Cloud portability and interoperability
The approach of “open computing” – with open source, interoperability and open standards at its core – has been a key priority for governments in their adoption of technology for many years. They have put great focus into their use of open computing and portability as part of strategies to avoid vendor lock in. Now governments are seeking the benefits offered by cloud computing: an ability to adapt to changing business needs at reasonable speed and without undue cost. These benefits are only achievable if openness is applied to cloud.
Multi-cloud
Many would like to hope that a single cloud model can address all needs. But the reality is that we see many IT leaders struggling with when and how to move to the cloud. No single cloud model can address all the unique requirements of each enterprise.
This is why IBM strongly believes the future is multi-cloud. Freedom of choice and flexibility are critical for success. Undue risk may be incurred through over-dependence for cloud services from a single provider and its data centres. In fact, today 81% of enterprises have a multi-cloud strategy. On average each enterprise uses six clouds, and they often have over 1,000 cloud-based applications.
Open computing practices must continue to be applied in the adoption of cloud computing. Governing its use must ensure that the value of openness is properly assessed and implemented by taking measures that ensure and sustain portability and interoperability. Environments must be kept up to date and practices employed to avoid technical debt.
Unfortunately, Government departments have built up large amounts of technical debt over the years. Many are building on premises cloud infrastructure for core systems as part of their journey to cloud whilst embracing the use of public cloud, at least initially, for innovation and some new developments. Digital transformation in Government – now accelerating because of the COVID-19 pandemic – is driving application modernisation and widespread use of cloud. Assessing the application portfolio is necessary to determine the right courses of action and to prioritise. Steps may include re-hosting of the virtual machines running applications and re-factoring into containers.
Enabling application portability
Core technology components have to be synchronised across cloud providers to ensure the interoperability of containerised applications. It requires portability, compatibility and supportability across distributed clouds.
Whilst containers provide abstraction and isolation, they require a careful planning and design which becomes more critical when planning for interoperability and flexibility as part of a multi-cloud strategy. Base images and advanced application images that include extra software – language runtimes, databases, middleware, storage, independent software vendor (ISV) software et al – are dependent on operating system type and version and should be supported by the Kubernetes versions and APIs. Furthermore, software included in these images should be tested, preconfigured and certified to work out of the box. The timely application of patches and bug fixes with compatibility across providers is also necessary.
Last year, IBM acquired Red Hat to help our clients implement multi-cloud strategies with interoperability more easily. With Red Hat’s OpenShift Container Platform, IBM is able to deliver portability, compatibility and supportability of Linux-based container images across multiple cloud providers including private on-premises cloud, IBM Cloud and other public cloud providers. This avoids the inertia and challenges of moving and integration containerised applications across the varying implementations of Kubernetes of each cloud provider.
Multi-cloud management
Such standardisation simplifies multi-cloud management by enabling a catalogue of services spanning the main cloud providers and virtualisation technologies that includes ordering, approvals, billing and reporting, as well as IT Service Management. It facilitates integration with directories for role-based access control and with a wide range of application development, deployment and provisioning tools. This allows Governments to track use in real time to implement policies and take enforcement action thereby optimising costs and resource utilisation.
EU initiatives related to cloud openness and interoperability
IBM believes that portability and interoperability is fundamental to cloud and is therefore supporting many standardisation initiatives in the European Union and internationally.
- IBM was one of the leading contributors to the ISO 19941 standard which includes transparent contractual terms, right of termination and easing lock in.
- IBM is active in the EU’s Switching Cloud Providers and Porting Data (SWIPO) initiative which lays out requirements for transparency at both infrastructure and software levels.
- IBM is a founder member of its EU Cloud Code of Conduct for data protection in the Cloud and was the first cloud provider to achieve certification with its public cloud data centres in Frankfurt.
- IBM chairs the public affairs group of the European Committee for Interoperable Systems (ECIS) which published a paper on cloud switching and the free flow of data that includes portability and interoperability of software and data across cloud services.
- IBM has welcomed the European Commission’s focus on, “A European strategy for data,” and has put forward seven policy recommendations to strengthen Europe’s open ecosystems of data through trustworthy data spaces. One of these is: “Technical solutions and standardisation should be the basis to achieve better data interoperability and portability within the data spaces.”
IBM endorses the recently released European Cloud Federation announcement which calls for data portability, reversibility, transparency and openness in the Cloud to support European competitiveness.[1]
Details of further IBM Cloud compliance programmes are available on ibm.com.
Trust in data
These standards efforts recognise the challenge of handling data as part of porting application from one cloud provider to another. Choosing the provider for an application will consider many factors. The attraction to higher value services that harness the benefits of artificial intelligence (AI) is one example. However, the provider’s policies on data handling should also be taken into account.
IBM published its Principles for Trust and Transparency in 2018. One of these is that, “Data and insights along to their creator.” This means that IBM clients’ data is their data, and their insights are their insights. Client data and the insights produced on IBM’s cloud or from IBM’s AI are owned by IBM’s clients. IBM believes that government data policies should be fair and equitable and prioritise openness.
In line with this principle, IBM has set out its commitment to safeguarding data:
“We have long been clear about the steps we would take if a government wants access to data held by IBM on behalf of our client. As an enterprise company, we expect governments to deal directly with our client, and not come to IBM.
We do not provide access to enterprise client data stored outside the lawful jurisdiction of any government requesting such data unless the request is made through internationally recognized legal channels such as mutual legal assistance treaties (MLATs).
If we receive a request for enterprise client data that does not follow processes in accordance with local law, we will take appropriate steps to challenge the request through judicial action or other means. If we receive a government request for enterprise client data that includes a gag order prohibiting us from notifying that client, we will take appropriate steps to challenge the gag order through judicial action or other means.”
IBM uniquely provides technical capability that allows clients including Governments to “Keep Your Own Key” (KYOK). The IBM uses Hyper Protect Crypto Services comprising key management and a hardware security module for KYOK. (IBM can also achieve KYOK on premises.) Only the client has the key which means that there is no technical means by which cloud administrators can access data. This contrasts with other cloud providers that protect client data from administrator access using controls.
IBM has a long-standing record in advocating and adopting open computing practices. It drives initiatives for portability and interoperability to protect our clients and facilitate innovation. Clients benefit by having the choice and freedom to consume services from multiple cloud providers and on premises, and to manage use with a single portal.
[1] The next generation EU cloud offering should meet the needs of EU businesses and public sector. For this purpose, it should aim for the highest standards in terms of data protection, cybersecurity, data portability/reversibility, interoperability, transparency, openness, energy efficiency, performance and reliability. Completely interoperable, open, multi-vendor cloud platforms and services, based on European, international or open source standards, will enable users to migrate effectively to the cloud, reaping its full economic benefits and availing of a high degree of choice in the market.