The cloud now forms an integral part of every business’ IT infrastructure. Increasingly, however, the growth of the cloud market and incredible range of choice of products and platforms on offer has led to multi-cloud fatigue.

The often-haphazard deployment of cloud services from multiple vendors has also created management challenges that have been exacerbated thanks to the coronavirus pandemic. Are we now in a situation where CTOs need to take action to rationalise their cloud deployments?

The latest cloud study from IBM reveals that 64% of executives plan to migrate more mission-critical workloads to the cloud in the next two years. If not done carefully, however, this could easily lead to more cloud bloat and a consequent aggravation of management and service support issues.

While it can be tempting to just throw money and resources at the problem, this can often result in expanding existing cloud deployments or buying new services without the due diligence needed to ensure they can be integrated efficiently and securely with legacy installations. Information technology service management (ITSM), when coupled with cloud management platforms (CMPs), has, in some cases, exposed weak links in existing cloud infrastructures.

Management of large multi-cloud deployments is also difficult to do effectively. According to the State of the Cloud 2020 report from Flexera, applications are often siloed across the cloud architecture, with a third (33%) of respondents to this year’s survey using multi-cloud management tools. 

“Businesses often adopt a multi-cloud strategy to deliver specific applications or services, avoid cloud vendor lock-in, reduce costs, enable flexibility and increase scalability,” explains Paul Stapley, practice director at Logicalis. “However, multi-cloud adoption presents challenges for people and processes, as the more platforms you have, the more challenging it becomes to manage them. CTOs can face security challenges, connectivity reliability (problems), performance issues, and inconsistent service offerings, making it challenging to utilise and operate multi-cloud deployments efficiently.”

Reducing the cloud architecture’s complexity would enable a far more cost-effective, secure, and efficient cloud service to be constructed and then managed. The danger of businesses’ reaction to COVID-19, which saw a rush to implement ever more cloud services, is an unstructured and unplanned expansion with consequent weak security and lack of management oversight.

Is one cloud enough?

CTOs struggling to manage multi-cloud deployments and ‘cloud bloat’ may wonder if moving everything back to a single cloud is the way forward, but that’s not necessarily the best answer, either.

“With a clear strategy and approach for using multiple clouds, businesses can avoid the issue of ‘cloud bloat’,” Maynard Williams, MD of Accenture Technology UK tells IT Pro. “This strategy must cover both the specific use cases for cloud service provider offerings and how transactions work end to end when they may span multiple clouds. For example, a business might put all of a particular type of workload, such as analytics, onto a specific cloud platform, while ensuring that an issue can be traced across multiple stacks. It also needs to consider hybrid options and transitional states as applications migrate to the cloud.”

Reducing the footprint of a business’ cloud deployments can also deliver much tighter security. Concerns about public cloud’s safety remain high, with Cavirin reporting nine out of ten cybersecurity professionals (91%) are extremely-to-moderately concerned about public cloud security. The most prominent challenge organisations face to their security operations is visibility into infrastructure security (44%), followed by setting consistent security policies across cloud and on-premises environments, and with compliance, which tied at 42% each.

Speaking to IT Pro, Anne Hardy, CISO at Talend says: “Cloud security covers various aspects, the most important being governance, network, logical access control, data protection, security logging and monitoring, security incident response and disaster recovery. Every one of these aspects cannot be managed in the same way with AWS, Azure or GCP (Google Cloud Platform). This variation across multi-cloud deployments means a business needs a team of the right people who can understand all of these areas and the security needs of each.”

Whether and how businesses rationalise their cloud infrastructure will depend on their medium to long-term planning. As Logicalis’ Paul Stapley says, each company will react differently. “We know the correct cloud brings many benefits to the correct workloads. The reasons for both adopting and moving workloads need to be right. By no means is it a one-size-fits-all approach, or a set-in-stone process. As technology advances, and business needs change, the cloud is built to adjust accordingly to best manage those variations.”

New normal IT

Is a single cloud deployment the future of IT infrastructure? The Trinity of AWS, Google Cloud Platform (GCP), and Azure offer all businesses – no matter their size – a cloud deployment platform that can be lean and efficient. The one cloud approach seems distant at this point, however, and the propensity to use multiple cloud deployments often from different vendors shows little sign of slowing. Indeed, the pandemic has accelerated the expansion of public clouds to cope with remote mass working demands, with much of this new deployment being fragmented.

“Most enterprises will choose to work with at least one of the public cloud hyperscalers,” Accenture’s Maynard Williams explains. “And there’s good reason for this: There’s a great deal of competition in the market, so they’re investing heavily in areas like streamlining migration, adapting services for private clouds and pushing out to the edge. In addition, they are investing in a variety of industry-specific cloud solutions – for example, GE Healthcare is running its Health Cloud on Amazon AWS. A bespoke cloud deployment strategy can allow a business to get far more out of these investments than they could realistically achieve alone.”

Williams continues: “For most organisations, the optimal way forward is to select a primary hyperscaler for the majority of mission-critical workloads, and then work with one or more secondary providers dictated by the specific needs of the business. This might depend on regulations, industry, concentration of risk or specialised workloads. This enables the organisation to build core skills and experience on one platform but, take advantage of specialised solutions where it makes the most sense.”

All enterprises large and small, understand that in the post-COVID era, flexibility will be crucial to their long-term sustainability in their marketplaces. The cloud will continue to be a foundation all businesses use to deliver the IT services they need. 

Cloud bloat and the management and security issues these bring will be addressed. However, the cloud is a flexible space that can expand and contract as needed. Can one cloud serve all these requirements? It’s an unlikely scenario. But more streamlining and using fewer vendors look set to become the norm.