Business and commerce don’t have national boundaries. All that matters is the commercial interests of the parties involved in the business transactions. It is these business interests, that have fueled cloud’s exponential growth so far. However, some of the unforeseen situations could put these equations at great risk. The current war situation has several examples to support this. What if a cloud provider is compelled to stop service offering to customers of certain geography without prior notice? In that scenario, what is the way forward for the business, who are ultimately answerable to the end customers?
Cloud is one of the greatest innovations of our time. There are technological, economic, operational, security and many more benefits of cloud adoption. It is hard to even think of letting these benefits go. But, the basic reason why we are adopting cloud is to serve our customers and stakeholders better. If a cloud provider decides to stop the service, then this basic purpose of cloud adoption is lost. Not saying that we need to move away from cloud, but the need is to manage this risk actively.
Avoid concentration risk: Over-dependency on a single cloud service provider (CSP) increases the concentration risk. Bank of England’s survey of 30 largest banks and 27 insurers provides interesting pointers in this matter. The top two Infrastructure as a Service (IaaS) providers dominate the highest market share per the survey. Even before thinking of mitigating the concentration risk, organizations need to have a well-governed cloud adoption strategy. The governance function should track and make the adoption statistics transparent so that decision-makers can make the right decision. Even before cloud adoption starts, need to have clear rules, policies and guidelines set up to ensure cloud adoption is done in a controlled manner.
Cloud business continuity: Cloud itself has rich tooling for business continuity. Of course, need to plan disaster recovery using the cloud toolset provided by the cloud platform. But, also need to plan the provider outages. Architecting for failure is the key. For example: should a business-critical automation stop, what is the fallback mechanism? Is there a way to manually support the critical customer base?. Easier said than done, but need to think through beforehand as nothing much can be done after a disaster hits.
Adopt multi-cloud and hybrid cloud models: Having multiple cloud service providers is certainly a good option to mitigate the concentration risk. It is not easy to port workloads between the service providers. But having multiple cloud service providers will certainly help spread the coverage, avoiding complete blackout should there be a provider failure. Distributing workloads across multiple cloud service providers as well as on-premise data centers adds other architectural complexities but are needed to protect from complete failures.
Business and trade have great power to bring countries and cultures closer. It is the mutual dependency and constant communication that brings in the bonding. But there are factors such as war, which supersede trade and commercial relationships. International relationships are too important for trade to prosper. With cloud, a very much an international phenomenon, cross-national risk consideration is very important so that our end customer interests are protected.