Many companies face significant challenges when integrating on-premises systems with cloud platforms – especially when introducing new infrastructures organizationally and technically. These transformations have typically been accompanied by major hurdles, particularly regarding the organizational and technical management of new cloud infrastructures. An ill-considered strategy shift carries risks: it can jeopardize transformation projects and tie up valuable resources.
Rather than replacing existing strategies, it makes more sense to strategically expand the cloud infrastructure by integrating multiple providers. For example, combining US and European cloud providers can ensure companies access to innovative services while maintaining compliance with regulatory requirements – such as data protection. This creates a flexible, future-proof platform that meets both business and technical requirements.
Fundamentals of Multi-Cloud Connection: The First Step Toward Integration
At first glance, the necessary steps and technologies for using multiple cloud providers may seem complex. But the good news is: most approaches and tools already exist and are partly provided directly by the cloud providers. Nearly all providers offer services to efficiently connect an on-premises network with the cloud - the same solutions can also be used to build networks between different cloud providers.
Since network connectivity between cloud providers as a central technical prerequisite poses no significant challenge, the question becomes: How can applications and data be integrated into a heterogeneous cloud infrastructure in a business-compliant and regulation-compliant manner?
Below, we examine two different strategies - API-Only Integration and Data-Only Integration - that can help you seamlessly align technical and regulatory requirements.
API-Only Integration: The Simple Solution for Modular Systems
This integration variant is particularly suitable for systems that are modular at the application level, such as microservices or Self-Contained Systems (SCS). In this approach, the logic is implemented in a separate system. Depending on complexity, this can be achieved by developing a microservice or a completely new SCS.
API-Only Integration is the simplest type of integration, as it doesn’t require a direct network connection via VPN between the systems involved. APIs can be called over the internet and protected by appropriate security measures. This reduces infrastructure requirements and enables flexible connection between the components involved.
Deployment is also straightforward, as the respective deployment mechanisms of the cloud providers can be employed directly. A significant advantage of this variant is its flexibility: API-Only Integrations enable access from European clouds to US-based services and vice versa.
API-Only Integration is an excellent choice for modularly structured systems that require high agility and flexibility. It offers a simple way to connect independent services. However, companies should ensure that API integrations are robust against latency and security risks, especially with sensitive data or longer network routes. This is precisely where Data-Only Integration comes in, focusing more on data storage and special regulatory requirements.
Data-Only Integration: The Challenge of Multi-Cloud Data Management
A Data-Only Integration requires special prerequisites and considerations. Before implementation, it must be verified whether temporary storage of data in a third-party system, e.g., for technical reasons such as caching, is permissible. Potential impacts on quality objectives must also be evaluated, as VPN tunnels tend to be slower than a dedicated line. Currently, no cloud offers a dedicated line to another cloud. The connection must also be built redundantly to avoid outages.
With this variant, the focus is on where the data is stored. It allows flexible response to requirements, such as the mandatory storage of sensitive data in a European cloud. Additionally, this method facilitates later migration of the application to another cloud environment. Another use case is when a necessary service is available in the US cloud but is not (yet) offered in a European cloud.
Unlike API-Only Integration, Data-Only Integration avoids unnecessary division of the application into multiple deployment units, which would bring additional complexity (such as strict deployment sequences or distribution of the data model). Instead, only the data storage is implemented in the European cloud, while the components with application logic operate in the US cloud. Since database access represents critical interfaces that directly affect quality objectives, a stable network connection is essential. While secure direct connection of databases over the internet is technically possible, it carries high security risks.
Various approaches are available for implementing data storage from another cloud, depending on the technology used and requirements for performance, availability, and policy on temporary data storage. For example, entire databases can be operated in a different network with a different provider. This represents a simple solution but can lead to performance losses that can be mitigated through caching or the use of read instances.
Another possibility is the use of "remote tables" in supporting database systems. Here, only a specific part of the data model - such as tables with sensitive data - is outsourced to another cloud. This approach is transparent to the application and limits potential latency problems to a small part of the data model.
The implementation of this variant requires more effort in deployment due to dependencies and technical requirements. Solutions such as "Infrastructure as Code" (IaC) and support from a dedicated platform team are crucial here. They enable seamless integration of external data storage into the existing infrastructure. Some US cloud providers even offer extensible IaC solutions to provision resources in foreign environments, thus minimizing complexity.
Strategy Comparison: Both Strategies at a Glance
The choice of the appropriate integration strategy depends heavily on your company’s requirements. Ideally, both approaches can be combined to efficiently and flexibly meet both technological and regulatory requirements.
Data-Only Integration is ideal for quickly and flexibly adapting existing systems to new requirements - such as storing sensitive data in a specific region. In contrast, API-Only Integration is excellent for integrating new systems or legacy systems that are being migrated to a modern architecture.
I strongly advise against artificial division into isolated systems, as this can cause additional complexity and potential problems. A clear and targeted strategy is crucial for success.
The following table provides an overview of the two types of integration and their characteristics:
| Feature |
API-Only-Integration |
Data-Only-Integration |
| Objective |
Integrate cloud providers through exposed APIs. |
Store data across multiple cloud providers. |
| Architectural Fit |
Well-suited for modular environments such as microservices or self-contained systems (SCS). |
Designed for systems that require data residency in another cloud; also useful when preparing for cloud migration. |
| Limitation |
Risk of unnecessary system fragmentation if there’s strong dependency on a single cloud vendor. |
Data protection requirements and quality targets (e.g., latency, availability) must be carefully managed. |
| Deployment |
Uses the native technologies of each cloud provider. |
Integrates external resources through Infrastructure as Code (IaC). |
With this overview, you can better assess which strategy - API-Only or Data-Only - makes sense for your specific use cases. It’s important that you establish a clear direction for your integration strategy and avoid unnecessary complexity.
Recommendation for action
Integrating multiple cloud providers into a heterogeneous platform offers companies enormous opportunities to address both technical and regulatory requirements. The two integration strategies presented - API-Only Integration and Data-Only Integration - open up flexible possibilities for adapting existing systems and efficiently designing new solutions in a hybrid architecture.
The key points can be summarized as follows:
- API-Only Integration enables fast and modular connection between cloud services and is ideal for new and migrated systems.
- Data-Only Integration offers an effective way to adapt data storage to legal requirements and flexibly extend systems without unnecessary division.
- Both approaches can be combined to efficiently achieve both technical and organizational goals.
A clear and well-thought-out plan is the key to successful implementation. However, avoid unnecessary complexity, such as dividing closed systems, as this can increase development, maintenance, and operational costs.
- Analysis of your applications: Identify which applications are affected and assess their dependence on specific cloud services.
- Evaluation of providers: Determine which European cloud provider offers the best services for your requirements. Pay particular attention to compliance with legal requirements, such as data protection.
- Segmentation of services: Consider which services or data can be migrated to a European cloud and which must remain in their existing environment.
- Planning the integration: Based on your analysis, decide where API-Only or Data-Only integrations can be best implemented. Conduct a feasibility assessment that considers performance, security standards, and latency.
- Involvement of a platform team: Ensure you have an experienced team that can use "Infrastructure as Code" (IaC) to ensure seamless integration and efficient deployment.
