Industry

Enterprise cloud strategy: Governance in a multi-cloud environment

Share this post:

Enterprise strategy multi-cloud governanceEnterprises manage risk.

It’s a business reality that applies as much to cloud computing as it does to finance, operations or marketing.

To mitigate risk from data loss or downtime, or retain control of enterprise data and application strategy, organizations today often use two or more cloud providers in their cloud environments. This multi-cloud strategy can also improve overall enterprise performance by avoiding “vendor lock-in” and making use of different infrastructures to meet the needs of diverse applications.

Whether you’re a chief information officer or chief technology officer planning or implementing a multi-cloud strategy, you must make some critical decisions, the first being governance. Multi-cloud governance is essential for fast delivery of cloud services while also satisfying enterprise needs for budget control, visibility, security and compliance. It can be broken down into two areas: cloud services brokerage and control-plane abstraction.

Gartner defines cloud services brokerage as an IT role and business model in which a company or other entity adds value to one or more public or private cloud services. The organization does this on behalf of the departments or lines of business that use the service. An IT department can assume the role itself, or the organization may choose to hire a cloud services broker to help. Regardless of how you source your brokerage, consider several questions to know how effective it is:

    • Can your brokerage strategy compare capabilities of various clouds for workloads? That is, can it determine “which cloud” is appropriate by workload?
    • Will it help you manage your cloud expenditures across user groups, departments and projects?
    • Will your brokerage create a holistic view of your IT environment and service-level agreements?

As you answer these questions, remember: integration across disparate APIs and governance processes is key to unlocking multi-cloud governance success. When addressed properly, it can help manage all aspects of your cloud environment, including access and control, security and compliance, and customer records. It can even provide needed visibility into your environment and scale cloud capabilities.

To enable cloud freedom but still meet the enterprise’s security and compliance requirements, you need control-plane abstraction. Control-plane abstraction helps automate delivery of policies, procedures and configurations before cloud services are used. It helps reduce complexities and errors that easily arise in a multi-cloud environment.

That same kind of control is vital for multi-cloud environments. One example: a customer-service application deployed on cloud may need access to authentication, customer data, pricing and other services that are developed and deployed on-premises. Without integration and control, your workloads and applications could have functional deficiencies or security exposures.

To ensure smooth flying through your clouds, you must successfully manage, at a minimum, three facets of control-plane abstraction.

First, the platform must have the ability to orchestrate and automate blueprints and application patterns. For example, it should be able to develop infrastructure and application stacks. Your platform should also be able to deploy hardened images across clouds that adhere to security and compliance requirements.

Second, you need top-notch identity and access management. Your on-premises access policies — particularly role-based access — should be extended to all cloud platforms. Additionally, you must restrict native portal access to each cloud and control management access through common tooling.

Finally, incident, problem and change management solutions should be integrated to provide visibility — the proverbial “single pane of glass” — across multiple cloud environments from diverse providers. Warning: quality and service levels differ between service providers. Know the default services levels for each cloud.

In practical terms, good governance in a multi-cloud environment means not being blindsided by unexpected costs, security problems, or poor platform and API integration. It’s the necessary first step in implementing your cloud strategy, transforming your organization and joining the digital revolution. Once you’ve done it, it’s time to take on applications and data in a multi-cloud environment—which I’ll discuss in my next post

For more information about cloud brokerage services, read “Hybrid IT through Cloud Brokerage”.

More Industry stories

Elaw uses IBM AI to automate management of complex Brazilian labor lawsuits

Brazil has strict and complicated labor laws and according to The Brazil Business, Brazilians are prone to sue their employers. It is a cultural behavior and a way to make “easy money”. With an awareness of this tendency, many companies operate illegally and wait to see if the employee is going to sue them or […]

Continue reading

Financial industry adopts cloud solutions

The financial services sector (FSS) has reached a tipping point, according to an ITPro article on technology within the financial industry. “We have reached the point where banks, in particular, must consider and position themselves not just as financial entities, but as lifestyle brands too,” shared Bharat Bhushan, IBM CTO, Banking and Financial Services. The […]

Continue reading

Medical Confidence directory on IBM Cloud helps speed up Canadian healthcare

According to the Frasier Institute, waiting for treatment has become a defining characteristic of Canadian healthcare. In the 2018 report, “Waiting Your Turn: Wait Times for Health Care in Canada”, specialist physicians surveyed report a median wait time of almost 20 weeks between referral from a general practitioner and receipt of treatment, more than twice […]

Continue reading