From Where Should You Govern Your Cloud?

More and more enterprises are moving forward with private/public cloud proof-of-concepts and production deployments.  As the cloud migration ramps, cloud governance is becoming more of a focus. 

Recent CRN and ZDNet articles gave some great points to consider about cloud governance.

• Central authorization  
• ID and access controls
• Policy enforcement and monitoring
• Service level reporting
• Automation and auditing

One new question facing organizations moving to the cloud is how do you deliver this governance and from where?

As the diagram below shows, there are three options to deliver a cloud governance solution.  

1) SaaS solution running in the cloud being managed

In this model, you are running all or part of your cloud governance solution in the cloud that you are governing. This is how several enStratus competitors deliver their solution. In terms of access controls, service levels, disaster recovery and other issues, the risk level seems a little like letting the fox guard the henhouse.

2) SaaS solution running outside the cloud being managed

This model has become popular for companies governing public cloud deployments. This is one option available from enStratus. Governing your public cloud from a SaaS solution hosted outside the cloud provides a better framework for key management, encryption, and auditing.

3) An on-premise deployed cloud management solution

Deploying a completely on-premise version of cloud management software is the preferred option for enterprises with very sensitive data in the public cloud or organizations that have a private cloud. The benefit includes leveraging your policies and procedures and directly integrating with internal infrastructure and management systems. This is also a model delivered by enStratus. This is the best option for organizations with compliance requirements or that are very risk averse.

The key to selecting one of these models is understanding your cloud strategy, governance needs and risk tolerance. 

Cloud OS or Cloud Management Software?

As with any emerging market comes terminology confusion.  The term “Cloud Management” is a great recent example. We want to take a few minutes to help define this important term.

You will hear people refer to various solutions as Cloud Management Software – from Cloud Operating Systems to tools that allow you to manage multiple SaaS solutions.

In the IaaS space, Cloud Management Software sits on top of various public and private clouds and provides the following capabilities:

1)   Allows users to provision, manage and control various public clouds and private cloud platforms

2)   Helps manage users, security, and automation across infrastructures

3)   Protect from single cloud vendor lock-in to allow cross-cloud operations and migration

4)   Manage your service level requirements

5)   Audit and report for compliance

The diagram below shows our perspective of the relationship Cloud OS solutions.

 

VMware has a great definition of a Cloud OS.

“A cloud operating system is a new category of software that is specifically designed to holistically manage large collections of infrastructure – CPUs, storage, networking – as a seamless, flexible and dynamic operating environment.  Analogous to the operating system that manages the complexity of an individual machine, the cloud operating system manages the complexity of a datacenter.”

We hope that this helps clarify the difference.