Getting multi-cloud connectivity right
March 9, 2021
March 9, 2021
Many of you are working in a multi-cloud environment today—some combination of a private cloud and one or more hyperscale providers. How’s it going?
I’m hearing from some clients that they’re struggling a bit. Application performance is not predictable, security is complex and expensive, and the overall network architecture is inflexible and makes change difficult to implement.
I want to look at these technical issues from a slightly different perspective: from a user experience vantage point. That is, what is the overall impact of network issues on your users? The ultimate goal is to provide a seamless user experience across a multi-cloud network so people can get to the applications and assets that live within your clouds. They need to work effectively from home, an office, a vacation spot, a plane or a coffee shop. Obviously, application performance is at the heart of the matter, but let’s dig a little deeper into the causes of uneven performance which, in turn, leads to a poor user experience.
Security and authentication
Certainly, everyone wants to be secure, and companies should always err on the side of caution. But it’s important to try to do it in a way that won’t affect app performance and ultimately the users' experience. Sometimes, in fact, the apps are perfectly fine. The issue is with the security posts that you've put in the apps and the authentication procedures which end up causing performance issues and degradation.
Most likely, you’ve experienced this yourself hundreds of times. The first time or two that you’re asked to authenticate yourself, that’s OK. But by the seventh time on the same day, it all feels like a hurdle on your way to better productivity.
One element of avoiding this situation is to be consistent in how to authenticate across the clouds. Companies that have different rules for different apps and clouds may have trouble delivering the seamless user experience I just mentioned.
Inflexible architectures
After they’ve been on their cloud journeys for three or four years, few companies are exactly where they thought they’d be. That means they should plan for flexibility from the start to enable change along the way and avoid expensive retrofits or having to actually rip things out.
Long-term flexibility has been very important to us at Accenture. As many of you know, we’ve made a pioneering move to public cloud over the past few years, and now we’re 95% public- cloud-based. But that wasn’t the only option when we started. We, too, considered a hybrid environment that would include both public and private clouds.
In short, we just didn’t know, so we set up an architecture at the beginning that was flexible enough to let us do anything we wanted. We weren't hamstrung by the early decisions we made around the architecture.
Here are a couple of key takeaways to consider about planning and managing your organization’s multi-cloud connectivity:
Consider a cloud exchange
Another way we’ve built flexibility into our cloud architecture is through what we call the Accenture Cloud Exchange. It establishes a central point from where the Accenture network connects to our public cloud providers and SaaS providers. These are co-located with the backbones of the major cloud providers, which optimizes performance and the user experience. The exchange is also where we run key elements of our security stack, enabling us to establish security policy in a strong but also flexible way.
Leverage your provider’s network connectivity
It’s not necessary to build your own network from scratch, because the major cloud providers all have their own kind of network connectivity with on-ramp capabilities that have performance and security built in. That can be your own superhighway to the cloud, as opposed to doing it through the internet or your own connections. Is this approach more expensive? Probably, but remember you’re paying for better, more secure performance.
Plan for application-based authentication
Using application-based security and policy, such as multi-factor authentication, can give you the flexibility to connect from anywhere. You don't need VPN connections to get into your applications because those apps are authenticating us when we touch them. That’s another key to flexibility. During the current pandemic, for example, companies using this approach were able to move their workforce to their homes in a hurry, and the experience was seamless. Companies that were built on VPNs and connecting through their various hardware-based infrastructures were pretty throttled.
So, adding it all up, let me summarize by saying that you should start with a holistic cloud strategy, architecting your network with the flexibility to go in multiple directions. Don't base it on just one provider or one set of decisions. Since the only constant is change, start with an approach that will allow for flexibility all along the way.