Many times in discussions about cloud computing, the hybrid cloud meaning a service that combines both off-site public cloud and on-premises private cloud computing resources is thought of as being some nirvana state that will be the dominant architecture at some point in the future.
Well, Forrester cloud expert James Staten has news for many IT shops: Hybrid cloud is already here, whether you know it or not.
Staten lays out the argument in one of his latest blog posts, but it boils down to the point that if enterprises are using some sort of public cloud resource like an customer relationship management (CRM) app from Salesforce.com, or some on-demand virtual machines from Amazon Web Services that more likely than not those applications are using information from some on-premises databases or applications hosted behind your company's firewall. If there is some sort of transfer of data between your on-premises systems and that public cloud resource, then you've got a hybrid deployment. "If you are planning for hybrid down the road, I have a wakeup call for you," Staten says. "Too late, you are already hybrid."
So what? Staten says this is a big deal because often IT shops aren't aware of these hybrid connections. Many times public cloud resources have been setup by line of business workers, without consultation from the IT department. And when that happens it's a recipe for things to go wrong.
Staten's advice: Do an inventory and figure out what public cloud resources are being used, and what, if any, connections those have with resources behind your firewall. Then, make sure the hybrid deployment doesn't have any security, compliance or otherwise troubling issues that need to be addressed.
Just how big of an issue are these hybrid connections? A recent survey by Forrester showed that 30% of developers were deploying applications to the public cloud. Of those, about one-third said those apps have some sort of integration with resources behind their company's firewall. An even bigger proportion (70% of developers) say their company uses some sort of software as a service (SaaS) application, and Staten says many of those have connections with databases or ERP programs on the company's premises.
IT may not necessarily be aware of these public cloud deployments and hybrid cloud connections though. "If IT didn't set up these connections, then they may not be on their radar screen," Staten says. Individual business units may have procured cloud resources without telling the IT department. And when there is use of "shadow IT" resources, that's when there can be problems.
From a security and compliance perspective, for example, the CIO may convey to the CEO that the IT department that all known connections that span outside the company's firewall are compliant with various regulations the company may have to adhere to. But, there could be dozens of other connections stemming from these public cloud resources that are not known by IT, and therefore cannot be guaranteed to be in compliance. Performance is another potential impact. When developers create connections for public cloud resources to get data from on-premises resources, that can put strain on database systems or other programs or applications.
Sign up for CIO Asia eNewsletters.