A shift in cloud governance outlook: From cloud infrastructure-centric to cloud service-centric governance
As enterprises embrace a multi cloud strategy, IT departments are tasked with ensuring compliance of security and governance policies. Traditionally, the enterprise IT governance policies were centered on the underlying infrastructure. With cloud computing, we are seeing a proliferation of higher order services that pushes IT to rethink how they deal with governance, driving a reassessment over infrastructure-centric governance to a more service-centric governance.
From virtual machines to containers to serverless containers to serverless functions, the diversity of cloud services is astounding. However, the term cloud in the multi cloud context has come to mean as cloud infrastructure from different cloud providers. This doesn’t represent the breadth and depth of cloud services from different providers. As IT transforms themselves as an enabler of cloud services from different cloud providers, it is important to have a cloud service-centric mindset than an infrastructure-centric one. Modern developers use many services including serverless functions (or functions as a service) for their application needs.
When it comes to governance, IT should think in terms of cloud services than cloud infrastructure. For example, they should examine and determine solutions to issues such as
- How to ensure that various services are consumed?
- How to ascertain that higher order services like serverless, are compliant with the enterprise policies?
With this thinking around service, the very approach to security and governance changes dramatically. For instance, in the traditional cloud infrastructure-centric approach, one may worry about security patches for the operating system. It is different in the case of serverless and the security responsibility spans across both the cloud service provider and application developers. Multi cloud changes the governance mindset completely and having a cloud infrastructure-centric approach only offers a limited view of governance in today’s world.
A cloud service-centric approach to governance helps IT organizations understand the responsibility clearly and they can ensure that the stakeholders are appropriately empowered to stay compliant. This also helps redefine the enterprise policies to be consistent with the kind of cloud services consumed by the developers. Decision makers are responsible to ensure that there is a complete buy-in for this mindset change and various stakeholders are appropriately trained. A service-centric approach also helps in cost management, thereby, helping organizations to realize better ROI.
CoreStack platform allows IT to enable many types of services from different cloud providers using the powerful orchestration tool. With a connector-less model and DSL based orchestration engine, CoreStack platform can be easily configured to support many services, including serverless functions, from different cloud providers. This will allow developers to use anything from virtual machines to serverless functions, thinking in terms of services as they tap into various cloud resources needed for the applications.While doing all of this, CoreStack also enables IT to easily and effectively manage the governance and security.
The platform is built from ground up with a cloud service-centric approach to governance. We will be happy to talk to you about the advantages of having this shift in mindset from cloud infrastructure centricity to cloud service centricity, thereby enabling you to take advantage of multi cloud. You can reach out to us here.