Ian Hirst, Head of Cyber Security at Gemserv discusses how new cloud architecture strategies have been built to help develop flexibility, scalability, and reduce costs within organisations.
We are firmly in the digital stage of the industrial revolution. The continuous innovation taking place as a result can be witnessed in the evolution of computing technologies. Cloud adoption, on both an enterprise and personal level, is higher than ever, highlighting to companies the importance of selecting the right cloud architecture strategies.
Cloud computing is now an integral part of operations within many organisations, both large and small; most systems are either on the cloud, hybrid, connected to or dependent on other cloud hosted services. Cloud adoption has accelerated rapidly, spurred on by key events, most notably the recent COVID-19 pandemic. The pandemic underlined the importance of the computational flexibility, agility, cost savings, and scalability that cloud computing gives you, which remains imperative for organisations to enable hybrid working and speed to market.
However, what is next in the world of cloud architecture strategies, and how can they be beneficial to organisations and their objectives?
Multi cloud architecture
The use of multi cloud architecture (using more than one cloud provider) is becoming common place among organisations. In a 2022 Computing survey, they found that of the 150 executives polled, 84 use more than one cloud provider, with 2.3 being the average number of cloud providers used. Multi cloud enables the varying functionalities, such as performance, cost, and security offered on a single network architecture to be utilised across providers. 97% of IT leaders surveyed indicated that their organisations are planning on distributing workloads across two or more clouds, with three key reasons being identified.
As the public cloud model – particularly infrastructure as a service and platform as a service – has been increasingly adopted by most organisations, the impact of any outage to a public cloud provider or content delivery network could be and has been severe. Whilst public cloud providers deliver 99.999% availability in most cases, logically and geographically distributing their data centres, there are issues that they could encounter (API, console, misconfiguration issues) that would lead to widespread outages. The actualisation of these sort of issues in recent times has been one of the drivers towards the multi cloud model, to improve the resiliency and availability of customer’s cloud deployed solutions.
41% of IT leaders are seeking to combat recent outages that hit specific cloud providers and associated service providers, aiming for the ever elusive 100% availability. In the past few months there have been a spate of outages that affected global organisations such as Twitter, CNN, Guardian, Reddit, PayPal, Spotify, New York Times etc.
Additionally, different cloud providers offer varying functionality and services. Microsoft Azure is well regarded for its connectivity with Microsoft 365, AWS for its extensive range of database solutions and GCP for its comprehensive worldwide fibre optic connectivity. There are numerous cases where organisations require services from more than one public cloud service provider to optimally develop, host or deploy a solution. There are also regulatory compliance features that some providers have that others do not, along with compatibility with third-party tools, monitoring, and other services. Therefore, depending on the use case, a combination of several CSPs may be required.
Despite the growing popularity and benefits offered by the multi cloud approach, security monitoring and visibility of assets across a multi cloud architecture can pose a challenge to IT leaders and organisations. The decision to implement a multi cloud strategy must be based on a level of compatibility between the cloud providers chosen. There is a large cost to transferring substantial amounts of data in and out of a cloud environment. Strides are being made by some cloud providers to better integrate and share data feeds to enable a single pane for security monitoring. Ensuring that the organisation does not lose visibility is crucial to maintain a secure posture with multi cloud architecture.
Hybrid cloud architecture
Hybrid cloud architecture is a long-adopted strategy which connects private and public cloud infrastructures. Hybrid Cloud allows companies to scale up operations in a more cost-efficient way than being purely on-premise, whilst maximising control over their data. This strategy is great for certain industries where organisations do not want their data to be part of a multi-tenanted environment (public cloud) but want to enjoy the benefits from shifting some workloads into the public cloud.
Computing recently conducted a survey of 180 UK IT professionals, of which 60% have a hybrid cloud strategy. Whilst many organisations are moving into the cloud completely and adopting multiple cloud providers, some organisations see the benefit in leveraging the agility and cost savings available in the public cloud, whilst maintaining a level of interdependence from the public cloud. For example, employees can continue working even if there is a failure at a public cloud provider, as the organisation’s infrastructure is hosted on both public and private cloud platforms.
Hybrid cloud is flexible and can be scaled accordingly. Any operations that are non-critical can be moved to public clouds, which allows companies to scale up and down as they need, taking advantage of unlimited resources. It can be designed and tailored to the needs of the organisation.
However, this is a strategy that comes with a higher cost and effort overhead as the organisation will have to pay for both their public cloud deployments as well as their private cloud hardware and virtualisation software. Hybrid cloud strategies also encounter the same issue as multi cloud strategies when it comes to the security and control aspect of these strategies. There are many security vulnerabilities surrounding hybrid clouds that store confidential data, not to mention the difficulty in securing and monitoring data interactions between private and public infrastructures. There is also a concern that if organisations rely on the hybrid cloud architecture for too long, they may miss out on developing the cloud first skills within their workforce that will be required if they move into the cloud fully.
Zero trust architecture
The zero trust architecture model is here to stay. A zero trust network dispels the notion of trust being given to devices, users, networks, applications, and data. It is a principle that moves defences from a static network-based, to continuously, autonomously verifying and monitoring a user, assets and resources approach.
More than 73% of companies now have applications or infrastructure within the cloud, and utilise cloud operated service providers and SaaS vendors, external to the organisations network. An enterprise network in 2022 has moved beyond a locked down local corporate network and now extends into employee’s homes, devices, wireless networks and coworking spaces. This underlines the requirement for an architecture and principle that helps organisations to securely handle and provide access to data which might be held across multiple cloud providers, authenticating and monitoring who is accessing their applications, and the health of the devices that are used to access said data.
The Zero Trust framework is built on the following principles:
- Know your architecture including users, devices, services and data
- Know your user, service and device identities
- Know the health of your users, devices and services
- Use policies to authorise requests
- Authenticate and authorise everywhere
- Focus your monitoring on devices and services
- Don’t trust any network, including your own
- Choose services designed for zero trust.
In conclusion, both multi and hybrid cloud are built to help develop flexibility, innovation, scalability, improve availability and reduce costs within organisations. These strategies are both here to stay as there is no question that they have proved beneficial to companies that have used them, especially given the growth of remote working and the ever-expanding corporate network year on year.
However, a major concern is security and control. Zero trust architecture is vital for the multi-cloud and hybrid cloud strategies. To find out more about how zero trust architecture can support your cloud computing strategy, get in touch with Gemserv today.