Going Forward: Hybrid Cloud Strategy

Yesterday was election day in the US, which prompted me to think about going forward. It is a time of change, no matter which side of the debate you are on. It is also a time of change within businesses. Businesses need to continue going forward. They need to make some tough choices based on the need to increase revenue, the need to cut costs, and the need to grow. No business is static. How does hybrid cloud fit into the equation? Is it a simple measure of costs? Or is there more to it than that? This depends entirely on the knowledge within a given organization and its definition of hybrid cloud.

Yes, even today there are several definitions. These can be separated into two broad categories:

  1. Bursting infrastructure into public clouds such as Amazon and Azure from your data center. What is running within the data center is a private cloud, virtual environment, or some other construct. The traditional IaaS- or PaaS-based clouds.
  2. The mixed use of solution clouds with on-premises, in-cloud, or even between-cloud services and solutions. In essence, the combination of SaaS, IaaS, PaaS, DRaaS, DaaS, etc. The list goes on.

No matter which way you go and which mindset you have, the decision going forward is based on your organization’s level of knowledge, acceptance and understanding of risk, acceptance and understanding of costs, and understanding of its data. These questions of knowledge, risk, cost, and data roll into a business decision about how to use the hybrid cloud, what can go where, and why it needs to be where it is. Let us look at three different businesses to determine if the cloud is something they can use.

Typical SMB

The typical SMB is letting its equipment last as long as it can. Buying cycles are pretty erratic. SMBs buy when they are forced to do so. They may or may not have the knowledge in-house to manage their own systems. In this case, they hire an outside firm to do their management for them. These firms can be small managed service providers (MSP). In most cases, if they take credit cards, they do so with minimum risk. Outside of entry concerns, all processing is done elsewhere, whether at their bank or via a SaaS. Disaster recovery is an afterthought, often left in the hands of the MSP. SMBs often offload risk through lack of knowledge. They often use cloud systems because the cost of such knowledge is too much over time. They could afford an MSP, but they use the MSP to offload risk and the long-term costs of hiring the knowledge they need. Data management is also normally not within an SMB’s purview, as that, once more, requires knowledge. There are well over three million SMBs in the US alone.

Now, there are exceptions to this case, and I call those SMEs (small and medium enterprises), as they consider IT to be a part of every business decision, not an adjunct.


The SME, on the other hand, has more knowledge. Modern ones look at startup costs and determine whether to be on-premises, hosted, or all in the cloud. The goal is to move at the speed of the business, but to involve developers and IT in all decisions going forward. This is the nature of an enterprise regardless of the size. This may entail pricing out competitive solutions while taking on more of the risk management themselves. Regulatory compliance often comes into play for the SME, as there is a need to protect the privacy of customers. Can this be done in the cloud? Absolutely, at least with the proper protections. Such knowledge often comes from experts who may or may not be part of the SME organization. Knowledge is key, specifically around handling of compliance, data, and disaster recovery. However, cost is an overriding issue. Is it more cost effective to spend money on a three- to five-year investment or to go with cloud services that have a monthly cost? The costs could be the same. The costs could be wildly different. Do you know it costs quite a bit more to pull data from many clouds than to put it into them? Networking surcharges may apply. What if you are not happy with the cloud service: how do you migrate? Data management becomes a full-time job for someone.

The Large Enterprise

This is the SME writ large, but often with heavy amounts of risk avoidance. In other words, highly regulated industries may not use the cloud for anything critical, or for anything to which risk is assigned, but they may use it for outliers. Enterprises that are not part of highly regulated industries often have more choice. Do you accept the cloud’s risks and work around them, using cloud services as needed but maintaining an on-premises data center? Data management becomes a full-time job for a team of folks. Where is my data? Can you prove the location and jurisdiction of data?

Closing Thoughts

This is by no means the end of the conversation. There is quite a bit to consider going forward. Cost controls, data controls, compliance, and risk acceptance are just the tip of the iceberg. These are elements that merge IT into the business; IT can show the business how these can be met by all options. Today, outside of highly regulated industries, many enterprises are using the hybrid cloud, even if they do not know it. The real trick is to get it under control. Inside the highly regulated industries, they use the cloud as needed but under careful scrutiny. These organizations tend to be highly risk averse.

As you consider the hybrid cloud, pick a definition. Compare some costs over the lifetime of the application and, more importantly, the lifetime of the data. Figure in the costs of moving data around. Then, ensure your risks are covered by the proper controls. At the same time, know your data.

Posted in SDDC & Hybrid Cloud, Transformation & Agility