Introduction
As cloud technology has become one of the most important modern technologies, companies and businesses choose to use it as their backbone infrastructure. Therefore, integration between systems, especially cloud hosted systems, is happening within many organizations. Building a system is complex, but integrating systems together can be even more complex. There are many considerations. Thoughtful planning is required for the integration to be successful. IBM outlined seven “more or less universal” steps that are critical for hybrid cloud integration (John Meegan, 2016): determine cloud deployment model for applications & data, integrate with existing enterprise systems, address connectivity requirements, develop governance policies and service agreements, assess and resolve security and privacy challenges, manage the cloud environment and backup and recovery plans
Determine cloud deployment model for applications and data
There are four types of deployment model on which the integration can be based: on premises, private cloud, public cloud or the combination of all three. In the planning process, organizations need to identify the cloud deployment model that will align with the business objectives and requirements. Within this first step flexibility, security, speed, automation, cost locality, service levels, and system interdependencies need to be considered. These criteria are extremely important to shape the whole process that may either speed up or slow down the integration work.
For example, Company A has a system that allows users to register and purchase products online. In addition, the online system needs to send out purchase transactions and user information to the internal accounting system for financial management purposes. Therefore, as the requirements stated, the online system will be the public cloud environment and the accounting system is the on premises system.
Before cloud integration begins, the technical team will need to identify the way(s) the cloud and on premises systems can communicate with each other. This analysis will examine all of the dependencies for this communication including: communication gateways, communication methods, and the communication code library of each system.
Likewise, the team will also need to figure out how fast the data can be transferred from the cloud to the internal system and what type of security will need to be applied for the data transaction to occur seamlessly
Lastly, Company A needs to identify all of the costs associated with this integration which can include writing extra components for the communication and integration, performing security audits due to the hybrid environment, etc. to estimate the budget and acquire & apply the best resources.
If the deployment model is not identified clearly and the resources are not calculated correctly then the risks of budget / schedule overruns and project failure increase significantly
Integrate with existing enterprise systems
Integrating with existing enterprise systems can be one of the biggest challenges for cloud integration. Each individual system has its own requirements for integration. By identifying all of the system requirements, the solution architect and developers can define all the challenges to identify the optimal solutions for each one.
In some scenarios, it is impossible to do integration with an existing system when it does not provide an API (Application Program Interface) or any open capability to perform the integration. Often when this scenario occurs, developers will build a wrapper layer to retrieve system data and transfer it to other systems. However, this method is very challenging and less effective when doing integration, especially cloud integration, due to the complexity of the process.
For example, some older legacy systems do not provide built-in methods to communicate with third party systems. In this type of scenario, developers must write their own application to retrieve information from the legacy system by reverse engineering the code and identifying how to extract the data. After the customized system is built, developers can create an API library for to integrate the destination system so data is sent and received effectively. This process may take months or years to complete making a less-than-optimal method of performing integration. It is even more challenging with a public facing cloud integration since extra security layers need to be added for data protection of both the old and new system
Address connectivity requirements
Connectivity requirements present another challenge when integrating systems. Some systems open their connections to the outside world, and some do not. Cloud integration requires system to be opened to the Internet or to a network of multiple connection points (Private Cloud). Therefore, a system with no outside connections will be a dead-end for the cloud integration.
Infrastructure for the communication between systems is another consideration when performing cloud integration. The speed, security and reliability of the communication infrastructure are determining factors of a successful integration. The infrastructure needs to have a good speed for data movement, great security for data protection, and excellent reliability for data availability. In the absence of a completely configured infrastructure, companies should reconsider cloud integration..
Government agency cloud integration is a great example of connectivity requirements challenges. The government has strict regulations and policies for access and security. It is challenging to create a cloud integration with its existing systems.
Many internal systems within the government do not allow external connections without proper security protocols are enforced. Therefore, the integration team needs to take carefully measure connection speeds and identify security protocols to ensure the internal legacy system and the external cloud system can be technically integrated in conformance with government protocols. In addition, an integration provider may need to obtain certifications before legacy system access will be approved and configured. Lastly, customizations may occur to build a better protection for connections among all systems that could provide a indirect access layer to the government sensitive data
Develop governance policies and service agreements
Before the integration is finished, an overall governance framework needs to be created to ensure the environment is managed correctly. It is very critical to have all governance policies and service agreements in place before the integration concludes. According to IBM, the processes to create governance policies should include:
- Assess existing compliance and governance frameworks, identify gaps and harmonize processes;
- Ensure thorough and efficient change management and communications given the potential of multiple cloud service providers;
- Allow adequate time to educate and habituate changes across the organization;
- Identify gaps in measurement and management visibility.
By putting all the governance policies and service agreements in place, an organization or business can manage and control the cloud integration much more effectively.
One great example about governance policies and agreements is when a company tries to integrate a long used legacy system with a brand-new cloud system that targets the same audience. Since the old system has been used for a while, governance policies and service agreements have been established around the old system. Before the integration occurs, the integration team should research and incorporate the old governance policies and service agreements, refine them as needed and / or create new policies around the new system to prevent among existing users and managers. This will help the transition to the new system happen more seamlessly and effectively.
Assess and resolve security and privacy challenges
There are always challenges for cloud customers in handling security and privacy for cloud deployment. These challenges involve the connections between the different environments, the movement of applications and data among the locations, and the organized control of assets across all environments. Therefore, security needs to be applied consistently across this whole system.
An organization should understand the interfaces between components running in private cloud services, public cloud services and on-premises and apply appropriate and consistent security controls to each of them to avoid implementation security mistakes such as incomplete security protection for a data breach problem, incompatible data encryption implementation, incorrect privilege control, etc.
In addition, a company should evaluate the location of all data sets in the integrated cloud deployment and ensure the application of consistent access controls and encryption.
Moreover, when migrating application components between environments, the integration team should check that the security controls in place for the new environment meet or exceed those in place for the old environment.
Lastly, a company should apply technologies across all the environments that are part of the integrated cloud deployment such as a single IdAM system or single sign-on.
Single Sign On (SSO) is one great example of a security challenge. Since the company allows a user to use one account to access multiple system, the security of each system within the integration must be planned and validated carefully. If one of the systems does not provide the same security level as all others, hackers can use this flaw to attack the entire integration environment.
This is the reason why many large systems get hacked due to one weak point (system) of the entire integration. Therefore, all security and privacy challenges need to be addressed and resolved as soon as possible, preferably before the production deployment.
Manage the cloud environment
After the integration is completed, service management in the cloud environments may be challenging because many cloud providers may not provide their own management processes and tools, or public cloud services may not be manageable from the traditional service management tools running in an on-premises environment.
Therefore, organizations should follow some processes to plan a management solution for their integrated cloud such as (according to IBM)
- Enable management of the complete cloud system, spanning all the environments used;
- Adapt and integrate existing on-premises management tools or consider new, cloud-based management services, based on cost and functionality;
- Look for APIs and integration points for management capabilities rather than fixed-function management applications.
Businesses and organizations should have a cloud management plan in place before any integration process begins to avoid managing associated problems and costs after the integration has finished.
For example, old systems may have their own management tools. However, these tools may or may not work on a completely integrated legacy – cloud system. Therefore, the integration team needs to write a new management tool for the whole system including all of the old and new systems. Additional cost and resources may be required for this implementation that need to be identified before the integration starts. It is very important that the integration architect review and predict all the management problems that might occur after the integration is finished to mitigate or avoid risks and cost overruns during the integration.
Consider a backup, archive and data recovery plan
Backup and recovery are very important for any enterprise solution. It is even more important with a cloud solution since the cloud is an environment that can expose systems to security issues with disastrous results.
Therefore, an integrated cloud computing environment requires careful planning of backup, data archive and disaster recovery mechanisms. An organization should monitor the frequency of backup and archiving as this will drive cloud service provider costs. In addition, a business should make certain legal agreements are in place, as necessary, for public cloud workloads and components.
Furthermore, an organization needs to determine what resiliency and backup capabilities are provided out-of-the-box for the cloud services portion of the hybrid cloud deployment, and ensure the cloud providers’ physical location is acceptable given legal and regulatory constraints for offsite backup and archiving of sensitive, proprietary or financial data. As one of the most important processes when perform integration among systems, a backup and data recovery plan should be considered before the integration starts.
Today, many cloud providers such as Amazon AWS, Microsoft Azure and Google Cloud Platform provide backup solutions with some extra cost. As cloud integration happens, it is a must for all businesses and organizations to use this backup service. In addition, local backups need to be created for internal systems also. Furthermore, organizations should do multiple level backups for both cloud and on premises systems to ensure multiple data protection layers. In case a disaster happens, organizations can restore their data quickly to avoid work corruption and data loss.
Conclusion
As cloud environments are dominating the current information technology infrastructure, cloud solutions and integrations have become basic requirements for many organizations. Cloud integration is a complex and complicated process that requires much attention to detail. By following in the 7 important steps for integration, companies can avoid many problems that may occur and perform integrations successfully. It is very important that integration teams plan all the steps, identify problems and figure out solutions before executing the actual integration. Doing so can save businesses a significant amount of time, money and resources.
Reference
https://www.ibm.com/blogs/cloud-computing/2016/07/hybrid-cloud-integration/