cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sdurbin
Newcomer III

Single cloud or multi-cloud?


I've heard many IT professionals extolling the benefits of individual cloud platforms. However, I've been in the game long enough to know that, to paraphrase the idiomatic expression, fitting any vendor's "square peg in to a round hole" is always arduous.


I have recently brain dumped my own thoughts on the subject of multi-cloud adoption and some of the biggest arguments are not only technical ones in my opinion.

 

I'd be interested in other professional's experiences, and opinions, on the subject.

 

Particularly, when would you advocate for single cloud adoption?

 

What are the most critical deciding factors? Technical decisions? Cost? Attracting skills? Cloud platform maturity?

3 Replies
Beads
Advocate I

I once asked a colleague if the cloud was the new silo. We decided that in many ways, yes, it is. 

 

If your following best practices for cloud you should be looking at feature sets not just one cloud provider as Azure will be best for healthcare, eHR, HIPAA, et al., being healthcare friendlier than AWS or Google Cloud at this time. Same with document (Cosmos vs Mongo or say Cassandra). Graphing databases suffer much the same but also highly specialized to the point where I don't see that much of a difference between offerings.

 

AWS and Google have very specific offerings that make sense for more general computing for less money and a plethora of specific services that Azure does not compare well. For example, I appreciate the EC2 pricing model over say Azure Blob. Always an advantage and disadvantage with these types of comparisons.

 

Considering Google and Azure are really market reactions to AWS' success your going to see different offerings to meet, differing needs and demands. As architects we have to understand these pros and cons of each offering to make the best overall recommendation and decision on behalf of our organization(s).

Its a matter of keeping all your eggs in whatever basket holds the goods the best. That maybe one large basket; it maybe several smaller baskets. 

 

Personally, I will take advantage of the best service for the least price. While vendor lock-in has proven to be the Achilles heel of many a good intention it usually doesn't work out as well as the 'One throat to choke' advice of yesteryear would have you believe.

 

Single cloud provider? No, thanks.

 

- b/eads

emb021
Advocate I

Just from my experience as a security consultant, my clients who have gone to the cloud usually go to one particular CSP.

 

All of my clients are using either AWS or Azure, most using AWS.  I'm not privy to how they decided.  (so far none are using GCS, IBM Cloud or Oracle Cloud).

 

One of my clients, however, in the retail space, is going from being all AWS to being mixed (AWS & Azure).  They have 2 cloud environments, both on AWS.  One for their SaaS solutions, the other they use for internal use.  Due to a certain major retailer being a customer, they are moving their SaaS solutions to Azure.

 

So I wonder if some of the reasons a company might have for picking a cloud service provider is due to their customer base?

 

I did speak with a company dealing with stock trading, and they were mixed (AWS & Azure).  Each was used for different purposes.  Sadly, wasn't able to dig into the reasons, tho I got the impression it was each best served different purposes, so maybe the services were better suited to them.

 

If a company is using O365, they may feel they need to go with Azure vs the others.  Tho I do see strange mixings.  Using Exchange for email, but using Google Drive to store files, etc.

 

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Caute_cautim
Community Champion

@emb021    You automatically presume it must be Cloud related services, but you can still have Private Cloud, Public Cloud, Hybrid Cloud.   Well given the recent European data breach concerning AWS and Elasticsearch.   Don't put all your eggs in the same basket!  

 

You need to look carefully at the level of security and their responsibilities vs your responsibilities for each provider.

 

They are not the same, despite the promises they provide.

 

You also need to understand the criticality of the data and level of controls you need to apply to ensure you are not prosecuted for not protecting clients data sufficiently, and what the cloud provider will do to assist you.

 

Free is not necessarily good - more termed best efforts in some cases.

 

Plus the real biter is the one, where you have signed the contract, and realised that the provider will charge you for each and every data bit going in and out of your hosted area.   Some have had a real shock, so you have to ask the correct questions and persist until you have a decent reassurance of where, how, your choice will protect your organisation and assist you to ensure it is protected.

 

What services does your business actually need to derive the best benefit in terms of meeting the organisation business objectives and those of your clients?  Where should the data be held and what controls definitely need to be put in place?  Some will offer you bare metal, Infrastructure, platform or software constructs - so you definitely need to be well aware of what you are walking into and how they will benefit your organisation or in fact impede or enhance your business risks.

 

Regards

 

Caute_cautim