In business, the term “exit strategy” pops up in conversations frequently – usually in the context of an entrepreneur selling off his company, or a venture capital (VC) investor cashing in his shares.
The term is important in cloud computing too. Companies that adopt cloud services cannot count on keeping their resources in the same place forever. They need to have exit strategies in place to either get out or change course as business conditions dictate.
Having an exit strategy does not necessarily mean abandoning the cloud as a hosting option. It does mean having a ready-to-go, validated plan to move from one or more hosting cloud service providers (CSPs) to another hosting platform or platforms.
Why Consider a Cloud Exit Strategy?
Having this strategy in place will help a company maintain business continuity and do a better job of capturing market opportunities. There are several reasons for this. An obvious one is a cloud exit strategy protects against recurring outages. While CSPs promise to provide a reliable and secure cloud experience, even the biggest players in the market – AWS, Microsoft Azure and Google – have reported outages in recent years. If this became the norm, a company would have to consider either changing vendors or setting up a system where one CSP fails over to another.
A second reason for shifting to a multi-CSP strategy could be to respond better to organizational business drivers. An organization could want to take advantage of cutting-edge technologies other CSPs introduce. Or, in an extreme case, the original CSP may decide to retire a hosting application, leaving customers to scramble for a replacement solution.
Regulations and laws can also force a cloud exit. One critical issue is data residency. For example, the European General Data Protection Regulation (GDPR) lays out rules for how to deal with personal identification information. If your SaaS provider is hosting this type of data in regions that are not allowed under the new regulations, you will need to find another provider. It is understood that the owner of the data is accountable for meeting compliance requirements –– not the CSP, who hosts the data, or provides the SaaS model. Transferring operating responsibility does not, as a consequence, give organizations relief from accountability.
In addition, having a ready-to-go cloud exit strategy increases your provider choices and therefore reduces the risk of vendor lock-in. This lets you take advantage of superior offerings and better pricing, and gives you more leverage in financial negotiations.
As a side note, avoiding vendor lock-in can also be achieved by designing applications to be more cloud agnostic, and data and applications to be more portable. This may be more difficult to do with existing applications that are being migrated, but for greenfield applications, it is a prudent approach.
Why Consider a Hybrid and Multi-Cloud Model?
A multi-cloud strategy might be the only viable option to meet an organization’s business and technology requirements. One reason is, no single cloud model can fit the diverse requirements and workloads across all lines of business, across all applications.
In addition, regulatory compliance and business requirements may call for a company to maintain a hybrid model for all cloud-based applications. For example, rules might necessitate that companies federate users with an identity provider and identity broker that reside on-premises.
Hybrid and multi-cloud models are clearly taking hold. According to Gartner, 90 percent of organizations will adopt a hybrid deployment model by 2020, reflecting what the researcher calls a “massive shift to hybrid infrastructure services.”
Where is the Cloud Exit Strategy Going?
There are many references to the viability of multi-cloud and hybrid model benefits. But there is very little mention of cloud exit strategies.
Frankly, there are not many frameworks and methodologies for exiting the cloud. Considering how organizations are so busy just maintaining existing operations, cloud exit strategies often get left out of the planning process. While organizations realize that migrated applications can generate revenue and be core to their business, they often do not deploy, validate or test an exit strategy at a production level, at a stage where it can make a difference.
But what do you do if you are relegated to a single cloud provider? What happens if something catastrophic occurs on that provider? What if a key service goes away on that provider? Depending on your business requirements, a hybrid/multi-cloud strategy may or may not be appropriate. If your organization decides to pursue such a strategy, here are some factors to consider in your planning.
Take Advantage of Hybrid and Multi-Cloud Models
By definition, the hybrid model should support data portability, which is one of the most critical and difficult tasks to achieve. The first step in a migration or transformation strategy should mandate the testing, assessment and validation of that critical functionality. Also, and by definition, hybrid/multi-cloud models must support application portability. Consequently, the technology and deployment model will support a cloud exit strategy, if it has been strategically considered and mandated.
To illustrate this idea with a simple example, let us look at a common hybrid deployment model. It involves an IaaS or PaaS application, deployed to a public cloud provider, while having its identity and access management (IAM) on-premises. This application can be deployed to another service provider at the same time, given that the necessary portability functionality has been executed.
Those cloud infrastructures will remain unique, but bound with technology, in this case, to enable data replication and synchronization. Both copies of the application are independently tied back to the on-premises identity provider and broker. This will meet both the hybrid and multi-cloud deployment models’ requirements, by definition, and will qualify as having a cloud exit strategy in place. The scenario provides a well tested and validated cloud exit strategy, in a well architected and deployed hybrid/multi-cloud deployment model.
A well architected and deployed hybrid model should in fact support the testing of a cloud exit strategy and the systems in place. One can state that any cloud deployment involving more than one provider, and/or on-premises resources, but does not support data and application portability, cannot be referred to as a hybrid or multi-cloud model. If that is the case in a current deployment, then a strategic and architectural review might be needed to correct the deployment. The business value has been overlooked here, for the simple reason that an exit strategy was not mandated in the cloud transformation strategy, nor was the implementation of the hybrid and multi-cloud design model well executed.
For critical applications, the deployment model should propose developing, testing and piloting applications in more than one service provider. This is not necessarily building applications in a cloud-agnostic way, but at least it is designing them to be run on providers who were selected as alternative hosting options in the transformation strategy. Alternative hosting options should always be considered as part of the transformation strategy.
In a more mature setting, revenue-generating and other critical applications should be run in at least two different service providers in production. This can be looked at as designing for high availability, in an active-active or active-passive mode, or as disaster recovery across two different providers. With hybrid and multi-cloud strategies in mind, an organization might also want to acquire or build the necessary skills to move toward developing cloud agnostic applications.
This represents the ultimate cloud exit strategy — to have applications ready to run independently, in any of the unique cloud infrastructures that make up the hybrid and multi-cloud models. This assumes that data and applications are portable, and that data is synchronized at any given time. It also assumes that the organization has acquired the necessary skills to operate the public clouds involved.
Viable alternative hosting options for critical cloud workloads should be provided as part of a cloud transformation strategy. Designing applications for multi-cloud and hybrid deployment can provide viable alternative hosting options and, consequently, a well tested and validated cloud exit strategy.
IaaS and PaaS critical workloads are not the only applications that can benefit from a hybrid and/or multi-cloud deployment model that integrates a cloud exit strategy in its totality. SaaS applications can benefit, too.
The most robust cloud applications are those built with a cloud agnostic and portability architecture in mind. The emergence of cloud agnostic tools, such as HashiCorp Terraform and ELK Stack, for writing and supporting those applications, has created more opportunities for developers. The steep learning curve of these tools and technology will present a challenge to most organizations, but it is important that they focus on obtaining those skills, given their long-term goals.
In contrast, using cloud native solutions can ease deployment and integration with services. The key here will be to have the core of the application architecturally agnostic, and to use cloud native solutions for supported services.
With some maturity level, architectural designs and business requirements can gain much from the hybrid/multi-cloud model. Benefits include high availability, business continuity/disaster recovery and avoiding vendor lock-in. One often overlooked advantage is that a ready and effective cloud exit strategy will enable organizations to run workloads using the latest technologies, and stay competitive in the marketplace.
Lastly, it is neither the technology nor the technical capabilities that are the missing components for building an effective cloud transformation strategy. It is the act of pursuing an exit strategy itself that gives companies the ability to take advantage of hybrid/multi-cloud deployment models.