We’re all pretty accustomed now to technology rapidly advancing from one next big thing to another and cloud is no exception. In recent times multi-cloud has been the buzzword emblazoned across IT headlines superseding the benefits of mere single cloud providers in every way. Improved security and reliability, vendor lock-in, superior, lower cost, end solutions, these are all notable advantages being bandied around in support of multi-cloud. But how accurate is this view really?
In 2013 the UK government published its “Cloud First Policy” urging central government and the wider public sector to evaluate whether cloud presented a viable solution, before considering any other option. Yet, according to Citrix’s Freedom of Information (FoI) request data issued in 2018, 80% of councils were still using on-premise infrastructure to manage and access citizen data. Some of the key barriers cited were budget, security and vendor lock-in.
The fact is, the ever-evolving thought leadership and recommendations around what cloud-based solutions should look like is creating a bottle neck of organisations primed to take their first steps into the cloud, but with less and less idea of where to start. The reality is, multi-cloud is simply a diversion which will likely create more problems than it solves and cost more money than it’s worth. If you are a local authority or other public sector organisation caught up in this bottle neck, our advice is, block out the multi-cloud noise and lay solid foundations with just one cloud provider.
Let us explain….
Is vendor lock-in really an issue?
53% of NHS trusts who responded to the FOI request cited vendor lock-in as a prevailing barrier to public cloud adoption. Fear of substantial cloud service provider (CSP) switching costs alongside governments competition policy can make multi-cloud seem like the right course of action.
However, you don’t lose agility once you’re in the cloud – you gain it! There is greater flexibility in cloud services and solutions than on-premise infrastructure and moving from cloud-to-cloud is far easier than relocating data within legacy, on-premise systems. And maybe there are costs associated with moving from one CSP to another, but these are significantly less than going from on-premise to cloud in the first place.
Another consideration is how likely you really are to want to switch all your workloads to another cloud. All cloud providers, no matter how they are differentiating themselves in the marketplace, offer a common set of services. If you look at enterprises touting the benefits of a multi-cloud environment, you’ll see that their foundations lie with one primary cloud and they are leveraging the full value from these basic services.
Can you get the skills?
A multi-cloud deployment requires expertise for multiple cloud platforms.
While public sector organisations have a pool of IT talent ready and waiting to be upskilled in cloud technologies, the idea of expecting your employees to become proficient at more than one cloud in a short space of time, is completely unrealistic. This approach will lead you into an unproductive ‘jack of all trades, master of none’ scenario resulting in many issues from runaway costs to significant project delays to name but a few.
However, upskill your existing resources in just one cloud and you’ll equip them with the expertise to help you get the most out of your cloud investment. You’ll be in a far stronger position to lay solid foundations in the cloud, fuel innovation and deploy new, high quality services to your citizens with speed and agility.
You can always recruit the skills you need though, right? Unfortunately, this is not as straightforward as you’d think. There’s a major shortage of skilled cloud workers and the fact is, do you really have the budget to grow your IT team with experts across each cloud discipline? And, if the chances of finding people skilled in one cloud is hard, the chances of finding people skilled in multiple cloud technologies is even slimmer.
Securing a multi-cloud environment is…..well complicated
No business can afford to suffer the consequences of failing to properly protect data access or adhere to compliance regulations and yet both perimeter and application security become increasingly complex in a multi-cloud environment. By adopting a one cloud approach, you can utilise that cloud’s integrated toolset to quickly and easily implement effective security and compliance measures.
Protecting a multi-cloud environment however is a far more complex affair since you’ll need to consider how you will manage your data across clouds.
For instance, it is a far bigger challenge keeping track of what data you have and where it is stored when it’s distributed across multiple cloud platforms. There are obviously compliance challenges here too. The tools you choose to secure one cloud may not be appropriate for all cloud vendors rendering it necessary to make greater use of third-party, cloud-agnostic security tools, to effectively support whichever combination of clouds you end up using.
Also, using more than one cloud provider means a higher potential for “holes” to open up in your cloud infrastructure, such as hidden security vulnerabilities or incorrectly secured cloud assets that are over looked. Avoiding these holes is hard enough for a sizeable organisation when managing a single cloud. Adding more clouds simply makes these holes more difficult to spot and resolve.
So, if you are just at the start of your cloud journey, is it realistic to be concerning yourself with planning, developing and implementing a multi-layered security strategy when there is so much to consider already? Once again, we come back to our mantra – lay solid foundations first. Select one cloud provider, move some of your applications and workloads into the cloud and maximise the benefits of this first step. It is only at this stage that you are in a suitable position to consider how your existing cloud environment can be improved, which may or may not involve multi-cloud.
Does multi-cloud really give you more bang for your buck?
In amongst all the multi-cloud noise out there, the real factor turning local government heads is that of cost optimisation. Advocates push the value of mixing and matching services from different cloud providers, enabling you to benefit from the most comprehensive set of capabilities with the best performance, at the most attractive price.
Sounds great….on paper. The reality is, managing services across different providers is as complicated as it seems and failure to do so adequately will in fact drive costs up and negatively impact your business agility.
You’ll need a development team to build apps that work across providers, you’ll need to keep track of a far more complex billing structure, you’ll miss out on volume discounts, you’ll more than likely need to fork out for additional support contracts with vendors and as already discussed, you’ll need to grow your IT team to effectively leverage the multi-cloud system you’ve put in place.
The fact is, as a public sector organisation taking its first steps into the cloud, it’s unlikely that even the overall cost of services will differ between one provider and the next. For any given CSP, you will end up spending more in some areas and less in others and as the cloud market continues to grow and evolve, vendors will be looking to drive their pricing down to gain market share.
Our advice?
If you’re an organisation at the start of your cloud journey, park those multi-cloud procrastinations and move forward with one CSP that offers the best solution to meet your business needs. Focus your IT spend and resources on building a solid foundation that is compliant, reliable and secure. Move your fundamental applications and workloads (email, file saving services, security) to one cloud and upskill your team so they can proficiently innovate and architect rapid change in this new and versatile environment.
Do this and you will increase your chances of a successful outcome for your organisation and citizens alike. And, with a good planning framework in place, it’s not as hard as you’d think to take a multi-cloud route further on down the line if it makes sense to do so.