The move to hybrid cloud is on the agenda for many organizations as they undergo digital transformation and increasingly develop mobile and social applications. While they want to benefit from all the advantages of hybrid cloud including flexibility, scalability and cost efficiency, they are advised to ask key questions of providers about how to achieve these goals without compromising security, manageability or data security
Hybrid cloud is a cloud computing environment which uses a mix of on-premise, private cloud and third-party public cloud services with orchestration between the platforms. By allowing workloads to move between private and public clouds as computing needs and costs change, hybrid cloud gives businesses greater flexibility and more data deployment options.
Question 1 - security
Historically, IT decision-makers have expressed concerns about the exposure of data held in secure on-premises mainframe technologies to front end systems based on cloud technologies.
Analyst Gartner advises CIOs and security teams to carefully scope their move to hybrid cloud and follow best practices for risk assessment and management, process changes and technology evaluation.
An organization moving to hybrid cloud will require new skills, new processes, and new security and control technologies.
Gartner analyst Jay Heiser says in a report, Cloud security and emerging technology security primer for 2016, that enterprises struggle with cloud security and as such, planning is crucial. However, he points out that use of public cloud computing is no longer a question of “if,” but of “when” and “where.”
Therefore, a critical question to ask when moving to hybrid cloud is how to address the security concerns of the business, which include protecting the integrity of data and business continuity.
The stakes could not be higher. Heiser says: “As we become increasingly dependent on complex, pervasive networked technologies, the implications of a security failure become greater.”
There are control challenges to consider and with security becoming to some degree dependent on the competency of cloud providers, partners and device manufacturers, it is critical to ensure informed choices are made.
Necessary levels of control must be established for data confidentiality, system integrity and reliability. The question of security also means working with a trusted partner when moving to hybrid cloud.
Each organization needs to assess provider security and make decisions enabling the safe use of cloud computing, says Heiser.
“Compared to traditional computing within the corporate datacenter, public cloud computing represents an ambiguous risk proposition. IT professionals tasked with the management of digital risks must help their organizations make effective and externally defensible risk acceptance decisions about the use of public cloud services. This is an area where best practices for transparency, security evaluation, contract practice, and continuous monitoring are continuing to evolve,” he says.
Discover how mainframes are being used worldwide to build robust, trusted clouds with striking results.View Now
Question 2 - manageability
A second question to ask when moving to hybrid cloud is one of manageability as culture, roles and responsibilities change, says Clive Longbottom, founder of analyst Quocirca. “You need to ask about contract responsibility,” he says.
The old idea that the IT estate is contained within four walls and someone in the organization is responsible for everything that occurs shifts fundamentally with the introduction of hybrid cloud. It is vital that the responsiveness of the IT architecture is upheld in a fast-paced digital economy when users and customers are not prepared to cope with delays and failures.
“In a hybrid environment, you have multiple touch points and the possibility of finger-pointing when things go wrong. You need to assign a prime contract holder who has the responsibility for sorting things out according to an agreed service level agreement (SLA) – this shouldn’t be someone within your organization, but a representative of the biggest contract you have with one of the service providers involved. When something does go wrong, they have to identify the root cause and organize getting it fixed,” says Longbottom.
It is important therefore to choose a mature service provider that can deliver and to establish an SLA that both parties are happy with.
Brazil’s credit cooperative Sicoob chose IBM’s z Systems technology to build a hybrid cloud environment to innovate with mobile and internet banking, and it has managed to reduce complexity and improve manageability.
“We used to run everything on Intel servers, and we had many different vendors to coordinate with. This made that environment very difficult to manage. On top of that, we were also experiencing datacenter space constraints. We were simply running out of room and having trouble adding additional servers to enable us to grow,” says Paulo Nassar, IT processing and storage infrastructure manager at Sicoob.
Question 3 – data portability
When an organization moves to hybrid cloud, data is moving out of the safe confines of the mainframe and connecting to other front-end systems. As well as the need for data to move safely and reliably, there are questions to be asked around the portability of data.
“If one of your chosen service providers goes bust or is acquired by someone that you don’t like, you need to be able to swiftly and easily move the data from their systems to a new platform,” says Quocirca’s Longbottom.
He says that workloads should be easy to move – they should be configured as virtual machines or containers. But he says data can be a problem.
“Make sure that it is written into the contract that the data is yours and that you will have access to it even where administrators have been appointed,” he says.
It is therefore important to build a hybrid cloud platform you can trust to move data around efficiently and reliably. New York Municipal Shared Services Cloud had this in mind when it chose to build a cloud platform with the help of the mainframe to run state government and improve the exchange of information to solve common municipal problems. Its hybrid cloud environment uses IBM z Systems technology to provide a uniform view of the same citizens and information on a trusted platform.
“Fast transmission of information will facilitate development - because basically time is money. It’s just going to enable information to be shared not just quickly but in a more effective way,” says Aileen Rohr, town supervisor, Town of Hyde Park.
Ensuring the right contract is in place and working with a trusted provider is key when moving to hybrid cloud. The organization can then focus on how hybrid cloud can deliver business benefits and a competitive edge for the workloads of today and the next-generation applications of the future.