Before entering the cloud realm, it is wise and essential to develop a cloud governance model. But what is it? How do I create one? Fear not, we are here to explain!
This post has originally been published on Apr 11, 2019. It has since been split into 2 parts and updated for better readability. You can find part 2 here.
If you’re reading this article, then your organization has probably decided to adopt the cloud. It might be easy: do a proof-of-concept, move some machines, or build a new application based on providers like Microsoft or Amazon.
You will find and onboard your teams quickly, they will do some training, and soon you’ll be running solutions in the cloud.
You’re enjoying your shiny new services. Everything is going great.
And then IT happens.
IT might be the first bill for resources that someone forgot to de-allocate. Or an invoice for a test machine set up to test some heavy workload and left up and running for weeks.
IT might be your security office hunting you down because some data or ports were found exposed to the Internet during an audit.
IT might be the auditor who checks your environment every year but has now noticed that you are running new workloads in the cloud and asks about your policies.
Or, IT might just be your CFO asking what you are spending money on with Microsoft, a question that you will not be able to answer.
IT typically boils down do one thing: how exactly do we run this “cloud” thing (or HEDWRTCT, as all of us in IT love complex acronyms)? Eventually, someone will raise a question about the cloud governance model for your organization.
Governance? Huh? Sounds complex and scary.
Luckily, we have built cloud governance models for our on-premises environments, and we do use them. We have cost allocations and budgets, security controls, ways to deploy things and operate them.
So why not to start there! Before jumping on the cloud ship, why not also build guidance on how to operate it for your cloud crew-mates?
Rest assured, we’re providing technical guidelines in the second part of the article, available here. But we highly recommend that you first read the “Why?” and “What?” sections before moving to the “How?” If you want to jump straight into the nitty-gritty details – go to the second part of this post!
Our “Why?” and “What?” sections apply to any cloud environment. Whether you are an Azure, Amazon or Google user, you can benefit from them. If you want to educate yourself on the Azure-specific approach, that is where the “How” applies.
It is a good habit to start any action or decision with the WHY question (and sometimes repeat the process 5 times to make sure that you nailed the answer). So, why do you need a cloud governance model for your organization?
It provides a framework for operations. Having an overarching standard makes design decisions easier. It will also ensure that you have the proper controls in place in terms of cost, auditing, monitoring, and security.
Those are all valid reasons.
Another reason is that it accelerates your cloud adoption and business transformation! Yeah, I know how that sounds. Another buzzword-bingo game.
Look at it from this perspective: why does one adopt the cloud? To speed things up. Both from a purely operational point of view (for faster deployment) and business operations (making improvements faster, creating more incremental changes and test results, lowering time to market with services).
But when things go more quickly, a chance that something will fail is higher.
With a cloud governance framework, you lower the risk that something will break by providing a clear environment to operate in. You define the rules for it, ready-to-apply patterns, as well as tools and solutions for common elements. Finally, you also supply templates and ways to apply them.
As a result, you can operate your cloud environment faster, in a consistent way, with controls on top of it, from both operational and business points of view.
When we were working on a framework for operations at Predica, we addressed the three main questions: Why? What? and How?
We’ve covered the Why, so let’s deal with the What. What is this thing called the cloud governance framework? (By the way – you can call it a governance framework or model – the name is not that important. It’s more a matter of how it enables change at your organization).
A cloud governance model is your organization’s manual for building and operating the cloud environment or services.
To properly build one, you need to first break it down into sections. So, aside from the technical elements, what does it need to cover? On a high level, we have three main components:
(or BPT if we stick to the acronym game in this article).
The business aspect gives your organization objectives for your cloud deployment and governance model. They will mostly be set in the following areas:
Still confused about cloud governance framework? Watch our short video for a demonstration!
People are at the center. We highly recommend that early in the process you establish a dedicated team that will make sure your cloud governance framework covers your business objectives and applies the right technology. To ensure that you have it covered, create your own A-Team – a Cloud Strategy Team! (you can pick a better name – I’m sure of that).
This team should be cross-disciplinary: include your application specialists, architects, networking team and others, and make sure that you have your core disciplines represented. Your team will have two main tasks:
It will involve defining the strategy and approach, and how it should be rolled out based on your business needs. Align it with business goals and controls like cost optimization and compliance.
This is where your shared components of the cloud environment are born and maintained. Your Cloud Strategy Team will build shared elements of the governance framework and its implementation. They will also build and operate a shared infrastructure for an organization (subscriptions, management groups, a connection between your on-prem networks and the cloud, shared services).
Technology is how your people will apply the cloud to meet your business requirements. The best outcome is when they have common patterns and ready to deploy solutions in those five areas:
This is it! We have the “Why” and “What” covered – in the next article, we will move to the “How”.
Let’s end our article on cloud governance here. I believe you are now better equipped to start the process of thinking about a cloud governance framework at your organization. Now you can move on to part two of this article where I present the tools for implementing it for Azure.
We talk a lot about perimeter security, zero trust, etc. And there’s a good reason for it. Malware attacks don’t jus...
MIM (formerly Forefront Identity Manager, and Identity Lifecycle Manager before that) is a widely used service for manag...