blog

0
49
Thursday, November 11, 2015

Hybrid IT Governance: Automation is Key


As cloud computing continues to grow in importance, enterprises are now facing a new realization.  In their almost rampant embrace of cost savings associated with public cloud, many are just now understanding the information technology governance challenge posed by vastly different traditional and cloud computing operational models.  Often referred to as hybrid IT, supporting both models has left many executives trying to cope with a lack of hybrid IT operational experience.  Challenges can also include security concerns, financial management changes and even dramatic cultural changes.   
This myriad of challenges translate into enterprise risk across multiple levels, namely:

  • Organizational management and governance;
  • Accelerating business process speed and scope;
  • Expanding business partner ecosystem; and
  • Broadening enterprise information system user base.

To be successful, organizations should explicitly address these risks with a focused risk management strategy.  This strategy should not only address holistic activities that integrate across the business, but also on coordinated activities for overseeing and controlling high impact and high probability risks.  Some areas may even warrant organizational policy and governance enhancements include:

  •  Delegation of management decision authority to those responsible for everyday interactions with the organizations business ecosystems and IT supply chain
  • Establishment and communication of cloud ecosystem related risk tolerance through Service-Level Agreements (SLA), including delegated authority on decisions that impact the risk tolerance;
  • Near real-time monitoring, recognition, and understanding, of information security risks arising from the operation and/or use of the information system leveraging the cloud ecosystem; and
  • Organizational accountability around incidents, threats, risk management decisions, and solutions.

Hybrid IT Governance: Automation is Key
Figure 1: Risk Management Framework (NIST SP 800-37 Rev. 1)
Specificity around security processes, business resilience and financial management are paramount.  The dynamic and agile nature of modern business also demands using a relatively high degree of
automation in supporting multiple business functions including:

  • Customer demands for multi-channel and multi-device interaction;
  • Expanding dynamic global IT requirements;
  • Operational business decision support;
  • Enforcement of organizational governance;
  • Operational flexibility through business ecosystem API; and
  • Internal demands to deliver on the promise of IT-as-a-Service.

When automating governance and control, organization should, as much as possible, enhance:

  • The discovery and documentation of existing public cloud resources;
  • The enforcement of data and access management security policies;
  • Monitoring and reporting of all governance processes;
  • Cost controls and budget management processes; and
  • Evaluation and selection of application “cloud readiness”.

Companies that fail to automate these key processes, will not realize the operational efficiencies and agility of hybrid IT platforms.  They will also fall behind their competition, eventually to the point of irrelevance.
Exemplary of a successful transition was when a leading, Fortune 500 nutrition, health and wellness company decided to migrate applications from two end-of-life data centers.  During their initial evaluation, the enterprise found that moving to a Hybrid IT model — a mix of private cloud, public cloud and physical assets — would help them solve problems that were hindering their competitiveness.  With the expertise of a top system integrator, the enterprise transitioned to a cloud brokerage solution. This solution automated their IT governance by tying planning, consumption, delivery, and management seamlessly across public, private, virtual, hosted, and on and off premises resources. Gravitant’s cloudMatrix solution was identified as the only purpose-built solution for Hybrid IT.  Using this solution, the enterprise enhanced IT governance, reduced operational risk and transformed its IT services model from a high-cost, inflexible physical data center model into a next generation, pay-per-use model.
In accomplishing this transformation, cloudMatrix provided:

  • A seeded catalog of the industry’s leading cloud infrastructure providers, out-of-the-box without the overhead of custom integration.
  • A marketplace where consumers can select and compare provider services, or add their own IT-approved services for purchasing and provisioning.  Consumers can use a common workflow with full approval processes that are executed in terms of minutes not weeks.
  • Reporting and Monitoring that includes multi-provider consolidated billing estimates, actuals, and usage projections for accuracy and cost assignment.
  • A visual designer that includes sync-and-discover capabilities to pull all assets (VMs) into a single, architectural view and management standard.
  • Integration with service management and ticketing systems through an API framework.

In only six months, the enterprise was able to move its workloads from the existing data centers, to a Hybrid IT (private, public and physical) delivery model and provide self-service IT to business units with cost and usage transparency.  IT cost, which had previously categorized as a general percentage of overall IT spend assignment, is now available by virtual data center, service/application, and usage — permitting reporting and governance at a “cost-per-business unit” level.

 

( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)

Cloud Musings
↑ Grab this Headline Animator

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2015)

Follow me at https://Twitter.com/Kevin_Jackson

LEAVE A COMMENT

Name*
E-mail*
Phone number*
Your Message

Latest posts

0
103

2018 AT&T Business Summit: Security “in” and “of” the Cloud

While public cloud is undoubtedly an outsized piece of the conversation, news headlines of the latest data breach can...

0
57

My Brush with Royalty: Queen Latifah

Queen Latifah! Hip Hop Icon. Movie Star. Television Star. Fashion Model. Songwriter. Producer. Entrepreneurial Genius...

0
64

What’s New in Puppet 5?

Puppet 5 is released and comes with several exciting enhancements and features that promise to make configuration man...

0
80

5 Reasons Why Ansible is the Best CM Tool Out There?

Amidst volatile markets, dynamic technology shifts, and ever-increasing customer demands, it is imperative for IT org...

0
104

Machine learning APIs for Google Cloud Platform

Google Cloud Platform (GCP) is considered to be one of the Big 3 cloud platforms among Microsoft Azure and AWS. GCP i...

0
65

What Is The Most Important Part of Architecture?

I always find it interesting to hear what people view architecture as. A lot of people think it’s just about the desi...

0
1653

Cloud migration best practice Part 4: Executing the migration

This series has stepped through cloud migration best practices. After providing an overview, we discussed: Classifyin...

0
236

Cloud Migration Best Practice Part 3: Application Portfolio Analysis

In part three of this series on cloud migration best practice, I will focus on migrating the application itself. If y...

0
304

Why Use Immutable Storage?

Data has become a global currency, and its value has nowhere to go but up.  According to The Economist online, the wo...

0
720

CLOUD ACT: What Does That Mean for Your Cloud Storage

When Congress names a law after you, it’s getting serious.  That is where we are now with cloud computing.  The Clari...