Though cloud services have been a business staple for some time, the COVID-19 pandemic has seen IT departments rely on it to an even greater extent. The shift to mass remote working has led to fast deployment of cloud solutions as organisations have been forced to accelerate their digital transformation plans.
For many IT workers, this has meant speedily educating their C-suite colleagues on all things cloud and which model is the best fit for their organisation. Hybrid cloud is when an organisation decides to use a combination of private and public cloud services, normally for strategic or data sovereignty reasons.
In the early days of cloud computing, hybrid was often dismissed as a step on the road to full private cloud, but the flexibility and cost savings it offers has seen it become a dominant model. Now, flexibility is a must as companies seek to navigate the challenges of a distributed workforce and the reopening of physical office spaces. The hybrid model is solidifying itself as the most popular method of cloud deployment.
While there is sometimes fluidity of data flow between public and private clouds, more often choices are made by use case. For example, a company may choose to run its accounts in the public cloud, but keep more sensitive data, such as intellectual property or sensitive personal information, in a private cloud.
There are also legislative considerations for example, the advent of GDPR has caused some organisations to use private cloud, whether hosted on-premise or in a managed facility, for any data that could fall under the auspices of that legislation.
Hybrid cloud scenarios
There are numerous reasons why an organisation may decide to pursue a hybrid cloud model. For example, a long-established business may have a significant amount of on-premise hardware that they've invested a large amount of money in. For them, it often makes sense to continue to run at least part of their operations on their existing infrastructure, but use software as a service (SaaS) public cloud products for functions such as payroll, accounts, customer relationship management (CRM) or enterprise resource planning (ERP).
Another example is if a business develops its own applications. It may make sense, during the development stage, to spin up some low-cost infrastructure as a service (IaaS) or platform as a service (PaaS) offerings, then once they're completed move the apps back into their private cloud, rather than having constant excess capacity in its data centres.
Big Data analytics is another use case for hybrid cloud. While it's often cheaper to store the data itself in a private cloud than rent capacity for it long term in a public cloud, analysing it can be done more flexibly in the public cloud, with the ability to scale up and scale down capacity on demand.
Another reason to keep some data in a private cloud on-premise is latency. If you have a mission-critical application that you use frequently and requires rapid data flow, then it makes more sense to keep it on-site, where it can be most rapidly accessed, than in the cloud where the lag can be not only frustrating but significantly inefficient over time.
The pros and cons of hybrid cloud
If managed properly, the hybrid cloud gives companies the clichd "best of both worlds". Sensitive corporate data can still be maintained and stored within the company's own data centres, exercising the tight control over valuable intellectual property or customer data that many organisations crave. However, the company can still take advantage of the potential cost savings and rapid scalability offered by public cloud providers.
The public part of the equation is often used to deliver less mission-critical applications. Many human resources departments use public cloud services to manage their payroll, for example. There may be times when these applications need to query data stored on the company's own private infrastructure, but the company's core data assets remain within the organisation's boundaries.
The downside of the hybrid approach is that it's technically more difficult to manage than a purely private or public infrastructure. The IT department will need to dedicate plenty of time and effort to securing, configuring and planning a hybrid rollout, and may need to adapt in-house systems to work effectively with third-party systems.
It may also leave the company dependent possibly for the first time on the infrastructure of an external provider. Whilst failover and backup facilities at reputable public cloud providers are likely to be far superior to the company's own, outages still occur, and the company will need to calculate the reputational and financial risk of business applications being unavailable for periods of time.
Optimal business results with the cloud
Evaluating the best approaches to hybrid cloud adoption
Security is another issue for hybrid clouds, with hybrid infrastructure causing more serious security incidents than cloud-hosted applications or on-premise workloads. Research from 451 Research's Voice of the Enterprise report showed that 51.8% of respondents see hybrid cloud storage as less secure, topping the list of disadvantages.
However, there are multiple ways cloud environments work to protect data both in transit and at rest, but those measures can vary from provider to provider and may not be enough to satisfy the security concerns of specific markets. Data security can often seem at odds with the accelerated development expectations in the age of the cloud, but it doesn't have to be if there's a hybrid cloud framework in place that can automate data security policies and guarantee they are followed, whilst continuing to enable the on-demand capabilities of hybrid cloud storage.
Budgeting for a hybrid cloud setup can also be complicated. In scenarios where a public cloud computing service provides fallback capacity for disaster recovery or for the organisation's private network, it can be difficult to foresee the likely demand on the public infrastructure. Depending on the current availability of resources at the public cloud provider, that extra capacity may also be charged at a variable rate.
That can work both for and against a company. If the use of extra capacity can be timed to coincide with the cloud provider's quietest periods, that extra resource may be available at a very reasonable rate. However, if demand should spike during peak periods, the company may be forced to pay a premium to maintain the availability of a corporate network or applications. It may even end up in a bidding war with the cloud provider's other customers to ensure it has sufficient capacity when purchasing so-called Spot Instances on services such as Amazon EC2.
An open, business-oriented, hybrid cloud lets organisations focus on digital transformation. It represents what can be the most effective method for incorporating the cost reduction and highly flexible capabilities afforded by cloud technology, while at the same time maintaining the internal control capabilities and security offered by on-premises infrastructure.
But to make the hybrid cloud a truly dynamic production environment, it needs to be based on a framework that covers key security and policy management requirements, regardless of the physical locations of data and mobile workloads.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.