The new universal truth of IT is that the hybrid cloud is here to stay. Enterprises combine on-premises infrastructure with public and private clouds in order to keep up in a hyperconnected world where everyone and everything is generating and sharing data, creating new value, and driving a new speed of business.

Another universal truth of IT is that almost all enterprises have become hybrid in an ad hoc fashion: A business unit sourced a staff application in a private cloud while developers went to the public cloud to build a development environment—and the enterprise ended up with a hybrid environment. This unplanned cloud sprawl has resulted in unnecessary complexity, costly overprovisioning, underutilization, skills gaps, talent shortages, capital trapped in fixed assets, and unpredictable costs.

Things don’t have to be that way. Companies can get a consistent experience across the hybrid cloud and do it cost-effectively and efficiently. But that requires a new way of thinking about how to operate, manage, and strategically source different hybrid solutions. It’s not easy to do. But based on our engagements with thousands of enterprises, we’ve come up with answers to the questions companies most frequently ask as they adopt a hybrid model. Take the following advice and you’ll find your transition to hybrid far easier than you thought possible—and your enterprise will reap significantly more business benefits from it as well.

 

How do I determine the best location for my applications?

The first question companies must answer is where they should put their applications. They may have as many as 500 applications in their legacy portfolio, and that doesn’t include new applications in development. How can IT know if applications would be better in public or private clouds? In Amazon Web Services or Azure? Or should they simply keep them where they are? How can your company determine the best location for them?

First, you need to do a comprehensive inventory of all your applications. And applications can’t be looked at in isolation. You must take a holistic approach and include dependency mapping for each.

Next, it’s important to understand the priorities of the business and how those priorities affect each of the applications. For example, is cost more of a consideration than performance? Is the business willing to go for a lower priced solution and give up a little on the performance side? Does it want to sacrifice additional latency for a lower cost, or would it prefer to pay a lot more and have the most secure and compliant environment available? You also must consider what to do with legacy applications: Are you looking to wind them down or modernize them?

Once that’s done, the organization should perform an ease-and-impact analysis to determine which applications will be easiest to move or migrate and will have the biggest business and financial impact. At that point, you can determine the best location for each. But it’s important not to try to do this with all applications at once. Instead, find the 20 most impactful applications for the business and start on those immediately.

 

How can I be confident my cloud environments are secure and compliant?

It’s become more difficult for enterprises to stay secure and compliant because so much corporate data now sits outside the data center. It’s in public and private clouds and with SaaS providers. All of it needs to be protected and kept in compliance.

When building production environments, you must be consistent and standardized and spell out how firewalls, load balancers, and security parameters should be configured across the entire organization. Too often, this is done in an ad hoc fashion, with different development groups on different clouds using different standards. When everything was on-premises, it was easier to keep everything standardized. But that discipline hasn’t been taken to the cloud.

To maintain compliance and standardization, you must provide tools, processes, and automation, and conduct routine auditing to make sure everyone builds production environments the same way.

Companies should also consider using managed compliance control services, which provide continuous monitoring of corporate and regulatory governance and security. These services also offer real-time alerting for remediation, continuous synchronization with regulatory organizations, and ongoing recommendations to help with remediation and cloud compliance.

 

How can I be certain I am getting business value from cloud economics?

Enterprises think that moving everything to the cloud can save money, perhaps as much as 50 percent of their previous infrastructure costs. But it hasn’t worked out that way. In a lot of cases, we’re seeing companies pay more, not less, or at least more than they had expected for business cases that haven’t proved themselves. A recent study by 451 Research shows that around 40 percent of enterprises surveyed are regularly spending more on cloud than they budgeted for, with around 10 percent saying they expect to be “significantly above budget.”

I know of an instance in which a company committed to spending $3 million over three years with a cloud service—and spent it all in three months. The CEO lost his job as a result. The company had no control over its cloud use: Developers were setting up multiple environments, duplicating and triplicating things, and using wasteful practices that never would have been allowed in a data center.

So enterprises need to monitor exactly what they’re spending and where those dollars are going. They need to align cloud economics with business outcomes. That begins with establishing baseline budgets for public clouds and SaaS solutions. Without that baseline and subsequent monitoring, you end up with a cloud sprawl in which your overall spend goes up considerably.

There are a lot of different techniques for controlling costs. It could be as simple as putting quotas on how much certain developers or businesses can consume every month and forcing their clouds to shut off if they hit that point. You can also use chargeback models, so businesses and business units see their bills, forcing them to control costs themselves.

Different techniques and different mechanisms can be used depending on your company’s culture. But overall, what’s important is that you have a governance model that puts controls and guardrails around spending outside the data center.

 

Do we have the right skills to be successful in the cloud?

Companies are also facing a serious gap: They don’t have enough staff with cloud expertise. According to 451 Research, cloud platform expertise is the most common IT skills shortage. That means competition for talent is intense, and even companies with enough in-house resources to manage hybrid and multicloud environments need to consider the opportunity costs of doing it in-house rather than outsourcing it.

How can organizations address the skills gap and determine whether to retrain people or get third-party help? It starts with knowing where your applications reside and where you expect them to reside in the future. People with skills in one platform, like AWS, typically don’t have skills for other platforms. So companies with hybrid clouds must determine what their core platforms are and develop the skills to handle those. They can then augment that with third-party services to handle the rest.

To make those decisions, you need to do a self-assessment about your company’s expertise. We’ve found that almost all enterprises overestimate their skill sets, so it’s important that you get a truly objective assessment. There are a number of vendors that can do this and a lot of certifications you can leverage.

Also important is recognizing that training is an investment in people as well as the company. That comes down to focusing on the right areas with the right people and coming up with an investment plan to do it.

 

How can I simplify the experience of operating in multiple clouds?

Hybrid solutions are becoming almost too complex to manage. It’s not uncommon for businesses to use up to 400 different SaaS solutions—and every one of those interfaces with a database. They interface with CRM solutions. They interface with a data center.

In addition to SaaS solutions, companies typically have multiple public clouds and maybe a private cloud on premises. They don’t want to have 12 different consoles and operating models, 12 different ways of purchasing, and 12 different bills. They need to simplify the experience of operating in multiple clouds and develop a common, unifying experience for them all.

To do that, you should develop common tool sets, processes, and methodologies across multiple clouds. When your company first decides where to put its applications, consider how those choices will impact standardizing its experience across clouds. Otherwise, cost of ownership will go way up and manageability will become very difficult.

Enterprises should also consider contracting with a third party that can provide a unified experience for all their clouds, including a single portal with a common dashboard and a common way to consume and buy cloud services. Data from 451 Research shows that 65 percent of enterprises with hybrid cloud deployments contract out some workloads.

 

Get the most value and business benefits

Hybrid clouds have become so complex that many companies don’t get the value they’re paying for. But if you let yourself be guided by the five questions and answers I’ve outlined, you’ll go a long way toward making sure your company gets the most out of what its spending—and that you’ll get the most business benefits as well.

 

Hybrid cloud best practices: Lessons for leaders

  • Perform an application inventory and match each application to its business requirements in order to locate it in the proper cloud.
  • Stay secure and compliant in a hybrid environment by standardizing rules across multiple clouds, on-premises infrastructure, and SaaS applications.
  • Consider outsourcing some aspects of managing a hybrid infrastructure—for example, to provide a unified experience across clouds with a common dashboard and a way to consume and buy cloud services.