IT disaster recovery, cloud computing and information security news

John Young highlights some of the potential pitfalls that organizations can experience when migrating to hybrid cloud environments and suggests areas that need to be considered to ensure that resilience takes centre-stage.

Hybrid cloud has many inherent qualities that make it attractive for businesses looking to modernise their IT, including cost optimisation, agility and continuous product development. Cross-sector appeal will also drive the hybrid cloud hype cycle, with Gartner predicting that 90 per cent of organizations will adopt hybrid infrastructure management by 2020. While the ostensible benefits of hybrid cloud solutions are undeniably positive from the perspective of business value, we’ve seen a number of organizations who have had their IT modernisation strategies curtailed by issues of migration. For example, running mission critical applications and infrastructure across multiple cloud environments runs the risk of creating hidden interdependencies between disparate systems. As a result, IT can become more difficult to control or fix in an instance of a failure, adding chaos and confusion to what can already be costly disruption.

But in the era of digital transformation, organizations cannot afford to be hesitant. Knowing how and when things can go wrong is the first step to mapping out a resilient hybrid cloud migration strategy. This starts with three simple questions: firstly, how can workflow streams be uninterruptable across two environments? Secondly, which applications should be hosted in a public cloud and which should stay on-premise? And finally, how can hybrid workloads ensure continued compliance, especially in the age of GDPR?

Multiple clouds, one uninterruptible business structure

At times, an organization will need to migrate data from on-premise hardware to the cloud or vice versa. This requires a new IT governance model to be created, with policies and procedures attuned to where applications and data reside. An efficient migration strategy reduces the risk of data being lost during the process and the potential for other people to access information that they shouldn’t be able to see. A consistent toolset across hybrid IT deployments is needed to grant the ability to provision, view, access and manage public and private cloud resources with a single set of credentials.

The flexibility of a hybrid cloud service model also extends to options for provider or customer management of the on-premise private cloud environment. The most sophisticated cloud providers offer management solutions that span both cloud environments. A self-service portal enables the customer to manage their on-premise private cloud environment to reduce costs and to post service requests to the public cloud. In-house IT can also collaborate with operational support from public cloud service providers, taking full control of architecture, deployment, monitoring and change control in hybrid cloud solutions. They also resolve incidents to keep critical applications and workloads up and running.

Choosing which applications to run in private and / or public cloud environments

It’s often thought that applications and data that, if rendered inoperable or stolen, could affect the organization’s ability to function are best suited to the private cloud. These so-called ‘mission critical’ applications vary from industry to industry but are generally responsible for supporting the basic transactional activity between an organization and any number of components in its network (i.e. customers and/or end users, products and services, network endpoints, etc.). On the other hand, that’s not to say that cloud providers should be discounted entirely for hosting mission critical applications. Cloud and managed service providers may layer their solutions with specific components that protect the stability of the applications they host, such as co-located data centres or managed security services.

When deciding which applications to move to the public cloud, an organization should start with the less mission critical ones (such as infrastructure services, messaging, web applications for collaboration, and database applications). These are good candidates for public clouds because they are less likely to cause widespread disruption to a business if they are knocked offline and can be cost-effectively maintained at the cloud provider’s data centre / center.

Fully understand and address the hurdle of regulatory compliance

In terms of business priorities, organizations endeavour to be more flexible, more available and more omnipresent in order to remain competitive. While hybrid and public cloud solutions are the natural choice for businesses seeking these benefits, a distributed model of data storage presents a challenge to one of the key facets of GDPR compliance: knowing exactly where data is. As a result, businesses looking to migrate data from on-prem data centres to the public or hybrid cloud must have the diligence to ensure visibility is not sacrificed in the process.

The need for visibility in distributed cloud systems is driving demand for so-called ‘sovereign’ cloud solutions, which provide the fundamental benefit of ensuring that all data is stored on servers located on UK soil. Currently popular within the public sector due to enhanced security qualities, the GDPR is now also driving uptake of managed sovereign cloud solutions in the private sector, along with other factors such as cyber security and the uncertainty around data transfers around Brexit. These solutions will help close the widening gap between operational flexibility and regulatory compliance, and give businesses peace of mind when migrating to the cloud. 

Taking a resilient approach to migration

Fundamentally, there is one main question organizations need to answer: how do we stay resilient through periods of change? When it comes to hybrid cloud, only when the threats to business continuity have been addressed can migration processes begin and concerns surrounding performance, flexibility, and control be put to bed. Cloud computing is not a one-size-fits-all solution, and the implications of simply following suit and choosing the wrong solution can backfire, with potential to cause real damage to the bottom line for companies. Only through a thorough examination of the options and insight from qualified experts will organizations successfully embark upon the right cloud journeys for operations today, and beyond.

The author

John Young, Solution Architecture and Engineering, Sungard Availability Services.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.