The network has never been more business critical than it is today, and thanks to the Internet, it’s also never been more unpredictable. There’s an undeniable, fundamental shift happening where IT budgets have moved off-premises, companies are relying more than ever on multiple cloud infrastructures that they don’t own or control, and yet, they are still responsible for the outcomes.
While most enterprises began their cloud journey with a single infrastructure-as-a-service platform (IaaS), lately, compelling offerings from the likes of Amazon Web Services (AWS), Microsoft Azure, Google Cloud (GCP), IBM, AliCloud and others have created a plethora of options, with best-of-breed functionality designed for different workload types. Much as we saw with computing and server platforms in private data centres, enterprises are finding themselves consuming two or more of these cloud services. More recently, we are also seeing enterprises embrace multi-cloud right out of the gate as a primary cloud-first strategy.
Many factors dictate this. For some, it’s a strategic decision to avoid vendor lock-in, manage costs and access the best functionality. For others, it’s an evolutionary journey dictated by changing workload needs.
This new reality of relying on multiple cloud providers opens companies up to a new world of risk, from various cybersecurity threats to other risks related to the decentralised delivery of their applications or services. Following are five ways every company can protect themselves from external risks that now threaten their critical digital lifelines.
1. Understand you’re living in a world of entirely new dependencies
Moving to the cloud has significant advantages but also introduces new critical dependencies. As you move from on-premises to cloud, the fundamental assumptions have changed. While you may be gaining advantages like agility, deployment speed and of course economics, you’re also introducing an entirely new set of dependencies and ultimately giving up the control you had when all infrastructure, networks and services were under your control. Placing services across multiple cloud providers means you are now reliant on a slew of new partners that exist in the value chain to ensure your applications or services are delivered as expected. The more providers involved between you and your end-user, be it a consumer or a remote employee, the less control you have when something goes wrong with the network. The key takeaway from this is that you need to enhance your find-fix processes to encompass identifying root causes among multiple external providers.
2. Expand your visibility to the cloud
Network monitoring data has taken shape in the context of pre-cloud networks that were largely owned and controlled by corporate IT. This passive monitoring data requires access to network infrastructure devices so that raw packets can be captured from interfaces, traffic metadata can be exported, and status information can be gathered from device management information bases (MIBs). The cloud scrambles this formula, because your providers don’t give you access to their infrastructure. With the increasing use of multiple cloud vendors new approaches are needed to gain visibility across networks and services you don’t own. The key takeaway from this is to adjust your monitoring portfolio to include active monitoring technologies that give you visibility into both app and network layers across Internet networks, services and cloud apps.
3. Think ecosystem, not us versus them
When you move to the cloud, it’s not just your organisation that has uncontrolled Internet dependencies. All your cloud vendors do as well. You must shift your IT process thinking to an ecosystem-first, partner-friendly mindset because in the Internet, delivering great digital experiences is about shared responsibility across an ocean of uncertainty. The key takeaway here is that you need to manage your cloud dependencies by creating a common dialogue through shared data and insights into the unpredictable, uncontrolled Internet environment.
4. Take steps to detect and contain collateral damage
When you move to a shared infrastructure, you’re susceptible to a multitude of new attack vectors, and you could become collateral damage even when you’re not directly targeted. When somebody else in your value chain is attacked, your applications and services (and customers) can be impacted. Understand that every multi-tenant infrastructure you rely on brings shared risks. Since providers will understandably be preoccupied with dealing with clients directly under attack, you need to assume that detecting such collateral damage impacts will fall to you. A key takeaway is to monitor user experience and service performance as delivered via multi-tenant security and infrastructure services so you’re not blindsided by “collateral damage”.
5. Adopt a data-driven, lifecycle approach to managing networks
Network connectivity is more dynamic, unpredictable and business critical than ever before, so adopting a data-driven approach to planning and decision-making is necessary for your success in this new world of constant change and increased complexity. It begins with benchmarking network performance ahead of cloud and branch office Direct Internet Access rollouts to establish realistic KPIs. From there, it’s understanding that there is no steady state in the cloud. The Internet that is delivering your business-critical assets will not be the same next week. You must constantly measure performance and adjust as needed. The key takeaway is to move your performance visibility deployment to the “left” in your cloud adoption timelines so you can baseline, benchmark, remediate and successfully operationalise Internet-centric connectivity to deliver outstanding cloud experiences.
By relying on the Internet, companies are now willingly bringing uncertainty into their businesses, be it for external, consumer-facing applications or services, or, for connecting distant branch offices to cloud apps in a globally distributed enterprise. This proliferation of IaaS providers and modular application architectures have resulted in a complex matrix of inter-service communication across infrastructures and networks that enterprises do not own or control. Much of this communication traverses the Internet, which has evolved into a mission-critical transport for enterprises. Complexity has the potential to drive up cost if not managed carefully.
Therefore, comprehensive visibility and monitoring are critical to ensuring a good digital experience for customers and employees. While there is no way to fully de-risk any move to the cloud, by taking these steps to ensure you’re creating extended visibility into networks and services you don’t own, you can drive a much more predictable digital experience for your business.
Alex Henthon-Iwane, VP of Product Marketing, ThousandEyes
Image Credit: Melpomene / Shutterstock