Original Publish Date 07/05/2019 By // by Craig Slack
Ghostwritten by Teresa Stolarskyj
A word that can make a policy maker’s heart sing, but that generally strikes fear (or at least avoidance) into the rest of us. Cloud governance is a bit different though, and as I wrote previously, needs to be a key component of both planning a migration to the cloud and ongoing monitoring. Delaying the implementation of cloud governance will cost your business (in cash, time and frustration). That is a guarantee.
Most businesses move to the cloud in hopes of leveraging the benefits and agility that the cloud promises. The cloud is dynamic and ever evolving – where does one begin to create effective policies and procedures?
Here are six best practices to follow to give your business a strong cloud governance foundation:
1. Establish a common naming convention across your environment
It may seem trivial, but proper naming protocols go a long way in ensuring your cloud space runs smoothly and at its most efficient. This not only allows you to scale scripts across your network, but also protects you if you ever experience a disruption that requires your system to be rebuilt.
2. Take security seriously
Security is frequently top of mind for those considering a migration. The cloud, configured properly, can prove more secure than a physical server because tools like AI can be set up to monitor systems at scale for anomalies.
Judicious identity and access management further protects your environment, with systems like Azure allowing a granular level of control. Setting appropriate permissions reduces the risk of an account being compromised or damaged by a hacker. With Privileged Identity Management, users may be granted a time-bound increase in permissions on an as-needed basis.
Networking in the cloud requires consideration as well. The best approach is to create a virtual private cloud (VPC) that is secured by a proper firewall, to both ensure robust coverage, and to ensure key data is available to help you understand what happened in case of a breach.
3. Monitor costs and usage
A virtual “cloud custodian” role should be established to track and contain cloud costs through daily monitoring. Done manually, the human investment alongside adequate tracking tools can be prohibitively costly. Look for outsourcing opportunities with industry experts to save you time and money.
Workload optimization is also part of this and will also help reign in unnecessary cost. With a physical server, it is common to over-provision in anticipation of future needs. In the cloud, solid monitoring that identifies optimal system levels and tracks application performance allows you to pay only for what you need today. When your needs change, you can scale up or down as needed, temporarily or permanently.
4. Implement policies and controls
To ensure proper cloud governance, clear and transparent policies must be put in place. These will vary among organizations, but should touch on items like configuration of resources and regional access. Controls must likewise be in place to enforce policies. Azure Policies allows for highly granular control, blocking anyone from violating policies who attempts to create resources without authorization.
5. Manage change without compromising agility
The cloud is dynamic and ever-changing, and ongoing improvements and developments mean that features are often added or removed. Automated oversight is the only way to stay abreast. Yet a person who understands the organization’s cloud structure and logic ultimately must make decisions on the information which systems provide. This cloud custodian, as introduced above, takes this information as just one of the inputs in making high-level decisions.
Complementing the cloud custodian is DevOps, a role which balances a developer’s inclination toward what is possible in the infinite cloud, with the infrastructure operational constraints of budget and potential for resource sprawl. Blending these perceptions enables an organization to be extremely agile and scalable, accessing the vast benefits of the cloud without breaking the budget.
6. Assign resource ownership
Another issue which may seem trivial is the question of who owns what. In an organization’s early days in the cloud, there are usually a select few administrators overseeing resources, and tracking these is easy. However, as depth of cloud knowledge increases it can become messy. It can be difficult to identify the importance (or not) of a resource, and whom to check with. This can lead to clutter and confusion and add to the cost of cloud space unnecessarily. Build a policy to create a mandatory set of tags to exist across all resources, acting like metadata that helps to manage resource sprawl as your cloud knowledge grows.
These six steps provide a basis for a well-managed, well-governed cloud, and situates your business well ahead of most companies’ current cloud practices. Partnering with a trusted industry expert can save you cost and grief, while maximizing your efficiency and productivity.
The team at BlueSilverShift is highly experienced in developing and implementing cloud governance, having devised our own scripts and tools early on in order to manage and track highly dynamic, often complex, environments. As the cloud continues to mature, so do our methodologies, and our services. Reach out to see how our best practices and tools can help with your implementation.