Hosting Service Provider Selection Considerations

Why Cloud Brokers Make Sense

Different workloads perform differently on different cloud service providers. Enough so that it is prudent in planning to consider the optimal configuration and the optimal CSP for your solution. Consider this old word problem from years ago. One person can carry two buckets of water. It takes 5 minutes to fill the buckets and 5 minutes for one person to carry the buckets, empty the bucket and return to the well to get more water. The unit of work is one person and 10 minutes to move two buckets of water. If you have two people operating and assume they talk more because there is two of them let’s say, two people can move four buckets of water in 10 minutes and 30 seconds.

buckets-challenge

When will the two person team be ahead of the one person team in terms of units of work? It occurs by the 2nd trip or 30 minutes (8 buckets versus 4). Now you can in the end speed up the process in the wrong way (such as having a person filling the buckets for the person when they return from each round trip). But like CSP’s we have many options. The first and most immediate way to speed things up is to have two people moving the water. The next quickest way is to have more than four buckets and having a third person fill the buckets while the other two are walking. Of course, we can also have many more buckets and many more people to move this along even faster.

All of these are considerations in building out your cloud portfolio. For solutions that require speed and throughput you may select a different CSP than for solutions that require ubiquitous access (network and device), but don’t require speed. One of your selection criteria should be the value of the above equation. How much water does your workload need to move?

The Reality of Security

The next consideration is the reality of security. All the CSP’s I’ve worked with actually leverage a different security model. They all report issues the same way, but they use a different model both for evaluation of threats and protection of that. The more CSP’s you have, the greater your risk of missing something from a security perspective. This may be the single “why a cloud broker?” argument. The broker would connect to your enterprise and from there would abstract the cloud services you were connecting to. They may provide identity management services, and they will provide a unified security POS (Point-of-Sale).

Eventually, as the tools play catchup, the broker may even provide the great white whale of portability. The broker is giving you the ability to move your solution effortlessly between Cloud Service Providers without disruption of service or productive time lost.

With a broker, you can change the equation above. First off the broker will give you the ability to connect directly to the well without having people moving the buckets of water. So now you can pump water from the broker at a much faster rate. Secondly the security of the water is increased as it is under your partner’s control (broker) or your control longer. Finally, the broker gives you the ability to move your water source (eventually when the tools catchup) without having to dig a new well.

Cloud Diversification Strategies

Many analysts project that organizations will have more than one cloud and more than one type of cloud going forward. hybrid cloud represents a mix of one or more cloud types and one or more cloud providers.

multi-clouds

When customers ask me, I always tell them one thing. Every CSP you connect requires three distinct connections

  • Directory
  • Network
  • Security Operations and Monitoring

In the end a Hybrid Cloud solution that supports a private cloud solution, and two or more public cloud solutions would have three of each of the connections above. Or if you implement a cloud broker one connection for each – and you can continue to add CSP’s forever without making more connections.

It’s why in the end Cloud Brokers make sense. Please excuse me for a moment while I go back to bailing the water out of my basement.

By Scott Andersen

Gary Bernstein
Managing Your Internal IT Your company's internal IT team is responsible for keeping things running smoothly, and they deserve all the support you can give them. Here are ten ways to make their lives easier ...
Alex Tkatch
Best Practices for Designing and Executing a Product Launch Nothing in entrepreneurial life is more exciting, frustrating, time-consuming and uncertain than launching a new product. Creating something new and different can be exhilarating, assuming everything ...
Gary Bernstein
Most Dangerous Botnets While it’s no secret that the technical sophistication of cyber-attacks grows exponentially, adversaries often need widespread networks to make it happen. One of the ways to do that is to infect legitimate ...
Rahul
How to Start Your Cloud Career Cloud computing is the present. And it is the future as well!! In fact, a quote by Chris Howard says, ‘Cloud Computing is a spectrum of things complementing one ...
Harish Chauhan
Adopting a Multi-cloud Strategy Cloud has been in existence since 2006 when Amazon Web Service (AWS1) first announced its cloud services for enterprise customers. Two years later, Google launched App Engine, followed by Alibaba and ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.