Businesses need to get to grips with the hybrid cloud as compliance demands increase.
By Ian Jansen van Rensburg, senior systems engineering manager at VMware Southern Africa
There’s little doubt that the demands on IT are more intense than ever. The proliferation of technology has created a world where everything is mobile, connected, interactive, immediate and fluid. At the same time, C-suite leaders are making demands that IT struggle to fulfil – whether that’s enabling new product or service lines, evolving and automating the supply chain to drive efficiency, enabling modern working practices, or transforming the customer service or go-to-market model for the business.
While IT is expected to be flexible with these requirements, businesses leaders often don’t understand that the internal IT department has to ensure projects meet compliance and data sovereignty demands. It’s a quandary many CIOs are facing up to – summarised perfectly in the results of recent research we conducted. Of 1 800 IT decision-makers surveyed across EMEA, over two thirds (69%) said they are under pressure to modernise IT within the next 12 months, but they’re spending significant amounts of time tackling compliance and regulation – an average of nine hours per week for each IT department.
While this seems like a large amount of time, of greater concern was that almost half (47%) didn’t feel this amount of time is adequate to deal with the increasing demands of compliance and regulation in place. It begs the question for CIOs: how do they balance the need to support the business and ensure IT runs efficiently while ensuring they remain fully compliant?
The current landscape
The rise of the public cloud has in part added to the pressures on the CIO”s critical balancing act. With the increasing mandate for IT to show how it is supporting business needs – growth, market share, revenue, while not increasing capex – using public cloud services has become more prevalent in the IT armoury. Services can be spun up quickly to meet demands, on a pay-per-use basis, and turned off when not needed. What’s not to like? Well let’s look at it a little more closely.
Let’s call it the “bill shock” and “IP shock” for the CIO. With departments using public cloud services, often paid for on numerous credit cards – and often not noted as an IT expense – their visibility into how much is being spent has become cloudy. The IP shock comes into play as individual credit cards are used to procure services for app development, maintenance and deployment. Vital IP can be locked behind those credit cards when that employee moves on.
In addition, while IT departments are striving to innovate to provide greater value to the business, their “day jobs” still require “keeping the lights on” while ensuring quality, safety and efficiency. For many CIOs this can mean being the custodians for companywide audits, ISO standards, specific industry sector protocols, country and regional data regulations and EU data privacy laws. A balancing act for sure. So putting mission critical data in the public cloud has added to their angst of where their data resides, how secure it is and how complaint it can really be. This sense of lost control is not a comfortable or sustainable position for most CIOs.
What we are seeing is that a true hybrid cloud genuinely answers the business success/compliancy balancing dilemma by being able to maintain all the security and compliance rigour that has already been established within the business with the agility and business benefits of the public cloud. Now a more comfortable picture emerges for the CIO.
Addressing the balance by moving to hybrid
The enlightened CIO no longer has to choose between their onsite environment and public cloud services when they can leverage both, using one common platform that they know, are familiar with and can trust.
In VMware’s view, a true hybrid cloud environment allows organisations to treat private and public clouds as a single entity, moving workloads in and out of the public cloud when necessary without needing to invest in costly and time-intensive migration projects or additional hardware to solve the problem. Critical applications can deliver the performance they need, while resources can be allocated and provisioned where required.
Above all, a true hybrid deployment can leverage existing IT policies to meet security, compliance and control requirements. In doing so, it addresses some of the concerns CIOs have when it comes to meeting data sovereignty and compliance requirements. In the same research, 71% of ITDMs in EMEA felt their company can meet these requirements around data storage regulations, while 57% were concerned that their organisation’s data is not held in their country
With a service like the vCloud Hybrid Service, applications don’t need to be modified when moved into the public cloud and, since IT will be leveraging the same tools they are already familiar with, no additional training is required. To create this truly seamless hybrid cloud experience requires some fundamental components: a common management and orchestration platform; unified networking; a common security model; and one place to call for support.
However, there needs to be trust between local service providers and your own IT departments, so technology innovations like vCloud Hybrid Service can provide CIOs with the opportunity to strike a balance between supporting the business and ensuring they remain fully compliant. Issues around compliance have grown in stature over the past 18 months and it is imperative customers can ensure their data resides in a location of their choosing, fully compliant with local sovereignty laws.
By knowing where their data is at all times, IT can spend more time working on helping the business – offering a scalable and flexible infrastructure that answers the call to fulfil the demands business leaders place upon it.