Resilience starts at the infrastructure layer

As digital becomes the default way we work, live and play, ensuring the operational resilience of business-critical systems has become a top priority for Australian enterprises.

Given the litany of high-profile ransomware attacks over the past few years, it’s no wonder much of the “business resilience” conversation has revolved around mitigating the threat of such attacks.

But an equally disruptive risk, one that has for years slipped under the radar, has emerged and forced IT leaders to rethink the accepted wisdom behind many “cloud first” strategies.

For years, enterprise IT was in a race to the cloud. The much-celebrated “cloud first” strategy behind this involved going all-in with a single hyperscale public cloud provider to run and host the business’ apps and data.

While there are a number of risks emerging from this approach, foremost among them is relying on a single point of failure.

If all your eggs are in one public cloud basket, there’s little functional difference between a successful ransomware attack and that cloud provider experiencing an outage. Without access to apps and data, operations come grinding to a halt.

Avoiding this risk, along with others like bill-shock and lock-in, comes down to building a resilience strategy from the very foundation of a business’ architecture – the infrastructure level.

Avoiding a single point of failure

VIEW ALL

The infrastructure choices a business makes has huge implications for its resiliency. Twenty years ago, there wasn’t much choice and on-premise three-tier infrastructure was the only model to choose from.

Today, enterprises are weighing up between public cloud, private cloud, hybrid cloud, and on-premise infrastructure. With so many paths to choose from, in which direction are Australian businesses heading?

In our recent Enterprise Cloud Index, we surveyed thousands of global enterprises and found Australian organisations well and truly ranked hybrid multi-cloud as their ideal IT operating environment. In fact, 92 per cent of local businesses said hybrid multi-cloud was their desired future state.

Unfortunately, more than a quarter (27 per cent) of Australian businesses are still wedded to a “cloud first” strategy built around a single public cloud, significantly higher than the global average of 16 per cent.

Such reliance on a single cloud provider presents an operational risk to the business should that cloud provider experience an outage.

While such outages typically result from a technical issue or some form of user error, the prevalence of targeted supply chain attacks makes public cloud providers or other managed service providers (MSPs) attractive targets.

As large parts of Australia deal with the fallout of the most devastating floods on record, and with the bushfires of 2019-20 still fresh in many people’s memories, it would be remiss not to mention that natural disasters also pose a significant risk to any organisation dependent on just one cloud provider.

Keeping business in business

By overcoming the reliance on a single public cloud provider and adopting a hybrid multi-cloud architecture, businesses have far greater resilience. With the ability to rapidly shift applications and data from one provider to another, or even back to their own private cloud as required, businesses can minimise any disruption that might result from a failure, natural disaster, or cyber attack impacting one part of their environment.

Previously, the skills and technical expertise required to achieve a functional hybrid multi-cloud environment made it too prohibitive.

This was compounded by the fact that major public cloud providers make it very easy to move apps and data into their environments, but incredibly difficult to move these anywhere once the migration has been completed. This phenomenon has become known as “cloud lock-in”.

The recent emergence of hybrid cloud management platforms, however, gives enterprises the freedom and flexibility to shift their apps and data back and forth between multiple cloud providers as required.

In essence, these platforms act as a Rosetta Stone between dissimilar clouds that not only enable application mobility between clouds, but also the ability to build, automate, and enforce top-down, cross-cloud security and compliance policies across infrastructures.

With cloud skill sets in such high demand, having “one ring to rule them all” is helping to make the hybrid multi-cloud dream a reality and, in the process, meeting the core objective of any resilience strategy; keeping the business in business.

Jim Steed, managing director at Nutanix A/NZ.