IaaS Archives

Cybersecurity, Data Centre, Endpoint security, Hybrid Working, IaaS, Public Cloud, Remote Working, SDDC

How to secure the hybrid workforce

Following on from my blog ‘The Future is Hybrid’, this blog looks at securing the hybrid workforce. During 2020 many organisations raced to deliver remote working for their workforce, often at the expense of a level of security, that would have previously been unacceptable. Now that the dust has settled and many organisations have managed their risk in terms of remote working and multiple end point devices, it’s time to look at some of the specific technologies that can enable secure hybrid working as part of an overall hybrid working strategy.

About the Author

Melusi Phiri is a Senior Account Manager, helping clients of all sizes, across sectors to find and make best use of technology. Melusi can advise on the full technology stack, including cloud, application modernisation, security, networking and remote working solutions.

Decentralised security as a concept

When securing the hybrid workforce, an increasing number of organisations who have already adopted a cloud strategy are now moving toward a decentralised storage strategy that provides multiple user access, whilst offering potentially greater data security and business continuity. In this instance, data is essentially stored on 80 different nodes, but only 30 are needed to reconstitute that data, making the attack surface much less susceptible to cyber-attack and other related outages. The huge increase in demand for remote working over the last year has accelerated the move towards a decentralised cloud storage strategy in general. This kind of storage can offer benefits such as reduced cost, improved reliability, improved up-time and of course increased security.

Endpoint security

The realities of hybrid working and working from home, have presented organisations with a whole host of security issues. Endpoint security is a solution which is deployed on the user’s device (endpoint), which will prevent file-based malware as well as detecting and blocking malicious activity from trusted and untrusted applications. It can also identify and resolve security incidents and alerts. Responding to the most recent forms of ransomware attacks, the latest generation of endpoint security deals with fileless malware which exploits native processes to initiate the attack.

Citrix Share File is one example of a virtual data room product, which is equipped with a multi-level security system: the data is encrypted (the documents contain dynamic watermarks that prevent unauthorised dissemination) and access is only allowed via a two-step verification.

Access Security – Identify and Access Management (IAM)

Identity and Access Management (IAM) solutions administer user identities and control access to an organisation’s resources. It achieves this authentication through a single sign-on, making it user friendly; once the user is signed on, they can only access those areas that they have been given permission to do so via a user profile which is set centrally. An IAM system can track user activity and can detect any suspicious activity, communication or issues that might otherwise be missed. When on-boarding new employees, the profile can be quickly and easily set, so that the process is seamless. Ultimately this kind of access management can assist an organisation to meet industry compliance requirements.

Secure file sharing

Within an organisations the volume of data shared daily is significant and making sure it is kept secure, but easy to access, can be an onerous task. When considering hybrid working and the potential of multiple devices being used in multiple locations, this task is made even more difficult. Also, given the collaborative nature of data centric activities, files may need to be made available to users outside of the organisation, adding further layers of risk.

Often, when data needs to be shared quickly, business users often turn to consumer file sharing platforms, which will not meet corporate security and compliance mandates.

To offer an enterprise grade alternative to consumer based and email attachment files sharing options, there are a number of solutions on the market that provide the required level of security and accessibility. Below are just a few examples:

Virtual Data Rooms: providing an organisation with the ability to setup file share and synchronised services for their users easily and securely, offering a real alternative to large file sharing such as FTP. As the name suggests, a virtual data room is an online database where organisations can store and share confidential information. Traditionally these have been used to store the most confidential of information.

SharePoint: Probably one of the most recognisable data sharing products, Microsoft’s SharePoint offers a multitude of features combined with an excellent a level of ease of use that many other products find hard to compete with. Often combined with 365, it is sold as a document management and storage system.

Box: Very similar to SharePoint is Box, competing directly with Microsoft. It’s ease of use/setup, cost, and no requirement to use any of its other software set it apart from SharePoint.

Best Practice

Securing the hybrid workforce requires careful consideration of what technology is put in place and I have covered this many times before. However, a major cause of data breach is human error. The importance of employees understanding what behaviour is appropriate in terms of IT security is imperative, for any organisation, regardless of what technology is put in place to guard. Indeed, overzealous security measures can often take away that responsibility from the employee and impact by making processes a real chore – possibly putting the organisation at further risk by people trying to circumnavigate security for ease of use. By promoting ongoing awareness and best practice training, an organisation stands the best chance of avoiding data breaches.

Some areas to explore when encouraging a culture of security and best practice include:

Password Hygiene: enforce password changes on a regular basis and consider multi factor authentication; both are ways of adding security to your organisation’s data.

Email security: A massive growth area for phishing attacks in the last year; email best practice is an important part of the organisation’s security strategy. Comprehensive user training in being able to spot the various techniques employed by scammers via email. For the most sensitive of data, encryption apps should be considered, disguising information from potential hackers.

Endpoint devices: Equipping your workforce with the appropriate tools to do their work should be a key requirement for any organisation, ensuring that they are able to enforce restrictions for website, downloadable content, or applications; adding another layer of security. In addition, centralised software and antivirus updates can be rolled out remotely. It is key that considerations regarding the type of device and indeed the software upon it, are aiming to facilitate the user to do their job, rather than hinder them. This pre-empts employees either avoiding the device altogether or installing ‘Shadow IT’ where a better, none approved application is downloaded and used as it serves them better, ultimately putting security at risk.

The work environment: As well as making sure that your workforce has the right tools to do their work when working away from the office, it is important to make sure that they consider regular router password changes and multifactor authentication when logging on.

If, after reading this blog, you feel that it might be the right time to look more closely at how you are securing the hybrid workforce, having a partner who can help guide you through will be invaluable. Pendulum offers support and expertise to help you get the most out of your organisation’s infrastructure.

Please read my blog ‘building resilience in a hybrid workforce’, where I outline best practices around disaster recovery, business continuity and building in resilience into processes.

Pendulum is a leading IT company providing services, hardware, and software across the UK and internationally. For further information on securing the hybrid workforce or any other technology related issue, please contact me at mphiri@pendulum-it.com

About Us

Pendulum is a leading IT company providing services, hardware and software across the UK and internationally. For further information on remote working, public cloud hyperscalers, cybersecurity, modernising the data centre, HCI or any other area please contact your account manager or email info@pendulum-it.com

Cybersecurity, Data Centre, Hybrid Working, IaaS, Public Cloud, Remote Working, SDDC

The future of work is hybrid – but how do IT Teams best support hybrid working?

What does the hybrid workforce need from a technology perspective?

Events in 2020 have probably changed the way we work forever, forcing organisations to embrace technological change at pace, often without the usual timeliness, due diligence etc that would normally be applied. There’s been a revolution, forced by necessity, but hopefully it has allowed many to take a long-term view on how they do business for the future, realising the many benefits afforded by a digital strategy that embraces cloud technology. Also, business has had to assess how that impacts attitudes to employees; how they work and most importantly where they work from.

A lot has been written about how business has adapted and changed in the face of drastic restrictions; the growth in hybrid versions of previous business models, that embraces digital cloud infrastructure. Most businesses acknowledge that it is unlikely that we will ever fully return to a pre pandemic way of working.

The future, we feel, is indeed hybrid. I would like to take the opportunity, over a series of blogs, to look at what this might look like in terms of the technology and equally significantly, the workforce. How do IT Teams best support hybrid working? It is important to remember that the technology is only part of the shift to hybrid working, the workforce itself also needs to adapt and change, looking at the cultural shift which is, and will be, significant for some time to come.

About the Author

Cloud Technology

Making the move away from a traditional on-prem data centre infrastructure is one of the most significant decisions for an organisation to make. The benefits the move to the cloud brings are numerous; leaving behind heavy capital expenditure, large, hard to recruit teams of skilled workforce as well as managing the pending obsolescence of expensive kit.

The following benefits evidence why more and more enterprises are making the move to cloud infrastructure, either wholly or, as a hybrid version. These include:

Flexible and Scalable – Cloud infrastructure is able to scale on demand, allowing the enterprise to be agile in both times of high and low demand. Storage options can be easily configured, including a hybrid version, making use of existing on-prem services depending on security and regulatory requirements. The current three leading cloud service providers offer a high availability of storage, removing the issue of investing in more on-prem physical storage.

Enterprises are able to easily determine their own level of control with a wide range of as-a-service options, starting with Infrastructure-as-a-service (IaaS) which provides users with access to computing resources such as storage, networking and servers on demand. This service also offers the benefit of virtualisation of administrative tasks, freeing up resources for other work.

Continuing on with the as-a-service model, enterprises are able to stack services, including Platform-as-a-service (PaaS). Enterprises can test, develop and host applications, PaaS enables a focus on development without the worry of underlying infrastructure provision. Importantly, it also facilitates collaborative work including remote and hybrid working teams.

Staying with remote working, Software-as-a-service and Desktop-as-a-Service are both tools adopted by IT Teams to support a hybrid working environment. They are no longer bound by their own network infrastructure, have minimal setup and can avoid platform compatibility issues.

Storage

Cloud storage reduces an enterprise’s expenditure by providing data storage on remote servers, where it is maintained, managed, backed-up and accessed remotely. Importantly, it also allows that data to be accessed remotely, providing the permissions are all in place.

Decentralised IT (Multi Cloud Strategy)

Many organisations, in addition to moving to cloud based infrastructure, are moving further away from a single on-prem data centre and decentralising by using a number of cloud providers rather than relying on one. This multi cloud strategy allows the enterprise to choose the provider for its strengths rather than accepting its weaknesses. Greater flexibility and agility are achieved by spreading risk, taking advantage of a specific cloud provider’s strengths and competitive pricing.

Connectivity

As enterprises move to a hybrid working model, IT Teams are finding that a high performance, secure and agile wide area network (WAN) solution is paramount. Two network solutions that will offer users secure access are Virtual Private Network (VPN) and Software-defined-wide-area-network (SD-WAN).

A VPN, being the most established technology of the two, is an internet-based network, which allows users to turn a public connection to a private one. When connected to the VPN, it offers protection against surveillance or tracking. The user’s data is transferred to its intended destination by a network of servers that the VPN maintains, rather than the user’s internet service provider. The VPN encrypts the data, preventing it from being read by any unauthorised access.

SD-WAN, on the other hand, connects organisations via a number of transport media, such as broadband internet, LTE, 4G or MPLS. Its technology is able to separate different types of data traffic, based on security, authority and quality of service. This technology doesn’t use a traditional router, instead using the cloud exclusively, giving flexibility and bandwidth capabilities.

Which is best for your organisation, depends on business needs; both offer unique benefits. The key difference between the two is the software defining technology of SD-WAN.

In terms of cost, a VPN comes out as being the most affordable, in part through its simplicity, making it great for low site count organisations. However, as the question of maintenance comes up, a VPN requires more of it, and indeed the expertise to facilitate it, and this will increase in complexity should more sites be added to the organisations WAN.

In overall performance, SD-WAN takes the prize, VPNs suffer greater latency, due to distance between sites, with increases in demand effecting overall performance. Whereas SD-WAN offers dynamic path selection quality of service and application aware routing. As for latency, being cloud based, SD-WAN suffers no latency due to geographic distances. Reliability is good for both options, however, the failover security features of SD-WAN excel, automatically fixing outage problems by transferring connection to another network.

Access – Digital Workspaces or Remote Access Solutions

A significant challenge to enterprises that have already gone down the remote working route is in achieving an excellent user experience and productivity rates, whilst maintaining infrastructure visibility and security.

With the workforce no longer under one roof, so to speak, coupled with a multitude of devices being used to access data, it can quickly become an onerous task and one which is fraught with security issues and a real lack of visibility. Creating a digital workspace, is necessary – a connected workplace solution, which provides a familiar work environment that pretty much works any device. This also allows users to access their work applications and data via a single entry point rather than multiple sign-ins.

Citrix Workspace ONE is one such solution, providing a unified digital workspace for all employees, regardless of their location or platform. Combined with a secure internet connection, this kind of solution will achieve a much-improved workforce experience, higher productivity, increased IT visibility and a high level of security.

What is a Digital Workspace?

Putting it simply, a digital workspace allows an organisation’s employees access to apps and real-time data on any device, from any location, regardless of whether that information is stored in a traditional data centre, or on the cloud. Digital workspaces are integrated technology frameworks, designed to deliver and manage app, data and desktop functions. But digital workspaces are much more than remote access solutions, they are value-added, providing:

• A level of collaboration, where teams connect much easier and faster, sharing data and files more than previously done, regardless of their physical location.
• Security has also benefitted massively through digital workspace and zero-trust security, where an organisation shouldn’t trust anything inside or outside of its parameters and instead must verify everything before granting access.
• Resilient business operations, where risk is spread, allowing organisations to operate in the most challenging of situations and no longer conforming to traditional business hours.
• Integration with other technologies. The connections can be seamless allowing employees to connect through their chosen platforms, to all parts of the network, without the need for multiple logins etc.
• Cost reduction. With remote working being the norm, there is less need for commercial square footage and utility costs can be reduced significantly.

Collaboration

A growing number of organisations have embraced on-line, collaborative tools for some time now, being a valuable productivity tool. With last year’s challenges they really came into their own and we have seen a huge take-up from organisations and individuals alike, trying to survive whilst working in relative isolation.

Much more than video conferencing, collaborative apps offer co-workers, wherever they may be in the world, the visibility of the work being done and how their input is affecting the overall output, along with the assets they may need to do it with. It probably wouldn’t be too much to say, if you can imagine a tool to help, it probably exists.

Project management collaborative tools have the greatest market share, where projects and resources can be managed in one place. These tools range from the old favourites such as GanttPro, to relatively new to market, LiquidPlanner. Finding the right one for your organisation will prove to be invaluable and necessary when moving over to hybrid working.

When considering the right collaborative tool for your organisation, it needs to be stressed that no tool will be effective without the buy-in of the key players in the team. Without this it is likely, especially with learning curves, that people will resort to old ways ‘passing-on through sending emails’.

Hybrid Culture

Definition:

A hybrid workforce is a team of employees that have a flexible work structure. In other words, some team members work remotely while others work from a central workspace such as an office.

According to research by the Chartered Institute of Personnel and Development in September 2020, 40% of employers said that they expect more than half their workforce to work regularly from home after the pandemic and restrictions have ended. This potentially represents a significant shift in how organisations retain their current workforce and how they onboard new talent in the future.

It’s certain, when considering a hybrid workforce strategy alongside your digital cloud infrastructure, it’s not going to be the case of just sending a proportion your workforce home with a laptop. Based on the research so far, a percentage of businesses are looking for a mixture of both homeworking and office time. Indeed, the term ‘hybrid working’ comes from this desire to have the option of both home and office environments, rather than one of the other. This will present quite a challenge for organisations trying to balance those two things, whilst achieving the obvious cost benefits of remote working.
A significant culture shift will need to happen within those organisations that choose to go down the hybrid working road, establishing new ways of working and associated practices and policies.

Organisations who choose not to adopt hybrid working, and return to the old ways of working risk the possibility of high staff turnover and difficulty in recruiting talent; losing out to much more flexible organisations who do offer hybrid working.

If your organisation is competing for the best talent, then in the future you may be left with no alternative but to adopt a properly supported hybrid working policy. There’s no doubt that employees have enjoyed the obvious benefits of flexible working in the last 12 months, and will now be offered a real alternative to commuting and working in an office five days a week.

Making the move to Hybrid Working

Suggested key steps towards ensuring your hybrid working policy is properly supported by the IT Team:

Agree an overall strategic position on hybrid working for the organisation.
Define how hybrid working will look in your organisation including the possibility of different forms depending on job roles and teams.
Carry out a full engagement programme within your organisation, as well as the provision of training and development to support successful hybrid working.
Put in place a clear and comprehensive communication plan to share the strategy the organisation has in terms of its approach regarding hybrid working, including how employees can request a move to hybrid working.
Plan for and respond to the organisational implications of hybrid working on matters such as technology, employee wellbeing, inclusion and facilities.
Support effective team building and cohesion in hybrid teams.

I hope that you have found this blog useful. If, after reading this blog, you feel that it might be the right time to look further into the way your organisation’s IT Team supports the hybrid workforce, having a partner who can help guide you through will be invaluable to making the right decisions. Pendulum offers support and expertise to help you get the most out of your organisation’s infrastructure.

My next blog will be following on the theme of how to secure the hybrid workforce, discussing specific cybersecurity technologies that can enable secure remote/hybrid working.

About Us

Data Centre, IaaS, Public Cloud

Why public cloud hyperscalers are instrumental to resilient enterprise operations

As enterprises increasingly adopt cloud-based infrastructure, they need to ensure that they are resilient and robust enough to meet current and future demands. This resilience is required in areas such as network robustness, the ability to handle varying levels of demand, meet an ever-increasing expectation of user experience, cope with outage quickly and seamlessly, not to mention defending organisations from the increasing complexity of cyberattacks.

To meet these wide-ranging demands and provide a high level of resilience, many enterprises are looking towards using public cloud hyperscalers.

About the Author

Senior Account Manager, Jeffrey Magara helps Global Enterprise & SME clients to deliver consolidating, cost saving IT solutions and projects.

Public Cloud Hyperscalers

Having any level of cloud-based infrastructure for your enterprise will more than likely mean that you will already be working with a hyperscaler.

Essentially, hyperscalers provide cloud, networking, and internet services at scale, by offering enterprises access to infrastructure, via an IaaS model. A list of hyperscalers in the market today will include companies such as Amazon, Google, Microsoft etc. They dominate cloud services and are continuing to grow, as the demand for their services increases exponentially.

These powerful hyperscalers offer services through huge data centres that accommodate fluctuating and high demand. Indeed, their infrastructure is built on thousands of physical servers and millions of virtual machines. The end result, and advantage to their customers, is data centre resources that are easily accessible, cost effective, reliable, and scalable.

What’s more, today’s hyperscalers provide a level of performance way above traditional inhouse data centres. They also have a very clear view on the future, investing huge amounts of money, offering a level of reassurance to their customers beyond the dreams of an enterprises IT department. Microsoft alone have recently announced their investment of nearly $20bn, to build the infrastructure necessary to support its Azure cloud service. This should not only reassure Azure customers, but those of competing hyperscalers, as they are sure to be working on their own future proof projects.

With minimal level of commitment, many of today’s largest enterprises are already customers of all of the hyperscalers, allowing them to pick and choose services that best fit their business and, at the same time, avoid vendor lock-in.

Innovative Hyperscalers

Hyperscaler companies are working hard to offer their customers more reasons why cloud is the route to take. Some of the latest services offered demonstrate this and allow enterprises the opportunity to become agile and resilient without huge investment. Innovations of late include:

Serverless Computing
Allowing users to write and deploy code without worrying about the required infrastructure. Key benefits include: pay for only what you need, extend and scale to full-stack apps, automatic and instant scaling with usage increase.
Artificial Intelligence as a service (AIaas)
Ready-made AI services in the cloud on a pay as you go basis.
Containers (CaaS)
Allows faster app deployment, optimising resource utilisation, again available on a pay as you go basis.
Distributed Cloud
Expands the traditional datacentre-based cloud model to a system of cloud infrastructure components that are geographically distributed, benefiting performance, redundancy and regulations.
Edge Computing
Brings computer closer to the end user, minimising long distance communication between client and server, reducing latency.
Cloud Portability
Cloud portability tools that help you adopt multi-cloud strategies. Benefits include: no single vendor lock-in, easily switching clouds and inter-Cloud redundancy.

Coping with Legacy Infrastructure

One of the many challenges faced by hyperscalers and their customers, in particular, is how to integrate enterprise’ existing legacy systems with the cloud. This indeed will be a key challenge, as it will open up many enterprises who are either resisting the move to cloud, and or struggling with how they utilise their existing legacy system and indeed its applications. Aware that this is a barrier for many would-be customers, hyperscalers are investing in viable solutions.

Strategic Multi-Cloud Agility

As mentioned earlier, many larger enterprises have adopted a multi-cloud strategy in order to build up their IT resilience and continuous protection. This multi-cloud strategic approach benefits both resilience planning and overall service offering, making it highly beneficial.

Having the ability to store your data in different physical locations and different providers should ensure that you always have access to it, no matter what the circumstance is. This does of course rely on all providers to integrate with one another, allowing you to move data in the event of a problem, but having the flexibility to add and scale services in real-time.

Risk Management

Cloud deployments offer a myriad of benefits, and indeed mitigate many of the traditional data centre risks, however, cloud use does come with its own set of challenges. Further complexity and volatility is added. By their nature the public cloud involves large transactional volumes, open architecture and multiple vendors, all of which contain risk. Also, as mentioned earlier, there is the challenge of how to synchronise with an enterprise’s legacy systems.

To combat these challenges and ensure business resilience, enterprises need to create a comprehensive strategy to cover everything including, provisioning and day to day management of potential multi-cloud environments. Having a clear view of what the enterprise’s critical applications are, will help make sure resources are focussed on protecting them.

Selecting the Right Hyperscaler

When looking to choose the right hyperscaler for your enterprise, due to the very nature of what they offer and how they integrate into the very core of your enterprise, you should be looking for a partner rather than a supplier. Afterall, this should be a vital strategic move for the enterprise.
Some key areas to think about when selecting your hyperscale partner are:

Consider your existing architecture, technologies and operating systems when selecting a provider.
What are the specific needs of our enterprise in terms of cloud infrastructure? There will be some cloud hyperscalers who better suit particular industries
Consider using more than one cloud hyperscaler. As mentioned earlier, many enterprises have strategically spread their risk by using more than one.
Do you utilise the provider’s platform services or build and maintain your own?
Opportunities to co innovate; Hyperscalers are sometimes willing to partner with customers to build new services, in niche fields.

What is very clear, for enterprises to make the most from cloud computing, they need to understand what it is they wish to achieve, identify their critical applications and have the backing of the board. Many organisations have suffered from an experimental mindset, stalling the project, as no clear direction has been set. Others struggle to make a clear business case. With the advent of the COVID-19 crisis, it has been a wakeup call for many enterprises, of the importance of systems resilience, agility and scalability.

To gain the advantages of the cloud, there needs to be a high level of commitment to migrate and scale the majority of the enterprise’ workloads, this is where the true business value is.

If your enterprise is looking to take greater advantage of cloud-based infrastructure, or indeed make the first moves towards the cloud, having a partner who can help guide you through will be invaluable to making the right decisions. Pendulum offers design services for Google Cloud Platform, AWS and Microsoft Azure, along with support and expertise, to help you get the most out of your organisation’s cloud infrastructure.

About Us

IaaS, Public Cloud

Controlling your AWS costs

Pendulum IT helps you control your AWS costs

Cloud is the way forward

Cloud and a virtualised data centre are compelling for so many reasons, however, reducing infrastructure costs is one of the most significant considerations, and one that would certainly win your board members over. That said, experience suggests, alongside the substantial cost reductions that can arise from using cloud services, there comes the potential for costs to spiral if left unchecked. This is particularly true when we look at over-provisioning.

About the Author

But don’t over-provision

Many organisations lose control of their cloud costs when deploying non-production instances, say for use in development, staging and testing. As you get further into the complexity of the AWS environment it becomes harder to easily identify where you are paying for unnecessary services and what can be optimised. Reserved instances are one area where it becomes a little trickier to identify when buying more will be cost effective, or indeed removing those that are redundant. Recognising that migrating your old instances, for example, may not be the best strategy; taking a new approach to carefully proportion services in this new environment could provide significant savings.

Get a clear picture of where your spend is going

Determining where most of the AWS spend is going to is a good starting point. Having this overview of charges, or rather services, you can then focus on elements that are producing the most charges. Then identifying those that can be scaled down and those that justify their spend – just bear in mind this is a moving feast. Depending on the service, there are many AWS tools that will allow you to manage services effectively, as well as set budgets. In addition, there are some third-party tools that will help you learn and analyse usage patterns and make amendments. However, as you might expect, it isn’t always as simple as that, especially when you consider pricing fluctuations. Buying in advance based on expected use may catch you out when/if AWS discount that service in the future, resulting in you paying more for something you’re not actually using.
Being armed with a good understanding of the AWS services used and their relative costs will allow you to start rationalising your overall service plan. As mentioned earlier AWS provides tools to do this; from understanding where you might be exceeding your AWS Free Tier allowances, to the AWS Cost Explorer where you are able to drill down from high-level usage to a granular level.

Next steps
By having an understanding of where your resource needs are at their highest and where unnecessary costs lay using the filters on the AWS Cost Explorer, you will be able to make service level changes. The following are some of the areas you will be able to concentrate on:

Identify Amazon EC2 instances with low-utilisation and reduce cost by stopping or right-sizing
Identify Amazon EBS volumes with low-utilisation and reduce cost by snapshotting then deleting them
Analyse Amazon S3 usage and reduce cost by leveraging lower cost storage tiers
Identify Amazon RDS, Amazon Redshift instances with low utilisation and reduce cost by stopping (RDS) and pausing (Redshift)
Identify Amazon RDS, Amazon Redshift instances with low utilisation and reduce cost by stopping (RDS) and pausing (Redshift)
Review networking and reduce costs by deleting idle load balancers
Review networking and reduce costs by deleting idle load balancers
Review and modify EC2 AutoScaling Groups configuration
Use Reserved Instances (RI) to reduce RDS, Redshift, ElastiCache and Elasticsearch costs
Use Compute Savings Plans to reduce EC2, Fargate and Lambda costs
Cloud Usage Policies

Usage policies provide the guidelines under which companies operate in the cloud. As well as safeguarding the integrity and privacy of company-owned information, cloud policies can also be used for performance management, financial management, network security and ultimately cost optimisation.

Performance management policies allow the organisation to specify performance thresholds for Virtual Machines and storage volumes so you can monitor for under-utilised and over-utilised assets. Under-utilised Virtual Machines and storage volumes should be downgraded for cost efficiency, while over-utilised assets should be upgraded to avoid performance issues.

To make sure that your cloud policies are effective, it is essential to have total visibility over your cloud environment, so that you fully understand what assets your company has deployed in the cloud and how they are being used. Applications such as VMware’s CloudHealth gives total visibility and the tools to analyse costs, usage, performance, and security, to help you to make informed choices when applying cloud policies. CloudHealth then automates governance of your cloud policies to provide continuous monitoring – alerting you to events that require your attention, or that may require you to revisit your policies as your presence in the cloud evolves and grows.

Through AWS’s Management Console you are able to specifically apply identity based policies, which can be set by group or indeed individual level.

Discounts
The two most obvious ways of gaining discounts for your AWS service are by consolidating your business accounts to hit volume targets, or by buying Reserved Instances way in advance. The benefits of both routes are negated if you are a smaller business or if your usage concentrates in none-production resources.

Even for those organisations who do qualify for volume discount, it may well be worthwhile consulting with your cloud services partner, who should have a very good view of where discounts/cost reductions can be gained.

Finally, the automation of switching off non-production resources when not in use will result in immediate savings and is a policy that will ensure overall costs are kept to a minimum.

Partnering
There’s certainly a lot to consider when looking at how you can control your overall AWS costs, and hopefully this blog has given you some insight into some of the areas where cost efficiencies can be made. As with business in general, usage and requirements will fluctuate. Some users will not ensure that services they don’t need are downgraded or switched off. This can be a daunting prospect to businesses wanting to make sure that their cloud service is the best it can be for now and in the future, without paying the earth.

One way of making sure that costs are controlled is by having an effective cloud services partner. A cloud services partner who is an approved vendor for your cloud service and provides a skilled technical team, will help optimise your cloud infrastructure, software or storage through their expertise.

When selecting a cloud services partner, you need to consider that they have a wide knowledge of different services offered by the vendor and can advise you on best practices, as well as provide you with migration support and architectural planning; all of which are scalable. With your partner in place, you can better focus on your core business, while they optimise your cloud for you.

Pendulum IT helps you control your AWS costs - moving graph

About Us

IaaS, Public Cloud

Which Public Cloud Vendor’s IaaS is right for my Business?

Public cloud service, used by the enterprise sector is growing exponentially, with an expected overall spend of $304.9 billion in 2021 _Gartner _{November 2020}. There is no doubt that the Covid crisis has accelerated the move to cloud based services during 2020, however, projections for the next few years are showing that many enterprise strategies will remain and increase their reliance on such cloud infrastructures, rather than the traditional in-house server.

Man thinking about this cloud IaaS options

The benefits to cloud based services for enterprises are many; including no capital expenditure, it’s flexibility in upscaling/downscaling to fit in with fluctuating business demand and, as we have seen over the course of 2020, the flexibility over remote access. Security is also a key factor in making the decision to move cloud-ways, as the threat is indiscriminate and costly to maintain defences and continuity.

About the Author

The public cloud market is broken into 6 main areas:

Cloud Business Process Services (BPaaS) ‘business process as a service’

Cloud Application Infrastructure Services (PaaS) ‘platform as a service’

Cloud Application Services (SaaS) ‘software as a service’

Cloud Management and Security Services

Cloud System Infrastructure Services (IaaS) ‘infrastructure as a service’

Desktop as a Service (DaaS)

The type of cloud services we will focus on in this blog are Infrastructure as a Service (IaaS). This particular segment of the market is expected to reach $65m in 2021 and $82m in 2022 _{Gartner Nov 2020}.

As with any emerging market, there is an increase in cloud service providers, making it a moving feast in terms of service provision. Currently there are 3 cloud providers who own around 59% of the IaaS market _{Canalys Feb 2021}. Coming in at no.1 is Amazon’s AWS, followed by Microsoft and then Google. Another provider hot on their heels is Alibaba Cloud. What sets these providers apart from other competitors in the market, is their completeness of service and flexibility. However, it is important to remember that one solution does not fit all. As with other IT solution providers, some cloud services are more suited to specific industries than others, so it is important to understand strengths and weaknesses and what suits your infrastructure needs.

Breaking it down by provider

Amazon Web Services (AWS) is a cloud service provider that uses Amazon’s own infrastructure and experience. Rather than being a division of the company, like Microsoft’s Azure, AWS is a subsidiary company of Amazon. All the storage and computing resources come from a distributed network of data centres, spread across the globe, to facilitate less latency and a better experience for end-users.

AWS is the hosting service provider of choice for a lot of global enterprises and well-known companies, including Netflix, Facebook, and the BBC; which will no doubt give many other enterprises the confidence to use the same.

Although AWS is a force to be reckoned with there are signs of it slowing against its competitors: Microsoft, Google and Alibaba, who are growing at a much faster rate. Plus, there is also an indicator suggesting that many companies prefer to spread their risk when it comes to cloud services and choose more than one provider.

One of the oldest in the market with over 12 years of experience, AWS offers a number of features and benefits that make up their Infrastructure-as-a-service platform. Responding to market pressures and their competitors, AWS have recently changed to on-demand billing for services used, making them a much more attractive option as IT business leaders look for more cost effective solutions.

AWS Features

There are 4 main services to its clients.

Storage and content delivery
Compute services
Database
Networking

Tried and tested Amazon products like active directory and AWS CloudHSM’s key storage, allow AWS customers to generate and use their own encryption keys via the AWS Cloud.

Benefits of AWS

A partnership with AWS will allow customers access to the following benefits:

Broadest range of cloud service offerings for enterprise businesses over competitors
Increased business agility
Customisable EC2 compute engine
A number of EC2 integrations, like Elastic Beanstalk for container service and Lambda
Services a number of high-profile, blue chip customers
Geared toward open source developers
Supports commonly used development languages
Can be deployed anywhere

Cons

Depending on the comfort level of enterprise businesses with AWS services, a steep learning curve may exist
Enterprise level support must be purchased
AWS was late to get on the on-demand billing for services bandwagon
AWS doesn’t have a strong hybrid cloud strategy for those businesses that want to keep sensitive data in a private cloud
The wide catalogue of offerings can be overwhelming and difficult to navigate for some users

Microsoft Azure

Despite Azure’s launch being sometime after AWS in 2011, it is considered to be hot on AWS’s heels, vying for top spot in the market. Microsoft Azure has quickly built a leading reputation.

Azure Features

Build websites in the cloud, using common programming languages
Integrations include Windows Server and Linux Virtual Machine
Migration assistance
SQL database support
Focal point is Virtual Machine capabilities supported by tools that include Cloud Services and Resource Manager
Machine learning

Benefits of Azure

Quick to deploy, operate, and scale
Increases business agility
Has the bandwidth to take your business global
Visual Studio development environment built in
Supports integration
Supported by secure login with Azure Single Sign-On
Microsoft is no stranger to industry compliance standards
Deploy anywhere

Cons

Outages have occurred causing experts at Gartner to suggest a good disaster recovery plan for Azure users
Functions seem limited when compared against AWS
Set up to support Windows; if you want to run something else Azure may not be the best option
Requires enterprise management from customers

As mentioned above, the occurrence of outages isn’t limited to Microsoft Azure. However, Microsoft has gone a long way to inspire confidence and trust in enterprise businesses, fulfilling its reputation for high quality service.

Microsoft’s culture and position as a long-time leader in technology means Azure, by design, caters to the needs of various industries and their unique specifications.

Google Cloud Platform (GCP)

An industry trailblazer in web based services and internet, Google dominates in the deployment of web-based services. Does it offer something different from the top 2? It’s innovation and open source background would suggest Google Cloud Platform (GCP) might have an edge.

GCP Features

Google’s cloud suite of tools includes:

Google App Engine to build apps within the cloud
Supports common coding languages
Open source cloud environment
Offers robust data analysis
Google Cloud Bigtable no SQL database supported
Emphasis on big data tool suites
Allows users to create single-purpose functions that decrease the need for management
CloudKMS offers security via encryption
Cloud storage is a RESTful service for storing and retrieving data
Migration assistance

Benefits of GCP

Google Cloud offers the following benefits to customers:

Quick deployment and access to updates and functionality
Increased business agility
Continuous improvement allows Google to update the cloud without disruption to users
Primed to facilitate collaboration
Ownership of data
Scalable
Deploy anywhere

Cons

Supporting large, enterprise projects has not been a focus for Google, unlike companies such as Microsoft
Outages have made some wonder if the product is reliable
Range of functions lacks innovation
Google is a forward-thinking company with a lot to offer enterprise businesses. However, they have their hands in so many small project innovations, which means limited options for larger companies.

Reassuringly Google Cloud’s policy for users to extract their own data in Google apps should they decide to move providers in the future may well help potential users make a decision. This is not the case with other providers, where it can become very expensive to extract data, should you choose to move providers.

Industry Specific Cloud

Optimised and customised ‘Industry-specific Cloud’

In recognition of the differing needs of businesses when it comes to infrastructure, industry-specific clouds have been tailored to fit the typical requirements and specific needs that customers will experience in daily operations inside a vertical market, where a general cloud offering does not.

These tailored clouds are engineered to be delivered with specific performance optimisations, but also with customised functions that are tuned to specific operational, legal, regulatory, commercial considerations found in a customer’s specialised market.

Among mainstream providers, investment is increasing in industry specific cloud, as growth in the market for general-purpose cloud computing has lessened, prompting public cloud vendors to address industry-specific needs in order to maintain growth.

Industry specific cloud solutions from the ‘leading three’ public cloud providers act as a bridge to their fully matured cloud solutions for businesses requiring additional options or features.

Summing up

Today, the clear market leader in functionality depth and breadth is AWS. This is partly because they have the maturity in the market and the experience to deliver, but competitors like Microsoft and Google aren’t too far behind.

In particular, Microsoft continues to gain headway on AWS. This is especially true because they are a trusted name in enterprise computing with a reliable model for those that already use Microsoft products or languages across the enterprise organisation. Google also has a lot to offer in terms of innovation and might be a good fit for those in the open-source cloud community, that focus on smaller projects.

The public cloud market is still developing, and the last twelve months has certainly given it a boost – and indeed an indicator as to where enterprise infrastructure provision is going.

The main 3 competitors in the market offer solid provision and that is borne out by their client lists and their increasing market share. What is also apparent are the risks of getting tied in with the wrong provider, especially if you require a greater level of support or your business no longer fits the service provision you’ve signed up to and you wish to extract yourself.

Reassuringly, it appears that industry specific cloud is well on its ascendency, making the choice of provider a little easier. However, when it comes to cloud technology, it’s one thing to choose your provider and another actually making it happen. We would advise businesses considering the move to cloud to have a third party who understands your business needs and can map those needs to your technical environment. With AWS and the larger providers, even if you get someone on the phone, they will likely not know your environment or your business. This causes delays in fixing any issues you have and more often than not will lead to business consequences.

Pendulum IT works with leading public cloud providers including AWS, Microsoft Azure and Google Cloud Platform (GCP) and is well positioned to help customers plan, migrate, optimise and manage their cloud infrastructure over the full lifecycle of IT projects and business requirements.

About Us