The ‘X’ ilities of Cloud Governance — Multi-Cloud Visibility
In my previous post, we spoke about the ‘X’ ilities of multi-Cloud Governance and why CIO/CTO needs to think about Cloud Governance and what they should consider. Here is a link to my previous post in case you haven’t read it yet.
In this post we shift our focus to the first pillar of Cloud Governance, we will take a deeper look into the visibility pillar and try to answer three fundamental questions
1- What is multi-cloud visibility
2- What all do multi-cloud visibility cover
3- What are your options for bringing in multi-cloud visibility
The biggest challenge for the CIO/CTO today is that there is no one-stop dashboard to provide them with end-to-end visibility of the there cloud footprint.
As much as 80% of Infrastructure heads agree that they have little to no visibility of their cloud spend, mostly because many people in the organization have access to the cloud service provider portal and there is no centralized mechanism of tracking who is doing what. Data collection and reporting is mostly reactive than pro-active and happens after the damage is done.
The addition of multiple cloud platforms (Public and Private) is just making the situation worse.
Hence, the first pillar of effective cloud governance is Visibility.
Now the pillar of visibility will encompass the following areas
1- Visibility on access controls
2- Visibility across activities performed by users/employees
3- Visibility across new server build and deployments
4- Visibility across cost and resource utilization
You can achieve visibility through the native services provided by various OEMs or bring in a management and governance layer on top of your cloud platforms or extend existing datacenter tools to the cloud to achieve the same.
The last being the most viable, simply because your Ops teams are already aware of these tools and how to use them plus you are reusing your investments, however, they may not be a complete solution in itself. It might be a good idea to bring an independent consultant or partner to advise on these aspects, the best in class tools in the market that can solve the purpose, but keeping that aside I would like to focus this discussion on what needs to be considered in each of these areas.
1- Visibility on access control — Ideally, you would like to have a single pane view of who all have what all access on which all cloud platforms. If not there should be at the very least a method to pull access logs from the various providers and access review policy across all cloud platforms. All access review reports should be duly validated from IAM leads and any unnecessary access should be removed immediately.
2- Visibility across activities performed by users/employees — Access review and activity review are fundamental to cloud governance, its imperative for CIOs/CTOs to have the ability (either through a tool or through a process) to review and answer the who, what, when and where questions for effective cloud governance. i.e. Who deployed what services when and where
3- Visibility across Server Build and Deployment — The biggest boon and bane of cloud services is the concept of resources on demand. Since people can spin up resources on-demand, CIOs/CTOs need to put a maker-checker methodology for cloud deployment. Having visibility on what servers and being built, who is approving them, and what checks and balances are in place.
4- Visibility across cost and resource utilization — Another very crucial area that is a matter of big concern for CIOs/CTOs is the spend on Cloud. I have heard so many execs talk about how lack of visibility in terms of resource utilization and its associated cost has been a major reason for worry. I would most definitely recommend you to have an independent tool or partner who can provide these details in a single pane of glass for multiple cloud providers. While tools are good sources of data and analytics; partners are better when it comes to bringing best practices into play. Depending on how matured your internal cloud capabilities are, you can decide on either one but it is important to have something in place.
Multi-Cloud Visibility is a crucial aspect of your overall cloud governance framework and will go a long way in helping define the right set of policies for effective cloud usage within the organization.
So, do you have visibility across all your cloud platforms?
