Boosting business with the right multi-cloud strategy

Max van Dongen, Julian Hessels, Jos Vliegenthart & Onno van den Berg
Jun 07, 2023 · 11 min read
Annual report boosting business multi cloud strategy

The cloud forms an essential part of many serious IT strategies and it has clearly matured in its first two decades. The first years were characterized by a cloud boom, when organizations rushed to migrate total IT infrastructures to the promised land of the public cloud.

Early adopters were savvy about taking advantage of the unprecedented speed and scalability, migrating many workloads and exploiting many easy-to-integrate features and functionalities. In a similar way that electricity brought on-demand power to revolutionize the Steam Age, the cloud has been a decentralizing force allowing businesses to roll out globally and enjoy unprecedented scalability capabilities.

Today, as we continue to embrace the cloud, we know it’s not the be-all and end-all. Dynamic and ambitious, some organizations continue to assess which workloads will yield the most value where. Others are reevaluating ways to improve their cloud computing foundations to meet evolving security and compliance standards without compromising their capacity to innovate. Still others are finding that on-premises solutions remain highly worthy, especially for the crown-jewel applications. In its maturity, we can appreciate the cloud for what it is: an asset. And it is one that should be selected for being a business-enabling asset within a digital resilience strategy.

“In its maturity, we can appreciate the cloud for what it is: an asset.”

Contingency plans
The world has changed a lot since Amazon announced its Elastic Compute Cloud (Amazon EC2) in August 2006, commonly pinpointed in history as the cloud’s public debut. While easy scalability and pay-as-you-go pricing remain pull factors, global volatility and uncertainty are leading to bill shocks, auditing worries, and security concerns. For the kinds of organizations that we partner with, notably those servicing the vital industries and operating in regulated markets, cloud decisions are largely risk-based. Heavily regulated customers are therefore pushed to consider cloud choices within their risk assessments. Risk is the determinator of their strategies, prompting carefully considered decisions about the cloud within broader contingency plans.

The threat of cyberattacks is not new, but the chance of being victimized has risen dramatically and attacks have become more sophisticated. Ransomware boomed during the pandemic, with remote work expanding potential attack opportunities. These trends have called cloud customers to examine the resilience of their platforms, often leading to a centralization of security services and management. The consolidation permits a more in-depth and comprehensive analysis of basic functions, while leaving more time to attend to the mission-critical workloads that power their essential operations.

Risk arising from rocky geopolitics persists too. Organizations must consider which regions a cloud provider scopes and what impact any regional disruption would have. Relatedly, local and supranational laws are now enforcing data sovereignty and cloud exit strategies. This past August, for example, the Dutch government green-lit its own use of the public cloud with usage stipulations regarding state secrets, the Ministry of Defense, and suppliers from countries whose cyber programs conflict with Dutch interests.

“It’s more than risk appetite that determines choices about which application to land on which cloud platform and in the public or private cloud.”

Conscious business choices
It’s more than risk appetite that determines choices about which application to land on which cloud platform and in the public or private cloud. Organizations each have a distinct responsibility to society. That responsibility defines how business processes are shaped and supported by their IT strategy and application landscape. This also applies to cloud computing. An organization’s mission, vision, and strategy must guide how the cloud is incorporated, or to what extent it should be present, in the IT ecosystem.

To get the most out of the cloud, organizations are – or should soon be – making conscious business choices about how to leverage all the offerings that now exist. It’s not about just building a landing zone anymore, but rather creating a constellation of digital assets that will enable a stellar digital resilience strategy. Within that strategy, the cloud can be tapped as the on-demand service that made its initial arrival so disruptive.

The mature cloud, moreover, will conform to what the business needs. Its shape is swayed by fundamental business questions, such as: do we operate in a regulated market? What are my enterprise’s scalability requirements? How flexible can we be while staying profitable? If attacked, could we rebuild everything from scratch – and at what cost in terms of money, time, and reputation? In other words, as a business-enabling asset, the cloud can support different ecosystems, within different locations, and under different owners.

“A cloud platform essentially serves as a base within the ecosystem of an enterprise.”

Smarter methods
Undoubtedly, the cloud can be an everyday enabler of better business. However, it’s also become a springboard for an all-encompassing digital transformation. Within cloud computing, organizations can take advantage of standardized building blocks to avoid having to construct bespoke platforms and landing zones again and again. Incorporating commercial off-the-shelf (COTS) products and SaaS tooling now frees customers from having to fully manage environments themselves. Out-of-the-box functionalities abound and a wealth of insights into workload types allow for finer granularity of costs, among other metrics.

Because combining COTS and SaaS solutions requires a holistic view on the IT ecosystem, we’re seeing more and more requests for platform engineering skills in the cloud. In choosing to apply this engineering method, organizations can define a cloud baseline and presents all its technical possibilities in a ready-to-deploy platform. A single team centralizes and controls the cloud security, costs, and architectural principles while simultaneously developing features and driving innovation.

The result is a self-service capability that lets DevOps teams work more efficiently and consistently. In turn, new capabilities can be scaled quickly in a controlled, structured, and standardized way. When IT talent is scarce, smarter methods like this offset the demand for more workers and skills training. They also let organizations be more future-oriented, setting their sights on ways to improve their strategic business value over the long term.

We experienced this vividly ourselves when revamping our private cloud, sbp.cloud, launched this past May. Applying platform engineering to build and maintain our hybrid-ready cloud gives our engineers a consumable service that eases their everyday work. But it makes them happier too, affording more time to flex their creative muscles.

A mix-and-match approach
A cloud platform essentially serves as a base within the ecosystem of an enterprise. The first IT ecosystems were relatively small and prepared to accommodate several distinct roles needed to upkeep several distinct services. Nowadays, the ecosystems have grown larger and more complex, populated by an array of DevOps and other IT teams, SaaS providers, and stakeholders all in constant interaction with the outside world of regulators and auditors. But within this complexity, a mix-and-match approach to cloud service selection actually makes for tailormade resilience – hence, less risk and more simplicity.

More and more organizations are seeking the right multi-cloud strategy, incorporating multiple clouds from multiple suppliers, sometimes even on a small scale. Those that specifically choose a combination of private and public clouds in a hybrid setup are likely to experience high-level automation. This often raises productivity and cost-effectivity while having in place safeguards that bolster security and compliance. To illustrate, a hybrid cloud can accelerate the development of new applications by letting customers take advantage of services already offered by a hyperscaler. Or for improved budget management, workloads with high-cost requirements can be kept on-premises while the public cloud provides a playground for experimentation – concretely, this can take the form of hardware that is both powerful and affordable enough to run specialized techniques, such as AI. Within a ransomware remediation plan, short-term backups can be made on the public cloud and offsite backups elsewhere. Hybridity also brings benefits of the shared responsibility model that holds cloud suppliers accountable for some aspects of security.

In a way, our engineers have in fact been platform engineering since 2004, when we started deploying platforms. That term wasn’t in circulation then as it is currently, but it well captures the end-to-end approach we have always followed: ensuring organizations best use their business-enabling assets while enabling them to become self-sufficient. Back then our customers had no mature cloud to consider incorporating in an IT ecosystem. Nevertheless, they were just as ready to make smart choices to boost their business. And we were as ready then as we are now, helping them to boost their resilience and be baround to flourish in the cloud era and beyond.

Julian groot

Want to know more?

Contact Julian Hessels.