Don’t let your data get out of control: Six steps to cloud governance success
Cloud usage is accelerating at a rapid rate, and it’s showing no signs of slowing down. Right now, 90 percent of all companies are using the cloud in some way, and, in the next 10 years, spending on public cloud alone is slated to multiply by a factor of five to $500 billion, according to recent studies by North Bridge and Wikibon.
Enterprises are launching new infrastructure at a furious pace, migrating workloads of all kinds and big chunks of data to public and private cloud environments. Many of these enterprises are generating tangible results – cutting out costs, increasing agility and getting products to market faster.
But cloud initiatives don’t come without growing pains. If they aren’t managed closely, cloud projects can spiral out of control quickly, leaving a trail of data breaches, regulatory fines and cost overruns. What organizations need is a strong governance program to ensure that their move to the cloud starts smoothly and continues to perform at peak levels over time.
It should come as no surprise that some companies reap greater benefits from the cloud than others. In a recent survey of nearly 400 senior managers, CloudHealth identified a class of “cloud leaders” that are outperforming their peers based on a series of best practices they’re deploying in the cloud. These companies grow revenue 2.3 times faster than their peers. They also move faster, display more agility and position themselves as more likely to see the cloud drive competitive advantage.
Governance is a key differentiator for companies that leverage their clouds efficiently. As companies grow their cloud environments they have to conduct a balancing act between agility and control. They want to be flexible, get to market quickly and innovate, but they need to institute processes to ensure secure, effective and efficient use of IT resources.
The best of the best accomplish this using centralized governance. According to the survey, cloud leaders are twice as likely to have instituted centralized governance plans for migrating workloads to the cloud. And once the workloads are up and running, the survey found, cloud leaders display a series of best practices that effectively govern their cloud operations and protect their organizations from risk.
What are the most important facets of a cloud governance program? Based on the cloud leaders survey and anecdotal evidence we’ve observed from working with some of the most active cloud users in the world, here are six best practices for governance success:
Designate someone to oversee governance
When your organization has hundreds, if not thousands, of cloud instances spread across departments and locales, it’s not hard to lose track of how cloud services are being used. There needs to be accountability – and the easiest way to ensure this is to put one person in charge.
An organization can assign any number of names to this role – Cloud Optimization Manager, Cloud Governance Manager or, one we’ve heard repeatedly, Cloud Steward. The important thing is to be clear on this person’s duties. The individual must have a business sense for the corporation and an ability to cross and influence departments and LOBs. The governance leader needs to have a strong technology sense for the corporation with access to devops, monitoring, API and security level expertise. The individual also will need to lead a cross functional team that defines best practices for building functional business groups across cloud resources and assets.
This role is emerging. According to the survey, cloud leaders are 2.5 times as likely to have a role dedicated to cloud optimization and governance. Having this “Cloud Steward” designated and empowered gives an organization a head start toward getting a cloud program under control.
Pursue a clearly articulated strategy of leveraging advanced pricing vehicles
A strong governance strategy can help an organization keep costs under control and manage the financial risks of a cloud environment. Controlling costs is a complicated discipline, with many factors to consider. But one way to get started is to simply set up a system to stay current with costs structures in the market.
Across the board, cloud leaders showed a better understanding of pricing structures and could control cost (even when dealing with a variety of vendors, pricing plans and billing structures). The survey concluded that cloud leaders are 1.5 times as likely to leverage pricing strategies from cloud providers based on forecasted use by workload. They’re also 2.5 times as likely to have a comprehensive, clearly articulated strategy for managing the cost of cloud deployments.
Manage by exception
Proactive monitoring and alerting mechanisms will detect abnormal behavior. This can explain why cloud leaders are nearly three times as likely to identify and mitigate cloud computing risks “somewhat or extremely fast.”
Closely monitor internal cloud use
Just as monitoring and alerting can help organizations manage security threats, they can help keep costs under control by flagging improper use of services or unexpected outages. Many unauthorized uses stem from the spread of “shadow IT.” According to a recent survey by North Bridge and market watcher Wikibon, nearly two thirds of large enterprises have a cloud governance policy in place to help control shadow IT. The same survey revealed that a third of cloud services are “not allowed” by IT, meaning they present a risk to the organization.
Clearly, the increased availability of cloud applications puts a strain on IT departments. Having clear governance practices that define who can use what resources and when can eliminate a lot of confusion and risk in the organization.
Have a standard reference architecture
Knowing what is and what is not permitted in terms of usage prevents users from relying on inefficient methods that drive costs higher. For example, there can be a policy limiting the amount of time a development program can be run in the cloud, so that the development team doesn’t run something over an entire weekend, wasting money. Guidelines can also govern factors such as maximum thresholds for memory and minimum thresholds for performance, with the goal of optimizing efficiency in the cloud and keeping costs in control.
Ensure that governance is an ongoing effort
Perhaps the most overlooked aspect of governance is the fact that it’s not a “set it and forget it” practice. Organizations need to regularly update policies to reflect changing services, cost structures and usage patterns for continuous optimization. Tellingly, cloud leaders are 4.6 times as likely to see cloud deployment optimization as a continual process, rather than a one-time exercise. They get it.
Cloud computing is the new normal. Adoption is growing rapidly, and the enterprises that are using cloud wisely are able to conduct business in dramatically different ways. To get the most out of the cloud, while keeping a lid on cloud complexity, organizations need to establish clear, concise governance practices. Doing a good job on cloud governance will set organizations on the right path to long-term success.
- » Three reasons why killing passwords will improve your cloud security
- » Why the future of data security in the cloud is programmable
- » Amazon completes consumer database migration from Oracle to AWS
- » SQL Server high availability and disaster recovery for AWS, Azure and GCP: A guide
- » Four ways to migrate to the cloud without missing a beat: A guide