Share this post:
Enterprises manage risk.
It’s a business reality that applies as much to cloud computing as it does to finance, operations or marketing.
To mitigate risk from data loss or downtime, or retain control of enterprise data and application strategy, organizations today often use two or more cloud providers in their cloud environments. This multi-cloud strategy can also improve overall enterprise performance by avoiding “vendor lock-in” and making use of different infrastructures to meet the needs of diverse applications.
Whether you’re a chief information officer or chief technology officer planning or implementing a multi-cloud strategy, you must make some critical decisions, the first being governance. Multi-cloud governance is essential for fast delivery of cloud services while also satisfying enterprise needs for budget control, visibility, security and compliance. It can be broken down into two areas: cloud services brokerage and control-plane abstraction.
Gartner defines cloud services brokerage as an IT role and business model in which a company or other entity adds value to one or more public or private cloud services. The organization does this on behalf of the departments or lines of business that use the service. An IT department can assume the role itself, or the organization may choose to hire a cloud services broker to help. Regardless of how you source your brokerage, consider several questions to know how effective it is:
- Can your brokerage strategy compare capabilities of various clouds for workloads? That is, can it determine “which cloud” is appropriate by workload?
- Will it help you manage your cloud expenditures across user groups, departments and projects?
- Will your brokerage create a holistic view of your IT environment and service-level agreements?
As you answer these questions, remember: integration across disparate APIs and governance processes is key to unlocking multi-cloud governance success. When addressed properly, it can help manage all aspects of your cloud environment, including access and control, security and compliance, and customer records. It can even provide needed visibility into your environment and scale cloud capabilities.
To enable cloud freedom but still meet the enterprise’s security and compliance requirements, you need control-plane abstraction. Control-plane abstraction helps automate delivery of policies, procedures and configurations before cloud services are used. It helps reduce complexities and errors that easily arise in a multi-cloud environment.
That same kind of control is vital for multi-cloud environments. One example: a customer-service application deployed on cloud may need access to authentication, customer data, pricing and other services that are developed and deployed on-premises. Without integration and control, your workloads and applications could have functional deficiencies or security exposures.
To ensure smooth flying through your clouds, you must successfully manage, at a minimum, three facets of control-plane abstraction.
First, the platform must have the ability to orchestrate and automate blueprints and application patterns. For example, it should be able to develop infrastructure and application stacks. Your platform should also be able to deploy hardened images across clouds that adhere to security and compliance requirements.
Second, you need top-notch identity and access management. Your on-premises access policies — particularly role-based access — should be extended to all cloud platforms. Additionally, you must restrict native portal access to each cloud and control management access through common tooling.
Finally, incident, problem and change management solutions should be integrated to provide visibility — the proverbial “single pane of glass” — across multiple cloud environments from diverse providers. Warning: quality and service levels differ between service providers. Know the default services levels for each cloud.
In practical terms, good governance in a multi-cloud environment means not being blindsided by unexpected costs, security problems, or poor platform and API integration. It’s the necessary first step in implementing your cloud strategy, transforming your organization and joining the digital revolution. Once you’ve done it, it’s time to take on applications and data in a multi-cloud environment—which I’ll discuss in my next post
For more information about cloud brokerage services, read “Hybrid IT through Cloud Brokerage”.