The Multicloud Reality: What Canadian Enterprises Actually Have vs What They Planned

Ninety-four percent of organizations now deploy applications across multiple cloud environments, according to CloudSyntrix's 2025 enterprise survey. Thirty-eight percent operate across six or more different environments, nearly double the 2023 figure. Most of these organizations did not plan to be multicloud. They arrived there through a sequence of individually rational decisions: the ERP was already on Azure, the data team built its lakehouse on AWS because the tooling was better, the acquired company ran on Google Cloud and the migration cost was prohibitive, the SaaS applications each brought their own underlying cloud dependencies. The multicloud estate is real. The multicloud strategy, in most organizations, is not.

The distinction between deliberate multicloud and accidental multicloud determines whether the complexity of a multicloud environment produces the benefits that multicloud advocates describe or the costs that multicloud critics document. Organizations with a deliberate multicloud architecture, defined placement policies for different workload types, unified governance across environments, and a clear rationale for which provider serves which purpose, report significantly higher returns on cloud investment than those without, according to IDC's Cloud Pulse Survey. Organizations that arrived at multicloud through accumulated decisions, without the governance, visibility, and cost management that deliberate multicloud requires, are experiencing the costs without the benefits: higher management overhead, inconsistent security posture, and cloud spend that consistently exceeds budget.

The practical question for Canadian enterprise IT leaders in 2026 is not whether to be multicloud. Most already are. It is whether to manage the multicloud estate they have deliberately or continue managing it reactively, and what the specific investments in governance, tooling, and operating model would make the difference between the two.

How Most Canadian Enterprises Got Here

The accidental multicloud estate accumulates through three distinct pathways, each of which produces cloud presence in a new environment without a corresponding governance investment to manage it.

The acquisition pathway is the most common for large Canadian enterprises. Every material acquisition brings an existing technology estate built on the acquired company's cloud preferences. Migrating that estate to the acquirer's primary cloud is expensive, technically complex, and frequently deprioritized relative to the business integration work the acquisition requires. The result is cloud presence in a new environment by default, maintained indefinitely while the migration is perpetually scheduled and perpetually deferred.

The tooling preference pathway occurs when specific technology teams choose a cloud provider for its technical capabilities in their domain rather than for its alignment with the enterprise's primary cloud. Canadian data engineering teams building AI and ML infrastructure frequently choose AWS for its Bedrock and SageMaker capabilities or Google Cloud for its BigQuery and Vertex AI tools, even when the enterprise's primary enterprise applications run on Azure. The technical choice is often defensible. The governance implications, a second cloud environment to manage, secure, and cost-optimize, are rarely part of the decision calculus.

The SaaS dependency pathway occurs when SaaS applications bring cloud infrastructure dependencies that the enterprise did not choose. A Salesforce deployment depends on AWS infrastructure. A Microsoft 365 deployment depends on Azure. A Google Workspace deployment depends on Google Cloud. An enterprise running all three has multicloud presence embedded in its SaaS estate regardless of any infrastructure choice it made directly.

The Costs That Accumulate Without Deliberate Management

Accidental multicloud produces three categories of cost that deliberate multicloud can avoid or significantly reduce.

Visibility gaps produce the spending surprises that 72 percent of organizations experienced in the last fiscal year, as documented in the FinOps reckoning post in this series. Without unified visibility across cloud environments, the aggregate spending picture is never available in real time. Each environment's billing data is accessible through its native console. No single view shows the enterprise's total cloud position, which workloads are generating what cost, and which optimization opportunities exist across the combined estate. The FinOps Foundation's finding that 44 percent of organizations have limited visibility despite using cost management tools reflects this multicloud visibility gap: tools designed for a single cloud environment do not provide visibility into the others.

Security posture inconsistency is the governance risk that receives the least attention in multicloud cost discussions and the most attention in post-incident analysis. Each cloud provider has a different security model, different identity and access management architecture, and different default security configurations. An enterprise with consistent security policies across multiple cloud environments requires either tooling that enforces those policies consistently across providers or a significant manual governance effort to maintain equivalent posture across each environment. Most organizations have neither, which means their security posture in secondary cloud environments is weaker than in their primary one, precisely where the legacy workloads and least-governed access patterns tend to live.

Skills dilution occurs when the IT organization is required to maintain expertise across multiple cloud platforms. Deep expertise in any one cloud platform takes years to develop. An organization running workloads across three major hyperscalers requires either three teams with deep platform expertise, which most organizations cannot staff, or one team with shallow expertise across all three, which produces the management quality of a generalist applied to specialist infrastructure problems.

What Deliberate Multicloud Actually Requires

The organizations that produce the higher cloud investment returns that IDC documents from a deliberate multicloud strategy share four specific governance investments that distinguish their approach from accidental multicloud management.

A placement policy defines which workload types belong in which cloud environment, with explicit rationale for each placement decision. AI and ML workloads with specific tooling requirements go to the environment where those tools are strongest. Mission-critical enterprise applications go to the environment with the strongest enterprise support SLAs and the deepest integration with the organization's identity management infrastructure. Development and testing environments go to the most cost-effective option consistent with the production environment's requirements. Workloads subject to specific data residency or sovereignty requirements go to the environments that satisfy those requirements in Canadian regions.

A unified governance layer enforces consistent security policy, access control, and compliance monitoring across all cloud environments from a single control plane. The specific tooling choices for this layer depend on the environments in the organization's estate, but the governance principle is that no cloud environment is exempt from the same policy standards that apply to the primary environment. An organization that enforces rigorous access controls and security monitoring on its Azure environment but manages its AWS environment through individual team-level controls has a multicloud estate with a single-cloud governance posture, which means the secondary environment is a governance gap rather than a managed extension of the enterprise technology estate.

A FinOps operating model covers all cloud environments with the same cost tracking, allocation, and optimization discipline. The renewal calendar governance described in the application rationalization post applies to cloud commitment pricing in the same way it applies to SaaS renewals: reserved instances and savings plans across multiple cloud providers require coordinated management to avoid over-committing in some environments while paying on-demand rates in others. An organization with strong cloud FinOps on its primary environment but no cost governance on its secondary environments is managing the smaller share of its cloud spend carefully and the larger share reactively.

A skills model that concentrates deep platform expertise where the organization's most critical workloads live, and uses managed services and platform-native tooling to manage secondary environments without requiring equivalent depth in each. The organizations that manage multicloud estates most effectively do not require equal expertise across all environments. They require deep expertise in the environments where the consequences of poor management are highest and sufficient expertise in the others to maintain visibility and policy compliance without operational dependence on specialist knowledge.

The AI Workload Dimension

The emergence of AI workloads as a significant component of cloud spend has added a new dimension to the Canadian enterprise multicloud picture. The AI tooling landscape is not uniform across hyperscalers: AWS Bedrock, Azure AI Foundry, and Google Vertex AI each have distinct model catalogs, fine-tuning capabilities, and integration patterns. Organizations building AI programs frequently find that their optimal AI infrastructure choice differs from their primary enterprise cloud choice, which produces a multicloud AI architecture even in organizations that had previously managed to consolidate their primary workloads.

The governance implication of multicloud AI infrastructure is described in the knowledge agent security model post: every component of the AI data processing pipeline needs to satisfy the same data residency and governance requirements as the underlying infrastructure. An AI workload that processes sensitive enterprise data on a secondary cloud provider's AI infrastructure without the same governance controls as the primary environment creates a data sovereignty gap that may not be visible until a compliance review or security incident surfaces it.

The deliberate multicloud approach to AI infrastructure applies the same placement policy logic: AI workloads belong in the cloud environment where the combination of tooling capability, data residency compliance, governance integration, and cost optimization is best for the specific workload type. That analysis may produce a different answer for different AI workload categories within the same organization, and the governance architecture needs to accommodate that variation without creating unmanaged environments where AI workloads operate outside the enterprise's cloud governance framework.