We’ve all heard it. Security and regulatory compliance are issues in the public cloud.  And building a private cloud many say does not pass a cost/benefit analysis.  Given these hurdles, what is an enterprise to do?  Well, according to Datamation, 47% of enterprises are going to implement some sort of private cloud in 2013 regardless of perceived challenges.  And Gartner’s latest report on public cloud computing adoption, finds that global spending on public cloud services is expected to grow from $76.9B in 2010 to $210B in 2016.

It’s become increasingly clear that every enterprise will have at least one internal cloud and at least one external cloud in use.  As every enterprise architecture will be hybrid and multi-vendor, the better question is how to properly assess the enterprise portfolio to determine which applications and services are best delivered by public and private clouds.

Regardless of where you start on the path to cloud, design with the end hybrid cloud goal in mind.  You will need to consider many requirements in your plan, including scale and workloads you plan to support in both public and private clouds; cloud management policies, including but not limited to security and compliance; operations management; and a single pane of glass for self-service access to services and applications. Let’s take each of these one by one.

1. Scale, workloads and applications under management
Mapping out a strategy for applications and workloads under management means considering scale both in terms of deployment of workloads, and the scale of your planning, construction and operations. Planning with the strategic end-game in mind, combined with underlying scalable technologies and operating models all directly contribute to meeting scalability requirements.

When mapping out your hybrid strategy, consider the following in your application portfolio: low-hanging fruit to move to cloud, green-field opportunities around new applications, apps running into end-of-life, geographical and data center limitations, and maintenance and support costs.

2. Cloud management policies
Cloud policies should take into consideration all governance, compliance and security controls required to ensure the business operates properly.  Policy-based governance controls, based on an extensible meta-model, enable the creation and enforcement of an unlimited range of custom policies, which are critical for risk management while allowing innovation to thrive. They can and should be tailored to meet a variety of regulatory requirements. Examples include:

• Controls that limit user access to specific assets;/li>
• Managed deployment of workloads and data to authorized environments based on policies for PCI, HIPAA, etc.;
• Security zone compliance;
• Policies that enforce specific outcomes at various lifecycle events, such as startup, shutdown and SDLC code promotion;
• Configuration management.

3. Operations Management
With hybrid cloud, it is imperative to utilize a single management platform for the entire hybrid architecture.  A single control point for policies, scalability, orchestration, reporting, and more will allow IT to spend more time on tasks that contribute to business innovation and success, and less time to learning and managing a plethora of tools.  After all, IT Operations groups need to have line-of-sight visibility from applications to their underlying infrastructure to provide the availability, performance, and service levels demanded by business application owners and end users. However, this end-to-end contextual view is nearly impossible to achieve using traditional operations monitoring tools alone in dynamic cloud-based operating environments.  A single pane of glass cloud management platform that integrates traditional monitoring data with scaling policy allows operations to effectively ensure SLAs for application performance across hybrid cloud environments.

4. Self-Service Access
Providing teams with self-service access to all the applications, platforms, and IT infrastructure needed to do their work can drive tremendous time and cost savings across the enterprise.  By providing access to a self-service portal that will grow to accommodate assets that can be deployed across public and private clouds, developers can innovate quickly in support of the business. As the ease of user self-service grows, so too will the organization’s confidence in IT.

Hybrid cloud is a realistic and effective strategy to increase agility, accelerate the application lifecycle and mitigate risk throughout the enterprise, all while avoiding vendor lock in.  With this approach, enterprises can take a strategic approach to technology selection that supports the business and avoids getting mired in cloud war hyperbole.

• ActiveState Stackato(R) Private PaaS Makes Hybrid Cloud Real... Today
• Is the Cloud a New System Architecture?