BTEX 2021 : Important Hybrid Cloud Trends and Innovations

At CDW's BTEX2021 virtual event, Solution Architect Randy Hunt led a panel discussion thatlooked into the findings of CDW Canada's 2021 Cloud Report, and other important trends in thehybrid cloud. Here are some of the highlights of their discussion.

How to stay on track with hybrid cloudinnovation

What I hear a lot with customers is the term cloud-native,' and people think that means cloud-provider created products, says Tim Wagner, Cloud Evangelist, F5 Networks. But really, it's about a philosophy and a mentality. So, if we want to keep up with the pace of change, we have to put ourselves in the right mindset to look at business outcomes. This can be broken down into three questions:

1. What are we after?
2. What principles do we have before we're going to put something out?
3. How do we enable our dev teams to run at the speed of business?

By keepingthese questions in mind, organizations can start to naturally develop patternsthat can help them keep pace, and aid in product selection.

Goingcloud-native is truly a monumental challenge, says Jeff Hicks, Hybrid CloudSolution SE, NetApp. It's not something an organization can adopt overnight.You have to first be introspective about your skill set, and then beintrospective about what makes your business unique. Those are the areas youneed to then invest in.

Oftentimes,moving everything into the public cloud too quickly can lead to regrets. TheCDW Cloud Report mentions that 86 percent of organizations that move to thecloud will repatriate some workloads due to security, performance and cost.

Because ifyou rush to it, and don't have the principles, then you look at your bill ayear later and panic, says Wagner. You need to go slow to go fast.

Wagner alsocompares moving to the cloud to a home renovation, with an example about havingthe right infrastructure in place. Everybody wants to talk about the coolkitchen faucet, but if you don't put the plumbing behind the walls to make surethe water can get there, it doesn't matter how great that faucet is.

How to include cloud, microservicesand DevOps in an application modernization strategy

Appmodernization is a two-for-one approach, says Hadi Nejatian, Staff CloudPartner Solution Architect, VMware. On one side we have the development teamthat wants to launch and develop their applications as fast as they can. On theother side, the operations team wants to have an operational point of viewaround all the implementations that the dev team makes.

So, how canyou get those teams working together? Nejatian says Give both developers andoperations the tools to make sure they can develop those apps as fast as theycan.

Alignment iscritical, says NetApp's Jeff Hicks. Teams have to work together well, and Ithink that is no small feat, getting teams that are taking a legacy approach towork together with the people you've tasked to modernize applications. ForHicks, this requires finding someone in the organization to champion appmodernization, and having them do their research. Find out what are thetechnologies in this space that are going to be an advantage to your digitaltransformation strategy.

What's oftenmissed is you have to work to remove bias, adds Hicks. When you task a teamto do a certain thing, they tend to fall in love with it. And that becomes allthey want to do. You've got to invest in getting people familiar withprocesses, but also help them understand that I need you to champion this, butdon't get married to it, because we might be changing direction in a fewmonths.'

Innovative use cases in ITorchestration and automation

F5's TimWagner actually mentions NetApp's CloudOne platform as a great example. Ithink what they're doing is super-important, building the platform and settingthose guide rails for the developers to run and everybody in IT Ops knows whatit is. It's a really smart approach.

From an F5perspective, Wagner is focused on the security aspect. One of them being SSLcertificates, and managing expiration periods. How can we automate thatprocess, and actually make security less the Group of No' and more the groupof Let's Go'?

Some call itShift Left, I call it Shift Smarter, he continues. Which is simply How can Ido the remedial tasks efficiently?' And certificates is a key one that enablesmost of the things happening on the internet today.

VMware's HadiNejatian points to infrastructure as code as a good example of automation. Ifyou're coming from an IT department, one of your main consumers is the appdevelopers. When you talk to them, you realize when they're developing code fortheir apps, they don't want to deal with the infrastructure components thattheir applications run on routers, cables, etc. Therefore, if you're able toprovide them infrastructure where they can simply put in one line of code,start running it and get what their applications need, that really gives you thebenefit of keeping those customers happy, while giving them the agility they'relooking for.

F5's Wagneralso offered a suggestion for BTEX attendees. Pick one task that you do everyday of the week, and automate that task. One automation will turn into two, twoturns into four, and you start to get that scale pretty rapidly.

Is the cloud more secure or lesssecure than an on-prem data centre?

The last Ichecked, there were a lot of breaches before cloud existed, says Wagner.There are still a lot of breaches. So it feels like a false premise to me.

Wagner notesthat major cloud providers like Microsoft, Amazon and Google spend a lot ofmoney securing their infrastructure, but it all comes down to the cloud user'sapplications. I see all the buzzwords around zero-trust, and secure access,but it all comes back to principles and having design based in reality for yourapplication. No, you're never going to outsource security, but security policyis much different than Let's just buy a bunch of tools and hope they solve theproblem.'

Even as anemployee of a security vendor, Wagner admits that no vendor can solve allsecurity-related problems. Good policy, good principles and understandingwhere your risk lies to the data is what matters when you go to the cloud.

As we havepeople evolving into hybrid cloud and embracing digital transformation, we knowthat security is top of mind, says Hicks from NetApp, who mentions threedynamics in play:

1. Cloud security vs. internal security which one is better? Trying to keep up with threats, hackers and attacks can often cause burnout, and introduce security gaps in your environment.
2. The cloud is a bigger target. If attackers can breach a major public cloud provider, they now have access to much more information, disrupting many more environments in the process, whereas a smaller organization might not be targeted otherwise.
3. Defending the transport layer. This is when your data is exposed to the world, so what are you doing to secure those gateways, or encrypt data in flight?

At the end ofthe day, Hicks recommends a layered security posture. You can't just haveperimeter defence, or defence at your data layer. You have to have itthroughout. As you adopt a hybrid cloud strategy, and regardless of where yourdata lives in the public cloud, in your data centre or in transit you needto have a security posture that's executed across all of those locations.

How has the evolution of the threatlandscape impacted migrations to the cloud?

If you lookat public cloud providers, they are highly secure environments, says VMware'sNejatian. The challenge that customers have is that they're running workloadsin multicloud environments. Each of these cloud environments, although they arehighly secure, they each have their own method of applying security, so the waythat you secure workloads on each of them is different.

Each ofthese environments are vertically integrated silos, Nejatian continues. Theyhave highly integrated services that are vertically working with each other,but with less horizontal capabilities across other clouds. That makes itchallenging for customers.

The challengeof misconfiguration or under-configuration arises when trying to apply variousvendors' security policies across different workloads to keep them secure andprotected. Security has to be with your workload everywhere it goes, saysNejatian. You want to make sure you have a consistent security policy; defineonce and repeat multiple times.

Security isa responsibility of everyone involved in the data pipeline, says NetApp'sHicks. There's a learning curve and an expertise required for each of thepublic clouds, but there's also a heightened individual responsibility whenyou're operating in those public clouds. It's not just your data that you'repotentially putting at risk when you're being irresponsible in thoseenvironments.

As acommunity, we can come together and work harder to standardize policies,practices and tool sets. But in the meantime, every organization has to knowwhat is important to them, what those polices are and ensure that they'readhered to across the data pipeline.

F5's Wagnersays the one thing he would do if going to the cloud, regardless of vendor ortechnology, is to start adding context to data access and clamping down onidentity. Identity is the key to all future cloud security parameters becausethe perimeter is going to evaporate as organizations move more data to theedge.

For more insights from the CDW CloudReport, you can downloadthe report now. And be sure to bookmark this page for more coverage of BTEX 2021.