Hybrid cloud is the way that most organisations are set to consume cloud services for some time to come, but firms need to look carefully not just at what functions they offload to a service provider, but whether they have the right management tools in place, and where the demarcation line lies when it comes to responsibility for things like compliance.
In a talk during the V3 Cloud & Infrastructure Live event, David Grimes, chief technology officer at hosting services provider NaviSite, discussed the potential pitfalls organisations may come up against when migrating some services to a cloud provider, and how to avoid them.
Hybrid cloud is here to stay, according to Grimes, and the reality is that enterprises will work with a mix of their own on-premise infrastructure and applications and services farmed out to service providers.
Among the first things that organisations need to consider is which IT services can be moved off-site, and which need to remain under tight control on the organisation's own infrastructure.
"People now realise that not all workloads should move to the cloud, and not all workloads can. We still see software licences that are not cloud-friendly, we still see performance characteristics required from certain types of applications that just aren't well suited to public cloud, and in those cases, more traditional infrastructure approaches are used, often meaning they are deployed on-premise in the enterprise," Grimes said.
Organisations also need to look at the kind of hosting model on offer. Co-location of servers still requires customers to essentially manage everything themselves, while a service provider offering infrastructure-as-a-service takes on responsibility for most of the physical layer, and one offering managed cloud services takes care of everything save the management of the applications and data, according to Grimes.
"Basic care and feeding of infrastructure and operating systems is not core to your business, so it's best to find a partner that does that, can do it well, and can do it at an economy of scale and expertise that can bring skills to bear that you may not have in-house," Grimes advised.
Beyond this, organisations also need to consider management tools. The question here is whether the management tools they already use can accommodate or be adapted to a hybrid cloud scenario, or whether the customer will have to adopt the management tools used by the service provider.
"What happens if a customer requires something like Solar Winds for monitoring? I might need that capability because I've customised it over the past seven years so that everything is tuned to my needs, and the Tivoli tool the service provider wants to use won't cut it," Grimes said.
One of Grimes' key points is that the regulatory compliance burden still lies with the data owner.
"If you are offloading controls to a service provider, those need to be documented, and it needs to be clear where the delineation is between the service provider's role in meeting your compliance and governance obligations, and where your role is," he said.
The basic takeaway is that organisations considering a hybrid cloud strategy need to do their due diligence, but shouldn't get too hung up about keeping total control over everything.
"There are always good reasons to use the tools you use in the enterprise, but don't let the temptation of always using your own tools overweigh the value of the efficiency provided by a service provider," he said.
The talk by Grimes is just one of the many pieces of content related to cloud and infrastructure that forms part of the V3 Cloud and Infrastructure Live event. More content will come today and tomorrow, all of which will be available on demand.
Q3 losses reverse Q2 gains
FBI briefing US companies to dump Kaspersky, claiming intelligence prove it a 'threat to national security'
Kaspersky rejects FBI accusations that its products are a 'threat to national security'
But breached contractor says that it simply didn't have that much data
EE follows Three in threatening legal action against Ofcom - but for entirely different reasons