Cloud Management is a tough space to define. The term “management” can cover anything from the way you monitor applications to the request fulfillment process. At the end of the day, Cloud Management is about balance. Enterprise IT organizations are balancing user requirements with compliance, cost with security, fast delivery times with standardized processes and more.
Recently, we surveyed IT leaders from companies with over $500M in annual revenue. We asked them what their main concerns are in regards to multi-cloud, and what were the main drivers to adopt a multi-cloud strategy. We’ll be releasing the full results of the survey soon, but here’s a sneak peek: 82% of respondents indicated that they are either using or evaluating a Cloud Management Platform.
Cloud Management Platforms help businesses find balance when it comes to multi and hybrid cloud environments. The survey revealed how IT ranks concerns around Cost, Security, Self-Service and more, and how these areas of concerns are all linked, they all affect one another.
Over the past decade, we were lucky enough to work with some of the world’s leading enterprises, on some of the world’s most complex Hybrid-Cloud environments. We’ve learned that when it comes to managing sprawling private and public clouds at scale, every challenge is compounded by another. No one problem should be solved in a vacuum, otherwise, it has the potential to make the other problems worse. Here are the 4 interconnected aspects we’ve seen in all successful Cloud Management strategies:
Cost remains a crucial driver at all levels of cloud usage. IT orgs need to drive accountability with business units, departments, and teams. To do that, reporting is vital, but not enough. The economics of cloud are affected by everything, the way users provision, the security of workloads, reclamation policies and more. Visibility is always the first step, but IT must be able to turn insights into solutions and implement transparent financial policies to maintain budgets and reduce costs. This can be done by:
- Communicating provisioning costs and budget consumption to users, at a high or granular level.
- Enforcing timed policies around resource usage, for example, test stacks are scaled down on weekends unless an exception has been requested.
- Contextual reporting – reporting on spend associated with the role a certain tier of an app plays, rather than individual servers.
- Organizational budgeting – structuring budgets in a way that makes sense for the specific structure and hierarchy of your company.
- Automated and preventative financial policies such as limited instance size selections based on user needs and operating environment, automated tagging for the association of resources, etc.
Security & Compliance
Much like cost, the security of cloud environments is affected by all other aspects of cloud usage. It is not enough to reduce workload attack surfaces with security groups and firewalls, IT also has to protect the platforms from users, not to mention maintain compliance standards. Security and compliance policies need to be baked into the provisioning process, and clear audit trail needs to be established. Companies are doing this by:
- Assigning clear ownership over resources – Security groups, networks, and other resources are assigned owners who are responsible for the health and security of the resource. Ownership can be an effective way to compartmentalize resources by only exposing certain objects to teams that own them and allowing read-only access to others. This also helps establish the audit trail.
- Automatic Security Baseline – For similar workloads, administrators assign a baseline security group or set of firewall rules that are implemented without user choice. Based on identity and permission, users might be able to add additional security rules. In addition, network usage is often governed by limiting certain types of workloads to private networks only.
- Role Based Access Control on provisioning workflows – conditional RBAC can contribute to user productivity, as well ensure that users can only operate within certain guardrails. One IT Director from an F500 Conglomerate called this letting his users “innovate and fail safely”.
It’s challenging to check all the boxes you want with multi-cloud. The company’s infrastructure might secure and easily accessible, but then it’s not cost-effective. It might be very well cost controlled and safe, but then it’s hard for users to be productive on it. This is one of those rare cases where companies are achieving all three. As we mentioned earlier, these challenges all affect each other and cannot be (or should not) be tackled individually. Using conditional policies around permissions, security, and cost, IT organizations are building tailored Self-Service portals that match the needs of their users. Some users might value speed and ease of use, in which case they don’t need to exposed to the intricacies of their platform, and the heavy-lifting can be done securely and automatically behind the scenes. Other users value operational flexibility and access to advance services, these users require wider guardrails, and admins can still leverage ownership and dynamic workflows to create environments where these users can, to use the same quote again, “fail safely”.
Platform Flexibility & Lock-In
Lastly, we’re seeing enterprises avoiding going all-in on a single platform, and attempting to reduce lock-in to reasonable levels. Whether we want to admit it or not, some level of lock-in is going to happen. For example, if we don’t use any of AWS’ unique services (that will very much lock your applications into AWS), we’ll be missing out on some of the reasons we started using it in the first place. Businesses are using standardized processes and abstraction layers wherever possible to ensure to the portability of applications and the freedom to effectively use multiple platforms.
Companies that balance these four aspects of Cloud Management typically have a successful execution of their cloud strategy. Enterprises deploy Cloud Management Platforms to create the balance between policy guardrails, cost visibility, security standards, and customized provisioning. All of these components contribute to a stronger enterprise cloud.