Cloud and security

Multicloud may be your cloud strategy’s silver lining

No cloud provider does everything most organizations need. Enter: Multicloud. What should you do to make the most of it?

Share article

services multi cloud

No one expects to hear bonfire-roasted undersea cables were part of what inspired University of Hawai’i’s interest in using the cloud. Galvanized steel conduits come out of the ground right where Honolulu’s homeless population tends to light fires. More than once, the undersea cables have ended up cooked, leaving Honolulu with a quarter of its usual bandwidth.

It’s a novel problem, but the benefits University of Hawai’i is getting from multicloud are shared widely. More than 80 percent of organizations now use more than one cloud provider, say leading technology researchers Gartner. They describe multicloud as, “bringing multiple cloud services under unified management to serve multiple service models such as Infrastructure as a Service (IaaS,) Platform as a Service (PaaS) and Software as a Service (SaaS,) and multiple delivery models (public, private.)”

Many businesses are testing ways to use multicloud in digital transformation, to reduce risk, avoid getting locked into using one vendor and get more of the services they need.

I spoke with Brian Chee, co-host at TWiT: This Week in Tech – a network of nearly 30 tech podcasts and IT Specialist at University of Hawai’i, to find out how and why the university uses multicloud. He shares his advice for those deciding whether it’s a good option for their business, or just getting started.

Why multicloud?

For Chee, it comes down to none of the major cloud providers doing everything they want. For example, since they’ve been wooing University of Hawai’i, Chee’s been considering the value of Google Cloud. But as they’ve only just started providing infrastructure as a service (IaaS), he couldn’t run anything custom on it without a lot of painful retooling. If he were willing to retool, Google Cloud would be economical. They have many and varied data centers globally, making load balancing and failover capability simple. He thought setting up global load balancing (GLB) on Google Cloud was easier than Amazon Web Services or Microsoft Azure, but that will change, as Microsoft and Amazon invest big in undersea cables.

Does multicloud mean chaos?

University of Hawai’i has 10 campuses and 30 research institutes. Its IT group acts more like an Internet Service Provider (ISP.) They provide connectivity to the research and instruction units, but departments buy their own equipment and services. Brian says between them, departments use almost all the cloud providers he’s heard of.

Recently they’ve started turning the corner and using private cloud. It delivers services through IT infrastructure used only by their organization. About three years ago, they deployed a system based on VMware so they could pool resources and provision systems through a portal.
services multi cloud
On top of that, Chee says university departments want a hybrid cloud environment. He knows some are experimenting with Microsoft Azure, who has a deal on trial machines for educational institutions. He uses Amazon Web Services‘ Glacier for data archiving with a failover: An alternative destination if there’s disruption on the original transfer method.

Getting started with multicloud

There’s no “one size fits all” solution

Multicloud can happen by circumstance rather than design. Kaspersky’s Andrey Pozhogin explains: “When changes happen – like a company restructure, merger or acquisition – the IT team are suddenly managing a very different technical infrastructure stack. How to best resolve this is a unique decision based on your needs. There is no cookie-cutter solution.”

Know your needs from your wants

Chee says, start by making two lists, “needs” and “wants.” When you test drive, use these to decide where to place workloads.

Proof of concept (POC)

As they offer deals for test-driving, you should set up test runs with the major cloud service providers.

Try to verify the claims in their brag sheets and marketing materials. This is important because all the big players are different. “Too many people just believe salespeople,” says Chee. “Independent, unbiased testing is almost non-existent nowadays.”

Find a cloud-agnostic dashboard

Look for a dashboard that gives you one-touch capability on every switch port, several views into the inter-device path and the health of everything connected to it. Switch ports can be physical or virtual, as long as they talk SNMP (Simple Network Management Protocol.) Chee says market pressure means vendors are moving their dashboards toward this kind of functionality.

Always have security top of your mind

Chee thinks security is lagging behind DevOps. “They tend to be separate tools. SecOps hasn’t caught up with the DevOps folks or a single pane of glass yet, but they’re getting there.” He’s only heard of one tool, TotalView by PastSolutions, that combines DevOps and SecOps, but expects more are on the way.

Reducing multicloud risk

People often think trying to set up failover between cloud providers is complex. Not so much anymore, says Chee. “For cloud providers to stay competitive, they’ve had to develop Application Programming Interface (API) sets to manage and control IaaS and SaaS images remotely.” Another good thing to include in your proof of concept.

The C-suite (senior executives) should set the tone for the company, but too often they force exceptions on the IT group, like not wanting to change their password, says Chee.

If they don’t lead by example, the rest of the company will keep bad habits like weak passwords, using sticky notes and personal web browsing on company equipment. The C-suite must also be willing to invest in cybersecurity training and company-wide licenses for security tools like password vaults.

Portability is the future

Chee thinks the flexibility to move applications and data from one cloud provider to another will be critical in the next few years, and he says things are happening there. “It shouldn’t be long before I can shop complex mathematical tasks around various computing clusters worldwide to find the best price. I think that kind of portability is just half a dozen years away.”

Businesses are choosing multicloud to diversify where they place their workloads among the major cloud service providers, taking advantage of their strengths.

Kaspersky Hybrid Cloud Security

Borderless security for your multicloud environment.

About authors

Alyson Behr is a tech writer, editor, analyst and content consultant. With roots in testing, industry competitive analysis and product reviews, she has written for numerous IT publications. Alyson founded LabRat Magazine, the first publication devoted to the network test and measurement community. When’s she not at her computer, she’s an avid pilot and equestrian.