This article first appeared in Digital Edge, The Edge Malaysia Weekly on July 25, 2022 - July 31, 2022

The push for businesses to adopt a multi-cloud strategy to stay competitive was intensified by the onset of the Covid-19 pandemic. 

Based on a report by the IBM Institute for Business Value, hybrid cloud adoption alongside digital transformation brought about unprecedented value to business, with hybrid and multi-cloud spend expected to increase by up to 17% by 2023. 

With only 29% of businesses in Malaysia having a multi-cloud management strategy in place, Digital Edge speaks to Harith Ramotheram, CEO of Crayon Malaysia, to shed light on how multi-clouding can help businesses navigate the digital future. 

Digital Edge: What are multi-cloud platform strategies and how can they be utilised to further drive business and digital transformation?

Harith: A multi-cloud strategy gives customers more options and allows them to select the services that best fit the requirements for each workload, whether those requirements are related to features, cost, performance, integrity or availability of services. 

Even the simplest building block services, like virtual machines, storage and networking on each cloud can have vast differences between public cloud providers. 

The cost and complexity of developing solutions can also vary greatly, depending on the cloud provider chosen.

In most organisations, not every workload needs a high level of availability. Hence, being able to select the lowest-cost service that is ‘good enough’ can be advantageous in certain scenarios and compelling to individual business needs.

Similarly, if you need to replicate data globally anyway, having multiple copies of that data in each region and paying a higher cost for that extra redundancy may be less advantageous. 

How does cloud adoption allow businesses to stay competitive in the market?

Organisations should consider a multi-cloud strategy for several reasons, whether it is to enable your architects, developers and application management teams to choose the best available services for operating and managing their specific workloads, or simply as a tactic for negotiating a better discount level in the long term with your cloud vendor of choice. 

The ability to multi-source your cloud services will provide your organisation with much greater flexibility than selecting a single cloud.

We recommend that as part of your strategy, whenever you build or deploy a new workload to the public cloud, you identify a high-level target architecture for how you would deploy that same workload to another cloud. 

Cloud providers can help you evaluate which services are the most efficient for deploying your application and ensure that you are truly selecting the best combination of services to meet your requirements, rather than simply following the solutions architect’s unconscious (or conscious) bias. 

It helps you understand your technical debt or level of lock-in, allowing you to plan ahead of time how you will migrate your workload away from the current platform and onto the next best option. 

This provides the basis for a contingency plan, which you could invoke if your relationship with the provider deteriorates or the cost of services skyrockets. 

In some cases, lock-in is desirable because tightly integrating to cloud providers’ native services can significantly reduce the operating costs of running a workload when compared to a more open or standards-compliant solution.

However, it is important to understand the effort required to invoke the contingency plan and roughly what the cost of operating the service would be if you ever had to do it.

To stay ahead of the competition, most enterprises are investing in modernising their data platforms and developing AI projects to generate new business opportunities and improve outcomes. 

What is a cloud-first strategy and what are the benefits of migrating data to the hybrid cloud system? 

As part of the evolution of cloud computing, organisations began to develop and build their processes and platforms with cloud native solutions, resulting in the cloud-first strategy. 

This enables businesses to reduce overhead costs, resources and upfront investment when developing on-premises and then migrating to the cloud.

Essentially, customers benefit from agility and financial flexibility, the ability to innovate and stay competitive and, most importantly, cost optimisation. Security and compliance are built in at the core to protect any business-critical workload and sensitive data. 

The hybrid cloud strategy is ideal for most established organisations with legacy systems that may require more time to modernise while coexistence is crucial, especially organisations serving multiple verticals with varying IT security, performance and regulatory requirements.

Could you please expand on the adoption journey users take as they embark on a cloud-first route and the hurdles that they might encounter on the way?

We often see the people element in terms of skill gaps and capacities being the most common stumbling block in most adoptions or migrations. 

At Crayon, we assist our customers to fill in the gap by offering cloud adoption consulting and advisory services all the way up to managed services. 

Assessing cloud readiness is the first step in understanding organisational maturity across different perspectives such as infrastructure and application portfolio. 

Data-driven reports from this assessment is the guiding point for organisations to lay out the road map for a detailed migration process while ensuring cost performance optimisation once applications are ready to migrate to the cloud. 

Next is planning the right strategy for a solid cloud foundation. Apart from building in-depth per-application cloud migration action plans, we recommend building commercial and technical governance foundations for an organised and controlled cloud service.

Implementing cloud infrastructure and migrating applications in accordance with the migration plan, while minimising manual errors, and governance standards for consumption reporting and operational readiness, are a vital step. 

Finally, operate workloads focusing on the operational excellence across the organisation. This includes training, reporting, monitoring cost control and security. This also includes evaluating where and how the organisation can focus in order to improve further or reduce cost consumption.

How is the feasibility of the customers determined for each of the following frameworks: cloud adoption, governance and lifecycle management, data and AI?

Cloud adoption, governance and lifecycle management, data and AI are all part of the digital transformation journey. 

Businesses are encouraged to begin the journey with exploration workshops to understand existing versus desired state for each initiative, simply to provide a bigger and more detailed picture of what the customers are looking for and understanding their expectations. 

Once gaps are identified, service providers will then fill in for the required skills and capacities that range from services delivery engineers, software and cloud advisory consultants to data analysts, data scientists and all other certified personnel with most of the established publishers and hyperscalers. 

What are the security threats, issues and concerns faced during cloud adoption, and what are the steps taken to address this? For example, with the government announcing the migration of 80% of public data, does that make it more susceptible to hacks and data breaches?

Security threats like distributed denial-of-service (DDoS) attacks, phishing and ransomware are an ongoing battle for most organisations managing both on-premises and cloud infrastructure. 

It is crucial to develop a cloud security framework that includes zero trust policies and defining the access based on profiles with ongoing monitoring and improvement plans. 

Security in the cloud is crucial for any organisation to keep applications and data protected at the highest level.

Cloud security governance consultation services begin with an assessment of the vulnerability, identification of potential risks in existing security architectures, and definition of the cloud security policy. 

Security experts will then recommend process improvements before introducing the best cloud security tools to monitor, govern and control the hybrid cloud or multi-cloud environment.

Save by subscribing to us for your print and/or digital copy.

P/S: The Edge is also available on Apple's App Store and Android's Google Play.