Google Cloud’s market-leading capabilities in AI, geospatial data and advertising data meant it was no surprise when the division head of one of our global CPG clients wanted to tap into specific capabilities relevant to their organization’s goals. When requests like these are made, how can data analytics and IT teams make sure the company’s cloud data platform is set up to deliver success, regardless of the platform it’s running on?

In this case, the client already had a significant, global data estate, all deployed on Microsoft Azure services, many of them native, and without an obvious pattern to additionally integrate with Google Cloud. The team at Thorogood helped validate key architecture decisions, map out priority design patterns, and recommend secure integration between tools, working with the organization’s IT and networking teams to align to their company standards for authentication and security.

Tool choices aligned to the clients’ ways of working

One option when adopting a second cloud platform is to treat it as independent from the first. You could set up the new platform as a completely separate space, managed by a separate team, with an independent architecture design. But for a global company with large, complex datasets, that would require a lot of duplication of data, roles and governance.

Our client needed an approach that would pragmatically map the possibilities in the new Google Cloud platform to the capabilities they were already familiar with in Microsoft Azure, with explicit integration patterns to leverage data stored on one platform seamlessly from tools in the other.

Thorogood’s knowledge of both cloud platforms, and our partnership with Databricks, meant we could work with the data engineering tool the client was already using at scale. We designed patterns to leverage Databricks’ multi-cloud capabilities in conjunction with Google Cloud-native tools where they were of benefit:

• Databricks on Google Cloud formed the backbone of data engineering and data analytics pipelines. This kept the client productive from day one by working in a tool they already knew and where they can reuse a lot of the code, rather than spending time rebuilding skills and code.While most features of Databricks work exactly the same across platforms, we worked with Databricks to recommend approaches for the client to take on the areas of integration, security and networking that differ in each platform.
• Managed Apache Airflow was our recommended tool for orchestration, allowing platform-native orchestration across Google Cloud tools, extending to Databricks notebooks and jobs.
• Cloud SQL and Cloud Run offer similar database and web application deployment options to what the client was already used to, leveraging the existing skills they have in Postgres and Python/FastAPI.
• Gemini Enterprise Agent Platform offers unique capabilities within Google Cloud, integrating Google’s Gemini models deeply with agent deployment and monitoring capabilities that support enterprise use. These were some of the specific capabilities our client wanted to be made available to users across the business.

And while these aren’t the only tools they’ll use, they form the basis of the major design patterns we recommended for data ingestion and engineering, machine learning and AI. They also provide a core that can be added to as new tools are needed to serve specific business requirements.

Designing for secure integration

For an enterprise organization operating globally, a security breach or compliance failure would be a major business issue. Where security patterns on the existing platform had been hardened over many years, it was important to ensure that everything in the new platform maintained those high safeguards.

• We laid out patterns for Role-based Access Control (RBAC), with the principle of least privilege, linked to each user’s existing Azure credentials, making it easy for users to log in to the platform, while keeping existing controls on access.
• We identified and tested best practice integration patterns for the different combinations of tools, within a VPC (virtual private cloud) network. Using application credentials wherever possible, and recommending suitable key rotation patterns where needed, we tested the appropriate setup within their specific organization’s firewall requirements.
• We helped the client design Infrastructure as Code templates that define each resource in the platform, ensuring consistency during each deployment.

Open standards

Google Cloud’s tools often align closely with open-source frameworks, allowing easy code reuse across platforms. Managed Apache Airflow and Cloud SQL for Postgres allow solutions to be built directly on open-source technologies. And this interoperability also applies to Databricks, which uses the open-source Apache Spark technology. All of this gives our client a level of independence from the platform – Google Cloud is a great choice for running these services but, if there’s a reason to move later, they have the option to migrate.

Gemini Enterprise Agent Platform is more of a commitment. Although, in Google’s usual spirit, it embraces certain open standards, there are proprietary components that would require reworking to migrate away from. But our client recognizes that easy access to the Gemini models and the other capabilities within the platform is a major benefit, as it allows them to leverage the latest possibilities of AI to deliver business outcomes.

Cloud migrations: the right way

Our client can now move faster on delivering Google Cloud data and AI solutions using a platform that’s secure, familiar to their teams, and built to embrace future possibilities. Rather than choosing the “best” tool within each platform, we worked with the client to understand what the organization needed, and designed the solution around that need.

Migrating between cloud technologies or designing an effective multi-cloud architecture is about more than learning the patterns native to each platform. Thorogood works across Google Cloud, Azure, and AWS, which means we can have practical conversations about architecture that keep your specific requirements at the centre, rather than focussing on any single vendor.

This engagement with our client reflects that approach: build on what Google Cloud does uniquely well, integrate securely with what already exists, and keep the focus on what capabilities we can unlock to serve the business goals.

To learn more about Thorogood’s multi-cloud data and AI practice, get in touch with our team.