CAMBRIDGE, Mass. -- While a well-crafted plan is critical in any IT project, some organizations tackle hybrid cloud without one, leaving IT to pick up the pieces and ensure their cloud is properly managed, integrated and secured.
That message rang loud and clear at the 2015 Hybrid Cloud Summit last week. "With the immediacy of cloud, we sometimes forget [to plan], and begin by just picking up new services," said Judith Hurwitz, president and CEO of Hurwitz & Associates, a consulting company based in Needham, Mass.
Cloud experts at the event, hosted by the Cloud Standards Customer Council, agreed that some organizations simply find themselves in hybrid and multi-cloud environments without any formal plan or management strategy. This happens not only because cloud is generally faster and easier to deploy than traditional IT systems, but because of shadow IT -- when line departments spin up new cloud services without formal IT approval.
Some organizations, for instance, use hundreds of different software as a service applications without even realizing it. Others, meanwhile, are surprised to learn how many different public cloud vendors they use; they may have deployed Google cloud services for storage or business intelligence, Amazon Web Services for compute processing, Rackspace for managed cloud, Salesforce for CRM, Dropbox for file sharing -- the list goes on and on, said David Linthicum, senior vice president at Cloud Technology Partners, a consulting firm and cloud software provider in Boston.
"In many cases, enterprises are not putting a lot of thinking into how they get to multi-cloud," Linthicum said. "They just kind of find themselves there."
And when they do, those organizations scramble to cook up a formal hybrid or multi-cloud strategy.
Reining in a hybrid cloud that's run amuck
When asked to bring order to multi-cloud chaos, IT must consider a range of factors – and first among them is a plan.
Just as they would for any traditional data center project, organizations should have a detailed plan for acquiring, using and managing cloud services. This is especially critical in environments where multiple cloud vendors, or platforms, are used.
In addition to things such as cost monitoring and data management, security should be at the "core" of any hybrid cloud plan, Hurwitz said. What's more, these plans should clearly articulate the top business drivers behind any cloud deployment. Collaboration between the business and IT is a must.
"The really successful IT leaders are business people," Hurwitz said. "They are as fluent about IT technology as they are about the business, the business drivers and business change."
Striking an alliance between the business and IT was key for Pension Benefit Guaranty Corp. (PBGC), a U.S. government agency that's moving toward hybrid cloud.
"Every single project that we are working on is IT, business, enterprise [architects], security, contracting – everyone is at the table," said Pamela Wise-Martinez, chief cloud and enterprise data architect at PBGC, which is weighing a mix of on-premises, public cloud and federal community cloud services.
In addition to business drivers and goals, a solid hybrid cloud plan must emphasize data integration, and include blueprint information not only about the target architecture an enterprise wants to achieve, but the legacy architectures it has today.
"If you don't know what you have, it's kind of hard to go someplace else," Wise-Martinez said.
For data integration, hybrid cloud plans should clearly map out what data can move to the cloud and what needs to remain on-premises -- such as applications containing personally identifiable information -- as well as any dependencies that exist between those two groups. Organizations must also consider the specific governance requirements of their data and applications when determining what should reside where.
"From my perspective, [hybrid cloud] is really about sharing data, sharing information and how we can do it more effectively and more securely," Wise-Martinez said.
Governance and management tools can help
While a formal plan is a must-have for hybrid and multi-cloud success, the right mix of tools can also make or break a deployment.
In particular, organizations should consider three families of cloud tools: third-party cloud service and API governance tools; provider-native governance and management tools; and third-party cloud management platforms, or cloud brokers, Linthicum said.
A cloud management platform should provide an integrated tool suite that helps organizations automate management across public and private clouds. The platform should eliminate the need for vendor- or service-specific interfaces, providing a single pane of glass for hybrid or multi-cloud management, according to Linthicum, whose employer sells a cloud administration and governance tool.
Specific capabilities to look for in a cloud management platform include image provisioning; metering and billing; workload optimization via policies, workflows and roles-based access controls; as well as self-service interfaces for operations, monitoring and end-user requests.
Still, even the best tools on the market can fail at eliminating complexity without a solid hybrid cloud strategy behind them.
"We're moving into complex, widely distributed and heterogeneous architectures, and have no clue how to synchronize information and services between them. We need to work on that," Linthicum said. "And that was a common theme I heard at [this event]… this is hard, and we're going to have to do some analytics and some planning. But the good news is we have some pretty good tools and technologies [that can help]."
Kristin Knapp is site editor for SearchCloudComputing. Contact her at [email protected] or follow @kknapp86 on Twitter.