4 common traps to avoid in a multi-cloud strategy

1. Shadow IT

Organizations often see teams adopt public cloud services without approval from IT. The COVID-19 pandemic accelerated this, as employees experimented with new remote work conditions.

Shadow IT deployments inadvertently create a multi-cloud environment without the IT department's knowledge. This can cause asset vulnerabilities the security department isn't aware of until it's too late. Instead of trying to suppress shadow IT use, aim to strengthen visibility into shadow activity and build a culture of transparency.

Josh Quint

Shadow IT can increase employee productivity and enterprise agility, so lean into it. Educate employees about data hygiene and cloud security best practices. Also, encourage them to proactively approach IT with requests for a new cloud service. This way, an organization can maintain full visibility of its multiple cloud environments to monitor security risks.

2. Cost

Cost optimization is an essential part of any multi-cloud management strategy. If you don't manage the financial implications of each platform, you will spend too much on services that cost less from a different provider.

To avoid financial strain, assess costs before you invest in a cloud platform. Research multiple options to find the services that best suit your business needs. While each cloud provider has specialties, many services are relatively standardized, so you should be able to find a more affordable option.

If finances have already become an issue for a given application, migration to a more cost-effective provider is worth looking into. Don't feel committed to one provider just because it's familiar.

With the appropriate planning and supervision, cloud-to-cloud migration can be more streamlined than migration from an on-premises architecture because well-architected cloud environments are built to be interoperable.

Without adequate visibility and planning, organizations can wind up with a costly, fragmented environment full of duplicate data and security risks.

3. Access management

A multi-cloud environment increases compliance planning. As a result, organizations may have inconsistent security protocols in place for each cloud platform. This can make certain applications and workloads more vulnerable, especially in a shadow IT environment.

Amazon Web Services, Microsoft Azure and Google Cloud use different philosophies and architectures for identity and access management (IAM). Companies that use multiple providers need to learn and adapt to whatever providers' systems they use. They also need to learn how to manage them independently. This requirement isn't a deal-breaker, but it does require recognition and planning.

4. Cloud backup

A multi-cloud strategy can be an effective way to maintain business continuity. A large number of organizations use one cloud platform as the backup for another. However, the backup and disaster recovery processes do not support replication of the IAM permissions.

Organizations must be careful when building disaster recovery safeguards across multiple clouds because it may require a different architecture for each platform and could be a difficult technical challenge.

Proactively evaluate provider value

Don't wait for problems to arise to decide if it's time to move or relocate an asset to a different cloud platform.

It takes careful planning and supervision to reap the benefits of multi-cloud. When organizations increase visibility into shadow IT, continuously assess costs and strategically distribute assets based on its operational and security needs, they can get the best of multiple clouds.

About the author
Josh Quint is the senior director of cloud solutions at Deft. Deft offers cloud-native software development, AWS consulting, cloud infrastructure and global data center services.