Multi-cloud strategies have long been condemned in the annals of the cloud era - and for good reasons in the early years. Complexity, security, integration, and even cost have been majorly cited for why multi-cloud isn't a cakewalk. COVID-19 thrust the cloud era into 7th gear, and we're now nearing the end of 2020; clearly, it's time for a pitstop. In this article, we take aconsensus on cloud strategies and bust some long-standing myths about multi-cloud in the process.
Speaking of consensus, this recent report has firmly established that 93% of companies now have multi-cloud strategies. In the hay-days of mid-2019, that number was closer to 81%; the verdict is clear. But does this mean that implementing multi-cloud has gotten cheaper, less complex, and more secure? Or are companies going in this direction simply because they no
longer want to rely on a single provider? Did force remote working to expose the challenges of their chosen environment and companies saw greener grass on the other side? Both? All of the above?
To answer this, we need to tackle each of the multi-cloud myths one-by-one.
Myth #1: Multi-cloud Isn't Secure
Most vendors hard press on a lock-in with this one scary thought. Although it's a good sales pitch, it's far from the truth. Multi-cloud can help you get more secure. First and foremost, if you aren't locked in, you can do better damage control. Secondly, the key to acing security is with good management. Most cloud management platforms also offer cross-cloud tools to manage data, which would ease any hassles that integration may pose. Using a centralised security management platform may be a big investment, but if you are to carry out CYOD and BYOD, you would need it anyway - be it single-cloud or multi-cloud.
Myth #2: Multi-Cloud Is Complex
The way to tackle complexity is to master cloud agnosticism. With any tool, you want to wor with, make the cloud-agnostic solution as your preferred choice. Consider the open-source IaC automation platform Terraform, for example. Although it was introduced in 2014, it has garnered much attention off-late, and there's a reason why. Terraform's philosophy is
essentially "One language to rule them all. One language to bind them". As Kevin Cochran from HashiCorp puts it - "Jenkins and Kubernetes is Infrastructure as data as you don't have the capability to use functions. It's not Infrastructure as Code."
Aside from the fact that IaC in itself propels microservices technology, Terraform's biggest advantage is that it works with all cloud providers and even has dedicated Docker and Kubernetes containers. Sure you may spend some time setting up a secure pipeline. You may also spend money training your team. But once that's done, it's an open playing field for your DevOps and DevSecOps teams. While we are glad that the "move fast and break things" era is over, there's little doubt that quick deployments and fast-paced innovation cycles are here to stay. Cloud agnosticism is not only an important function for destroying the multi-cloud complexity narrative, it is also the only viable method to future-proof your company's vision and goals.
Circling back to the security myth, it should also be noted here that securing a Terraform would essentially force Continuous Compliance. This is because it's much easier to set this in stone during the build phase when it comes to automation. Most importantly, the sheer volume of attacks has made manual IT security an impossibility. 53% of correspondents in the 2018 SOAD report by F5 were already using automation partially or fully in production.
Myth #3: Multi-Cloud Is More Expensive
If you are using enterprise solutions from any vendor, you are essentially stopping a lock-in contract at its tracks. This would essentially mean you have more room for cost negotiations. This is because you would choose the most suited cloud-provider based on the efficiency of architecture. Of course, you can always move elsewhere, if you don't like it. Migrations have
become much more efficient in recent years.
As Cloud Foundry Foundation CEO Sam Ramji puts it "Multi-cloud is not a concept, it's an active reality." This is not just because companies want to fight against a lock-in. It's also because of the way public clouds have evolved. Each vendor does something much better than the other
the natural consequence of a USP-centric market. As a client, embracing modern security and authentication techniques, and building a secure infrastructure from the ground-up puts you at an advantageous position amidst rising competition. Easing automation, microservices, and
containerisation trends is only the cherry on top of the icing. Encouraging cloud-agnostic solutions is not only achievable, but it is also honourable. The result is that multi-cloud is no longer a rocket science - whether in terms of managing cost, complexity or security