Managing Operational Complexity in Multicloud Environments
Published 11/29/2022
Written by Sandeep Shilawat, Cloud and IT Modernization Strategist, ManTech.
Originally published on Forbes.
With the benefits of cloud computing now clear, enterprises are racing to adopt cloud-based infrastructures.
According to Synergy Research Group, spending on cloud computing exceeded spending on traditional data center operations last year. This year, Covid-19 has only accelerated that pace of disruption. While change has been rapid, according to some estimates, in 2019, less than 30% of production workloads were on cloud environments. This means significant cloud computing expansion is on the horizon.
IT managers should develop their strategy now for how best to manage operations in these new multicloud environments.
Challenges With Traditional IT Operations
Historically, enterprises typically owned data centers and managed their IT assets with their own staff. This led to the accumulation of technical debt, with IT teams having to balance data center management, IT modernization and the elimination of debt. Most enterprises focused primarily on IT management, spending less time on using technology for business transformation and competitive advantage purposes. This reduced the IT landscape primarily to large players who could make significant capital investments and spend large sums of money on application development. Small and medium-sized businesses could not compete on innovation, leading to large monolithic IT organizations that moved very slowly. These organizations also found it difficult to hire and retain IT talent.
Challenges With The Cloud Ecosystem
The cloud ecosystem has also evolved rapidly over the last five years. Just three years ago, Amazon Web Services dominated the market, but today, Microsoft Azure and Google Cloud are credible competitors for market share. Other players like Alibaba, IBM and Oracle are also trying to make their mark.
The market now realizes that some portion of IT must remain on-premises, which has given rise to hybrid cloud computing. A survey done in 2020 indicates that more than 80% of enterprises now use cloud. The diversity of these cloud providers has led to interoperability challenges and discussion of open cloud environments. IT is heading toward a combination of multicloud, hybrid-cloud and open cloud environments, supported by the edge computing ecosystem.
Challenges With IT Operations In The Cloud And DevSecOps Era
The advent of cloud led to the emergence of the IT shared responsibility model. Here, IT operations control shifted from the organization itself to the cloud service providers (CSPs). At the same time, the emergence of DevSecOps started seeing a convergence of operations, security and development. The transition to DevSecOps requires changes in corporate culture, and large organizations still struggle to adapt to it.
Rapid technological changes — including the rise of cloud access security brokers (CASBs) and zero trust networks (ZTNs — have created a significant skills gap, leading to operational issues and increased human errors related to configuration and security. The Cloud Security Alliance Report from 2019 show most service outages and security issues in 2018-2019 were due to human error. A lack of clarity of responsibility under shared security models and lack of visibility in cloud resources led to additional issues, per the report.
Traditionally, organizations faced issues securing data centers with existing workforce and tools. Facing a long list of emerging cloud-related technologies, these enterprises are now rushing to multicloud environments without fully understanding the increased risk of operational complexity for managing these environments.
We are now in a multicloud phase of cloud computing while dealing with an oligopoly of hyper-scale cloud service providers. Frequent outages from cloud service providers have laid bare the many interdependencies of critical services for CSPs; outages often lead to a chain reaction of service interruptions. This makes it harder for operations to diagnose and fix problems with traditional tools, and very few tools have been developed to effectively manage multicloud operations.
In addition to the skills, tools, and identity management issues, the evolution of multicloud and hybrid cloud ecosystems has also created significant visibility issues in terms cloud assets owned by organizations and has become a top priority. It is difficult to view the full IT infrastructure with a single dashboard, so it is hard to track dependencies among various components of different clouds. Therefore, IT operations teams are largely at the mercy of CSP vendors to provide details and live up to their promised service levels to manage operations. Lack of visibility remains a major cloud security concern — it is very difficult to manage something you cannot clearly see.
Potential Solutions
The benefits of cloud computing seemingly outweigh the drawbacks. Market events like Covid-19 have only accelerated the rush to cloud adoption, without any real solution to the complexity of multicloud operations. In the cloud adoption rush, many enterprises have forgotten that the cloud was supposed to simplify IT operations.
As IT systems keep evolving from monoliths to containers to microservices, IT managers should adopt the following approaches to future-proof their IT operations:
- Build vendor-neutral models of cloud adoption: Approaches like our company's LaunchRAMPR allow IT managers to adopt and manage their cloud environments while staying vendor-neutral. Decoupling from specific cloud vendors in migration and operations will prevent future issues related to cloud vendor lock-in.
- Accelerate automation: It is virtually impossible to manage multicloud environments manually. IT operations should be automated wherever possible. Enterprises need to invest heavily in technologies like AIOps and MLOps to hedge their operational risks in multicloud environments.
- Establish a zero trust model for security: Managers must rethink fence-based approaches to managing security. Adopting a zero trust or trust-free model of security could significantly reduce attack vectors in amorphous multicloud environments. This will eliminate the need for complex VPN architectures, internal firewalls, and reduce the possibility of lateral movements and insider threats.
- Invest in cloud management platforms: Managers should invest in multicloud management technologies while the ecosystem is still evolving. This will prepare the enterprise for the future of cloud management and provide greater control of the economics of IT operations.
Related Articles:
How Cloud-Native Architectures Reshape Security: SOC2 and Secrets Management
Published: 11/22/2024
The Lost Art of Visibility, in the World of Clouds
Published: 11/20/2024
Group-Based Permissions and IGA Shortcomings in the Cloud
Published: 11/18/2024
9 Tips to Simplify and Improve Unstructured Data Security
Published: 11/18/2024