Lisa Morgan, Freelance WriterFebruary 10, 20259 Min ReadBrain light via Alamy StockOrganizations continue to fine-tune how they approach data, applications, and infrastructure. The latest move is pulling some data and workloads back to on-premises data centers. The question is whether theyre applying what they learned in the cloud, especially when it comes to private cloud and hybrid implementations.They need to be hybrid by design in terms of intentionally aligning business and technology. It has to be thought through and designed [as] a hybrid cloud architecture, so they dont think, Hey, Im going on prem, so I need to do virtualization here, says Nataraj Nagaratnam, CTO for AI governance and cloud security at IBM. The policies, processes, and organizational construct will enable this transformation, and we see this happening increasingly.What they should be doing is taking the learnings from their move to cloud and having an intentional hybrid strategy.I think AI is an opportunity to get your data right because data feeds the AI. To create value, you need to know where your data is, so governance is important, which in turn means do you have a hybrid landscape in place and a view of your digital assets, data assets and applications? says Nagaratnam.Common PitfallsOne common pitfall that organizations experience is moving entirely to cloud without being intentional about workload placement, Nagaratnam says. Another issue is underestimating the management complexity when theyve built different management control planes and have lost visibility. The third issue is they didnt understand the cloud services shared responsibility model.Related:Nataraj Nagartanam, IBMIts not only infrastructure, like cloud providers, but it is also business applications, software, software providers, SaaS providers, so bringing that together becomes important, says Nagaratnam. AI will shed more [light] on that shared responsibility, because it's no longer infrastructure only. If you think of a model provider, what's the risk? What's the responsibility of the model provider? So that notion of shared responsibility will continue to increase as you deal with data.More fundamentally, the complexity issue has been exacerbated by siloed departmental operations and mergers or acquisitions. Add to that inconsistent policies and significant skills gaps, and its a recipe for disaster.As companies grow their cloud infrastructure, it becomes more complex and presents a significant challenge to keep under control. This leads to unplanned cloud costs, security risks, production downtime, non-compliant cloud assets and misconfigurations in production, says AJ Thompson, chief commercial officer at IT consultancy Northdoor. Losing control means more cloud expenses and more potential downtime. While most companies appear to have mastered their migration to cloud and modernizing their applications, so they are cloud native, many struggle with the operation of cloud and cost containment. This is why we have seen some organizations move workloads back on-premises and why many operate in a hybrid environment.Related:Brian Oates, product manager of cloud VPS & cloud metal at Liquid Web, says the greatest failure in implementing hybrid clouds has to do with on-premises and cloud systems that are not integrated consistently. And without clear governance, there is also an inability to handle the data sprawl.Most of the hybrid cloud pitfalls are basically related to poor planning and strategy. Most of the time, organizations use a hybrid solution because of urgent needs, not in the frame of a long-term architectural strategy. Thus, there is a misjudgment in understanding workload compliance, performance and latency requirements of major importance, says Oates. Most of the organizations have taken too lightly the management of hybrid environments by considering that integrating modern cloud with legacy could be seamless.Related:Northdoors Thompson says monitoring hybrid clouds can be challenging because cloud services may not integrate easily with existing on-premises solutions. Interoperability issues and ensuring secure communication and seamless integration within the entire organizations infrastructure can be challenging. And, underestimating network latency can undermine hybrid cloud performance.One of the key reasons that organizations keep some of their workloads on premises is because they must adhere to strict industry standards surrounding the safeguarding of their data. Businesses must understand the implications of these regulations, including the most recent DORA and NIS2 regulations and how they apply to their hybrid cloud environment, says Thompson. This can become even more complicated for global businesses, as different territories often have their own unique requirements. Therefore, organizations must make sure they implement the appropriate governance and policies for their cloud resources.Ferris Ellis, CEO andprincipal at software engineering firm Urban Dynamics, says people make the mistake of taking the network for granted and just assume that it provides reasonably low latency and high bandwidth. This is not the case with hybrid cloud where connectivity is a problem and can cause an SLA failure. There are also the potential cloud egress fees to consider, depending on how the hybrid cloud network design is done.Ferris Ellis, Urban DynamicsNetworks tend to be taken for granted so people dont think about them, says Ellis. Second, it requires a more advanced network design than many IT departments are familiar with. They may be familiar with connecting a bunch of offices using a VPN or SD-WAN solution. But for serious workloads you need to have 10, 40, or even 100+ Gbps of reliable, low latency connectivity between one or more of your locations and multiple cloud regions. There are known ways to do this, but they require familiarity with the internals of the internet that remain hidden to most.Get the Right People InvolvedAside from the product teams whose workloads are moving, the obvious players are the platform and infrastructure teams. There are also a couple of less obvious groups, notably the security, risk, and compliance teams.In my experience, you need these teams to be bought in so they dont become barriers. You must ensure that the conversion doesnt increase risk, and that you are not giving up controls, says Jacob Rosenberg, head of Infrastructure at observability platform provider Chronosphere. In many cases, you can decrease risk, so while getting them bought in may take some work upfront, I think it can be a real win-win.Liquid Webs Oates Utility believes a hybrid cloud strategy needs many stakeholder groups to define and implement.It has to be IT-driven, as this is the team that will have expertise in infrastructure and system integrations, says Oates. On the other hand, business leaders take part in being onboard, which will ensure that it fits with organizational priorities. Compliance officers and the legal department should review requirements from a regulatory perspective and discuss the best ways to mitigate risk. Financial managers provide insights on cost implications and budgeting. Cybersecurity experts are also necessary for robust defense and data integrity assurance. Its essential to include the right business stakeholders to ensure the implementation meets the needs of the operation. Next is tapping external consultants or managed service providers who bring in new ideas and specialized expertise.The approach is sure to be comprehensive, yet practical, says Oates.How to Ensure a Smoother TransformationA hybrid-by-design approach is wise because it forces organizations to be mindful of what data and workloads they have and where they should be to meet business objectives. It also requires business and technology leaders to work together.Architecture that factors in the application layer and infrastructure is another critical consideration.Do you have a view of your data and the end state of your IT? Does the landscape accommodate a hybrid cloud architecture [using] a hybrid cloud platform like OpenShift and Kubernetes for applications? Where is your data? How are you consuming data? Is it as a service? What does your data pipeline look like? says IBMs Nagaratnam. Because data is not just going to stay somewhere. [It] has to move. It moves closer to application.Data must also move for AI models, inferencing, and agents, which means thinking about data pipelines in a hybrid context.Hybrid cloud architecture [should] take into account your workload placement and data decisions so that nothing can go to the public cloud or everything needs to stay on prem and whatever decisions there are, but take a risk-based approach, based on data sensitivity, says Nagaratnam. Create a path to continuous compliance and get ahead with AI governance.An ethos of continuous improvement is necessary because it helps ensure agility and more accurate alignment with business requirements.A hybrid cloud strategy should develop and evolve as your business and technology evolve. Base this on a small pilot project to refine the approach to find any challenges early in the process, says Liquid Webs Oates. Second, prioritize security, making extensive use of the zero-trust model and applying policy consistency across all environments. [Make sure to have] a great IT staff or partner who can help manage hybrid environment complexities. Invest in tools that will provide your team with a single source of visibility and automate routine tasks. In this way, enable your team to focus on more strategic work.Collaboration across departments ensures that the strategy fits business and regulatory purposes. Its also important to review workload placement to ensure effective cost control.Unexpected cloud costs [come] down to several factors, including inadequate planning, unforeseen disruptions, underutilized cloud instances, a lack of visibility and/or the need for additional resources. Therefore, a key requirement is to understand hybrid cloud pricing structures, as these can be extremely complex and vary from provider to provider, says Northdoors Thompson. Utilizing cloud without knowing what the business needs to pay for can lead to overspending on redundant or underutilized services.Chronospheres Rosenberg has observed two approaches to hybrid cloud that tend to have very different outcomes.The first is to make your public cloud looks like your on-prem infrastructure, and the second method is making their on-prem infrastructure look as cloud-native as possible, says Rosenberg. The former is often quicker and enables a lift and shift migration of workloads, but the second method maximizes the benefits of the cloud environment. For many companies, this means bringing in Kubernetes and refactoring applications to be cloud-native. I find the second method is more appealing because not only do you make your deployment, management, and observability of all your applications uniform across both environments, you also get the advantages of cloud-architecture combined with retaining the security and compliance benefits of remaining on-prem.About the AuthorLisa MorganFreelance WriterLisa Morgan is a freelance writer who covers business and IT strategy and emergingtechnology for InformationWeek. She has contributed articles, reports, and other types of content to many technology, business, and mainstream publications and sites including tech pubs, The Washington Post and The Economist Intelligence Unit. Frequent areas of coverage include AI, analytics, cloud, cybersecurity, mobility, software development, and emerging cultural issues affecting the C-suite.See more from Lisa MorganNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports