also decreases costs.

One 2016 study by IBM found that 54% of companies employing a multicloud strategy do so to lower total cost of ownership -- that's how much it costs to buy, install and maintain new technology; 42% do so to increase operational efficiency; 42% to drive innovation; and 40% to meet customer expectations.

Ideal multicloud environments, Hurwitz said, allow for data and applications to be moved across their constituent parts. That way, if there's an internet service disruption, say, or a vendor doubles its prices, an organization can move data and applications from one cloud to another with little fuss.

Your internal customers don't really care what they use. But they do want that consistent level of service, and they don't want surprises.
Judith Hurwitzpresident and CEO, Hurwitz & Associates

They also catalog all the cloud services available at an organization, map projects and uses to the most appropriate resources -- whether public or private cloud or data center -- and automate the process, and ensure that all the policies and regulations of the organization and the country it's located in are being met.

"Your internal customers don't really care what they use," Hurwitz said. "But they do want that consistent level of service, and they don't want surprises, and if something goes wrong they want it fixed."

Piecing together external and internal systems is not a one-off project, she said. It requires "thought and planning and strategy behind it," beginning with an inventory of all the cloud services currently deployed.

That may sound like a simple tally by IT, but at many organizations, "they don't even know what's running. They don't even know what services are in play," Hurwitz said.

Plan first -- buy later

Smoley knew how vexing a problem a boundless universe of cloud services could be at AstraZeneca, so he first identified the dots that needed connecting.

"Part of it, really, is identifying who those cloud players are, what is your cloud architecture, how does it interface with any legacy or external applications and architecture, and who are the owners for the different parts, the pieces," Smoley said. Those owners, or project managers, are key, because they manage the individual vendor relationships and are "communicating back and forth to the organization."

There are numerous tools designed to help manage multicloud environments -- RightScale, Scalr and Cisco CloudCenter are but a few in the growing market. AstraZeneca has made significant investments in virtualization software VMware and uses the vendor's vRealize to manage its cloud infrastructure services, which include AWS, Azure and Google.

Hurwitz said that before even doing product evaluations, organizations need to first figure out what their objective is.

For example, if various departments are spending money on unbudgeted online tools -- a common refrain is, "I found this cool software-as-a-service app and I'm using it," Hurwitz said -- then that's one thing. They can put ground rules into effect that let departments know when they can and can't subscribe to commercial software.

Or there could be a need for strict data governance requirements, Hurwitz said. Some countries may require that data stay within national borders, so companies with customers in multiple nations have to be careful when moving data around. By putting certain workloads "in the cloud," they're essentially sending information from one jurisdiction to a data center in another -- and that could lead to "pretty steep fines."

And before giving the green light to a management plan that could automate a move, say, from an internal data center to one operated by a cloud provider, organizations need to figure out what workloads they're comfortable with putting in the cloud, Hurwitz said.

All that has to be in place at the outset, she said. "If you just panic and say, 'Quick -- go get me a tool,' you don't know what problem you're solving."

The race to multicloud bliss

One IT exec driving toward multicloud management is Matt Cadieux. He's the CIO at Red Bull Racing, the Formula One auto racing team, based in Milton Keynes, U.K. The company manufactures many of the parts that make up its race cars -- chassis, electronics and controls systems, hydraulics systems -- and for each of the 20 races in a March-November season, cars are disassembled and then pieced together again with newly engineered components.

So IT is "pervasive in every part of the company," Cadieux said -- from the computer-aided design of the parts to algorithmic simulations of races to real-time data analysis during races to determine the best course of action in case of an accident or change in the weather.

Cloud is a big part of IT at Red Bull Racing, with a huge chunk of the company's 200-plus applications in some form of cloud computing. A lot of them are highly specialized, such as its computational fluid dynamics software, which measures airflow over the cars. Those are in a private cloud, because the files are gigantic.

"If we had to run in somebody else's data center, the file transfers would take too long," Cadieux said.

The company also uses Azure and has a variety of software-as-a-service applications, including Microsoft's Office 365 cloud productivity software, which will get its first users later this year.

Integrating all that data is important, Cadieux said, and because a lot of it is with Microsoft -- in Active Directory, SharePoint, .NET software development framework -- a lot of management is done at the back end, at Microsoft.

"If they design it all to work together, they have a lot more resources to integrate it and to manage it well than we will ever have," Cadieux said.

But Red Bull Racing will need a tool to manage its multicloud environment, corralling its Microsoft services along with cloud services from other vendors, Cadieux said, such as its new human resource information system, which will allow IT to respond more quickly to users' collaboration and communication demands.

"Within the next 12 months, we will definitely be in this position," he said.

Next Steps

You need more than multiple cloud services for a multicloud environment

Multicloud computing: You're already there

AstraZeneca's CIO, CISO team up on security, cloud use

Dig Deeper on Cloud computing for business