Wednesday, May 11, 2022

Cloud Governance best laid plans : Part 2

 In my previous post i discussed on the need of organizational level alignment to even get to the cloud governance, as both are interdependent. If your company is HIPAA compliant then the type of cloud governance and policies will differ from just a regular company. Let us now discuss on the cloud governance areas to potentially look when setting it up across an organization.

1. Identity governance.

 Identity has now become primary security perimeter , in on premises we had the network security but its all about identity on cloud. This is typically useful for cloud governance teams and architects in the company . This is basically to identify business risks related to identity and provide guidance to the team which is responsible for implementing and maintaining identity management infrastructure. Identifying technical risk, building a policy around it and identifying recommended solution will help create a good identity governance.

2. Cost management

For many customers, governing their costs is a major concern when adopting cloud technologies. Balancing performance demands, adoption pacing, and cloud services costs can be challenging. This is especially relevant during major business transformations that implement cloud technologies. This section outlines the approach to developing a Cost Management discipline as part of a cloud governance strategy.The primary audience for this guidance is your organization's cloud architects and other members of your cloud governance team.

3. Security baseline

Security is a component of any IT deployment, and the cloud introduces unique security concerns. Many businesses are subject to regulatory requirements that make protecting sensitive data a major organizational priority when considering a cloud transformation. Identifying potential security threats to your cloud environment and establishing processes and procedures for addressing these threats should be a priority for any IT security or cybersecurity team. The Security Baseline discipline ensures technical requirements and security constraints are consistently applied to cloud environments, as those requirements mature.The primary audience for this guidance is your organization's cloud architects and other members of your cloud governance team. The decisions, policies, and processes that emerge from this discipline should involve engagement and discussions with relevant members of your IT and security teams, especially those technical leaders responsible for implementing networking, encryption, and identity services.

4. Resource consistency

Resource consistency focuses on ways of establishing policies related to the operational management of an environment, application, or workload. IT operations teams often provide monitoring of applications, workload, and asset performance. They also commonly execute the tasks required to meet scale demands, remediate performance service-level agreement (SLA) violations, and proactively avoid performance SLA violations through automated remediation. Within the Five Disciplines of Cloud Governance, the Resource Consistency discipline ensures resources are consistently configured in such a way that they can be discoverable by IT operations, are included in recovery solutions, and can be onboarded into repeatable operations processes.

5. Deployment acceleration

This focuses on ways of establishing policies to govern asset configuration or deployment. Within the Five Disciplines of Cloud Governance, the Deployment Acceleration discipline includes deployment, configuration alignment, and script reusability. This could be through manual activities or fully automated DevOps activities. In either case, the policies would remain largely the same. As this discipline matures, the cloud governance team can serve as a partner in DevOps and deployment strategies by accelerating deployments and removing barriers to cloud adoption, through the application of reusable assets.