shatnerIn case you aren’t familiar with the concept:

The Kobayashi Maru is a test in the fictional Star Trek universe.

It is a Starfleet training exercise designed to test the character of cadets in the command track at Starfleet Academy. The test's name is occasionally used among Star Trek fans or those familiar with the series to describe a no-win scenario, or a solution that involves redefining the problem and testing one's character.

Oh don’t look at me like that. You knew I liked Star Trek and Star Wars and stuff. Let’s move along or we’ll never get to the point, shall we?

In IT, the “no-win' scenario” seems to be “choose cloud or on-premise.” But of course no matter what you choose, you’ve lost something. In the case of off-premise (public) cloud, you’re giving up control and the ability to replicate existing security architectures and gaining agility and scale. If you choose on-premise traditional data center, you’re abdicating agility and cost-savings for control.

What you really want is control, agility, and cost-savings all in one neat little package. But the options presented don’t offer that. You get some of one, and not the other. You can’t win.

Except you can. There’s a good reason that most surveys out there (ours included) show continued growth and investment in technologies supporting private cloud. While you won’ t find many articles proclaiming that reality, the truth is that organizations have been “cloud shamed” into silence. The first rule of private cloud implementation, it turns out, is you don’t talk about your private cloud implementation. trends-soad-2016

And that’s a sad thing, because there are a lot of insights and lessons learned in those implementations that could provide guidance for those just starting or experiencing trouble on the road to realizing a private cloud. It requires architecture, automation and orchestration, experience with frameworks, and the application of a core DevOps philosophy of collaboration across IT silos and into app dev.

This is no trivial undertaking, and yet we consistently see private cloud ahead of its public counterpart (SaaS adoption not withstanding, but then SaaS is a whole different paradigm). Last year, we say organizations investing in private cloud (38%) beating out public cloud (25%), with SaaS squarely in the middle (32%). That’s globally. In every region, private cloud was being invested in more than public cloud. Strategically, the results fell out the same. Global significance of private cloud (43%) was noted by more organizations than was its public counterpart (34%).

I have no reason to believe that trend will reverse itself this year, or the next, for that matter. When viewed through the lens of security, that’s no surprise. Security continues to be an important driver of all technologies, whether cloud or IoT or APIs. And security concerns still exist for public cloud. Not about the security of the cloud infrastructure itself, but about the ability of organizations to normalize policies across disparate environments, to apply the same security policies in both the data center and in the cloud, and to manage authentication and authorization in a consistent way.

These are the security challenges still facing organizations when they look to public cloud. And these are significant, given the rise and size of breeches and attacks in the past two years. The risk stalks IT like a slow moving plague that must be addressed, whether the threat is imminent or not. Because it is existential. Even if we aren’t reading about it, it’s happening. Consider that earlier this year (May 16), Ponemon noted that 89% of healthcare organizations admitted to being breached in the past two years. Similar statistics abound, crossing industry and business lines. A significant number of organizations (more than we’d probably like to admit) have experienced a breach. Whether that breach has resulted in widespread data exposure or not likely determines whether we’ve read about it or not.

Between the security challenges that exist when trying to lift and shift applications to the cloud and the reality that is mainframe is not going anywhere. Think that’s just nostalgia? Think again. According to a BMC sponsored 2016 Forrester report:

Ninety-one percent of enterprises reported that their mainframes store business-critical information. And the future of mainframe technology is strong: More than half (57%) of enterprises anticipate increased workloads in the next two years, while half are developing new mainframe applications.

Yes, you read that right. Go ahead and read it again to be sure. I’ll wait.

Now, applications residing on mainframes are routinely included in the architectures of other applications, but not those that reside outside the data center. Like in a public cloud. But those that might live on-premise, in a private cloud, those can get their APIs on the data in those applications residing on mainframes and continue to leverage their “business-critical information.”

Which is why the answer to IT’s Kobayashi Maru shouldn’t be that difficult in the first place: it’s private cloud. You bring the agility and speed of the cloud to join with the control and accessibility of the data center together, on-premise, and build a new reality.

It’s more common than you think. And as Spock would surely agree, it’s the only logical solution.