The Multi-Cloud Strategy: What It Is and How to Best Utilize It

Cloud technologies are developing rapidly, constantly presenting companies with new strategic decisions. IT managers face the challenge of finding the right balance between flexibility, (data) security, and innovation. Here, the multi-cloud approach opens up possibilities that exceed by far what on-prem and hybrid cloud strategies have to offer.

What is a multi-cloud strategy?

First and foremost, multi-cloud is not a product of cloud providers. It is a strategy in which a company uses different cloud providers in parallel, i.e., employs services from at least two cloud providers. This sets the multi-cloud strategy apart from the pure cloud approach and the hybrid cloud.

Hybrid cloud vs. multi-cloud

What are the advantages of a multi-cloud strategy?

Innovation potential

Cloud providers continuously invest in developing new products and services. Operating a multi-cloud architecture gives you a greater choice of new technologies and functionalities that help you improve your own offering and optimize workflows.

Enhanced performance 

A multi-cloud strategy allows you to select the cloud providers whose features and functions best meet your requirements, particularly regarding such factors as speed, performance, reliability, and geographical location. This enables you to work out a strategy and choose the functions of a specific provider that are tailored to your needs.

Independence

A multi-cloud environment gives you a higher degree of independence, making it easier to switch between providers quickly. This helps avoid vendor lock-in. With a multi-cloud setup, you are not, for example, defenseless against unfavorable changes to a provider's pricing or terms, as you can shift certain processes to another provider's cloud.

Reduced risk of downtime

A multi-cloud architecture can minimize downtime. Recent examples have shown that public cloud outages can be costly for both individual companies and the economy at large. A multi-cloud solution can serve as a fail-safe to transfer business-critical processes to platforms that are still operational if one provider fails. Initiatives such as that between AWS and Google help optimize the necessary integration between clouds.

Compliance

Core systems and sensitive customer data remain with a provider that has clearly defined data location and verified compliance controls, while less critical applications, such as chatbots, analytics sandboxes, and innovation labs, run on other, technologically more advanced clouds. The trick is to limit data interfaces so you benefit from innovation without running afoul of regulatory requirements.

What are the disadvantages of a multi-cloud strategy?

Complex operations

The more platforms are integrated, the more complex unified operation of the entire environment becomes. Security policies, identity management, monitoring, and cost control must work across all environments to avoid gaps or duplicate structures.

Organizational challenges

Another point is organizational management: Different cloud models, billing logics, and technical interfaces require clear responsibilities and coordinated processes. Without unified governance, it's easy to lose track of resources, data flows, and costs.

Additional costs

Naturally, multi-cloud strategies tend to be more expensive than using a single provider. This is mainly due to possible connections between different cloud providers and their data exchange. It's therefore important to keep an eye on the dependencies between the clouds, as data transfer is often associated with volume-based costs. In addition, a careful decision must be made as to which service is implemented where and whether duplication is necessary.

Required expertise

Finally, a multi-cloud strategy requires qualified professionals to efficiently manage the various environments and services.  They must be able to handle the specific concepts, tools, and best practices. For SMEs, but also for many larger companies and organizations, it's a challenge to provide the necessary expertise and tools to establish a sustainable and operationally stable multi-cloud strategy in the long term. This is why cloud-agnostic tools are often preferred.

When does a multi-cloud strategy make sense?

The implementation of a multi-cloud strategy must be well thought out and justified for the reasons mentioned above, and not just for the sake of multi-cloud itself or as a «just in case» safeguard. 

Various scenarios can be derived from reference cases that are worth including in the decision-making process for or against a multi-cloud strategy: 

Scenario 1: 

A company operating across regions wants to serve its users with low latency while also cushioning hardware and provider-related failures. 

In this scenario, the focus is on performance combined with scalability, high availability, and fail-safety, while maintaining provider independence and flexibility. A multi-cloud strategy for this could look as follows:

• To distribute workloads and minimize downtime risks, the affected applications are spread across multiple cloud providers (= Cloud A and B in Figure 1) and regions. Multi-cloud integration is achieved through unified CI/CD pipelines, standardized APIs, and cross-service identity and access management.
• Availability is further increased by using a content delivery network (CDN).

In this scenario, multi-cloud helps minimize single-vendor risks such as regional disruptions and outages.

Figure 1: Redundant multi-cloud architecture for scalability, availability, and fail-safety

Scenario 2: 

A data-driven company wants to support its various business areas with the most powerful cloud services available. While some of the applications comprise classic web and mobile workloads that need to be stable, scalable, and cost-efficient, other areas such as data analytics, machine learning, and data processing require specialized and particularly high-performance platform services. 

In this scenario, innovation capability and the selective use of the strengths of different providers are the priorities. A multi-cloud strategy for this could look as follows:

• Standard business applications continue to run cost-effectively and stably on the existing main cloud (= Cloud A in Figure 2).
• Analysis, AI, and data processing workloads, however, use dedicated services from a second provider (= Cloud B in Figure 2) that offers market-leading technology in precisely these areas, such as powerful data warehousing engines, GPU clusters, and managed ML services.

Scenario 3: 

A company in the financial and insurance sector operates several business-critical applications subject to strict regulatory requirements. According to national and industry-specific compliance guidelines, personal information, transaction data, and risk models may only be processed and stored in a specific region. Audit evidence, encryption mechanisms, and data access must always be fully traceable. At the same time, the company is developing new digital products that require a high speed of innovation and modern platform services, some of which are not or only partially available from the primary cloud provider.

In this scenario, regulatory requirements must be reconciled with the use of innovative features from a non-compliant provider. To resolve this conflict, the company could opt for the following multi-cloud strategy:

• Regulated core systems are operated in a cloud that guarantees dedicated data centers, compliant security standards, and strict data locality (= Cloud B in Figure 3).
• Innovative, internationally deployed applications simultaneously use platform services from a global hyperscaler to maximize scaling, time-to-market, and development productivity (= Cloud A in Figure 3).

Data flows between the two clouds are checked in detail to ensure that sensitive data remains in the permitted region of the primary cloud provider and that only pseudonymized or aggregated data is transferred to the second global provider's cloud. This dual architecture allows the company to meet all regulatory requirements while also using state-of-the-art cloud services to remain innovative. 

Figure 3: Partitioned multi-cloud architecture for compliance

Swiss use case

In addition to the three scenarios described above, there are many other constellations in which a combination of technical, business, and/or regulatory factors leads to a multi-cloud strategy. A typical example from Switzerland is the operation of internet TV services, which are implemented as part of an AWS cloud-first strategy while the company provides additional services in parallel via its own private cloud and via dynamic computing offerings for business customers, depending on the use case. There are also specialized solutions for SMEs, such as offerings from Microsoft Azure or fully integrated IT packages with exclusive data storage in Switzerland.

For these specific scenarios, which describe possible targeted distributions of applications across different cloud providers, there are general technical recommendations to address requirements such as data sovereignty, performance and latency, scalability of compute-intensive workloads, resilience and fail-safety, provider independence, security, and stable operation in a multi-cloud architecture. 

Recommendations 

• Data sovereignty: Use a dedicated cloud, region, or on-prem environment with a guaranteed location for managing and processing sensitive data to meet regulatory requirements.
• Performance: Distribute performance- and latency-critical workloads regionally and use multi-region load balancing and CDN to always provide users with the shortest route.
• Scalability of compute-intensive workloads: Bundle compute-intensive workloads such as AI and analytical services in the cloud that provides the most powerful specialized services while connecting operational data via standardized pipelines.
• Resilience/Fail-safety: Distribute business-critical applications across multiple clouds and set up global failover mechanisms with a central gateway to ensure uninterrupted operation.
• Provider independence: Consistently use container technology, standardized APIs, and Infrastructure as Code (IaC) to minimize cloud-specific dependencies and increase applications portability.
• Security: Implement a homogeneous security model without gaps and inconsistencies by applying the zero-trust approach via a harmonized role and authorization model, centralized identities, and cross-cloud key management, policy enforcement, and audit reporting. Ensure end-to-end encryption across all security layers for direct connections between the clouds.
• Stable operation: Use consistent CI/CD pipelines, centralized logging, and end-to-end observability so that all cloud environments are monitored, deployed, and tested using the same operational processes.

Closing words

A multi-cloud strategy can be a conscious power shift for a company: away from a single provider and towards a more self-determined mix of services. Companies and organizations thus gain flexibility and resilience, as well as the opportunity to choose the right building block for each task – but pay for this not only with higher costs, but also with greater organizational and technical complexity.

Especially in Switzerland, with highly regulated industries and a strong sensitivity for data sovereignty, multi-cloud management can become a strategic key competence: Critical data remains in sovereign environments while the global diversity of hyperscalers benefits innovation. Those who master this balancing act turn the cloud into more than just an outsourcing project – they mold it into a design tool for their own business model.

[snippet_article_cta id="hybrid_cloud"]