Whether you’re dipping your toes into the cloud, or you’re fully immersed, chances are you’ve heard the term ‘cloud governance’. What do we mean when we talk about governance in the cloud and why does it matter?
Cloud governance is the development and implementation of controls to manage access, budget, and compliance across your workloads in the cloud. At first glance, this definition may sound a lot like the definition of IT governance, just ‘in the cloud’. In fact, it’s tempting – especially in an organization’s early days of cloud adoption – to attempt to apply traditional IT governance methods to the cloud. But traditional IT governance, which goes like this:
User request→Manager approval→IT review→IT approval→Provisioning
is pretty much antithetical to the decentralized, rapidly growing nature of the cloud, where what you want to get to is this:
User requests cloud account or service→Validation against policies and budget→Access
Without rethinking your governance process, it is impossible to achieve the agility, speed, and cost savings benefits truly possible in the cloud. We fundamentally believe automation is key to re-inventing this process in the cloud. The result is streamlined access for users and rules that will take care of establishing, verifying, and enforcing budget and policy compliance.
Here are four reasons why cloud governance is so critical today:
Governance makes it easier to manage cloud resources
Leading cloud service providers like AWS are now advising customers to move multiple-tenant workloads residing in a single cloud account or subscription into their own distinct account. Using multiple accounts to manage distinct cloud workloads is considered a best practice today to deliver precise access control and cost management, and limit the security and financial blast radius in the event of an issue. An effective governance strategy can help organize the volume of accounts most organizations need and provide visibility around key cloud activities and trends.
Governance helps curb shadow IT
When you don’t know what systems are in use – or where corporate data resides – your risk and spend increase. Employees turn to shadow IT when they are stalled or stymied in getting access to resources to do their job. Cloud governance helps put in place the required framework to easily request and access cloud resources, giving team members access to the breadth of allowed cloud resources within compliance and budget constraints. You reduce employee frustration and the likelihood of a staff member using their personal cloud accounts out of convenience. And, in the process, you raise leadership confidence in the move to the cloud.
Governance reduces risk
Whether it’s exposed data, non-compliance with policies or regulations, or cost overruns, there are risks when operating in the cloud. A cloud governance solution can help ensure S3 buckets have proper controls to keep them private, your resource use is compliant with regulations such as HIPAA and FedRAMP, and spend is enforced so limits are not exceeded.
Governance reduces labor
Instead of having your team use spreadsheets and similar manual processes to track accounts, cost, and compliance, you can set guardrails at the appropriate point in your organizational hierarchy and have these guardrails control access, budget, and policy for the specified projects. In addition, complete governance solutions provide enforcement actions as well, allowing you to do away with necessary follow-up actions after you receive an alert. Preventing budget overruns and non-compliant activities saves time and effort. The result of labor savings is more time to focus on value-add, mission-delivering activities.
So, we’ve defined cloud governance, and we know why it matters. Now, how do you get to cloud governance? Based on our consulting experience with customers, we identified three key pillars of governance@scale: account management, budget enforcement, and compliance automation. We built cloudtamer.io around these three pillars. In future blog posts, we’ll take a detailed look at these pillars and the role they play in cloud governance.
Brian is the VP of Products at Stratus Solutions, the developer of cloudtamer.io.