In today's dynamic business environment, organizations face pressure to reduce cost, improve process efficiency, and drive financial growth. The "faster, cheaper, better" approach also flows down to technology. With the rapid advances of cloud technologies, IT directors and managers must balance the flexibility these services provide with the challenges posed by integrating and securing them with the internal corporate network.
Adding to the complexity are numerous authentication sources, legacy systems, and ever-changing customer and user requirements. A clear technology strategy that addresses cloud integration can help steer the tech ship through these challenges and add value to the organization.
Clouds of different sizes
Even for a mid-sized business, improvements in virtualization and centralized storage technologies make the creation of a private, in-house "cloud" within reach to most tech shops. On the flipside, that same downward cost pressure allows public providers (e.g., Amazon Web Services, Microsoft Azure, Rackspace, etc.) to offer financially attractive compute, memory, and storage services on an as-needed basis. Both of these approaches may fit different needs of corporate computing systems and functions.
Unfortunately, there is no "one size fits all" approach to cloud services. Many organizations take a hybrid approach, leaving some systems on the private side, and pushing others out to a public cloud. The focus then comes to integration and data flow between the clouds to make a seamless computing ecosystem that doesn't adversely affect the end user while still providing the financial and efficiency benefits.
The gold source
Once the high-level architecture has been laid out, the next and most important step is security. How will authentication and authorization take place? Where is the gold source for user information within the environment? Is there an internally managed LDAP like Active Directory? Is there an externally managed service? Which service starts the synchronization process?
Even a simple in-house Active Directory farm might sync out to a Google domain for email, or to an Azure domain for Office 365 services. It could even sync to another Azure-type domain in a public cloud. Many of the well-known commercial services offer integration options (OAuth2, Federation Services), but specialized or custom applications might require retrofits or additional modifications to fit the hybrid approach.
A sea of vendors
At some point in the process, organizations may turn to outside consultants or third parties to evaluate or assist with the implementation. Care must be taken to ensure that the outsider has the organization's best interests in mind. With the ease of bringing up a cloud service these days, the temptation towards the cheapest or fastest solution might result in a very insecure or unreliable system. A thorough vetting process, through a Request for Proposal, reference checks, and even a demonstration of the solution can help to alleviate some of these issues.
When all is said and done, the final solution should leverage the benefits of public and private technologies to provide a seamless, integrated computing platform. This in turn gives flexibility to the technology staff, and lays the foundation for a software defined infrastructure, based not on the location of physical servers, disk systems, and network components, but rather on the business needs of the organization and the applications that support it.
About the Author: Nicholas Takacs is the Chief Technology Officer for the Bethlehem Area School District, one of the largest public districts in Pennsylvania. He is working through a multi-year technology transformation to improve efficiencies, reduce costs, and lay a foundation for a continuing move towards cloud-based educational services. His talk, "Challenges of Cloud Integration," will be presented at Cloud Security World 2016.