The cloud has changed the game for business and IT. The cloud is a disruptive technology – it fuels innovation, drives performance gains and enables businesses to do more with very little upfront investment. Users can source and deploy their own IaaS, PaaS and SaaS solutions in a matter of minutes with a few mouse clicks. These user-led cloud acquisitions produce silos of clouds with little to no IT governance, introducing risks to data security, business continuity and expense control.
What is Cloud Governance and Why is it So Important?
According to the website For Dummies, governance is the practice of applying policies that relate to using services. It’s about defining the organizing principles and rules that determine how an organization should behave.
Before diving in, let’s take a step back and look at the IT governance process in general, because many of the same principles are relevant to the cloud environment. IT manages a complex infrastructure of hardware, data, storage and software environments. The data center is designed to use all assets efficiently while guaranteeing a certain service level to the customer.
IT governance does the following:
- Ensures that IT assets (systems, processes and so on) are implemented and used according to agreed-upon policies and procedures.
- Ensures that these assets are properly controlled and maintained.
- Ensures that these assets provide value to the organization (actually supporting your organization’s strategy and business goals).
IT governance, therefore, has to include the techniques and policies that measure and control how systems are managed. So, how does cloud governance differ from traditional IT governance? In other words, how can companies improve cloud governance without sacrificing the cost savings, agility, and on-demand capabilities of cloud computing?
Leverage a Cloud Management Platform for Improved Governance
To control and manage cloud access on a unified and sustainable basis, organizations can leverage a single, centralized platform for provisioning all cloud services. A cloud management platform (CMP) serves as a protective layer between users and numerous cloud providers by offering single sign-on, role-based access control (RBAC), workflow and policy enforcement.
Through a single pane of glass, users can provision all of their clouds, whether they are on- or off-premise, and IT can set and auto-enforce user security standards to protect assets and ensure regulatory compliance. A CMP with a robust governance engine reduces IT’s involvement in day-to-day cloud administration while maintaining business users’ self-service freedom.
Cloud governance is essential for enterprises to maintain control over increasingly complex and integrated systems.
Some of the governance features that a CMP must have include:
- Role-based Access Control (RBAC) – the ability to limit access for internal or external teams to specific resources within one or more clouds. RBAC allows you to allocate specific levels of access to development, QA and other teams. Integrate into your LDAP/AD deployment to extend your internal policies into your clouds.
- Workflow – governance and auto-enforcement of policies to ensure that all orders placed through the CMP are routed through the correct approval process. Criteria such as budget, duration, tagging enforcement and project type can be tied to the workflow process.
- Notification– a workflow process whereby users and administrators of the CMP are notified about important actions such as state changes, over- or under-utilized resources, budget or spending threshold alerts, and discovery of existing services running in the cloud but not provisioned through the CMP.
- Financial Controls – the ability to track and limit spending by user, project or group (customer). Each time a new resource is provisioned across your clouds, the CMP should track the cost and limit the spending, per your specific budget requirements.
- SSH Key Management – control that ensures that each user with an SSH key has SSH access and the appropriate rights to machines they can manage. If a user is deactivated, then his or her SSH access is revoked. A user can be deactivated through an enterprise’s AD/LDAP which automatically feeds into the CMP.
- Logging and Auditing – logging of all activity across your clouds, including the tracking of activity by user, group and project through reports or by integrating monitoring and management systems.
With the right governance solution in place, your organization can limit risk while reaping the benefits of incorporating cloud computing across your organization.
This article was syndicated from Business 2 Community: 6 Cloud Governance Must-Haves
More Technology & Innovation articles from Business 2 Community: