Hybrid cloud is attractive because it enables customers to draw on the wide-ranging capabilities of public cloud service providers while using private cloud deployment for sensitive applications and data.
Interlinking cloud-deployed applications and data with traditional, non-cloud enterprise applications and data is also an important part of hybrid cloud deployments.
The benefits of hybrid cloud are clear, but how do customers and organizations get there? What steps should they take to evolve their current IT structures to hybrid cloud environments?
As with any cloud implementation, there will be differences based on organization size, IT maturity and level of cloud adoption, but the following seven steps are more or less universal:
1. Determine cloud deployment model for applications and data
Defining the right application and data deployment model is a critical first step in the journey to use hybrid cloud. There are four deployment options:
- On premises
- Hosted private cloud
- Public cloud
- Combination of the above
The right deployment model aligns IT and business needs, and makes it easier to achieve those objectives. The following decision criteria must be taken into account: flexibility, security, speed, automation, cost, locality, service levels, and system interdependencies.
2. Integrate with existing enterprise systems
As enterprises consider their hybrid cloud computing strategy, they will inevitably be challenged to blend their existing in-house IT investment with their newly adopted cloud services. As new cloud services are deployed, the need to connect them with various on-premises applications and systems becomes critical.
Hybrid cloud customers must understand the impact of these connections and employ best practices to address it:
- Put in place controlled interfaces by which components in cloud services can access applications and/or data in on-premises systems with technologies such as API management.
- Consider the administration and business aspects of the integration as well as the functional integration of the systems.
- Demand that cloud service providers support standards for their cloud service interfaces.
3. Address connectivity requirements
Hybrid cloud connectivity entails more than simply communicating between diffuse components running in different environments. It’s also critically important that connectivity meets requested service levels, adheres to security policies and enables the overall IT management strategy.
As a result, hybrid cloud customers should carefully assess their connectivity requirements:
- Consider the requirements of each link between components that spans two or more cloud services or on-premises systems, and ensure that appropriate connectivity is available to support those requirements.
- Consider the use of network virtualization if available.
- Ensure that the connectivity capabilities can support resilience and disaster recovery requirements.
4. Develop governance policies and service agreements
The cloud services combined to create a hybrid cloud computing environment require an overall governance framework maintained by the customer that takes into account various cloud service agreements established with service providers. As a result, hybrid cloud customers must conduct due diligence to assure that the use of the cloud services is governed effectively:
- Assess existing compliance and governance frameworks, identify gaps and harmonize processes.
- Ensure thorough and efficient change management and communications given the potential of multiple cloud service providers.
- Allow adequate time to educate and habituate changes across the organization.
- Identify gaps in measurement and management visibility.
5. Assess and resolve security and privacy challenges
Additional challenges for cloud customers in handling security and privacy for hybrid cloud deployment involve the interfaces between the different environments, the movement of applications and data between the environments, and the organized control of assets across these environments. Security needs to be applied consistently across this whole system.
Here are a few critical steps hybrid cloud customers should take to ensure the security and privacy of their applications and data:
- Understand the interfaces between components running in private cloud services, public cloud services and on-premises and apply appropriate and consistent security controls to each of them.
- Evaluate the location of all datasets in the hybrid cloud deployment and ensure the application of consistent access controls and encryption.
- When migrating application components between environments, check that the security controls in place for the new environment meet or exceed those in place for the old environment.
- Apply technologies across all the environments that are part of the hybrid cloud deployment such as a single IdAM system or single sign-on.
6. Manage the cloud environment
Service management in hybrid cloud environments may be challenging. Cloud providers may not provide their own management processes and tools, or public cloud services may not be manageable from the traditional service management tools running in an on-premises environment.
Here are a few critical steps organizations should take to plan a management solution for their hybrid cloud:
- Enable management of the complete hybrid cloud system, spanning all the environments used.
- Adapt and integrate existing on-premises management tools or consider new, cloud-based management services, based on cost and functionality.
- Look for APIs and integration points for management capabilities rather than fixed-function management applications.
7. Consider a backup, archive and data recovery plan
A hybrid cloud computing environment requires careful planning of backup, data archive and disaster recovery mechanisms. Various hybrid cloud deployment options should be considered and customers are advised to:
- Monitor the frequency of backup and archiving as this will drive cloud service provider costs.
- Make certain legal agreements are in place, as necessary, for public cloud workloads and components,
- Determine what resiliency and backup capabilities are provided out-of-the-box for the cloud services portion of the hybrid cloud deployment.
- Ensure the cloud providers’ physical location is acceptable given legal and regulatory constraints for offsite backup and archiving of sensitive, proprietary or financial data.
Interested in learning more about these steps and getting a broader picture of hybrid cloud implementation best practices? Check out the Cloud Standards Customer Council’s Practical Guide to Hybrid Cloud Computing in the G2G Markeplace within the Best Practices section.