Public Cloud Governance

With all the economies of scale afforded through cloud adoption, it is essential to understand that only through public cloud governance are costs managed, data and infrastructure secured, and realize the competitive benefits of cloud providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP) and Azure. For most organizations, cloud adoption spans business units, is siloed, skill levels vary and generally, results in “black-boxed” in conversations. Public cloud governance is not something that can be overlooked or dismissed, without having an impactful result on the business. You moved to the cloud in part, to reduce your capital expenses, but you could also have operational expenses accruing that are not aligned with the forecast. Cloud adoption does not have to be a zero-sum game, you can actually realize all of the benefits that the cloud has to offer without breaking the bank and losing track of your data. Public cloud governance is a discipline that the technical as well as the business savvy can gain control of and have a finger on the pulse of your cloud footprint at all times. Governance is not just for the Enterprise; it is incumbent on any company leveraging the cloud to employ some level of governance, or you will suffer setbacks in areas that were not anticipated.

What is Public Cloud Governance?

At Cloud Rush, we view Public Cloud Governance as having 4 pillars;
  • Resource management To govern the cloud, you have to know what is deployed at any point in time.
  • Proactive cost management It’s not enough to look at your bill. The cloud changes rapidly, and manually keeping up with the pricing matrices can be a tall order. As a result, public cloud governance will provide cost savings and aggregated recommendations.
  • Policy compliance Compliance can be summarized as merely a set of rules. These rules are codified in a way that provide uniform governance that is both proactive and reactive.
  • Access and data security Public cloud governance must also monitor usage patterns for compliance and security purposes, but also must account for and categorize data you have in cloud. At the end of the day, compliance officers want on-demand compliance reporting.

How do we govern the cloud?

Fortunately, cloud governance is achievable for companies of any size. In order to govern your clouds, you must aggregate all of your machine data for analysis in real time, or near real time. Splunk defines machine data as, “one of the most underused and undervalued assets of any organization. But some of the most important insights that you can gain—across IT and the business—are hidden in this data: where things went wrong, how to optimize the customer experience, the fingerprints of fraud. All of these insights can be found in the machine data that’s generated by the normal operations of your organization.” Because of a wide array of SaaS solutions in the marketplace, companies are now able to define a monitoring stack that brings all of the machine data together to provide real insights, sophisticated compliance monitoring and track your costs. Note however, that there is NOT a single, silver bullet present day; your monitoring stack will generally be comprised of 2-4 vendors, depending on your organization’s needs. As you might guess, many of these platforms will have overlap between each other, but they all have their own unique features that fill various voids.

What does a typical monitoring stack look like?

  • Resource Management When it comes to resource management, config management (CMDB) there are a few options; – Cloudaware (Cloud Rush recommended) – Scalr – CloudCheckr – CloudHealth
  • Cost Management Many platforms offer core cost management and have recommendation engines designed to maximize your dollars spent. Some of our favorites are; – CloudHealth (Cloud Rush recommended) – Cloudaware – Cloudability
  • Compliance Organizations have varying levels of compliance needs. Make sure you understand your organization’s compliance and reporting needs. This will help inform vendor selection. – Divvy Cloud (Cloud Rush recommended) – Cloudaware
  • Log Aggregation Everything deployed in the cloud emits data. As a result, these logs must be aggregated for analysis, alerting, reporting and dash-boarding. This data provides operational insights that illuminates your infrastructure as if it were sitting in your on-prem data center. – Splunk Cloud – Scalyr – Sumo Logic – ELK stack (“roll your own” platform)
  • Conclusion

    In conclusion, we discussed how important public cloud governance is, where it fits into the organization and briefly introduced you to vendors in this space. In this five (5) part series, we’ll be taking a deep dive into the discipline, and along the way, you’ll broaden your knowledge around how we harness all that we do in the cloud.

    About the Author

    Chris Scragg is a principal cloud architect for Cloud Rush, with years of industry experience related to public cloud governance. Chris’ cloud journey began with a pivot to Amazon Web Services, out of legacy data center environments, back in 2011. A serial entrepreneur, Chris continues to maintain a deep focus in AWS, GCP and Azure, with an eye toward helping clients increase their competitiveness through digital transformations.