Resiliency and The Case For Hybrid Cloud
It seems that virtually every organization that I talk to these days is moving something to the cloud; whether it’s lightweight marketing applications, customer-facing transaction systems, or full-blown application systems.
The reality is that IT struggles to complete with the economies of scale that the larger cloud service providers offer.
But many have found that while public cloud direct costs are low, the services come with risks that need to be understood. One of the reasons that internal IT services cost so much is that they are built on a foundation of quality and resiliency. When IT services are provided internally it’s a lot easier for line of business owners to exert control and demand nothing but the best. IT has years of experience of developing resilient systems and the services they deliver almost always come with high-availability, disaster recovery, and data protection schemes that can meet organizational compliance standards.
The risk an organization takes with public cloud-based services is the lowering of standards for availability and compliance. If you check out the SLAs of some of the largest service providers it’s hard to find any that can match the resiliency capabilities of internal IT. There are few providers that offer greater than three-9’s of availability. Is that enough for your business?
For certain classes of applications, three-nines of availability and roll-your-own security are acceptable. At the end of the day, you as a purchaser of public cloud services need to assess the risk and whether you are willing put your business on the line.
The news of unplanned downtime and breaches of cloud service providers in the IT trade and popular media are increasing. Maybe it’s because the risks are becoming more publicized as incidents affect more organizations – every few months we seem to hear of an outage at one of the major cloud providers. And you breathe a sigh of relief and say to yourself, “I’m glad it didn’t happen to me.” But the reality is that as organizations migrate more applications and services to the public clouds, especially business and mission critical apps, the risk exposure increases.
I’m not trying to condemn public cloud services, rather I’m suggesting that you need to help your end-users and business stakeholders understand the risk associated in using external service providers and help them make a business decision about whether the risk is worth the potential savings.
Another adage to consider is one I learned from Jeremy Burton, EMC’s President of Products and Marketing, who asks: “How does a farmer treat a sick cow versus a sick chicken? Well a farmer has a vet come out and treat the cow, but he shoots the chicken.” The truth is that a cow has high value and worth special care and treatment, whereas a chicken is low in value and can easily be replaced.
Likewise too with your applications. If an application has a low data protection or risk compliance profile; they are ideal candidates for the public cloud. But if your application has a high compliance risk profile, or is mission critical, a hybrid cloud solution may be the best option.
So look at public cloud services not as a threat to your organization, but rather as a way shed low-value applications to service providers. Moving low-value applications to the external service providers allows you to take the resiliency infrastructure savings and invest them in innovation and your core applications. EMC IT recognized the emerging trend years ago and shed a lot of our non-critical applications to external service providers. We then invested the savings in what we do best – our core business: engineering, quality management, along with customer and professional services.
By understanding the value and requirements of your applications, you too can be enabled to make the best decisions for your organization by adopting a hybrid cloud model. Put low-value – low-risk applications in the public cloud with one of several cloud service providers, and put your high-value – high-risk applications in a private cloud. By aggregating the two, you have created a hybrid cloud. And you will have the ability to leverage the best cost model available.