As more companies look to incorporate cloud computing storage into their IT portfolios, a heated debate has come to the fore: Should companies go with one cloud service provider (CSP) or diversify their investment with multiple vendors?
The short answer is: It depends. There are multiple factors that can go into making this decision, but ultimately you must make one that enables you to fulfill your business objectives while keeping your information secure.
Based on our decades of experience securing cloud data for small, midsize, and large enterprises, here are the most important points to consider when conducting your due diligence on CSPs:
- Resources: As we’ve talked about before, investing in cloud storage and services doesn’t mean you can take a passive approach to management and security. A common train of thought I’ve heard in my conversations with enterprises of all sizes is that they want to have a single source of truth, code, and point of contact when it comes to CSPs so they can drive efficiency and negotiate a good price. While this seems like a good idea, it’s important to keep in mind that putting all of your eggs in one CSP could lock you in to that vendor, tie your hands in price negotiations, and prevent you from maintaining business continuity if the CSP experiences an outage.
- Functionality: Every CSP is different, which means depending on how you want to leverage the cloud it may make sense to choose a particular CSP for each of your workloads. For example, some CSPs are superior in machine learning or big data workloads than others. When you choose one CSP for all of your needs, you run the risk of sacrificing functionality for the sake of management simplicity. Companies looking to use multiple CSPs can also use that as a bargaining chip when negotiating better prices.
- Security: On the surface, having one CSP for all of your needs should make data security easier: There are less points of potential failure for which to solve. However, what happens if your CSP experiences an outage or complete system failure? Does your business grind to a halt while the CSP works out its own issues? Chances are you can’t take that risk. Having multiple CSPs in your IT stack enables you to avoid exposure to a single provider’s failure – you can more easily fail over to another CSP for proper business continuity. On the flip side, having multiple CSPs means that you must have the expertise in-house to be able to monitor, analyze, and quickly take action on any potential security risks that threaten your data in any of your cloud workloads.
If you are a large enterprise, you typically have the time, people, budget, and expertise to be able to handle the complexities of multiple CSPs so you don’t sacrifice functionality. If you’re a small-to-midsize organization, having a single CSP or using a managed service provider to administer your CSPs could very well be your best option.
However, your business isn’t this black-and-white. Chances are you want it all: efficiency, functionality, and security. Enterprise Strategy Group research found that 75 percent of current public cloud infrastructure customers use multiple CSPs – running the gamut from small mom-and-pop businesses to global, multinational organizations.
Let USCV’s secure cloud and expertise help you navigate this complex landscape. We offer our clients trustworthy layered defense in our data center with industry leading next-generation security tools. We are vendor agnostic and choose only the best layers of defense for you: DDoS, NextGen firewalls, WAF, advanced malware protection, IPS/IDS, DLP, SIEM, SOC, endpoint, anomaly alerting, and log analysis. Visit our website to learn more about how we help you take full advantage of cloud computing while keeping your data safe, and sign up for a free consultation today.