- 5 network automation startups to watch
- 4 Security Controls Keeping Up with the Evolution of IT Environments
- ICO Warns of Festive Mobile Phone Privacy Snafu
- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
Pillars of successful multi-cloud application platforms
Software development teams can transform or constrict a modern enterprise in today’s digital economy. As such, many organizations are starting to invest in enhancing the developer experience, understanding that a frictionless process can improve business outcomes and drive higher performance.
Organizations encounter friction when shifting gears to cloud and multi-cloud, especially as they scale – and amplified when coupled with the adoption of Kubernetes and open source.
Many organizations stumble into multi-cloud when autonomous business units within the company start using these technologies on their own, considering only their unique business needs (as they should) but typically without corporate standards top of mind, as each business unit dives in, islands of tech stacks, tooling, and processes form, creating development, security, and operational challenges.
A lack of holistic strategy towards tools, processes, talent, or management can create silos, inconsistencies and can create more manual hand-offs and longer wait times on the path to production. Companies cannot achieve the agility, cost savings, or performance benefits of multi-cloud. Instead of advancing their cloud objectives, they create unmanaged risks and add more friction to software delivery.
McKinsey studied the pipeline problem and noted that with proper execution, companies achieve “developer velocity” — namely speed — when they master the tools, culture, product management, and talent management. Of these, McKinsey explains, “best-in-class tools are the primary driver of developer velocity.”
“Companies that excel in providing the right tools, culture, product management, and talent management not only develop software faster but also deliver significantly stronger business outcomes,” concluded the McKinsey report. Companies that remove “points of friction and unleash the full potential of development talent can achieve 60% higher shareholder returns and 20% higher operating margins.”
Why haven’t more firms resolved their snowflake approach to software development and delivery issues with so much at stake?
For one thing, the landscape of software development has increased in complexity every year. Even tools that aim to provide more flexibility, such as Kubernetes and containers, have a significant learning curve and are only part of the puzzle. Many companies are yet to invest in the right tools, talent, or practices to harness multi-cloud and tame its management complexity.
Yet, looked at another way, multi-cloud provides a compelling opportunity for the Development, Security, and Operations teams to align and modernize their approach to building, managing, and securing cloud-native applications.
Three pillars to mastering multi-cloud application platforms
To master multi-cloud, reduce risk, and remove friction from development processes, we advise enterprises to develop their capabilities and resources in these three essential areas.
1 — platform teams: An evolution from siloed technology teams to a multidisciplinary platform team responsible for building and running a set of services and tools for developers to build and run applications that drive business revenue. They’re the glue that connects your development team, IT infrastructure and operations team, and security team, but they also manage the requirements from business stakeholders. A good platform team acts with a product mindset; treating their development teams as customers and managing their platform like an internal business within a business.
A platform team functions most efficiently when it obtains visibility into all facets of DevSecOps — to make real-time adjustments to projects in the development pipeline. To accomplish this, a platform team requires a unified data management model that consolidates inputs from disparate sources, the ability to correlate disparate data to an application, and generate dashboards to share with key stakeholders.
A platform team measures what matters for the organization, including KPIs related to the performance and outcomes for the business lines they support, the adoption of the platform services, productivity and effectiveness of the developers using the platform, and metrics related to reliability and security compliance.
2 — cloud-native architecture standards: Many organizations begin their Kubernetes journey in the cloud with one of the many managed Kubernetes services available. This helps the process of getting started and after an initial learning curve, an app team can be up and running. Kubernetes and containers bring new layers of abstraction to the application environment that can improve resource utilization and separate additional infrastructure concerns from the business logic, enabling accelerated development and delivery cycles.
With multi-cloud Kubernetes use, organizations must consider the adoption of platform capabilities that are uniform across different technologies to provide a consistent developer interface, the standardization of templates, and secure supply chains lower the learning curve of Kubernetes best practices and operationalize DevSecOps practices. Consistent Lifecycle and policy management across disparate Kubernetes is needed for operational efficiency and compliance. These capabilities enable you to have a faster, and more secure path to production for your applications in a manner that is flexible and adaptable to your business.
3 — enforce guardrails: Achieving developer velocity is a crucial objective for a modern enterprise. But the real trick is accelerating software development without sacrificing security and compliance along the way. While good governance is an enabler, well-defined guardrails help to shift these security best practices left invisibly to the developer and make this leap possible. Guardrails ensure environments start with the right configurations from the moment they are provisioned.
Effective guardrails must be baked into every step of the cloud native application lifecycle. With policy-driven guardrails, DevSecOps focuses on rapidly detecting and remediating cloud vulnerabilities to strengthen the overall compliance, and security posture. Then, the focus turns to optimizing costs and better aligning cloud spending to application needs and business objectives.
Proactive governance
Today, 87% of enterprises report using two or more clouds, according to the VMware Research and Insights study from 2022. Kubernetes is the platform technology of choice for these deployments, with nearly all (98%) of respondents from VMware’s 2023 State of Kubernetes report experiencing operational benefits of Kubernetes. Kubernetes and multi-cloud have become the technology foundation for modern business to accelerate application development and delivery.
Investing in guardrails for proactive governance and a secure software supply chain lays the groundwork for frictionless app deployments. Establishing a platform team and adopting a product mindset will go a long way toward preparing your enterprise to succeed in a multi-cloud world. Beyond that, running a platform — like a product can increase developer velocity, leading to “meaningful performance improvements,” says McKinsey.
No matter how your firm arrives at multi-cloud, with the right tools, talent, and a product mindset, any company can make multi-cloud a long-term business success.
To learn more, visit us here.