In recent years, organisations of all sizes across Australia have taken advantage of public cloud services largely due to the benefits of flexible, consumption-based usage and access to modern applications. Usage of these services certainly ramped up when the COVID-19 pandemic first hit in early 2020.
But these services are not ‘one-size-fits-all’ solution. There are some scenarios where public cloud is not the best option for organisations. For instance, without the policies and governance in place, service costs can easily balloon to unmanageable levels while application latency can also be an issue.
Australian tech leaders gathered in Sydney recently to discuss their approaches to deploying cloud solutions across their organisations as they manage new, hybrid work environments that have become popular since the onset of COVID-19. The discussion was hosted by CIO Australia and Lenovo.
Some tech execs argue that their organisations don’t need to retain data and applications on-premise given how advanced the top cloud providers are today.
But Lenovo’s Nick Milsom says there are several reasons why organisations are opting for hybrid cloud environments. Firstly, he says that companies are generating increased levels of edge data that needs to be processed locally.
“This could be data generated by machine learning, artificial intelligence, face or pattern recognition, or point-of-sale systems. All need the speed of an edge device that can be combined with a hyperscaler service,” he says.
Secondly, developing containers and applications in a cloud-agnostic format enables an application or service to be created and operated on a platform that makes commercial and business sense. This avoids hyperscaler lock in and creates automation between application development and the cloud, he says.
Ben Waterhouse, chief information officer at Coates Hire, says that the continued investments top cloud providers are making is arguably impossible to match on-premise.
“While these advancements are primarily in platform services and not basic IaaS, by having all your workloads in a public cloud, you can position the organisation to take advantage of this investment in platform services at a rate that I would argue is not achievable on-premise.
“I would also argue that this is irrespective of if they are legacy IaaS environments or modern ‘built for the cloud’ applications. It is hard to transition to modern cloud architecture if your base applications are not there,” he says.
Paul Kennedy, chief information officer at Craveable Brands, takes a similar view, saying that cloud providers have invested significantly in levels of scale, resilience and security that far exceeds the capabilities of small to medium, and many large, enterprises.
Kennedy and his team have migrated all of the organisation’s workloads to the cloud, primarily SaaS with some cloud-native environments running across its e-commerce facility, and some legacy applications running in infrastructure-as-a-service on public cloud.
“Our remaining legacy applications will be migrated to SaaS with 18-24 months, potentially eliminating the IaaS requirements. In a medium business, this allows our team to focus on value-add activities rather than commodity infrastructure and service management,” Kennedy says.
VetPartners’ chief information officer, Gareth Rossiter, agrees that most workloads can operate in a cloud environment.
“In our case, the only workloads that need to stay on-prem relate to large data files be that video or imagery, and depending on the location, there are some rare instances of latency problems,” Rossiter says.
Determining the best cloud strategy
Organisations should look at a number of factors when they are determining whether their infrastructure strategy will predominantly public or private cloud, says Lenovo’s Milsom.
These include: total cost, which should include the transition to and potential exit from the cloud; agility to meet business needs; security or regulatory requirements; freedom to develop where it makes sense, as well as not being locked into one cloud provider, he says.
Coates Hire’s Waterhouse says that when deciding on the right cloud, he asks a number of questions.
“These might include: ‘Why not public cloud? What are the technology objectives and how will technology be used to add value to the organisation in the age of digitisation? And can this be achieved at the same pace in a private cloud environment?’
“Secondly, when it comes to commercial considerations, unless you have significant scale, I am of the firm belief that hyper-scalers can always do it cheaper than I can in a private cloud. So, are there regulatory or legacy system limitations that mean public cloud is truly not possible?” he asks.
Waterhouse adds that there are certainly valid reasons for a hybrid environment, for example, when organisations have edge compute requirements or need to adhere to certain regulations.
“But I do believe it is important to always review these requirements and most importantly, look to how you manage a hybrid environment with the same cloud-native tooling,” he says.
Craveable Brands’ Kennedy says a key focus for the company’s franchise partners is having a reliable, cost-effective service. Cost, data protection and availability within the required geography are key factors to compare public or private cloud, he says.
“In some instances, there may be legacy application or environment issues that better suit public or private cloud. Network connectivity may be an issue in some remote locations but in most cases, we have redundant fixed-line/wireless connections to each site, and the ability to operate critical services such as point-of-sale in offline mode,” he says.
Security, latency and cost control are important reasons why some workloads are best suited for on-premise infrastructure, says Northcott’s chief information officer, Paul Herbert.
“Cloud services costs are reported to have risen faster than inflation and yet on-premise infrastructure continues to fall as server and storage become commodity items. A hybrid environment has given greater ownership and control of our network.
“It creates a platform for running on-premise apps and provides a simple path to move work to the public cloud at our pace. That means work moves to cloud when we are ready, being certain of security and supported by an IDP (identity provider) and SSO (single sign-on) capabilities to give user an improved sign-on experience,” he says.
Managing application acceleration
CIOs are increasingly grappling with the task of managing the acceleration of modern application development across both public and private cloud platforms.
Acceleration or continuous improvement when it comes to modern application development is “absolutely a challenge that is centered around culture and team capabilities,” says Coates Hire’s Waterhouse.
“We are asking our teams to work in different ways, to assess risk in different ways and to adopt entirely new architectural patterns. This, coupled with a level of IT skills shortage, creates an interesting problem,” he says.
Waterhouse says he doesn’t believe that there is one answer to this challenge. For Coates Hire, he says, it is about continually asking questions such as, ‘What can we do differently?’ How can we replace governance controls with principles? Have we equipped the team with the skills they need? Is it absolutely a journey we are on and certainly haven’t mastered?”
Craveable Brands has already delivered its e-commerce capability on serverless architecture but does not plan to invest internally in significant development in the future, says Kennedy.
“Maintaining the development, DevOps, testing and monitoring capabilities within a small team is extremely challenging. Instead, we are focused on moving applications to SaaS infrastructure with a preference for providers who already have a modern cloud-native environment.
“Our focus remains on orchestration and integration of service across multiple SaaS providers, which provides data and insights capability as an overlay rather than building applications,” he says.
Northcott’s Herbert adds that managing the acceleration of modern app development across clouds is very challenging and requires an integrated approach.
Regularly reviewing the enterprise architecture to ensure current and proposed apps meet the business’ needs, challenging SaaS vendors that their platforms are public-cloud ready, having a strong data governance policy and integration capability are all vital, he says.
“For example, we’re finding multiple vendors offering SaaS platforms that are heavily reliant on the underlying platform they are delivering on – for example, AWS – and quote at length the security of their platforms.
“But the problem is in the detail. The underlying delivery platform of say, Azure or AWS and others, does indeed have many good security features but the deployment of a SaaS application is far from guaranteed to be secure just because it’s running on AWS.
We are spending a lot of time, effort and cost carefully reviewing SaaS applications and repeatedly finding issues,” he says.