Cloud architecture that avoids risk and complexity

Architecture that isn't effective but still works isn't good enough. Removing risk, complexity, and cost should be your primary objectives

Cloud architecture that avoids risk and complexity
Thinkstock

One of the truisms about cloud architecture is that there are typically 100x100 architecture solution patterns. They all work, but only one is the right solution. If your head is swimming, let me explain.

Indeed, many technology stacks and approaches will solve the same problems using cloud-based technologies. They all work, but the majority will bring more risk, cost, and complexity than you should endure.  

In my years of reviewing architectures and plans for the Global 2000, I’m often engaged in a struggle between “it works, doesn’t it?” and “what’s optimal?” with the lowest risk, cost, and complexity. Why should we care about this?

Cost is easy. You can spend ten times what you need to, to solve the same problem.  Typically, the architecture team layers on more technology than necessary or doesn’t take advantage of cloud-native features. This means that the applications burn ten times more public cloud resources.   

Often I come upon disturbing realities, such as a technology being used because of an existing enterprise license agreement with that technology provider, which really means “funny money” that needs to be spent.

Risk is another core factor and is not as easy to spot as cost. Overengineering of the cloud solution can cause additional unnecessary complexity, which can lead to more attack surfaces for hackers and the additional likelihood that data on premises or in the cloud will be breached.   

I often use the phrase “you’re not that good” to describe the fact that the more technology you have, the more complexity, cost, and risk you also have. If you think about it, most major breaches have been caused by some neglect that led to a vulnerability. The neglect comes from insufficient resources to proactively protect a grouping of technology that’s likely more complex than it needs to be.

Does this sound like your solution, cloud or not? The fact is that complexity, risk, and cost is more the rule today than the exception. I spend most of my time reviewing architectures and deleting 30 percent to 50 percent of the enabling technology in order to lower these drawbacks.   

Just making something work is never the answer. You’re better than that.