Considering a hybrid cloud IT strategy? It’s a little like deciding where to park your car. Is the garage in a safe neighborhood? Are there multiple layers of security, besides just a guard dog behind a chain link fence? Do you drive it in yourself, or are you required to turn the keys over to an attendant? Do you have any say or control over where your car is parked and perhaps most important of all, is it cheaper and more efficient to just keep it in your own garage?
Gerry Gosselin, VP of Engineering at VertitechIT says applications and data gravity should drive your hybrid cloud strategy. “Some of our clients are simply looking to extend their data center into the cloud for increased capacity or disaster recovery. Others choose specific applications to be in the cloud rather than on-premises. Not every application should or can be in the cloud and not all data make sense to store in the cloud. That decision needs to be made on an application by application basis.”
Deciding what should go where, is what hybrid cloud is all about.
Don’t play follow the leader. A hybrid cloud strategy should never be adopted just for the sake of doing hybrid cloud. This is no place for a “me too” attitude. (See #8 below)
- Existing on-premises data centers are expensive to operate and even more costly to innovate. Cloud providers like Microsoft, Google, and Amazon are sinking billions of dollars annually into R&D and innovation. Can a business or healthcare institution do it faster, cheaper, or better? (See tip #10)
- Cloud choices often bring up the concern for an “all in one basket” approach. (If you’re worried about vendor lock-in, see tip #14)
- Strategic decisions need to consider the end-user experience. The need to access applications and information anywhere, anytime, and on any device are often paramount. (Check out tip #29 on the importance of a seamless end-user experience)
- Disaster recovery is the nightmare that keeps every IT professional from a sound sleep. Pushing that responsibility to the cloud is comforting, if the actual recovery process isn’t overly burdensome.
Some industries, like healthcare, have been slow to adapt hybrid cloud strategies. “They may have some private clouds, some information stored in the public cloud, but there’s no integration happening between the two,” says Mike Machulsky, VP of Sales at VertitechIT. “The majority of healthcare organizations are utilizing software applications that were designed more for the 1980s than today. These applications don’t have the need to scale out just yet, but they will, and when that happens, institutions need to be ready to move.”
So before choosing your “cloud garage” of choice, check out the list below. A sound hybrid cloud strategy will go a long way in keeping the car out of the repair shop.
“We believe in a world where you integrate public cloud with your on-premises infrastructure, and use each where it makes sense in conjunction with each other. And when we say integration, we mean true integration – across infrastructure, applications, development platforms, identity, and databases. This is what we call hybrid cloud.” - Microsoft Azure – Infrastructure as a Service (IaaS) Jumpstart, VertitechIT Hybrid Cloud Services, VertitechIT; Twitter: @vertitechit
1. Know what it will take to scale. “It’s also important to note the scaling costs for moving forward: What happens when an enterprise needs to scale usage up or down? For instance, say you’ve deployed some set of capability and capacity behind your firewall, and you now find that that an application needs more capacity in what was deployed. The whole notion of ‘cloud bursting’ allows you to use capacity in the cloud when you need it, and still keep everything behind the firewall when you don’t. A challenge with this, however, is that you have to engineer the data so that the data can be secured in either location, often creating more work.
“While CIOs have much to consider regarding hybrid cloud, the benefits will ultimately outweigh the challenges. Coming up with a well-defined strategy around hybrid cloud is crucial, along with knowing how to accommodate the scale and change involved with having applications on premises and within internal and external cloud environments. Finally, make sure your budget is aligned with your goals, to find the best overall solution for your enterprise needs.” - John Villasenor, Managing Hybrid Cloud: 3 Challenges, Network Computing; Twitter: @NetworkComputin
2. Understand compliance requirements. “Compliance may be viewed from two perspectives:
- Legal compliance. Make sure your cloud provider has all the required certifications to comply with policies and governmental regulations in a target state.
- Technical compliance. According to shared responsibility, your cloud provider is in charge of hardware, while you are responsible for software configuration and applications security. Make sure you have enough tools to implement a secure and compliant solution according to your requirements and needs.
“Even though implementation of a hybrid cloud might seem rather challenging, numerous cloud providers offer solutions that are capable of overcoming the mentioned issues and ensure successful hybrid cloud implementation. Determine your priorities and needs, build a clear vision of what to expect from a cloud provider and get ready for the benefits of the hybrid cloud.” - Vadym Fedorov, Solutions Architect for SoftServe, Implementing hybrid cloud: 5 major challenges, Sand Hill; Twitter: @SandHillcom
3. Consider compatibility implications across different levels of infrastructure. “Across infrastructure, compatibility can prove itself to be a major issue when building a hybrid cloud. With dual levels of infrastructure, a private cloud that the company controls, and a public one that the company leverages, the chances are that they will be running different stacks. Can you manage both using the same tools, or will your team have to learn a new set in order to effectively oversee them?” Microsoft seems to be leading the way with their Azure Active Directory approach. As the product matures and on-premises servers can be managed completely by AAD, enterprises will have a much more comprehensive security and governance platform for the hybrid cloud. - Aaron Lumnah, Pros & Cons for Building a Hybrid Cloud for Your Enterprise, Actifio; Twitter: @actifio
4. Develop a set of best practices to govern the hybrid cloud environment. “The final implementation challenge? Developing a set of best practices to govern this new environment. CIO Insight recommends that companies start by targeting the “five essentials” of cloud computing: on-demand self-service, broad network access, resource pooling, rapid elasticity and measured services. In addition, companies must develop practices aimed at enhancing task automation, and communicate this benefit to employees. Time is also a critical factor: Ideal cloud implementations happen in measured stages, not fits and starts. Slow and steady always wins the cloud race.” – John Grady, Cloud Implementation: Top 5 Challenges and Strategies for Success, Solutions Review; Twitter: @CloudTechReview
5. Of course, security is a top consideration for any enterprise putting together a hybrid cloud strategy. “We’re talking about monitoring and securing information as it enters and leaves the cloud, perhaps even leaving the country, ensuring data integrity as it moves from one data center to another, and much more. The cloud cannot factor into this in any way, shape, or form,” says Gerry Gosselin, VP of Engineering here at VertitechIT.
“Activity traffic that traverses multiple infrastructure boundaries, if not well secured, increases risks to the organization. Security policies must be reviewed for relevancy in a hybrid cloud environment and enhanced as needed. Moreover, infrastructure designs must account for the security policy and be carefully tested across all integration points to assure operational compliance.” – Lou Fucito and contributor Brian Cole, 5 Hybrid Cloud Challenges, Paragon Solutions; Twitter: @consultparagon
6. Consider how to secure control in the hybrid cloud environment. “Because a hybrid cloud requires integration across private and public domains, control becomes a critical issue. Consider how to control customers’ personal information and infrastructure to minimize security risks, as well as how to manage operational processes to optimize the use of in-house resources and customers’ experiences.
“When evaluating hybrid cloud solutions, here are a few questions to consider:
- Will I be able to manage security of my workloads and secure business critical data in my hybrid cloud’s public domains?
- Do I have the right resources in-house to operationally manage the implementation across my hybrid cloud?
- Can I keep the same policy control over my workloads no matter where they are running?
7. There’s no out-of-box system that works for every business. “Each network is different and as such each business’s challenges will be unique to that specific organization. This is why it’s crucial to have a cloud communications system that can change with you. Before you make a decision on a public, private, or hybrid cloud system, you have to consider multiple factors like compatibility, cost, features, reliability, voice quality, and security.
“There is no out-of-the-box cloud solution that will work for every business. The needs of your business today could be different from what your business needs six months from now. Your business needs a communications systems that can adapt and change as the market and your organization changes.” - Six Things You Need to Know about Hybrid Cloud Communications, Mitel; Twitter: @Mitel
8. Know what business goals and objectives you want the hybrid cloud to fulfill. “It isn’t enough to pick some cloud services and begin using them; you should know exactly what business goals and objectives you want your hybrid cloud approach to fulfill. Map out your company’s strategic IT plan for the next several years and think about what services you could be using in the future. Then, align your goals with the necessary systems, infrastructure, applications and resources necessary. This will help you determine which service providers to choose.” - Learn about hybrid cloud implementation in this blog, including tips for success and how to plan for the potential challenges., WEI; Twitter: @WEI_com
9. Plan a backup and recovery strategy. “Be sure to plan for a backup and disaster recovery strategy that will work across your environments. It is important to be prepared and to have a process in place that is clear, known and simple to follow. In the unfortunate event of a disaster it is much better to be prepared so that you can get up and running as quickly as possible rather than living in hope that nothing ever happens.
“Be sure that these strategies are workable and maintained and that they match the level or are an improvement on your level of existing strategies and policies.” - Ricky M. & Monique L. Magalhaes, Moving to a Hybrid Cloud – Considerations, CloudComputingAdmin.com; Twitter: @TechGenix
10. Consider how moving applications and data can free up internal IT resources. “Another thing to consider is how much moving applications and data storage to the cloud could free up what is most likely an overworked IT department. Some analysts contend that by offloading some of IT’s heavy lifting to the cloud -- including fixing crashed systems, helping users who bring their own devices to work and dealing with an expanding security perimeter -- enterprises can let someone else worry about at least part of the regular maintenance routine.
“That, in turn, means IT workers will have more time to be innovative in terms of how they help the business succeed.” – Sharon Gaudin, 5 tips for building a successful hybrid cloud, Computer World; Twitter: @ComputerWorld
11. Consider private networking options to avoid bandwidth issues. “To optimize a hybrid cloud deployment, efficient network management is a must. Without it, network bottlenecks, especially within wide area networks, can occur, hampering performance and slowing data transfers between public and private clouds.
“While some businesses attempt to rely on traditional internet connections to link their private cloud to a public cloud provider, bandwidth can be an issue. One option is to update your internet lines for increased speed -- but this can be pricey.
“Instead, consider private networking options, such as virtual private network or a direct connection service from a public cloud provider. With a direct connection service, such as those from Amazon Web Services (AWS) or Azure, users can access a private, dedicated line that speeds the transfer of data from their own data center to the public cloud.” – Kristin Knapp, Manage a hybrid cloud deployment with these top tips from 2016, SearchCloudComputing; Twitter: @TTintheCloud
12. Ensure that both IT and lines of business have a voice when planning your hybrid cloud blueprint. “A hybrid cloud strategy should always be centered around the application – not your IT infrastructure,” explains VertitechIT Senior Architect Carlos Jaundoo. “As your software vendors develop a more modern approach to development, they’re going to demand a platform that can scale with the application on-demand. Therefore, it’s crucial that you’re prepared for a new application paradigm.”
“There is a strong need to establish awareness that hybrid environments are a fact of life, which also underscores the need to establish a blueprint for rolling it out. Every organization should work to build this blueprint, ensuring that both IT and lines of business have a voice and both sets of needs are met from the beginning – it’s far easier to put this in place immediately, to avoid having to painfully deal with situations including ad hoc integration and homegrown solutions. A few things to consider for your blueprint include a cloud integration gateway; federation of services in cloud-based and traditional service domains; and a defined approach to governance.” – Marc-Thomas Schmidt, Hybrid Cloud Tips and Best Practices, Cloud Times; Twitter: @cloudtimesorg
13. Consider segmenting workloads into tiers to prioritize performance and control. “Managing and balancing workloads is crucial to an effective hybrid cloud strategy. The decision to deploy solutions on public or private clouds should be directly linked to the business requirement and the SLA. As an organizing principle, many companies segment their workloads into tiers, with Tier One workloads most likely to be in the private cloud for performance and control. Tier One workloads are usually those that require large scale data volumes or heavy infrastructure needs. Examples might include content serving and management, database management, big data and analytics, or virtual desktop management.
When segmenting workloads for your organization, factor the following characteristics into your decision. The more of these factors inherent in a workload, the more likely it should be a Tier One workload with closely managed performance.
- Need to keep information confidential
- Regulatory or security requirements
- Need for reliable consistent performance
- Revenue generation
- Audit or change control requirements
- Data volume and scale” – Considerations When Developing a Hybrid Cloud Strategy, OneNeck IT Solutions; Twitter: @OneNeck_IT
14. Containerization is a strategy that allows for better movement and application support. “One of the biggest advantages of the hybrid cloud lies in the ability to develop and deploy containerized instances that run applications and store data. Containers work in a similar manner to virtual machines, except that VMs run complete instances of servers and thus take up a lot of space. Containers, on the other hand, are extremely small. Essentially, they represent building blocks that can form complete instances, instead of coming as a complete package. According to WindowsITPro contributor Orin Thomas, this facilitates the movement of containers between hosts, because all you have to do is shift the container files themselves.
“This enhanced ability for movement and application support is advantageous for numerous reasons. In a hybrid cloud environment, this allows developers to streamline app development and delivery.” – Eric Tabor, Deploying Hybrid Cloud in 2016: Tips, Tricks, and Stats, ISG; Twitter: @ISGTech
15. Evaluate the total cost of ownership. “Cost comparison is a logical first step toward establishing an effective hybrid-cloud environment. While cloud UC systems have lower upfront costs, many have recurring charges billed monthly as a service. As such, it’s crucial to consider total cost of ownership before migrating UC and collaboration solutions to the cloud. In comparison, going with an on-premises UC solution requires a large capital expense up front with additional installation and network integration costs (along with ongoing maintenance and upgrade expenses).” – Kevin McMahon, 7 Considerations For Adopting A Hybrid-Cloud Approach To UC&C, Cloud Strategy Magazine; Twitter: @Cloud_Strategy
16. Choose the right hardware to minimize costs. “Another key element in developing a smart private and hybrid cloud strategy is choosing the right infrastructure hardware. Wescott pointed out that organizations have three basic choices when it comes to hardware: build it themselves using ‘a la carte’ components, deploy a verified reference architecture, or turn to full engineered solutions that promise streamlined deployment and rapid time-to-value.
“Which option is best for a particular company depends on its existing infrastructure. Most organizations have been working on virtualizing their data centers for many years and have already spent a lot of money on legacy hardware. Wescott advised companies to develop a plan to ‘leverage existing data center investments’ when building a private or hybrid cloud. He recommended ‘working with a partner that can build the cloud you need in the way that you need to.’ He also emphasized the importance of choosing components designed for ‘removing complexity and simplifying the overall experience.’” - 4 Key Considerations for Private and Hybrid Cloud Strategy, quoting Jim Wescott, Senior Strategist for Dell Enterprise Solutions Group, a UBM Tech (Dell/Intel) white paper made available by GovTech.com; Twitter: @UBMTech
17. Consider a phased approach to migration. “Identify processes, applications or tools that could be easily migrated to a public cloud and adapted into your processes as initial cloud projects. This provides an opportunity for your organization to learn and adapt before tackling larger migrations.” - Building a Hybrid Cloud Strategy, Electric Lightwave; Twitter: @ELightwave
18. Consider whether cloud bursting is a workable option for your organization. “The concept of cloud bursting (also called workload overflow processing) has been around for several years, but has yet to really catch on, particularly at the enterprise level. Why is that?
“The main reason is that cloud bursting is a simple concept that’s technically difficult to accomplish at both the infrastructure and application levels. Firstly, it’s difficult to move storage to and from the cloud. Bandwidth limitations represent a real, practical constraint that limits the ability to move resources to and from the cloud. On top of that, different environments aren’t always compatible. If your private cloud and public cloud are set up to handle very different responsibilities (which is common), then you may have a lot of trouble setting up cloud bursting.
“Secondly, software must be configured to run multiple instances simultaneously. If you’re building a new application from scratch, this can be engineered in. If you’re working with an already extant application (which most people are), then it can be a difficult and time-consuming process to add this functionality. The more complex your application and the more services it interacts with, the more difficult it is to burst.
“Given these limitations, cloud bursting is usually recommended for high-performance applications that won’t suffer from the latency issues that come with moving between the public and private cloud. Additionally, you should consider whether or not the application handles data that’s subject to regulatory mandates or compliance standards like HIPAA or PCI DSS.” – Tyler Keenan, Is Cloud Bursting Right for You?, Upwork; Twitter: @Upwork
19. Know precisely what IT infrastructure supports which business processes currently in order to effectively map out a hybrid cloud strategy. “As with any IT project, an organisation adopting hybrid cloud should first know precisely what its present position is. The IT department first must map its current IT services, followed by the IT environment it currently uses to provide them.
“With this map, the department should be able to answer precisely what IT infrastructure provides what services to what part of the business; as well as the skills and other resources that support those services, and the value that they provide to the business. Once it understands the status quo, the department can then start to look to the future.” - Hybrid cloud: 5 Tips for finding your sweet spot, Computer Business Review; Twitter: @CBROnline
20. Analyze cloud impact before implementation. “It is normal that the applications are interlinked with other applications and systems. So, make sure you take note of the end result of cloud migration before going ahead to do so. Ensure you review your workload properly through which you can know the applications that required an update before and even during the cloud execution.” - Tips to Follow While Transferring Data to Hybrid Cloud, Cloud Enterprise Backup
21. Hybrid cloud configurations are a sure-fire way to ensure that business communications are always accessible. “Even though there are multiple redundancy systems in place by cloud service providers, having a hybrid cloud strategy that uses a combination of cloud services and on-site solutions is a foolproof way to ensure your business communication is always available.” – Michael Guta, Tips for Adopting a Cloud Communication Solution for Your Business, Small Business Trends; Twitter: @mmguta, @smallbiztrends
22. Make a clear distinction between hybrid cloud and IT. “The first step of explaining a hybrid IT initiative? Be confident in your proposal. While managers may not understand everything you say, they're experts at reading tone and body language.
“To avoid that, make a clear distinction between hybrid cloud and IT. In the hybrid cloud model, you leverage public clouds for noncritical data storage and private clouds for more sensitive information and apps. In hybrid IT, you run public clouds but keep all private IT infrastructure on-premise. Over time, companies can choose to embrace more cloud-based technology as legacy processes reach the end of their life span, or continue to run public and in-house solutions side by side.” – Doug Bonderud, 3 tips for pitching a hybrid IT infrastructure business case, The Pulse of IT; Twitter: @HPE_SMB
23. Consider how you’ll integrate your cloud management console with your internal IT management platform. “The cloud service provider typically provides a cloud management console. The organization would have deployed an infrastructure management platform to monitor and manage Internal IT. While both may offer resource provisioning and resource monitoring capabilities they would not offer performance management capabilities that allow automatic scaling of resources as per consumption.
“The two management platforms need to be integrated to provide a single view of the hybrid cloud. However neither provides the functionality to do so and therefore would require add-ons or plug-in components which provide the functionalities to manage the two infrastructures as a whole.
“A lot of third party vendors offer components that help create a layer of these functionalities on the existing infrastructure management platforms. These functionalities allow managing the hybrid cloud singularly by providing the automated monitoring and provisioning functionalities.” - Karthik Ramarao, Creating a hybrid cloud: key considerations, ComputerWeekly.com; Twitter: @ComputerWeekly
24. Flexibility is imperative for certain types of businesses with fluctuating demand and usage patterns. “Elasticity requirements must be considered when assessing public and private cloud usage. Seasonal demand for services, such as Black Friday ecommerce activity, drives a significant increase in capacity requirements for a short period of time. Public cloud services are preferable when elasticity is a major concern as purchasing on-premises capacity to support this kind of demand is not cost effective. Mature organizations provide ‘bursting’ to public cloud services when privately hosted services exceed defined thresholds.” - Practical Guide to Hybrid Cloud Computing, Cloud Standards Customer Council; Twitter: @Cloud_Council
25. Portability is a concern for many enterprises moving to the hybrid cloud. “This wouldn’t necessarily be a problem if enterprises had a single cloud provider. But respondents estimate their organizations utilize the services of an average of three providers. Sometimes this proliferation happens accidentally, with business units employing ‘shadow IT’ without bringing internal IT into the discussion.
“The result: Only 40% are currently able to move workloads across cloud types or providers. That means enterprises striving toward flexible use of hybrid clouds face a looming challenge, because 62% are looking to achieve portability within the next 18 months.” - The Next Cloud Challenge, CIO Quick Pulse Cloud, white paper made available by HPE.com; Twitter: @HPE
26. The role of IT must change when implementing a hybrid cloud strategy. “Enterprise IT faces two main challenges when migrating to hybrid IT: The change in the role of IT and managing for longevity.
“First, the role of IT changes. It no longer focuses solely on managing data centers and assets, it has to integrate closely with a new type of service providers. In a hybrid IT environment, IT must strategically coordinate physical assets with cloud services. We have always worked with vendors, but now the experience needs to be that of one seamless team.
“Second, the enterprise must manage its expectations for application longevity and stability. Cloud services evolve over time, so cloud-hosted applications will not have the lifespan of legacy enterprise systems. This means that IT needs to be agile and well prepared for rapid changes in integration and design.” – Overcoming the Challenges of Implementing Hybrid IT, Open Data Center Alliance; Twitter: @opendatacenter
27. High latency can be a concern with some hybrid cloud implementations. “Latency in this context is the time taken for data to be transmitted over the Internet between the provider and the customer. Higher latency values mean longer response times and lower throughput of data. In local SAN environments buffers in the array and host enable multiple blocks of data to be ‘on the wire’ at any one time, and response times are typically 10 milliseconds (msec) or less, with only a small part of that being the fabric transport time (whether Ethernet or Fibre Channel). As latency increases—such as in transport over long distances to and from the cloud provider—throughput drops dramatically as less data is in transit across the network.” – Chris Evans, Hybrid cloud solutions address cloud data storage’s three key challenges, Computer Weekly; Twitter: @chrismevans
28. Overcoming integration challenges relating to network management platforms, system orchestration, and server virtualization is necessary for success with hybrid cloud. “Businesses implementing hybrid cloud plans often end up facing a variety of difficulties trying to conform their operations around the new technical capabilities and challenges created by the technology. Organizations that want to find success in the hybrid cloud often benefit substantially from service management investments.
“According to a recent Infonetics Research report, many of the challenges facing businesses turning to the hybrid cloud center around integration. Cliff Grossner, directing analyst for data center and cloud at Infonetics Research explained that the cloud creates numerous challenges attempting to integrate the various platforms for network management, system orchestration and server virtualization in hybrid cloud environments. Overcoming these integration challenges could prove key as the hybrid cloud gains prominence at a rapid pace.” - Hybrid Clouds Create New Service Management Challenges, Sun View Software; Twitter: @SunViewSoftware
29. To the end user, the myriad processes happening behind the scenes should appear as a single, seamless application. “Typically, people think of hybrid clouds as some combination of different cloud environments – say, two public clouds like Amazon.com AWS and Microsoft Azure – or perhaps a public/private cloud or cloud/on-premises combination – or a mix of any of these options with managed hosting offerings like Rackspace’s.
“Applications that run in such hybrid clouds, therefore, consist of disparate workloads running in separate environments, and furthermore, those workloads may move from one environment to another for several different reasons, including application deployment, load balancing, disaster recovery, or price arbitrage, among others.
“From the end-user perspective, however, this whole mess should appear as a single collaborative application – and furthermore, must perform just as well as an app running in a single environment. And therein lies the session management challenge.” – Jason Bloomberg, Rackspace: Untangling Knotty Hybrid Cloud Challenges With Vizru Low-Code Platform, Forbes; Twitter: @TheEbizWizard
30. A strategy for managing the hybrid cloud infrastructure is a necessary component. “Some of the challenges are operational, because once the hybrid environment is up and running, it must be managed. Service levels must be maintained across all of the different service providers that a company uses, and applications scattered around a distributed environment must be made to work together seamlessly, failing over when necessary.
“Cloud management software is a necessary component of a hybrid cloud solution, because it ties together operations data from various service providers to create a unified view of the system. That’s an important function in an infrastructure where companies might otherwise find themselves struggling to hold one service provider accountable for performance or availability problems. It is all too easy for cloud service providers to point the finger at each other.
“Software solutions for use by customers are one approach here. Another is to hand the management of a hybrid cloud infrastructure off to another service company entirely, and let them deal with the complexity. Several cloud management services exist that can cut through the whole tangled mess for CIOs, leaving them to focus on strategy.” – Danny Bradbury, The hybrid cloud management challenges IT departments must overcome; IT World Canada; Twitter: @itworldca
31. Some organizations struggle with managing cloud alongside non-cloud systems. “Cloud also requires IT and business to work together even more closely to ensure cloud adoption is not counter-productive — enabling business units to self-provision cloud service, while IT divisions take care of related risks factors, integration issues and service-level considerations. As cloud adoption surges understanding and addressing the emerging challenges of effectively managing a hybrid IT landscape of cloud alongside non-cloud systems becomes even more critical.” - Cloud and Hybrid IT Challenges, Fujitsu; Twitter: @Fujitsu_Global
32. Consistent monitoring and logging is a must for security. “Companies routinely monitor their own environments for suspicious activity and keep detailed logs of all events. The same sort of monitoring and control should extend to public cloud environments.
“Consider the Intel IT group. We have a security business intelligence (SBI) platform that we use as the focal point for logging, monitoring, alerting, and responding to security violations. Cloud-based applications are no exception. We collect logs and alerts from our cloud providers and feed them into the SBI platform, where they are correlated and monitored for anomaly detection alongside data from all other applications.
“With this approach, we can detect when a user uploads or downloads an unusual amount of data, for example, or logs in from two different locations in a timeframe that would be unrealistic or impossible. Either instance would be an indication of suspicious activity that should result in an alert to the security team.” – Patty Hatter, 3 Tips for Extending Security Policies across a Hybrid Cloud Environment, CSO; Twitter: @CSOonline
33. Some organizations struggle with maintaining an appropriate level of control as they move to the cloud. “Perhaps one of the hardest aspects of any cloud approach that veers into the public cloud is control. Adam Fore, Director of Cloud Solutions Marketing, NetApp, cautions users who are offloading certain elements of infrastructure and applications to the cloud to make sure they don’t also try to offload responsibility and control of their business data, whether consciously or unconsciously.
“’They have undoubtedly worked for years to align their datacenter workloads with the right levels of performance, data protection, and governance,’ said Fore. ‘As they seek to implement hybrid clouds, they will need to consider how to maintain data control while leveraging a variety of different cloud services.’
“Easier said than done with some cloud services. It’s all a matter of reading the fine print in contracts and making your own requirements for control and security known upfront – and following through to see they are carried out. Fore noted that small initial compromises when implementing cloud computing are often the first steps in rapidly creating fragmented and chaotic data environments. The results can be difficult and costly to unravel.” – Drew Robb, Hybrid Cloud Storage Tips, Enterprise Storage Forum; Twitter: @storagenews
34. A lack of standard policy definitions and language across services can make auditing challenging. “Different products and services have different names across different providers making the tracking and auditing of hybrid clouds difficult. A common language for common services among providers would make tracking and using these services easier.” – Brandon Butler, The enterprise wish-list for the hybrid cloud, Network World; Twitter: @NetworkWorld
35. Capacity planning is crucial to address (and hopefully avoid) workload overflow issues. “To address data center capacity planning, load testing against a proposed infrastructure configuration, trending based on previous growth and building analytic models can help enterprises create accurate estimates of when on-premises capacity will start to struggle and require public cloud overflow processing. Of these, taking the time to throw simulated application traffic at a pre-production application environment can be one of the best ways to create awareness of where your environment is in relation to current and projected application processing needs. When properly used, this data plays a key role in helping to determine the amount of on-premises resources needed to start with and the sweet spot for the public cloud architecture. While these methods can be time-consuming and, in some cases, costly, for organizations committed to a true hybrid cloud strategy, the benefits and long-term cost savings of proactive planning as opposed to reactive re-architecture far outweigh the investment.” – Jason Dover, Meeting the Challenges of Hybrid Cloud, Enterprise Networking Planet; Twitter: @NetworkNotes
36. Ensure that you have the appropriate user access controls (UAC). “The hybrid cloud solution needs to have an effective User Access Control (UAC) system with the ability to set different permission levels for user access to the virtual data centers of an enterprise. Users with administrator roles should be able to view the complete audit trail of virtual data center activity.” - Rahul Dasgupta, How To Implement Hybrid Cloud Successfully, Cloudwards; Twitter: @cloudwards
37. Enterprises can’t rely solely on the NIST definition of hybrid cloud when evaluating implementation options. “The National Institute of Standards and Technology (NIST) defines hybrid cloud as a composition of at least one private cloud and at least one public cloud. A hybrid cloud is typically offered in one of two ways: A vendor has a private cloud and forms a partnership with a public cloud provider, or a public cloud provider forms a partnership with a vendor that provides private cloud platforms.
“In this definition, NIST supposes that vendors will create these partnerships and consumers will choose a well-defined tandem public-private combination that meets their needs. In reality, though, most enterprises develop a private cloud environment and then search for a public cloud provider that will best connect the two clouds.
“Therefore, enterprises can't necessarily use the NIST definition as a basis for evaluating available options for building an effective hybrid cloud. A better approach would be to identify functions that must be addressed as the enterprise searches for a public cloud to integrate with its existing private cloud architecture. To do this, enterprises should look at three areas: security, connectivity and portability.” - Mark Mitchell Szynaka, Contributor, Fundamentals of the hybrid cloud computing model, SearchCloudComputing; Twitter: @TTintheCloud
38. It’s important to understand requirements for integrating certain back-end components. “With management tools, you want to determine with the vendor, or even have in the RFP, requirements for integrating specific back end components. For example, if you're provisioning workloads, you may want to have direct integration with my ticketing system. Or you may want direct integration with my asset management system so when a new workload is provisioned and created, you automatically have at least an asset record of that virtual instance. If those features are not included out of the box, they're typically created as a professional service, which could cost anywhere from tens to hundreds of thousands of dollars.” – Chris Wolf, Gartner Analyst, as quoted by Karen Goulart in Hybrid cloud management myths and integration challenges, SearchCIO; Twitter: @SearchCIO
39. Failing to encrypt data as close to where it’s created or used is the safest approach to security. “Another crucial technology to overcome hybrid cloud security challenges is encryption. Not only should all data be encrypted at rest in the on-premises data center, but IT administrators need to decide when and where to decrypt that data if it is moved to the cloud. Ideally, data should be decrypted as close as possible to where it is created or used. However, putting encryption keys in the cloud often violates compliance mandates, so some IT administrators choose to decrypt data on the storage device. This, however, still leaves data exposed and vulnerable as it travels across the LAN. Using a different encryption system for data-in-flight than that used for data-at-rest on the storage device is another way to increase security.” - New Approaches to Hybrid Cloud Security Challenges, United Layer; Twitter: @unitedlayer
40. Don’t be afraid to customize and combine services for a functional platform that meets your needs. “Your organization does not need to get locked into one cloud service – there is a time and use for hyperscale cloud providers such as AWS and Azure. Consider using APIs and customized coding to create a management system that works for you. Perhaps you need a function for a specific scenario that a cloud provider cannot provide, so work on it yourself and be open to combining elements to create what’s best for your data.” – Emma Kula, Tips For Managing Your Hybrid Cloud, Vector Networks; Twitter: @vectornetworks
41. Aim for provable, measurable SLAs to avoid regulatory compliance issues. “Specify to any prospective cloud provider what levels of security you need for the assets you’re moving into a public cloud and any restrictions you require regarding how data is stored, backed up, and encrypted. Among the factors to include in a service level agreement (SLA) are data privacy, data flow, data storage, the physical location of data, and the type of encryption used. Cloud providers generally have their own tools and standards in each of these areas, so focus on the desired outcomes rather than technologies.
“In regulated industries, specify which compliance standards must be observed and what reporting is required. Be sure your cloud provider is aware of compliance deadlines. For example, some regulations require records to be made available with as little as 24 hours’ notice.
“The more provable or measurable your SLA is, the less chance you will have to re-craft it when moving to a cloud provider with different procedures or tools.” - 6 Tips For Increasing The Portability Of Your Hybrid Cloud Security Strategy, Softchoice Advisor; Twitter: @sc_Advisor
42. Tier your applications based on required performance, how critical they are to the business, and other factors rather than placing all applications on tier one. “One of the biggest issues for hybrid cloud integration is where applications need to run. If you ask the business how important their application is they will almost certainly want it on a tier one infrastructure – however the reality is that applications can be tiered depending on their criticality to the business, commercial differentiation/competitive advantage, and performance required.
“Applications can be ranked depending on commercial value and competitive advantage. Once this is achieved you can list out what can go to public cloud (payroll, accounts, SalesForce.com, etc.), what can go on private cloud (applications that are not particularly performance or security sensitive), and dedicated infrastructure (applications that are running the business such as Supply chain, SAP, Oracle, etc).” – Kevin Lonergan, Six ‘people and process’ tips for migrating to a hybrid cloud environment, Information Age; Twitter: @InformationAge
43. The solution is not always as simple as leveraging the cloud to expand beyond current capacity. “For most organisations, the solution won’t be as simple as just using the hybrid cloud to expand beyond current capacity and meet service demands. For instance, for some services it may be more cost-effective to expand on an in-house application or infrastructure, or to re-train skilled personnel, than to adopt a public cloud service; while for others the exact opposite will be true.
“To gain this level of understanding, the IT department needs to investigate each service it provides in detail. It should be able to tell the precise value that service brings to the business and exactly what it costs to provide; as well as how those costs will change as the business evolves.
“These costs need to include software licensing, infrastructure, skilled resources and all other factors involved; as well as taking into account that many of these factors will benefit multiple services. With this knowledge, IT departments can then accurately compare costs between in-house and public cloud services, to know exactly where each service is best served and where the tipping point lies.” – Andy Soanes, 5 tips to find your hybrid cloud sweet spot, Cloud Computing Intelligence; Twitter: @CCIMagazine
44. Avoid jumping in with both feet at the same time unless under the careful guidance of a trusted partner. “Although you may be very ambitious regarding your projected cloud architecture and performance, it’s advisable to advance slowly but carefully. Jumping in swiftly with both feet could make you overlook critical elements and bugs which could ultimately cost you your entire business. Every cloud component should be carefully considered and slowly assimilated to the rest of the cloud without negatively affecting the cloud’s performance.
“If you are introducing new endpoint devices for instance, attach them individually after carefully screening for malware and security vulnerabilities. This will help you in sealing all the endpoint security loopholes which are widely capitalized on by hackers.
“To ease the burden, small and medium businesses are encouraged to rely on their managed service providers in guiding them through the process. They advise cloud users on their respective expansion strategies, and further provide services like employee training when setting up new cloud resources.” - 5 Tips on Optimizing Your Hybrid Cloud, FileCloud Blog; Twitter: @tonido
45. Apps should be cloud native. “The key to success in cloud application delivery -- be it public, private or hybrid -- is to first understand that cloud isn't just hosting; it's about agility and applications that are decoupled from physical infrastructure. Enabling applications to run in either public or private cloud is fundamentally about enabling applications to be what is sometimes referred to as being cloud native, which means the application can scale up or down on demand and is designed to run in a cloud environment.” - Sean M. Kerner, Hybrid cloud application delivery: Challenges and success stories, SearchNetworking; Twitter: @TechJournalist, @NetworkingTT
46. Traditional physical security solutions are insufficient for the hybrid cloud. “Problems arise when customers choose the wrong kind of security tools to protect these new environments. Installing traditional physical security simply won’t work. It can cause huge performance degradation known as ‘security storms’ and fail to protect systems from zero day vulnerabilities like Heartbleed, which have the power to disrupt organisations around the world within hours of being made public.
“What’s more, non-hybrid cloud aware tools can leave ‘instant-on’ gaps which occur when new or dormant virtual machines are put back online without updated security. And let’s also remember that IT staff have a tough enough job managing physical and virtual security. Add hybrid cloud into the mix and you run the risk of multiplying the number of interfaces and consoles that need to be managed.” - Bharat Mistry, Banking on Hybrid Cloud: Some Top Security Tips, TrendMicro; Twitter: @TrendMicro
47. Avoid cloud creep. “Scalability without control tends to lead to wasteful overuse of resources, projects grow in scope very quickly and are left consuming resources, long after testing is complete. Cloud ‘creep’ needs measurement to bring it back under control.
“That same measurement very quickly shows that without planning, public cloud usage can be more expensive than originally believed. Not only that, but comparisons of potential costs between public cloud vendors is a difficult task and any idea of finding some kind of ‘cloud resource brokerage’ is impossible to achieve when the best prices come from longer contracts.” - Martin Percival, senior solutions architect for RedHat, Overcoming the challenges of hybrid cloud management, Saudi Gazette; Twitter: @martinpercival
48. Private clouds provide SMB’s with a favorable alternative to on-premise storage of sensitive data. “No one will care more about your data security than you will. Think of it this way: If you found a sack of money, would you trust someone to hold onto that money for you or would you want to keep hold of it yourself? This is the basic, unsophisticated explanation for why most companies choose to store sensitive data on their own private clouds.
“However, let's adjust the metaphor to take into account the resources that most small businesses have at their disposal. Let's say you find a sack of money but you don't have any safe place to put it, and a reliable colleague with access to Fort Knox offers to hold the money for you while also giving you unfettered access to your cash. You'd be silly not to put your money in the vault, especially if you trust your colleague.
“Most SMBs don't have the security chops or financial resources to build out that Fort Knox-level protection. Those who do have the skills and money to do so are better off keeping sensitive data in a private cloud. The data that isn't sensitive but still occupies too much real estate in your network should be offloaded to your public cloud.” – Juan Martinez, Hybrid Cloud Playbook: How to Get Started, PC Mag; Twitter: @jrobertmartinez, @PCMag
49. Avoid mixing bottom-up and top-down approaches to policies between legacy infrastructure and hybrid cloud deployments. “When pairing legacy infrastructures with cloud computing environments, data center operators and IT organizations run into difficulties when the hardware-based environment (employing older technologies) takes a ‘bottom up’ approach to policies and the cloud environment takes a ‘top down,’ application-centric approach. In this scenario, delivery of services can be interrupted, quality of service can suffer, and utilization rates can drop significantly.
“Another challenge comes into play when the same management principles are applied to both physical hardware and virtual machines (VMs), resulting in inefficient sprawl. The phenomenon of ‘virtual machine sprawl’ is a costly but hidden problem; the actual limits of VMs can’t readily be seen, unlike an on-premise site that obviously runs out of physical space. When idle and unused VM sprawl occurs, storage and network resource consumption can easily grow to an excessive level well before it is noticed, at a time when costs are unfortunately too late to rein in.” - Jim Manias, Three tips for maximizing efficiency in the age of the hybrid cloud environment, DevOps.com; Twitter: @devopsdotcom
50. Data-in-motion requires advanced encryption. “There is security risk attached to simply relying on the basic VPNs offered by traditional cloud protection because it can open new, vulnerable entry points to your network. Enterprises should go a step further and apply advanced encryption to ‘data in motion’ content to keep it safe as it moves between the enterprise and the cloud. This should also prevent any threats from entering your network and will also assist with your compliance requirements.” - Top Tips for Secure Hybrid Cloud Networking, Logicalis; Twitter: @TDLogicalis