[Column] Marilyn Moodley: Cloud Security – Whose fault is it?

At least 95% of cloud security failures in the next three years will be the customer’s fault, according to Gartner. Unsurprisingly, the biggest threat to security is people. Misconfiguration mistakes escalated from 15% of exploitable errors in 2018 to more than 40% in 2021 and human error is now the third most common cause of security breaches, ahead of malware and right up there with social engineering and hacking. Complacency about cloud security is a major contributing factor, but this needs to change. Most cloud services operate under a shared responsibility model in which providers secure the infrastructure, while customers are required to lock down the software stack and applications. In other words, responsibility for patching vulnerabilities and controlling access to cloud accounts still lies with the user.

What does this mean? Organisations need to remain vigilant, ensuring that they take the necessary steps and precautions to secure their data and identities if they’re to avoid becoming an unfortunate statistic with no one to blame but themselves.

Identify, verify, control

No matter the deployment model, sufficient controls are required to govern access and usage. With such a variety of effective Identity and Access Control service providers available today, there is little excuse for businesses not to have these measures in place. Authentication and access control requires users to verify their identity, and secures their access to resources across cloud, SaaS, on-prem and APIs, while increasing speed, agility, and efficiency.

Such IAM solutions make it straightforward to provide the means for customers, employees and partners to all have secure access to the necessary resources. By using identity verification and access control services located in the cloud, the limitations and costs associated with on-premises IAM can be replaced by a more flexible, scalable solution. Cloud IAM is key to ensuring security outside of network perimeters and capabilities include authentication, access management, identity verification, consent collection, risk management and API security.

Access control to the cloud should be regulated through the creation of centralised rules and policies to streamline processes. The use of Multi-Factor Authentication (MFA) is critical to ensure the correct identification of individuals trying to access networked resources, while Privileged Access Management (PAM) tools enforce control over sensitive components and applications in the environment.  These tools form part of a larger cloud security picture that includes details such as a zero trust framework, bolstered with cybersecurity mesh, and reinforced with Secure Access Service Edge (SASE).

Zero trust: never trust, always verify

Zero trust is a framework for securing organisations in cloud and mobile spaces by insisting that no user or application be trusted by default. It enables least-privileged access, establishes trust based on context which is informed by user identity and location, endpoint security posture as well as the app or service being requested, while performing necessary policy checks at each step. A well-tuned zero trust architecture leads to simpler network infrastructure, a better user experience, and improved cyber threat defense.

SASE: borderless security

Secure access service edge (SASE) is a framework for network architecture that brings cloud native security technologies together with wide area network (WAN) capabilities to securely connect users, systems, and endpoints to applications and services anywhere. This ensures that data and traffic is secured, no matter where it travels.

Cybersecurity MESH: closing the gaps

Gartner describes cybersecurity mesh as “a flexible, composable architecture that integrates widely distributed and disparate security services”. Concerned with strengthening digital security while bringing tools closer to the assets they’re designed to defend, a cybersecurity mesh architecture (CSMA) encourages organisations to deploy solutions that fit their specific needs by working within their integrated ecosystems. This enables businesses to share cybersecurity intelligence, automate and coordinate responses to threats, and simplify their security operations. CSMA offers a distributed identity fabric that helps establish trusted access across all applications, customers, partners, and workforces.

Achieving visibility and developing security skill sets

Visibility in cloud security means eliminating blind spots that can result in overspending, performance inefficiencies and security complications. This is done through service-centric or role-centric tools, rather than host-centric tools to manage networks. If it is not possible to hire the necessary competencies, organisations will have to develop them. Many vendors offer online resources to help technologists learn the skills they need to become cloud security engineers. In addition to an increase in the need to cultivate the necessary skills, there will be an increase in demand for technologists that have the DevOps skills necessary to align business workloads with the cloud.  Upskilling will also be critical to bridging the skills gap which includes training business teams on how to use cloud tools.

Owning security responsibility

Accordingly, it’s important for businesses to remember that even when they’re purchasing infrastructure, software or functionality as a service, they’re not outsourcing total responsibility for security. This will continue to be a shared responsibility, because it is unlikely that service providers would willingly take on the possibility of being liable for human action or error beyond their control. As such, organisations will need to prioritise the acquisition of or the development of necessary security-minded skills in order to protect their digital assets from cyber harm.

Marilyn Moodley is the South African Country Leader for SoftwareONE.

How the biggest international cloud trends impact Africa

The latter half of 2022 was characterised by significant instabilities in the tech industry. E-retailer and cloud giant Amazon announced that it would cut tens of thousands of jobs, social media behemoths Twitter and Meta laid off significant percentages of their workforce, and even Microsoft saw its slowest revenue growth in five years.

“There’s chaos in the industry internationally,” says Andrew Cruise, Managing Director of Routed, a local cloud platform provider and VMware specialist. “The war in Ukraine has kicked off a period of great uncertainty that’s affected global inflation, exchange rates, and general risk appetite. This follows the boom during the early months of the pandemic, when the tech industry saw such growth that many companies made significant investments in new assets, infrastructure, and expertise. Now that growth has slowed, they’re faced with two options: sit tight and wait it out, or shrink. 

When it comes to cloud, specifically, the euphoria around hyperscale cloud (from providers like Amazon, Azure, and more) has also waned, adds Benjamin Coetzer, Director at Routed. “Firstly, enterprises are realising that hyperscale cloud is better suited to development and not everyday business. Secondly, they’re starting to scrutinise their mounting bills, which have grown significantly as their cloud needs have become more complicated and sprawled.” 

Interestingly, things look a bit different in Africa. Hyperscalers like Azure and AWS only started arriving in South Africa in recent years, while Google, Alibaba and BCX just announced their arrival. “It surprised me to see how many hyperscalers decided to set up shop in South Africa almost overnight, as well as how many datacentre companies and IT players have started investing in Africa as a whole,” adds Coetzer.

However, the current economic climate and insufficient infrastructure across the continent warrant some caution: “There is big demand in South Africa, there is big money in South Africa, and there is good infrastructure in South Africa. But when it comes to cloud, I always say the one non-negotiable precondition to move into enterprise cloud (or for enterprise applications to move into the cloud) is fast, reliable, cheap internet. Only fibre sufficiently provides that, and only in South Africa. In Botswana, Mozambique, Zambia, Kenya and Nigeria fibre penetration is low and it is still extremely expensive at low speeds. No-one else in sub-Saharan Africa has got the precondition for enterprise cloud to be successful. And yet, we’re still seeing demand from people. And I think the demand is misplaced for the moment,” says Cruise.

Worryingly, some hyperscale resellers aren’t giving potential clients the full story – or perhaps they aren’t aware of the conditions on the ground. “They’re delivering the same message in Africa as in the rest of the world, not understanding that Africa can’t deliver on that until local infrastructure improves. South Africa is five years behind the West, and some other countries in Africa are five, if not ten, years behind South Africa. Sure, you can eventually back up your data with an internet connection speed of five megabits per second – but what happens when you need to recover it?”

And then there are the costs to consider. “I think people are going to be surprised by the price increases from AWS, Azure, Google and the like over the next year. Experts in the West are predicting major increases – and that doesn’t even factor in the weak rand.”

Coetzer adds: “Those who don’t need the bells and whistles that developers use and opt for an enterprise cloud will now start seeing significantly more value for their money as that gap increases. Routed’s pricing, for example, has come down in the six years since the company started, while hyperscalers’ prices have kept climbing.

Cruise concludes “I’m hoping that allows people to make better decisions going forward. Many think that IT and cloud is exciting and cutting edge, but what most people really want from the cloud, really need, is for it to be boring. It has to work, all the time, no surprises. And that’s what enterprise cloud does really well. This coming year will bring more of the same, and there isn’t a problem with that.”

www.routed.co.za

[Column] Andrew Cruise: How to create a cloud migration strategy for your business

The benefits of cloud are clear: increased agility and efficiency, longer-term hardware efficacy, and greater security are just some of the perks.

Why, then, has everyone not yet moved their operations to cloud? “Eliminating traditional infrastructure is a major undertaking,” says Andrew Cruise, MD of VMware Cloud provider Routed. “And with all the cloud options available today, decision-making has become more complex.”

With all the noise out there, it’s important to put a solid cloud migration strategy in place. Here’s how to cut through the fog and get on the cloud:

1. Outline your environment

There are, in broad terms, two types of cloud environments: those for development, and those for enterprise. “Marketing has blended the two use cases and confused users,” says Cruise. “Devops is exciting, amazing, cutting-edge. The business usage, less so, because it involves migrating physical workloads to the cloud. Don’t confuse need-to-have with nice-to-have and spend money on something that seems very attractive, but that you won’t really need or use.”

2. Do an audit of your operations

Cloud doesn’t necessarily replace all previous options but is an add-on in the hybrid world of today. Do an audit of your company’s operations and decide what needs to be moved to the cloud, says Cruise. “Some operations might not be suited to cloud for compliance reasons, for example. The decision to move certain operations to cloud depends on your desired outcome. You need to factor in your company’s unique variables for each operation, like cost, complexity, and compliance.”

Then, decide what needs to move to which type of cloud. “Different apps and operations belong in different places,” explains Cruise. “It’s unlikely that every cloud provider is fit-for-purpose for every app, and you need to choose the right environment for the right app. Picking a single platform because you want to keep things simple can mean suffering performance or commercial problems down the line. It introduces complexity to your final solution, yes, but each set of workloads will be in an ideal place.”

3. Start small

This is particularly important for SMEs, says Cruise. “If you move too much to cloud too quickly, it can lead to failed migrations and operational paralysis. Break your operations down into bite-sized pieces and move them one at a time.”

What you decide to move first depends on your needs. “Some migrations, like email or backups, are relatively simple and low risk. This might make sense for some companies. “For others, moving to virtual machines is the smarter choice. VMware Cloud operators, like Routed, are running the same VMware that you’re running on-premises – the same enterprise-grade storage and servers. You get the immediate benefits of performance, reliability, scalability, and flexibility while only paying monthly usage.”

4. Find the right management tools

When it comes to managing all these separate clouds once you’ve migrated, you won’t be able to achieve everything you want to with one management product, says Cruise. “Rather look for specialist management tools. If cost management is your priority or challenge, look for tools that manage costs across a range of cloud platforms. If you want to visualise your usage across multiple clouds, look for a product that gives you that kind of UI. A single management platform that does all the above, and does it well, does not exist. Choose specialist interfaces that do the job properly.”

Andrew Cruise is the managing director at Routed.

Reimagining the IT infrastructure of the cloud operating model, IDC

Research by International Data Corporation (IDC) has revealed that 49% of CIOs across the Middle East, Turkey and Africa (MEA) believe that the cloud has the potential to play a significant role in driving innovation, creating new digital products, transforming business models and refining revenue streams and this will influence their spend over the next 12-18 months. Speaking at the recent IDC Cloud and Datacentre Roadshow, Jon Tullett, research manager for IT services for IDC Sub-Saharan Africa said there  are two primary reasons why companies should be paying attention to cloud and making it a strategic priority in the current environment.

“First, making the best use of infrastructure is always going to be a strategic priority for the CIO and, in many cases, the cloud is the best infrastructure choice,” says Tullett. “Secondly, cloud services and business requirements evolve very quickly so there needs to be a constant process of re-evaluating the services that are in use and assessing whether or not they should be refreshed or migrated elsewhere.”

That said, if cloud is to be a strategic priority, it equally needs to be given the right resources to ensure that it operates optimally. IT teams need to take a holistic look at their cloud operating models so that they are assured that the spending and implementation meet business value expectations and enable the business across the essential pillars of speed, flexibility, cost and reliability. To ensure these efficiencies and optimisation strategies, several common elements need to be addressed.

“A consistent security policy along with common management and central reporting are three areas where the cost of getting it wrong is immediate and appears as additional overheads and reduced agility,” says Tullett. “If you dig deeper, this leads to discussions around API management and integration strategies that, for many CIOs, are easy investments in the future. They don’t add much cost today, but payout handsomely as company use cases expand.”

Cloud deployments can fundamentally help the organisation improve its operational efficiencies over the long term, particularly those that have not yet fully optimised their technology environments.  This has already been seen in the measurable returns on investment and productivity found by companies already moving down the digital transformation road – they have realised benefits such as faster time to market, simplified innovation, easier scalability, and reduced risk. If a company can get its strategy and operating models in alignment then it will see improvements in these baseline metrics and overall operational capability.

“If an organisation is experiencing worse operational inefficiency after deploying into the cloud, then the cloud has been implemented incorrectly,” says Tullett. “As blunt as that may be, it’s the reality and asks that the organisation relook its strategy and approaches to turn this around. It’s not always obvious where the business is experiencing operational inefficiencies, however, so it is worth using the built-in telemetry in cloud platforms to assess performance.”

Use the tools and the third-party services that allow for the business to measure its efficiency. This will allow for it to measure and improve efficiencies as part of cloud key performance indicators rather than as guesswork and estimations. Also, do not stop assessing at the implementation phase when moving the software into the cloud because the real benefits only show themselves once the organisation actively leverages the advantages of cloud. These are, of course, agility, speed of deployment, inter-service integration, faster iteration, and consumption pricing.

“If you cannot express your cloud spend in these terms – across these benefits – then you may get stuck on first base,” says Tullett. “Then, once you have established these as your foundation, take these cloud advantages and overlay them over your entire IT infrastructure. You can get most, if not all, of these benefits with other technologies as well. Cloud is not the only option, it is a change in how you articulate business value and how the business aligns with IT.”

In the end, whether cloud, operations, implementation or transformation drive the business journey, every part of an organisation’s infrastructure needs to be held to high standards that prioritise strategic imperatives and align with mission-critical business objectives.

www.idc.com

[Kenya] Zalego Academy Joins the Amazon Web Services Training Partner Program

Zalego Academy, a subsidiary of StepWise Inc. that focuses on ICT training and enhancing the employability of youth and people from underserved communities has joined the Amazon Web Service Training partner program. 

Zalego Academy will now work with AWS to deliver training and certification for cloud skills to learners in Kenya and will concentrate on social impact initiatives. This training will not only enable cloud fluency for unemployed youth and graduates to leverage the power of cloud but will also create a new pathway of economic opportunity for young people to partake in cloud computing jobs. 

This Training Partner Program is designed for organizations like Zalego Academy, that meet or exceed rigorous criteria for delivering and or offering high-quality technical training.  

“Organizations need individuals with cloud skills to help transform their business, and there is a growing demand for IT professionals with cloud skills. AWS Training and Certification, along with our Training Partners like Zalego Academy, aims to equip the builders of today and tomorrow with the knowledge they need to leverage the power of cloud. AWS Training, designed by experts, teaches in-demand cloud skills and best practices, helping learners prepare for AWS Certification exams so they can advance their careers and transform their organizations,” said Maureen Lonergan Vice President, AWS Training and Certification.

“We strongly believe that with the support of AWS, Zalego Academy can build innovative programs that have a lasting impact, particularly to the underserved and underrepresented in Africa,” said Chris Harrison, CEO StepWise.  “Delivering AWS Training and Certification is perfectly aligned with StepWise’s purpose of preparing an inclusive talent pipeline and creating sustainable employment for a technology-driven world.”

As a Training Partner, Zalego Academy plans to deliver authorized AWS Training and work with partner organizations to develop future-focused strategies, to enhance the employability of youth and people from underserved communities. It will also deliver trainings intentionally built for non-traditional learners of all abilities to engage in, (i.e., in-person, sign language interpreters, video captioning and wheelchair accessible space).

The training is developed and maintained by cloud experts, ensuring the content reflects current best practices. AWS Classroom Training gives learners the opportunity to engage live and get questions answered by an expert instructor. Many courses also include hands-on labs, allowing learners to practice real-world scenarios in a sandbox environment. Training also helps prepare learners for the cloud service provider’s certification exams, which validate technical skills and expertise with an industry-recognized credential.

“AWS Courses will not only enable the underserved communities in tech to acquire the skills needed to earn a living-wage job upon graduation, but will also enable them to break the cycle of poverty for themselves and their families,” said Peres Were-Ogaga, Executive Director, StepWise Foundation.

StepWise is focused particularly on enhancing economic inclusion in Africa through the creation of digital jobs for people from disadvantaged communities, women, the chronically unemployed, and individuals with disabilities. Through the Foundation’s Scholarship Program, Zalego Academy provides individuals with disabilities and underserved youth in East Africa, with career-ready technology skills through programs that are aligned with the current and future job market. These demands are driven by advancements in technology.

[Africa Cloud Review] Simon Ngunjiri: Africa needs more cloud skills

Africa needs more cloud computing skills. IT professionals in the region need to gain skills in cloud and data architecture due to the rapidly increasing number of organizations subscribing to integrated cloud services in recent years.

This has especially been accelerated by the pandemic. In fact, analysts predict more and more businesses will be moving to cloud as businesses and their employees worldwide continue to face tremendous challenges in maintaining business continuity. 

A recent Veeam Data Protection Report 2021 report also found that 96% of organizations around the world are accelerating cloud usage.

In May this year, Amazon Web Services (AWS) announced that it will be bringing its re/Start cloud skills training program to Kenya and South Africa this month as part of its rapid expansion plans this year.  AWS re/Start is a free, full-time, 12-week program designed to support people who are unemployed or underemployed, and who have little technology experience, for careers in cloud computing. The program provides participants with new cloud computing skills, career, and resume coaching, and interviews with local employers. Last week the programme kicked off in South Africa in collaboration with Nedbank. 

With this programme, Nedbank is working with AWS re/Start to help learners gain job-specific skills, connect them with employers, and support them as they embark on cloud careers.

Cloud is an exciting industry to be in, with lots of areas of specialization, and more jobs being created each year.  IT News Africa journalist Luis Monzon notes that many companies in countries like South Africa are mature from an information technology (IT) perspective

‘’..but because the hunt for skills is so competitive, with far fewer available skills than there is demand for, often these companies just cannot find the people to build the complex infrastructures they need to take full advantage of cloud computing.’’  Developing such skills, especially for young people, presents an immense potential for the continent’s economic growth. 

In May this year, Google also announced it will be offering Android and cloud development scholarships to developers across  Africa. The tech giant said the new scholarships will be offered to beginner and intermediate developers residents in Africa. A total of 40,000 scholarships will be offered to developers spread across Mobile and Cloud development tracks and, at the end of the training, the top 1,000 students will earn a full scholarship to certify in Android or Cloud development.

This was a huge move considering that African businesses are discovering that platforms like Google Cloud are allowing agility and innovation faster and more affordably. Moving to Google Cloud can revolutionize a business in under a month. 

Bottom line, as we have mentioned in our previous Africa Cloud Review article, cloud is accelerating digital change across different industries and transforming the continent’s productive capacity. Investing in cloud skills should there be a top priority.

Simon Ngunjiri Muraya is Google Cloud Architect at Incentro Africa.

[Nigeria] Actis acquires majority stake in Rack Centre, announces plans to build a $250 million African data centre platform

Leading investor of private capital into global emerging markets, Actis has acquired a majority stake in Nigeria’s leading, independent, co-location business, Rack Centre. 

Rack Centre owns and operates a certified Tier III data centre in Lagos. It has the largest installed capacity in West Africa hosting over 80 international, regional and local clients. With over 35 carriers connecting to the facility, as well as hosting Nigeria’s internet exchange, Rack Centre is the most connected facility in the region and links every country on Africa’s Atlantic coast.

The investment into Rack Centre will fund a rapid expansion of the data centre, doubling the existing modular capacity and developing a traditional-build scale data centre on the same premises. This will create the largest data centre outside South Africa with hosting capacity in excess of 10MW over the near term.

Actis is already one of the largest real estate and power generation investors in Africa. The firm has also created a Chinese data centre platform, Chayora Holdings, to develop hyperscale data centre facilities in Tianjin and is exploring other Asian markets.

 “We have been tracking the data centre market in Africa closely, building relationships with key operators and customers. Africa is at an inflection point and we expect to see an explosion in growth of demand for hosting capacity in independently owned data centres across the continent.” David Morley, Head of Real Estate at Actis, said:

“We are excited about this new partnership with Rack Centre and its promoter Jagal Investments.  Together they have built a strong business of international repute, hosting a compelling mix of customers ranging from leading Nigerian corporates to global cloud majors.” he added. 

Ayotunde Coker, Managing Director of Rack Centre said “It has been a great honour to lead the growth of Rack Centre to become one of the most respected carrier neutral data centre brands in West Africa. Rack Centre is now at a key juncture and my team and I are excited with being part of the future growth. With over 750kW of installed capacity, it is now doubling capacity to 1.5MW of IT power at the currently location on a trajectory to 10MW”

 “Jagal is excited with its new partnership with Actis. Rack Centre has developed into a leading and respected African brand and it is now at a critical stage for investment and growth. Actis understands global and emerging markets and will be a fantastic partner for the next phase of the Rack Centre journey” Maher Jarmakani, CEO of Jagal added. 

Actis is the largest private equity GP in Africa having committed US$4.5bn to the region over the last 15 years.

Actis has also announced plans to establish a US$250 million pan-African data centre platform. The buy and build platform according to the company will comprise of independently owned, carrier neutral, data centres across key African markets.

www.act.is

www.rack-centre.com

[Kenya] Safaricom to accelerate cloud adoption in with Amazon Web Services

Safaricom has announced a strategic agreement with Amazon Web Services (AWS), which will see the Telco become a reseller of AWS services.

Safaricom has announced a strategic agreement with Amazon Web Services (AWS), which will see the Telco become a reseller of AWS services.

The agreement is designed to accelerate Safaricom’s internal IT transformation, lower costs and provide it with a blueprint and skilled resources to assist customers with their journey to the cloud.

“We chose to partner with AWS because it offers customers the broadest and deepest cloud platform, overall commitment to security excellence, and a strong culture of customer obsession. This agreement will allow us to accelerate our efforts to enable digital transformation in Kenya,” said Michael Joseph, Chief Executive Officer, Safaricom.

In addition, Safaricom will be able to offer AWS services to East-African customers, allowing businesses of all sizes to quickly get started on AWS cloud and accelerate innovation.

Safaricom also announced the attainment of Advanced Consulting Partner status in the AWS Partner Network (APN), becoming one of the first APN members in East Africa. The APN is the global partner program for technology and consulting businesses who leverage AWS to build solutions and services for customers.

The APN helps companies build, market, and sell their AWS offerings by providing valuable business, technical, and marketing support. This achievement recognizes the skills, knowledge and experience in AWS cloud services that the Safaricom PLC team has gained.

Safaricom’s announcement to work with AWS has been met with interest by customers, with enterprises, startups, and government agencies expressing a desire to use the partnership to build their cloud strategy.

www.safaricom.co.ke

[South Africa] Cloud market moving from supply-driven to demand-driven, says Routed

Vendor neutral cloud infrastructure provider, Routed, says that four years ago the development of the local cloud landscape was still in its infancy. Managing Director, Andrew Cruise, says that in the time since launching Routed, cloud demand has increased: “The market is moving from supply-driven to demand-driven. While the enterprise sector has taken time to embrace the cloud-concept, we have noted an increase in demand from these organisations.”

He says that the enterprise sector has moved into the driving seat, demanding cloud solutions. This about-turn was predicted according to Cruise: “We knew that the industry needed time to mature and better understand what digitilisation would mean to the success and longevity of their businesses. Where four years ago, owned equipment (either on-premise or collocated) was the outright preference as opposed to public or private cloud, we are now seeing a shift.”

While this shift may imply significant movement, Cruise cautions that cloud growth locally remains small. In particular, private cloud uptake is low and in fact, he says it has never really taken off: “The issue with private cloud is that the definitions tend to vary, which makes it difficult to understand or obtain a firm view of the uptake. Bear in mind that having dedicated equipment that is virtualised does not mean that it is a private cloud.

“When considering public cloud, the local sector seems to have a mixed bag of hosting implementations, but very few that are comparable to a true cloud experience, similar to that provided by the hyperscalers.”

Cloud platform providers have launched some compelling products that will assist in the migration to, and provide easy management of applications in, a legitimate public cloud, but still offer it in a secure and private way: VMWare’s vCloud Director is the standout example.

Lack of cloud skills remains another issue the industry has to address. Cruise says that the channel needs to address their ability to implement bona fide cloud strategies: “It is very important to ensure that you select the correct cloud partner. They need to focus on cloud as their primary business and have the skills to architect, deploy, secure, manage and support cloud infrastructure.”

www.routed.co.za

[Column] Andrew Cruise: Mastering the complexity of multicloud in 2020

As enterprises’ demands look set to continue maturing in 2020, they are better able to distinguish between cloud platforms and identify which ones work best for their applications. “It’s no longer about moving to cloud, it’s about which cloud,” says Andrew Cruise, managing director at Routed, Africa’s only vendor neutral cloud infrastructure provider.

“Now that market penetration of cloud, particularly internationally, has hit a critical mass, we see enterprises are much more confident about moving workloads than before when it appeared they would be on the bleeding edge. While there are still some concerns around uptime, performance and security, these are largely being addressed without any need to reinvent the wheel,” he says.

Multicloud is already broadly being achieved through SaaS applications like Salesforce.com and Office365, through utilising an enterprise’s own on-premise infrastructure, and via several other cloud platforms. “True multicloud however, involves IaaS from multiple providers across native hyperscale IaaS (or PaaS) as well as private cloud, both hosted and on-premise.” In order to successfully implement multicloud, Cruise notes that an enterprise would need to replace parts of their overall infrastructure estate, either by re-hosting workloads (lift and shift) into a hosted private cloud, or re-architecting applications in a cloud-native way to suit native hyperscale clouds. Secure connectivity, either through VPN, SD-WAN or private circuit, is also must.

He adds that because the biggest benefit of multicloud is the way in which it lends itself to a best of breed approach. “Not one single cloud can ever be the silver bullet to solve all an enterprise’s problems. Cloud only, hybrid cloud, or on-premise only solutions are already legacy and too restrictive. Utilising a hosted private cloud for traditional applications as an initial ‘lift-and-shift’ can make it easier to digitally transform by alleviating pressures on on-premise resources and allow them time to properly re-architect suitable applications in the native hyperscale cloud.”

While the benefits of multicloud are impossible to overlook, enterprises need to think carefully about the best strategies for managing the complexity of multicloud environments. It is not possible to manage multicloud effectively on-demand, manually, without automation, says Cruise. Similarly, human expertise will always be required.  Any kind of one-size-fits-all thinking is bound to fail. Further, workload migration between on-premise and cloud and between cloud and cloud is non-trivial and the difficulties should not be underestimated. Unless one standardises on a single platform across multiple clouds, for example, VMware ESXi (which is available on local VMware cloud providers and on all the major hyperscalers too), the ideal of frictionless migration between clouds is a pipedream,” he says.

Andrew Cruise is the managing director at Routed.