It is well accepted that the Cloud has played a fundamental part in the digital optimisation and transformation initiatives since the 2010s. Over 14 years ago, Gartner’s visionary prediction of 2008 in its Hype Cycle of 2008 here clearly highlighted the shift of computing from outright owning to pay-per-use, thus spawning IaaS (Infrastructure-as-a-Service), PaaS (Platform-as-a-Service), and later MBaaS (Mobile Back-end as-a-Service) besides the earliest cloud use cases of SaaS (Software-as-a-Service).
This early growth in SaaS came about due to the discernible shift from end-to-end application suites to specialised functional applications augmented by the improvement in telecoms infrastructure, mobile computing end points and the rise of digital and online ecosystems of websites, e-commerce, customer/ employee/ supply chain portals and social media. Hence, there was a clear shift from integrated to business function specific applications, harnessing the power of virtualisation and software on demand or Software-as-a-Service (SaaS), and making use of the power of outsourcing.
From the Infrastructure and Platforms perspective, Gartner’s research of 2015 predicted a 30 % plus increase in the IaaS spending with the public cloud IaaS workloads finally surpassing those of on-premise loads. In the same year, Gartner’s similar paper highlighted significant growth in PaaS as well : both for Infrastructure and Application iPaaS.
Since then, for enterprises, SMBs, institutions and government establishments, the cloud has now taken over a major chunk of the earlier era on-premises responsibilities of CIOs and CTOs especially those pertaining to infrastructure, data centre, hosting, SaaS and architectural applications, platforms, networking and security functions. This has hence freed up the IT and Business Teams for more strategic tasks related to operations, customers, R&D, supply chain, HR and others.
From the cloud provider’s perspective, the late 2000s witnessed important advances made in the world of public cloud computing encompassing key developments by NASA and Netflix as well as those by IBM, Google, AWS and collaborations with universities. The early 2010s saw a rapid evolution and adoption of private cloud by the majors- IBM, Microsoft, and ORACLE. Cloud Bolt was the pioneer in establishing hybrid cloud platforms and interoperability between public and private clouds. Salesforce, Office 365, Norton, QuickBooks and Adobe were some of the popular SaaS applications and other ERP companies were also launching their on-demand subscription versions.
As companies undertook this journey to the cloud, in the initial decade, the IT and top leadership were examining various aspects such as which parts of the business to “cloudify” and the corresponding pros and cons of cloud vs on premise, the resulting cloud business case, choice of public and private cloud, evaluation parameters of these cloud providers and so on and so forth. The 1st half of the 2010s saw many enterprises evaluate jumping on the cloud bandwagon through the “lift and shift” or “repurchase” approach as well as considering the hybrid or multi-cloud approach,
What were the considerations and important aspects in the hybrid and multi-cloud world?
The 2nd half of the 2010s saw an implosion of newer technologies such as Artificial Intelligence and Machine Learning, RPA, Big Data, Extended Reality, Digital Twins, Internet of Things, Chatbots, and BlockChain along with advances in telecom, Mobility, and Edge Computing propelled CIOs and leaders even more towards the Cloud to organise digital processes, teams, networks and platforms with the objective of getting valued insights and analytics from the humungous data points available and retain the skilled talent pool. Data Lifecycle management also used cloud extensively by leveraging Data Fabric and Data Lakes besides Data Warehouses.
As enterprises, institutions, SMBs and other establishments commenced cloudifying their business in a phase-wise manner, many adopted the hybrid cloud approach viz. an amalgamation of Public and Private Cloud along with Inhouse Data Centre and On-premises infrastructure and applications. This enabled new cloud adopters to embrace agility and flexibility through the ability to immediately respond to bursts and troughs, customer experience enhancement, private and confidential data handling with compliance, disaster recovery and getting insights. Hence, these organisations endeavour to create a seamless, secure, and automated environment for productivity and flexibility, by integrating confidential data from the private environment with their applications running in the cloud. The organization decided which applications, data, and resources could be put in the public cloud, which need to be kept in a private environment, and how this information is sent and received between them.
By the mid-2010s, there was a plethora of public cloud providers which co-existed with Private Clouds as well as some Community Clouds, which led to the fruition of a variant of Hybrid Cloud strategy viz. Multi Cloud. Multi Cloud is characterised by the fact that it encompasses more than one public cloud provider and service, and need not have a private cloud component hence, using multiple cloud services vis-à-vis multiple cloud deployment modes. The cloud applications, assets, software, infrastructure can be hosted across separate public cloud environments. Enterprises can use either multiple IaaS and PaaS providers or separate public cloud providers for IaaS, PaaS, SaaS or MBaaS. It is obvious that it is not mandatory to have synchronisation between these different providers.
A few months prior to the pandemic, this research paper by Gartner mentioned that 80% of the surveyed companies were actively pursuing a multi-cloud strategy with at least 2 or more public cloud providers and have been leveraging auto scaling and dynamic load balancing to improve performance and latency while focussing on cost optimisation as well. Also, IDC’s roundtable focussed on how Hybrid Cloud can balance innovation and future proofing. On similar lines, Gartner had envisaged here that by 2021, over 3/4th of enterprises and mid-sized organisations would deploy a hybrid or multi-cloud strategy.
Why has a Multi Cloud strategy gained in popularity? And especially after the pandemic?
As a part of Business Continuity Planning (BCP) and futureproofing, many CIOs and leaders strived to reduce dependencies on a single vendor, have best-in-class functional solutions while also keeping in mind their technology stacks and roadmap, as well as focusing on latency, cost optimisation, agility, compliance regulations, and data privacy.
For example, some organisations which are on Microsoft Ecosystems, deploy Azure as a Public Cloud Platform, while their customer facing functions, if reliant on web services can leverage Amazon Web Services Ecosystem. The parts of business who are building on AI/ ML can rely upon Google Cloud Platform and companies who are running SAP and ORACLE ERP deployments also have the option of using SAP and ORACLE Cloud Platforms. Similar considerations also apply to Enterprise Integration, Legacy systems, Low Code No Code Platforms, Email Services, Blockchain, RPA and Open source as well.
There has been an adoption of several cloud management platforms that offer load and cost optimisation as well as regulatory compliances and disaster recovery considerations in the multi-cloud scenario.
How can CIOs leverage Multi Cloud to realise and maximise Business Value?
This research by McKinsey estimates that the cloud has the potential to add USD 1 Trillion of Economic Value across the Fortune 500 band of companies by 2030. In this increasingly prevalent multi cloud scenario, CIOs need to manage speed of operations and deployment, leverage automation, ease migrations, have visibility and control, have flexibility, consistent compliance and security and establish control and optimisation of cloud spending. They are deploying some of these strategies to achieve these objectives:
a. Use of Hybrid Cloud Management Platforms (HCMP) and Cloud Service Brokers (CSB)
CIOs are leveraging aggregating services, dashboards for self-service, loads, utilisation and costs, establishing APIs and integration frameworks with development and QA teams, having deployment and release orchestration frameworks, and automating workloads between the multi cloud environments. They hence pay high attention to service orchestration, automated provisioning, template libraries, configuration and lifecycle management. Hence, the HCMPs must be compatible and support the plethora of Public Cloud Providers. Many enterprises use consultants and Cloud Service Brokers (CSB) in this ongoing process to continuously evaluate and suggest dynamic strategies, also leveraging Cross Cloud Optimisation tools to provide ongoing ROI and savings.
b. Harnessing Cloud Native, Containerisation and Composable Architecture
The late 2010s and especially the onset of pandemic has brought about a dual phenomenon of Cloud adoption, as well as a clamouring need to optimise the complexity, costs and cycle time, which the traditional lift and shift approach was unable to handle. CIOs are hence deploying Cloud Native applications to avoid long cycle times and escalating costs downstream. They are also using container orchestration tools to run applications, so their instances can migrate seamlessly between the public clouds while maintaining resources and networking provisioning with tight security. Besides containerisation, CIOs are also using Serverless deployment options as well. The Cloud Native Approach hence uses the basic cloud computing to build and run these scalable applications by leveraging containers, microservices, serverless architectures, and declarative code.
Gartner’s Hype Cycle here for cloud computing mentions cloud-native as the next logical step in the cloud computing journey. Enterprise Architects popularised Cloud Native Composable Architecture to now quickly develop, assemble and deploy independent, pluggable and replaceable best- in-breed systems to significantly reduced Turn Around Times and costs, future proof investments and eliminate vendor lock-ins while providing the best choice of services and personalised offerings to customers on an ongoing basis.
This article by Economic Times article at the start of the pandemic highlights the importance of the Cloud Native architecture and approach which has enabled organisations to use Artificial Intelligence, Distributing Computing and Automation in their now reduced, socially distanced and distributed workforce. A research by Deloitte highlights similar advantages of Cloud Native platforms which are also balancing the risk of employees contracting Coronavirus, along with compliance to privacy and data guidelines and ability to scale loads up and down. In this continuing uncertainty and post pandemic VUCA world, Gartner predicts in this press release that Cloud Native Platforms (CNPs) and Container platforms would spur the Cloud first strategy of more than 85% of the enterprises by 2025.
Cloud-based composable architectures such as MACH- “Microservices based, API-first, Cloud-native SaaS and Headless” and Packaged business capabilities (PBCs) are increasingly being leveraged in Digital Experience Platforms – to enable customers, employees and supply chain with the new age Omnichannel experience. These architectures facilitate faster time to market and deployment through quick testing by sample populations and subsequent full-fledged implementations.
At the end of the 1st year of the pandemic, Gartner here highlighted the importance of composable architecture in its Hype Cycle of 2021 in business resilience and recovery during a crisis.
A similar research by McKinsey, necessitates the importance of a technology enabled business strategy with integrated organisation and user experience, and evolve technology delivery through cloud, agile, RPA, PaaS, DevOps and other tools and future proof investments by leveraging composable architecture, cybersecurity and resilient data lifecycles.
c. Using Automation
For reaping the benefits of multi-cloud, reducing deployment time and optimising costs, it is imperative to deploy automation and thus reduce manual efforts and improve accuracy/ eliminate errors in processes such as provisioning, configuring, sizing and auto-scaling, asset tagging, clustering and load balancing performance monitoring, deploying, performance management and others. It is also critical to eliminate security vulnerabilities and minimise trouble shooting thus enhancing availability. Automation and Orchestration are hence of paramount importance and also help enterprises in additionally adhering to compliance and governance parameters as well. It is to be remembered that automation also enables efficient and effective complementary cloud orchestration which is so essential in the dynamic and uncertain business conditions of today.
This McKinsey research highlights that companies that have adopted end-to-end automation in their cloud platforms and initiatives report a 20-40% increase in speed of releasing new capabilities to market. A similar report by Deloitte, mentions that intelligent automation in the cloud enables scale in just 4-12 months, compared to the earlier 6-24 months period, through streamlined development and deployment processes.
CIOs are enabling automation for auto-provisioning the infrastructure and cloud resources, auto-scaling and shutting down unutilised instances, backups, workflow version control, and establishing Infrastructure as Code (IAC). This is hence, immensely value-adding to robust cloud native architecture by enhancing containerisation, clustering, network configuration, storage connectivity, load balancing and managing the workload lifecycle, besides highlighting vulnerabilities and risks. Enterprises pursuing hybrid cloud strategies are similarly driving automation in private clouds as well as integrating with public clouds by creating automation assets that perform resource codification across all private and public clouds and offer a single API.
Especially considering the excessive workloads and fatigue brought about by the pandemic, cloud automation has been a lifesaver to cloud developers by enabling rapid deployment, scaling and testing for the popular and ubiquitous agile based development methods such as DevOps and CI/ CD (Continuous Integration and Continuous Delivery/ Deployment)
Application of Automation and Orchestration in Data Storage also ensures prioritisation of processes, tasks and resources to balance speed, efficiency, usage and cost. Especially tasks such as provisioning, capacity management, workflows and data migration, resource optimisation basis retrieval demand, and data protection and disaster recovery policies. Forecasting of capacities and associated bandwidth, configuration management and software updates/ upgrades can also be automated for immense benefits.
It is hence critical to leverage automation extensively for provisioning, orchestrating, auto-scaling, monitoring and other aspects, thus improving productivity, resilience, security and enhancing cloud developers’ experience.
According to this report by Verified Market Research, the size of the Cloud Automation Market, which was around USD 53 Billion in 2021 will exceed USD 414 Billion by 2030, growing at a CAGR exceeding 26% during this forecast period. 2022 has seen some clear indicators on the importance and scale of the cloud automation ecosystem, especially the Broadcom-VMWare acquisition and the awarding of a USD $10 billion NSA cloud contract to Amazon.
d. Emergence of Multi-Cloud Native Strategies
There has lately been an emergence of multi-cloud-native strategies especially on account of Web scale innovators such as Uber, Twitter and Netflix as well as Hyperscale IaaS players including Google, AWS, and Azure. It is important to develop techniques and tools for geographically dispersed global analytics and database engines and application architectures that drive applications on these backend systems in proximity to the geographically spread consumer, thus giving an instantaneous experience with minimal latency. Hence, enterprises with global operations, customers and deployments need to deliberate and work out the HCMP, CSB, Operations, Disaster Recovery, Architecture, Automation and Orchestration and other aspects across these global Kubernetes clusters and Virtual Machines.
How are Cloud Security Issues addressed?
Even prior to the pandemic, CISOs and CIOs had been looking at deployment of Cloud Security Platforms such as Cloud Access Security Broker (CASB) and Secure Access Service Edge (SASE) besides DevSecOps and incorporation of AI and ML in their proactive threat hunting and response systems.
Multi and Hybrid Cloud with their cloud native platforms, composable architectures and increasing decentralisation, have resulted in a significant increase of the attack surface and potential points of breach. Gartner in this research, predicts that 75% of organisations will restructure cyber risk and security governance basis the fundamentals of Zero Trust Architecture, and a move from Cyber Defence to Cyber Resilient frameworks and strategy. It also important for Governance, Risk and Compliance (GRC) functions to ensure compliance to NIST, GDPR, ENISA and similar regulations for their multi-cloud deployments, aspects especially for local customer and personal information. This McKinsey article highlights the importance of Security as Code (SaC) and that fact that it has dependencies on architecture and the right automation capabilities.
Multi Cloud Security strategies encompass Data Encryption and Load Protection, Identity and Access management, DevSecOps, Security Incident and Environment Management (SIEM), Security Orchestration and Response (SOAR), Extended Threat and Response Systems (XDR). Also, these tools leverage machine learning and AI capabilities to ensure more proactive threat hunting rather than reactive response. Cloud security posture management (CSPM) is another emerging technology in cloud security that is in alignment with NIST’s cybersecurity framework and this specifically addresses misconfigurations in cloud environments.
CISOs must maintain uniformity and synchronicity for security strategies, policies, and settings as well as compliances across these multi cloud providers preferably with a unified dashboard monitor.
What about other organisational factors?
Besides these strategies for deploying HCMPs, CSBs, Orchestration and Automation, Cloud Native, Multi-Cloud Native and Composable Architecture, and Cyber Security, it is equally important to consider factors of business process, infrastructure, organisational culture, skillsets, risk management and other factors
In this post pandemic world of the Great Resignation, and Quiet Quitting, skillsets continue to remain a challenge, and lack of skills can lead to failure in Cloud adoption, as per this Gartner blog. Another Gartner research highlights that almost 50% of the organisations will face skill gaps in their hybrid and multi-cloud infrastructure initiatives by 2025. Investments in tools and technologies haven’t quite matched the corresponding resources- across developers, architects and solution designer skillsets, leading to gaps in skills and talent pool.
Companies are hence also looking at automation especially across Monitoring, Server maintenance and upgrade, security, and Cloud operations processes in their Cloud Data Centres. This Gartner article predicts that by 2025, more than 50% of Cloud Data Centres shall deploy Robots with AI capabilities and thus automate repetitive tasks, minimise errors and free up manpower for more value-added tasks.
Multi-cloud deployments are necessitating CIOs and CISOs to formulate Backup and Disaster Recovery plans including on-premise and cross cloud scheduled backup, archiving and migration, as well as contingency plans and tools for switching cloud providers.
Wrapping up with an Asia perspective
Multi and Hybrid Cloud have taken off in Asia. This paper by IDC shows that over 80% of Asian enterprises are operating in a hybrid and/or multi cloud environment. Use of these multi-cloud strategies and careful consideration of security, data storage, culture and skillsets aspects will enable faster, more responsive, cost effective, elastic and resilient Digital First organisations. This will hence go a long way in building customer, supply chain and employee centricity, competitiveness, resilience and adherence to organisational KPIs in these ongoing challenging times.