The Ultimate Guide to Multi-Cloud
Almost all businesses we see in the Middle East are using some elements of public cloud and have developed a hybrid cloud strategy. For instance, they may still keep a lot of their production servers on-premise if they are less than 3 years old, but they might leverage the cloud in a number of ways. These may range from Disaster Recovery as a Service to simple email hosting. Companies will usually provision new servers on the cloud rather than buying hardware. In this sense they are already following a Hybrid cloud model.
The emergence of a Cloud-First approach
Companies are increasingly choosing a cloud-first approach. Cloud-first is the preference to put new application on the cloud rather then on premise.
This is because using the cloud is inevitably cheaper than hosting applications on-premise. Reasons for this include the operational cost of running on-premise IT infrastructure, plus the costs of hardware renewal, warranties and software.
More and more businesses are also recognizing that cloud is more secure. Cloud providers invest heavily in infrastructure security, so cloud users are only responsible for securing their own data. The other advantages of cloud vs on premise such as agility and speed of deployment and uptime have been accepted for some time. Corporate technology teams are focused on deriving competitive advantages from developing IP and on cost reductions by leveraging cloud. In other words, they aren’t concerned about managing a IT platform for the sake of it. These elements have led to a 200%+ yoy growth of our managed Cloud services for the past 3 years.
A cloud-first approach takes many technological dilemmas and distills them into one: which cloud to choose? Different cloud providers might have different features that customers need for various workloads, for instance:
- Many companies use office 365, so perhaps migrating to Azure it the right answer?
- The costs of hyper-scale providers can be prohibitively high for standard production workloads that must run 24x7. Local regional providers like our own CloudHPT have a significant cost savings advantage for customers.
- Many developers prefer to develop applications on AWS, and media companies want to take advantage of the AWS Content Distribution Network.
- Companies looking to do deep data analytics and AI may want to leverage Google cloud
- Heavy users of Oracle may want to run workloads on Oracle cloud.
Fortunately, companies don’t have to choose just one cloud. The obvious answer is for companies to take the best features and services from each provider at the best price, this approach is called Multi-Cloud.
Businesses increasingly choose a multi-cloud strategy, taking the best products for the best price of each and avoiding vendor lock-in from any one provider.
An example of Multi-Cloud: A customer chooses our in-country managed cloud, CloudHPT, for hosting production workloads. They then use Azure to host Office 365 and AWS for their websites. In this way they get the advantages of cheaper managed IaaS from CloudHPT, the world’s best email platform from Azure, and the Content Delivery Network for webhosting from AWS.
Other examples include: Hosting production workloads on a managed and more affordable platform like CloudHPT, but hosting databases on Azure that can capitalize on power BI analytics or Azures’ AI platform. Multi-cloud can also be used for single applications like a webfront end on one cloud and a database server on another.
Reasons to Adopt a Multi-Cloud Strategy
Breadth of capabilities: No single cloud provider offers a comprehensive set of services. Because cloud providers are differentiated and have strengths, weaknesses and unique capabilities, adopting a multi-cloud strategy allows access to best-of-breed features.
Innovation: Cloud providers sometimes leapfrog each other in terms of capabilities. For customers for whom immediate access to the newest innovations is of critical importance, a multi-cloud strategy allows them to quickly take advantage of new capabilities as soon as they are introduced into the market.
Avoid vendor lock in: Some customers believe that placing most of their applications in a single cloud provider creates the risk that a service change could have widespread impact on their overall application portfolio. Some customers are also concerned about the potential for massive outages. For instance, in 2012 and 2014, there were Microsoft Azure outages that impacted nearly all Azure regions worldwide and in 2016 AWS was inaccessible for 12 hours in the East cost of the US.
Cost Savings: Hyper-scale providers come with advanced features but at a higher cost than regional providers (who offer services up to 50% cheaper). Meanwhile, the majority of workloads don’t require these expensive extras. Combining a local provider with a global provider can equate to significant cost savings. Sometimes hyper-scale providers try and overcome this by advising clients to power off applications and servers after working hours but since most businesses are now 24x7x365, this advice is hard to follow.
The challenges of Multi-Cloud
There are multiple challenges associated with the multi-cloud model. These challenges must be answered if a multi-cloud strategy is truly going to deliver the maximum benefit to the business. Therefore, proper planning is key. In addition to selecting the right providers and understanding the cost and platform potential, there are also issues of security and governance. In a borderless multicloud environment, security and governance have to be your priority and not just an after-thought.
Another big challenge is that of complexity. Moving to the cloud does not magically remove complexity, in our experience. If appropriate steps are not taken, a cloud migration can increase complexity by orders of magnitude.
- How are decisions made about what to use and what not to use?
- How do you ensure that the cost is appropriate to the workload and kept under control?
- How do you secure multiple cloud instances with a common approach?
- How do you manage multiple clouds centrally?
- How do you manage multi-cloud connectivity?
- Do you apply the same processes and procedures to each different cloud provider?
- How can you ensure that the approach to audit and compliance is the same across all your providers?
A composite multi-cloud architecture must have solutions for the following challenges:
- Lack of visibility can lead to cloud sprawl. If a company doesn’t know what cloud services it is using, how can it manage and monitor them?
- Governance across multiple clouds can be a challenge. This can range from how admins login to the various clouds, how they interact with third parties, what type of workloads are deployed on different clouds, and how a consistent configuration can be applied across multiple clouds (hardening for instance).
- Unpredictable billing, or ‘Bill shock’ occurs when a company is expecting one cost for cloud usage and receives a bill many times greater. Without effective controls across multiple cloud platforms, it is easy for over-provisioning to occur. This negates many cloud advantages.
- Management needs special consideration because each cloud provider comes with their own set of management and monitoring tools. Companies may also be using different tools for onpremise infrastructure. With so many different approaches, keeping environments operating within desired parameters can be challenging. The idea that cloud environments don’t need central management is naïve at best and dangerous at worst.
- Security is perhaps one of the most important considerations. As applications and data migrate outside a company’s firewalls they become more vulnerable than ever if not properly secured. Cloud is insecure by default. It must be secured. Multi-Cloud is even less secure by default. The correct approach is one that is agnostic to the environment and secures and monitors multiple environments and reports on threats wherever a company's digital assets are in a centralized manner.
Introduction to BIOS Multi-Cloud
Multi-Cloud has many advantages, however, there are challenges that must be addressed in order for a Multi-Cloud strategy to be successful. We have developed a Multi-Cloud approach for our customers to ensure challenges are met and benefits are maximized.
The BIOS Multi-Cloud approach consists of tools, processes and services that combine to provide a comprehensive approach to Multi-Cloud to maximize Its benefits. At the core our approach is BIOS Multi- Cloud, a single pane of glass that allows us and our customers to see, provision and manage multiple cloud environments. It includes BIOS Assured (our managed Service) and BIOS Secured (our security-as-service) across a customer’s entire cloud footprint whether it be on CloudHPT, AWS, Azure or other clouds. Lastly, these services come with dashboards that will show the customer environment’s health and security posture in real time. This service is backed by a 24x7 NOC and SOC. We also provide backplane connectivity that is monitored to all major cloud providers. The service included route optimization to the customers location.
BIOS Multi-Cloud is now the core of our managed cloud offering and provides a simplified cloud management engine. This allows us and our customers complete control to create, provision and manage all of their separate cloud services. This single pane offering provides access to all public cloud providers, as well as our own cloud platform, CloudHPT. Our public cloud provider partners include AWS, Azure and many others.
Aspects of Multi-Cloud BIOS can help with:
BIOS Multi-Cloud controls multiple cloud providers:
The outcomes BIOS Multi-Cloud brings
A single pane of glass for complete Visibility across clouds
BIOS Multi-Cloud offers a single view across different cloud platforms. This helps to combat cloud sprawl. In addition an audit tail of orders and their status are easy to follow.
Built in Governance with customizable work flow
The portal, which comes as a fully managed and secure multi-cloud platform, will also provide companies with the ability to self-service provision and provide costing across multiple cloud platforms. Credits can be pre-defined and workflows for approval can be custom built during onboarding. In addition custom servers that are hardened to our corporate standards can be created tailoring a multi-cloud catalog to your companies specific needs.
Predefined workloads across multiple clouds are ready to be deployed in minutes, providing scale and agility to customers. We can also build custom templates for individual customers.
Eliminate Bill Shock
A centralized reporting dashboard allows you to see and control the cost associated to workloads in AWS and Azure in real-time and to see the cost of new servers before provisioning them. Limits can be set in advance requiring approval once reached. Additional reports provide even more visibility, like the storage utilization report are also available.
Multi-Cloud Managed Services
Our customers’ various cloud footprints is backed by 24x7 Monitoring and Managed Services from our NOCs in Dubai and India. At BIOS we have over 8 years’ experience in delivering Managed Services and have been running our Cloud since 2013. In addition we have over 100 engineers focused on Cloud and have built strong partnerships and experience on AWS as well as Azure.
Our ITIL compliant framework of Support.
We have built our managed cloud services around an ITIL compliant framework that includes 24x7 monitoring, daily, weekly and monthly checks as well as a 12 month schedule or works of proactive maintenance.
Dashboards showing the health of a cloud environment
Specifically, customers seeking help with the following will benefit from working with BIOS for a fixed monthly fee:
- Service request
- Provisioning and orchestration
- Inventory and classification
- Cost management and resource optimization
- Cloud migration, backup and disaster recovery (DR)
- Identity, security and compliance
- Monitoring and analytics
BIOS addresses security concerns of cloud in several ways. BIOS has its own Security Operation Center and its own Security Incident and Event Management platform that it rolls out onto all cloud resources it manages. This is combined with continuous vulnerability scanning. VMs within BIOS Multi-Cloud are pre-defined and hardened. Access is via 2FA and all sessions are recorded.
As a matter of fact, we monitor every connection in and out of any cloud environment we protect and compare these connections to a reputational database and match on potential bad actions. We then correlate this data on our big data platform for context and vulnerabilities, deduplicate the data, and look for suspicious activity to alert and take action on.
Below you see a customer environment with 1.6m connections, 6700 of which are suspicious, 26 of which represent a threat. These threats are then broken down to just 5 connections that need further investigation which is done via our Security Operations Center.
The benefits of cloud and multi-cloud are enormous to businesses when adopted correctly and with the correct partner. If you would like to find our more about how BIOS can help your company migrate to and benefit from cloud, please get in contact
How BIOS is helping answer the Challenges of Multi-cloud and unlocking its Benefits
In 2010, BIOS opened our Network Operations Center in Dubai. The aim was to focus on providing managed service to companies in the Middle East for their On-premise datacenters. This allowed customers to outsource the monitoring and maintenance of their storage, networking, compute, hypervisors and operating systems and focus instead on the business needs for IT innovation. We called the service BIOS Assured.
In 2013 we launched CloudHPT, an in-country cloud footprint for the UAE based in Dubai and Abu Dhabi. This answered the issues of cross region latency associated with the hyper-scale providers based in the US, Europe and Asia. CloudHPT was and is priced at half the cost of most hyper-scale providers for the commodity components and has an overlay of BIOS Assured.
In 2014, we launched BIOS Secured. A combination of a SIEM and vulnerability platform we built and developed and our SOC Services aimed at allowing customers to take a Security-as-a-Service for their on premise or cloud footprint for a monthly fee backed by a SLA.
In the last few years we have provisioned, managed and secured thousands of workloads on our CloudHPT platform and as well as workloads on Azure and AWS.
2019 will be a very exciting year, with in-region services from Azure (Dubai and Abu Dhabi) and AWS (Bahrain) being available for the first time. We understand that the benefits of cloud for our customers will be most felt when they leverage a managed and secured multi-cloud offering.
If you would like to know more about how BIOS Multi-Cloud, please visit www.biosme.com/multicloud.
1. Gartner Inc., Market Insight: Making Lots of Money in the New World of Hybrid Cloud and Multicloud, 7 September 2018, G00364355
2. Gartner Inc., Forecast Overview: Managed Services and Cloud Infrastructure Services, Worldwide, 2018 Update, 27 August 2018, G00338527
3. Gartner Inc., How to Architect a Multicloud-Capable Hybrid Integration Platform, 3 May 2018, G00344836
4. Gartner Inc., Market Guide for Cloud Workload Protection Platforms, 26 March 2018, G00328483