For several years, cloud computing has been the focus of IT decision makers and corporate bean counters, but many security-conscious businesses have been hesitant to move data and workloads into the cloud.
Now, with the underlying technology behind cloud services available for deployment inside organizations, a new model of cloud computing is gaining a foothold in business: the hybrid cloud.
What is hybrid cloud?
There's a lot of confusion around what is truly meant by the term 'hybrid cloud'. According to Forrester Research principal analyst Dave Bartoletti that's likely due to its origin: "The term hybrid cloud was pretty much invented by vendors -- it wasn't invented by clients." Carl Brooks, an analyst at 451 Research, agreed that the term hybrid cloud was misleading, noting that there was a lot of marketing hype behind it.
What customers want to do is simply use multiple clouds, Bartoletti said. From conversations with clients, Forrester offers the following working definition: "One or more public clouds connected to something in my data center. That thing could be a private cloud, that thing could just be traditional data center infrastructure."
Under this definition, hybrid cloud is the combination of one or more public cloud providers (such as Amazon Web Services or Google Cloud Platform) with a private cloud platform -- one that's designed for use by a single organization -- or private IT infrastructure. The public cloud and private infrastructure, which operate independently of each other, communicate over an encrypted connection, using technology that allows for the portability of data and applications.
The precision of this definition is quite important: The public and private clouds (or infrastructure) in a hybrid cloud arrangement are distinct and independent elements. This allows organizations to store protected or privileged data on a private cloud, while retaining the ability to leverage computational resources from the public cloud to run applications that rely on this data. This keeps data exposure to a bare minimum because they're not storing sensitive data long-term on the public cloud.
451 Research's working definition is slightly different. According to Brooks, the firm defines hybrid cloud as: "Two or more disparate cloud computing environments that are used in conjunction to serve a workload or an application in concert through a single management plane."
The key here, Brooks said, is the single management plane. If an organization has its storage on one cloud, and its compute on another, but its admins have to make the two work together manually, that isn't necessarily a true hybrid cloud. When it comes down to it, Brooks said, a true hybrid cloud is rare, and only about one in 10 enterprises have it. Many of the others are pursuing a simple multi-cloud strategy, or they are just managing a bunch of different environments.
The benefits of going hybrid
With the hybrid cloud model, IT decision makers have more control over both the private and public components than using a prepackaged public cloud platform. Or, as Brooks said, "you get everything that you want." This includes increased efficiency and the flexibility to meet disparate needs, he added.
This provides the added benefit of paying for the extra compute time only when these resources are needed. Accordingly, for businesses that have milestones throughout the year where an exceptional amount of compute time is needed (tax season, perhaps), extending to the public cloud is a cheaper proposition than building out a private infrastructure that sits idle for most of the year.
"It lets you pick the right cloud for the right workload," Bartoletti said. "It doesn't artificially limit you."
Building a hybrid cloud with private infrastructure that's directly accessible -- in other words, not being pushed through the public internet -- greatly reduces access time and latency in comparison to public cloud services.
Another benefit of this hybrid cloud model is the ability to have on-premises computational infrastructure that can support the average workload for your business, while retaining the ability to leverage the public cloud for failover circumstances in which the workload exceeds the computational power of the private cloud component.
Building out the private end of a hybrid cloud also allows for flexibility in server designs. This gives companies the flexibility to provision rapid and archival storage at a likely lower cost. Combined with the availability of a host of new SSDs and helium-filled hard drives, data storage can be achieved without the use of backup tapes.
Where hybrid doesn't work
Although hybrid cloud provides several advantages over the public-cloud-only, it still suffers from the same privacy and security issues that plague the popular perception of public cloud platform providers. Allowing information to be transported across a network that can be subject to third-party interference or tapping is, to many organizations, an unnecessary and unacceptable security risk.
In addition, hybrid cloud -- as well as public cloud -- is a poor fit when data transport and latency are mission-critical factors. For example, Tatsuya Kimura, the head of international affairs at the Japan Meteorological Agency (JMA), has questioned whether it's possible to offload weather prediction data to the cloud.
Currently, the JMA supercomputer is a Hitachi-designed 847-teraflop system that helps the meteorologists determine whether a tsunami warning should be issued following an earthquake. It's also used to predict earthquakes in the Tōkai region, where the tectonic movement is particularly well understood. As these predictions are intensely time-critical, attempting to offload this computational workload to the cloud is not feasible.
Then there's the issue of money. Organizations operating on a tight IT budget might struggle to implement a hybrid cloud solution, as the upfront cost of the servers at the private end is substantial. Also, the needs of smaller businesses can probably be served adequately using a public cloud provider.
Another issue, said 451 Research's Brooks, is the "humongous complexity" brought about by the hybrid cloud. Customers absolutely need to "live and breathe, and sink or swim in this automated world," he said. You also need the talent and the skills to be able to understand the different environments and to marry them together. Brooks added.
If admins aren't on the same page, and teams aren't unified in their rollout, companies could also end up creating more silos, said Forrester's Bartoletti. For example, companies could end up with one team managing AWS products, one managing Azure, one managing Google Cloud Platform -- creating new and unwanted levels of complexity.
Who uses hybrid cloud?
The industries that are moving to hybrid, Brooks said, are the ones that are already inclined toward cloud-native, such as media and finance.
Hybrid clouds are frequently deployed in the financial sector, particularly when proximity is important and physical space is at a premium -- such as on or adjacent to a trading floor. Pushing trade orders through the private cloud infrastructure and running analytics on trades from the public cloud infrastructure greatly decreases the amount of physical space needed for the latency-sensitive task of making trade orders. This is crucial for data security, as well. Threshold-defined trading algorithms are the entire business of many investment firms. Trusting this data to a public cloud provider is, to most firms, an unnecessary risk that could expose the entire underpinnings of their business.
Assembling a private cloud to handle a standard workload, with burst compute offloaded to the public cloud, can be a long-term, budget-friendly arrangement.
Hybrid cloud technology is also widely used in the healthcare industry, as the need to relay data between healthcare providers and insurance companies for hundreds of thousands of patients is a daunting task. Compliance with HIPAA (the Health Insurance Portability and Accountability Act) in this regard is a regulatory hurdle, since compartmentalizing information to comply with HIPAA over not disclosing protected health information requires extensive permissions settings.
For similar reasons, law firms utilize hybrid cloud infrastructures with private elements, often as encrypted offsite data stores, to safeguard against the potential for loss due to theft, hardware failure, or a natural disaster such as a hurricane destroying the original documentation or evidence.
Retail sales is another industry that makes use of hybrid cloud services. Transporting sales information, and the analytics derived from that data, is a computationally intensive task.
Hybrid cloud can be an effective solution for a businesses with a tight focus on security or unique physical presence demands. Although there's seemingly less risk in a hybrid cloud model, a connection to the public cloud does have data security implications. This, however, is true of almost any public network communication.
And while the upfront cost of server hardware for the private end of the hybrid cloud is high, the control that IT departments can wield over hardware selection and system design for the private component offers an invaluable way of properly tailoring resources to the business's needs. Assembling a private cloud to handle a standard workload, with burst compute offloaded to the public cloud, can be a long-term budget-friendly arrangement.
Ultimately, hybrid cloud allows organizations to leverage public cloud pservices without offloading the entirety of their data to a third-party data center. This provides a great deal of flexibility in computing tasks, while keeping vital components within the company firewall.