Why multi-cloud can be more secure—and make more possible

Moving to the cloud can make your business more agile, flexible, and scalable—or it’s supposed to, anyway. Over time, though, many organizations are discovering that the choices you make as you implement your cloud strategy can actually limit your options. That’s especially true when it comes to security. If you’re not careful, it’s all too easy to end up with a cloud environment where security concerns force you to say no more often than yes.

Often, organizations moving to the cloud make it a guiding principle to choose only one platform. By going all-in with a single vendor and platform, you can simplify decision-making and vendor management while saving both time and money with a tidy, well-integrated set of tools and services. So far, so good. But as any IT veteran knows, a simple, elegant vision can have a short lifespan in our dynamic and messy real world.

Maybe your core development team is highly disciplined in building and migrating apps only to your designated cloud platform of choice—but what about the business you just acquired with valuable apps already up and running in another vendor’s cloud? Or the business unit with specialized requirements better suited to a different platform? Or the autonomous team that’s made a different determination of the best available option? This isn’t just a matter of an exception or two; at enterprise scale, it can happen every day. In the real world, it’s highly likely that you’ll end up being multi-cloud whether you intended to or not.

And you’re not alone. According to Gartner, “a multi-cloud strategy will become the common strategy for 70 percent of enterprises by 2019, up from less than 10 percent in 2017.”

Whether by design or not, multi-cloud is quickly becoming the norm.

When a single platform leads to numerous headaches
So, what happens when your single-vendor vision gets splintered? That one toolset you were planning to use across your entire cloud environment suddenly falls far short of full coverage. If you’re on AWS, you’ll need another tool to manage your non-AWS cloud resources. If you’re on Azure, same thing. As your cloud management toolbox gets more cluttered with duplicative vendor-specific services, you start to dread the introduction of additional platforms, and start saying no every chance you get. So much for that cloud flexibility you’d hoped to achieve; ironically, your cloud strategy has fallen victim to a version of vendor lock-in.

The cost of this scenario goes far beyond inefficiency and bloat. Consider the security implications of incomplete or inconsistent tool coverage. Security teams at every organization already struggle to keep pace with rapidly evolving threats, ever-changing regulatory requirements, and the demands of DevOps. They barely have time to configure a single cloud service—much less tweak settings across multiple cloud platform tools while trying to maintain consistency. And that’s not to mention the ongoing security needs of applications and services still in your data centers. In a world where security is already running behind, re-tasking people to cover the overhead of a unique tool for every platform is a luxury no organization can afford.

From blocker to enabler
Trying to maintain a single-vendor cloud strategy isn’t just unrealistic; it also quickly becomes undesirable. Over time, the cases where your default cloud vendor’s service just can’t meet your needs—or the needs of your business units, DevOps teams, or acquired companies—start piling up. Instead of saying no to the full range of options and blocking groups throughout your organization from making their own informed choices, why not adjust your strategy to find a way to say yes?

By choosing management and security tools that work across all the environments that your organization might leverage—including multiple cloud providers as well as your own data centers—you can eliminate vendor exclusivity as a limiting factor in your cloud strategy. Instead of trying to stop people from using different platforms, you can give them the freedom to find their own best platform, secure in the knowledge that you can cover whatever choice they make. The promised flexibility of the cloud is restored, and vendor lock-in is gone for good.

Building flexibility—and security—into your cloud future
As enterprises accept and embrace the inevitability of multi-cloud, we’re already seeing a trend toward third-party tools and services designed to work across multiple cloud and data center environments. In fact, the selections already made by early cloud adopters can provide valuable guidance for other businesses venturing beyond the limitations of an Amazon- or Microsoft-exclusive approach.

By taking a platform-agnostic approach to cloud security and management, you can reduce overhead while ensuring uniform strategic coverage across all the environments you use. Even more importantly, as your needs and strategy evolve, you’ll be able to maintain that security and efficiency no matter what your IT footprint looks like. It’s the cloud the way it was supposed to be—a little more diverse than you’d imagined, perhaps, but with all the flexibility and agility your business demands.