Cloud hyperscalers’ dominance and the risk of vendor lock-in

The need for accelerated business transformation continues to drive organisations toward purposeful and scaled cloud deployments.

In an effort to improve the scalability, agility, and efficiency of their operations, organisations have invested at pace but this is also leading to a heavy reliance on one of the three cloud hyperscalers; Amazon Web Services (AWS), Microsoft Azure or Google Cloud.

This reliance has increased so much that hyperscalers now control four-fifths of the UK public cloud market, which has prompted Ofcom to launch an investigation to assess whether this dominance may limit innovation and growth among organisations. In the US too, there is bipartisan support for an investigation into tech giant market power, with regulators becoming increasingly concerned with how infrastructure is priced and sold, and the downstream impact of monopoly power on organisations.

Until regulators work to understand and limit these risks, enterprises must begin to limit dependence now. Hyperscalers offer many benefits, from flexible capacity, improved security and resilience, and future-proof architecture, but their influence could limit vendor choice and increase the likelihood of cloud vendor lock-in. This is now causing many to question the operational, security and financial risks posed by a single-vendor cloud option.

Vendor lock-in and its risks

Choosing the right cloud provider to manage your business-critical applications can be a challenging task as you need to find the right architecture, services and pricing. But once you’ve identified the right one and made the move, while you might experience some benefits, you may also find yourself exposed to changes in price, or service reliability issues which could limit your ability to scale and innovate – the reason you set out to migrate to the cloud in the first place.

There are often several reasons why you can’t switch cloud providers. The cost of switching might be too high, moving databases to a different type of environment might involve transforming all your data, or moving providers might be too disruptive to your business operations. Also, once cloud service provider (CSP) services are incorporated into your business’s processes, you may become too dependent. As a result, you could find yourself locked into a service when better alternatives exist.

Security also remains one of the largest concerns for those planning cloud deployments. In our current threat landscape, even the best cybersecurity systems can be hacked and so if your one and only cloud provider is breached and your systems are knocked offline, you’re putting your organisation at a huge risk.

How to avoid being locked-in

The best way to avoid being locked into one vendor is to implement a multi-cloud strategy and adopt the right CSP agnostic tools for the management of workloads, aggregating and monitoring data and FinOps and cost management. By employing the 80:20 rule for primary and secondary cloud providers, supported by architecture that allows seamless security, observability, FinOps and scaling across cloud platforms, you can harness the benefits of both cloud platforms and translate them into business results. This also enables you to maintain more operational and financial control over your cloud strategy, rather than being at the mercy of one provider.

For starters, ensure you adopt portability as a first-class citizen in your architecture strategy. You can do this by developing a business-critical application that is only loosely coupled with cloud application components and isn’t dependent on third-party proprietary services.

Microservices are also an excellent way to build and operate applications as smaller individually scalable and communicable units which naturally lend themselves to containerised deployments. Commercial-off-the-shelf (COTS) applications were a major cause of concern when it came to portability but many COTS solutions are now available as containerised and Platform-as-a-Service deployable units which can address the portability issue and avoid vendor lock-in.

While all the right technologies and architecture are implemented the most ignored part still tends to be a focus or lack thereof on operational interoperability. As a result, we have seen a sharp rise in the adoption of open-source frameworks right from container orchestration with Kubernetes, istio service mesh, Postgre SQL and Python which have helped enterprises achieve interoperability. These are now mainstream services available with all cloud providers and warrant a significant focus in enterprise cloud adoption strategy.

A future of flexibility

With organisations increasingly moving their critical workloads and business functions to the cloud, IT leaders need to be aware of the risks of cloud vendor lock-in, and how to avoid it. There’s no doubt the cloud hyperscalers have unrivalled scale, innovative technology and deep expertise, however, enterprises from time to time end up in situations where they are presented with choices of better services, scale, reliability or data sovereignty, which will warrant a move from one CSP to another. Locking cannot be avoided completely, however getting the basics right, from choice of technology to architecture to operations, is key to long-term success.

About the Author

Ashish Varerkar is Head of Cloud Native at LTIMindtree. LTIMindtree is a global technology consulting and digital solutions company that enables enterprises across industries to reimagine business models, accelerate innovation, and maximize growth by harnessing digital technologies. As a digital transformation partner to more than 700+ clients, LTIMindtree brings extensive domain and technology expertise to help drive superior competitive differentiation, customer experiences, and business outcomes in a converging world.

Featured image: ©natali_mis