Issue 1

BIOS Multi-Cloud

Managed Services across the region’s leading cloud

The Ultimate Guide to Multi-Cloud

Introduction

Hybrid Cloud

Almost all businesses we see in the Middle East are using some elements of public cloud and have developed a hybrid cloud strategy. For instance, they may still keep a lot of their production servers on-premise if they are less than 3 years old, but they might leverage the cloud in a number of ways. These may range from Disaster Recovery as a Service to simple email hosting. Companies will usually provision new servers on the cloud rather than buying hardware. In this sense they are already following a Hybrid cloud model.

The emergence of a Cloud-First approach

Companies are increasingly choosing a cloud-first approach. Cloud-first is the preference to put new application on the cloud rather then on premise.

This is because using the cloud is inevitably cheaper than hosting applications on-premise. Reasons for this include the operational cost of running on-premise IT infrastructure, plus the costs of hardware renewal, warranties and software.

More and more businesses are also recognizing that cloud is more secure. Cloud providers invest heavily in infrastructure security, so cloud users are only responsible for securing their own data. The other advantages of cloud vs on premise such as agility and speed of deployment and uptime have been accepted for some time. Corporate technology teams are focused on deriving competitive advantages from developing IP and on cost reductions by leveraging cloud. In other words, they aren’t concerned about managing a IT platform for the sake of it. These elements have led to a 200%+ yoy growth of our managed Cloud services for the past 3 years.

A cloud-first approach takes many technological dilemmas and distills them into one: which cloud to choose? Different cloud providers might have different features that customers need for various workloads, for instance:

  1. Many companies use office 365, so perhaps migrating to Azure it the right answer?
  2. The costs of hyper-scale providers can be prohibitively high for standard production workloads that must run 24x7. Local regional providers like our own CloudHPT have a significant cost savings advantage for customers.
  3. Many developers prefer to develop applications on AWS, and media companies want to take advantage of the AWS Content Distribution Network.
  4. Companies looking to do deep data analytics and AI may want to leverage Google cloud
  5. Heavy users of Oracle may want to run workloads on Oracle cloud.

Fortunately, companies don’t have to choose just one cloud. The obvious answer is for companies to take the best features and services from each provider at the best price, this approach is called Multi-Cloud.

Multi-Cloud

Businesses increasingly choose a multi-cloud strategy, taking the best products for the best price of each and avoiding vendor lock-in from any one provider.

"By 2021, at least 75% of large and global organizations will implement a multicloud-capable hybrid integration platform, up from less than 25% in 2018." 3 Gartner

An example of Multi-Cloud: A customer chooses our in-country managed cloud, CloudHPT, for hosting production workloads. They then use Azure to host Office 365 and AWS for their websites. In this way they get the advantages of cheaper managed IaaS from CloudHPT, the world’s best email platform from Azure, and the Content Delivery Network for webhosting from AWS.

Other examples include: Hosting production workloads on a managed and more affordable platform like CloudHPT, but hosting databases on Azure that can capitalize on power BI analytics or Azures’ AI platform. Multi-cloud can also be used for single applications like a webfront end on one cloud and a database server on another.

Reasons to Adopt a Multi-Cloud Strategy

Breadth of capabilities: No single cloud provider offers a comprehensive set of services. Because cloud providers are differentiated and have strengths, weaknesses and unique capabilities, adopting a multi-cloud strategy allows access to best-of-breed features.

Innovation: Cloud providers sometimes leapfrog each other in terms of capabilities. For customers for whom immediate access to the newest innovations is of critical importance, a multi-cloud strategy allows them to quickly take advantage of new capabilities as soon as they are introduced into the market.

Avoid vendor lock in: Some customers believe that placing most of their applications in a single cloud provider creates the risk that a service change could have widespread impact on their overall application portfolio. Some customers are also concerned about the potential for massive outages. For instance, in 2012 and 2014, there were Microsoft Azure outages that impacted nearly all Azure regions worldwide and in 2016 AWS was inaccessible for 12 hours in the East cost of the US.

Cost Savings: Hyper-scale providers come with advanced features but at a higher cost than regional providers (who offer services up to 50% cheaper). Meanwhile, the majority of workloads don’t require these expensive extras. Combining a local provider with a global provider can equate to significant cost savings. Sometimes hyper-scale providers try and overcome this by advising clients to power off applications and servers after working hours but since most businesses are now 24x7x365, this advice is hard to follow.

The challenges of Multi-Cloud

There are multiple challenges associated with the multi-cloud model. These challenges must be answered if a multi-cloud strategy is truly going to deliver the maximum benefit to the business. Therefore, proper planning is key. In addition to selecting the right providers and understanding the cost and platform potential, there are also issues of security and governance. In a borderless multicloud environment, security and governance have to be your priority and not just an after-thought.

Another big challenge is that of complexity. Moving to the cloud does not magically remove complexity, in our experience. If appropriate steps are not taken, a cloud migration can increase complexity by orders of magnitude.

For instance:

  • How are decisions made about what to use and what not to use?
  • How do you ensure that the cost is appropriate to the workload and kept under control?
  • How do you secure multiple cloud instances with a common approach?
  • How do you manage multiple clouds centrally?
  • How do you manage multi-cloud connectivity?
  • Do you apply the same processes and procedures to each different cloud provider?
  • How can you ensure that the approach to audit and compliance is the same across all your providers?

A composite multi-cloud architecture must have solutions for the following challenges:

  • Lack of visibility can lead to cloud sprawl. If a company doesn’t know what cloud services it is using, how can it manage and monitor them?
  • Governance across multiple clouds can be a challenge. This can range from how admins login to the various clouds, how they interact with third parties, what type of workloads are deployed on different clouds, and how a consistent configuration can be applied across multiple clouds (hardening for instance).
  • Unpredictable billing, or ‘Bill shock’ occurs when a company is expecting one cost for cloud usage and receives a bill many times greater. Without effective controls across multiple cloud platforms, it is easy for over-provisioning to occur. This negates many cloud advantages.
  • Management needs special consideration because each cloud provider comes with their own set of management and monitoring tools. Companies may also be using different tools for onpremise infrastructure. With so many different approaches, keeping environments operating within desired parameters can be challenging. The idea that cloud environments don’t need central management is naïve at best and dangerous at worst.
  • Security is perhaps one of the most important considerations. As applications and data migrate outside a company’s firewalls they become more vulnerable than ever if not properly secured. Cloud is insecure by default. It must be secured. Multi-Cloud is even less secure by default. The correct approach is one that is agnostic to the environment and secures and monitors multiple environments and reports on threats wherever a company's digital assets are in a centralized manner.

Introduction to BIOS Multi-Cloud

Multi-Cloud has many advantages, however, there are challenges that must be addressed in order for a Multi-Cloud strategy to be successful. We have developed a Multi-Cloud approach for our customers to ensure challenges are met and benefits are maximized.

The BIOS Multi-Cloud approach consists of tools, processes and services that combine to provide a comprehensive approach to Multi-Cloud to maximize Its benefits. At the core our approach is BIOS Multi- Cloud, a single pane of glass that allows us and our customers to see, provision and manage multiple cloud environments. It includes BIOS Assured (our managed Service) and BIOS Secured (our security-as-service) across a customer’s entire cloud footprint whether it be on CloudHPT, AWS, Azure or other clouds. Lastly, these services come with dashboards that will show the customer environment’s health and security posture in real time. This service is backed by a 24x7 NOC and SOC. We also provide backplane connectivity that is monitored to all major cloud providers. The service included route optimization to the customers location.

BIOS Multi-Cloud is now the core of our managed cloud offering and provides a simplified cloud management engine. This allows us and our customers complete control to create, provision and manage all of their separate cloud services. This single pane offering provides access to all public cloud providers, as well as our own cloud platform, CloudHPT. Our public cloud provider partners include AWS, Azure and many others.

Aspects of Multi-Cloud BIOS can help with:

Multi-Cloud BIOS
Source: BIOS

BIOS Multi-Cloud controls multiple cloud providers:

Multi-Cloud BIOS
Source: BIOS

The outcomes BIOS Multi-Cloud brings

A single pane of glass for complete Visibility across clouds
BIOS Multi-Cloud offers a single view across different cloud platforms. This helps to combat cloud sprawl. In addition an audit tail of orders and their status are easy to follow.

graphic
Source: BIOS

Built in Governance with customizable work flow

The portal, which comes as a fully managed and secure multi-cloud platform, will also provide companies with the ability to self-service provision and provide costing across multiple cloud platforms. Credits can be pre-defined and workflows for approval can be custom built during onboarding. In addition custom servers that are hardened to our corporate standards can be created – tailoring a multi-cloud catalog to your companies specific needs.

Screen logos
Source: BIOS

Predefined workloads across multiple clouds are ready to be deployed in minutes, providing scale and agility to customers. We can also build custom templates for individual customers.

Eliminate Bill Shock

A centralized reporting dashboard allows you to see and control the cost associated to workloads in AWS and Azure in real-time and to see the cost of new servers before provisioning them. Limits can be set in advance requiring approval once reached. Additional reports provide even more visibility, like the storage utilization report are also available.

graphic
Source: BIOS

graphic
Source: BIOS

Multi-Cloud Managed Services

Our customers’ various cloud footprints is backed by 24x7 Monitoring and Managed Services from our NOCs in Dubai and India. At BIOS we have over 8 years’ experience in delivering Managed Services and have been running our Cloud since 2013. In addition we have over 100 engineers focused on Cloud and have built strong partnerships and experience on AWS as well as Azure.

graphic

Our ITIL compliant framework of Support.

graphic
Source: BIOS

We have built our managed cloud services around an ITIL compliant framework that includes 24x7 monitoring, daily, weekly and monthly checks as well as a 12 month schedule or works of proactive maintenance.

Source: BIOS

Dashboards showing the health of a cloud environment

graphic
Source: BIOS

Specifically, customers seeking help with the following will benefit from working with BIOS for a fixed monthly fee:

  • Service request
  • Provisioning and orchestration
  • Inventory and classification
  • Cost management and resource optimization
  • Cloud migration, backup and disaster recovery (DR)
  • Identity, security and compliance
  • Monitoring and analytics

Source: BIOS

Securing Multi-Cloud

BIOS addresses security concerns of cloud in several ways. BIOS has its own Security Operation Center and its own Security Incident and Event Management platform that it rolls out onto all cloud resources it manages. This is combined with continuous vulnerability scanning. VMs within BIOS Multi-Cloud are pre-defined and hardened. Access is via 2FA and all sessions are recorded.

"Left uncontrolled, cloud environments inevitably spin into unmanageable complexity and have unique security needs that legacy security protection solutions do not address." 4 Gartner

As a matter of fact, we monitor every connection in and out of any cloud environment we protect and compare these connections to a reputational database and match on potential bad actions. We then correlate this data on our big data platform for context and vulnerabilities, deduplicate the data, and look for suspicious activity to alert and take action on.

Below you see a customer environment with 1.6m connections, 6700 of which are suspicious, 26 of which represent a threat. These threats are then broken down to just 5 connections that need further investigation which is done via our Security Operations Center.

graphic
Source: BIOS

The benefits of cloud and multi-cloud are enormous to businesses when adopted correctly and with the correct partner. If you would like to find our more about how BIOS can help your company migrate to and benefit from cloud, please get in contact

How BIOS is helping answer the Challenges of Multi-cloud and unlocking its Benefits

In 2010, BIOS opened our Network Operations Center in Dubai. The aim was to focus on providing managed service to companies in the Middle East for their On-premise datacenters. This allowed customers to outsource the monitoring and maintenance of their storage, networking, compute, hypervisors and operating systems and focus instead on the business needs for IT innovation. We called the service BIOS Assured.

In 2013 we launched CloudHPT, an in-country cloud footprint for the UAE based in Dubai and Abu Dhabi. This answered the issues of cross region latency associated with the hyper-scale providers based in the US, Europe and Asia. CloudHPT was and is priced at half the cost of most hyper-scale providers for the commodity components and has an overlay of BIOS Assured.

“While we have built one of the largest Cloud Platforms in the Middle East, we are not focused on competing with Azure or AWS, there are use cases for all 3. Rather, we understand the market opportunity for BIOS is to complement them by combining migration, a single management platform, managed services & managed security to deliver value for our customers” Dominic Docherty MD BIOS Middle East

In 2014, we launched BIOS Secured. A combination of a SIEM and vulnerability platform we built and developed and our SOC Services aimed at allowing customers to take a Security-as-a-Service for their on premise or cloud footprint for a monthly fee backed by a SLA.

graphic
Source: BIOS

In the last few years we have provisioned, managed and secured thousands of workloads on our CloudHPT platform and as well as workloads on Azure and AWS.

2019 will be a very exciting year, with in-region services from Azure (Dubai and Abu Dhabi) and AWS (Bahrain) being available for the first time. We understand that the benefits of cloud for our customers will be most felt when they leverage a managed and secured multi-cloud offering.

If you would like to know more about how BIOS Multi-Cloud, please visit www.biosme.com/multicloud.

1. Gartner Inc., Market Insight: Making Lots of Money in the New World of Hybrid Cloud and Multicloud, 7 September 2018, G00364355
2. Gartner Inc., Forecast Overview: Managed Services and Cloud Infrastructure Services, Worldwide, 2018 Update, 27 August 2018, G00338527
3. Gartner Inc., How to Architect a Multicloud-Capable Hybrid Integration Platform, 3 May 2018, G00344836
4. Gartner Inc., Market Guide for Cloud Workload Protection Platforms, 26 March 2018, G00328483

Source: BIOS
"If there is one phenomenon that is shaking the foundation of IT services today, it is undoubtedly the adoption and growth of the cloud industry. The market size for cloud is growing exponentially and is projected to be at $317 billion industry by 2022, with a compound annual growth rate (CAGR) of 16.9% through the same period.
Organizations are increasingly moving toward digitizing their business and their business model offerings, and revenue growth is built around a cloud strategy." 1
"IT spend continues to shift to public cloud services as these services replace or complement traditional IT systems, resulting in strong growth through 2022. The use of cloud computing has reached mainstream, with most organizations (approximately 70%) now using cloud services in a meaningful way. Of the organizations using cloud services, more than 75% indicate they have a cloud-first strategy." 2