In order to establish a successful Cloud infrastructure and in turn enhance speed, agility and defence power, a clear and holistic cloud strategy should be defined consisting of:
- Cloud Governance strategy
- Cloud Management strategy
- Application Development strategy
Hear from Stein Rune Hognes, Business Development Manager at Airbus and Har Gootzen, Chief Enterprise Architect & IT Strategist at Capgemini, as they explain what Cloud Management and Cloud Governance entail, and the important and complementary role they play in building Cloud infrastructure for defence.
Cloud Governance vs Cloud Management
For various reasons industry and military are adopting a Cloud of Cloud strategy; whether it’s to prevent a lock-in, to be able to use price as an orchestration parameter, or because of the specific services offered in a multi-cloud environment. For the defence sector the focus is on speeding up innovation and close the gap to the civil world.
While Cloud Management and Cloud Governance may appear similar, they cover different layers in the envisioned cloud strategy. Cloud Management is about provisioning and managing resources, while Cloud Governance is aimed at providing insight into operational functioning.
What is Cloud Governance and why is it important?
Cloud Governance is the set of rules and protocols put in place to operate in a cloud environment to enhance security and manage risks. It provides deep insight into operational functioning with financial and executive operational reporting and dashboards, policy management, asset and software license management, and intelligent workload orchestration. It provides the ability to govern cost, budgets, operations, security and compliance involving multiple clouds through the establishment of rules to minimise risk in the cloud.
Having a Cloud Governance framework in place is an absolute must to realise compliancy and allow a safe migration to cloud technology. Rules, policies, and automated processes must be applied to security, financial management and asset performance management; the risk of not investing in the right governance model and tooling upfront is the increase of technical debt.
The key benefits of Cloud Governance are:
- Controlled access
- Minimises security risks
- Enhanced compliance readiness
- Reduced costs
- Utilises resources
What is Cloud Management and why is it important?
Cloud Management is about provisioning and managing resources across multiple clouds through a single self-service portal; it essentially simplifies Cloud of Cloud adoption.
The focus lies on cloud operations, for example scaling up or down, migrations, backup, monitoring, log management and patch management. But for Cloud of Cloud operation this is not enough. Cloud of Cloud and hybrid cloud operations require policy-based management to prevent the moving of privacy-sensitive data to non-compliant public cloud zones. Compliance with industry standards and regulations is also critical. This is where a Cloud Governance platform comes into play with a focus on cost and security rather than just operational management of cloud resources.
The key benefits of Cloud Management are:
- Centralised network services and applications
- Disaster recovery
- Faster response times
Cloud-native application development
Part of any cloud strategy should also be about how to develop future cloud-native applications. The only way to overcome the problems with lift-and-shifting non-cloud native application running on VM’s into the cloud is to refactor or rearchitect them. Or to start developing cloud-native applications: API enabled (micro-)services which may or may not be containerized. Containerization is a logical step to take because it often requires acceptable adjustments. Containers have more flexibility to adapt to the workload at any given moment. But the biggest advantage of containers is that deployment across multiple clouds in easy providing they operate the same container orchestration layer.
Cloud-native application development is tied to cloud management enabling the flexible movement of software from development to staging and from staging to production. And it is tied to Cloud Governance to provide the policies needed around the usage of cloud resources as well as cloud services (API’s). Cloud governance needs to exist at the infrastructure, services, and application levels.
The relation between cloud governance, cloud management and cloud-native application development is shown below
Compliancy and safe migration in the cloud
While Cloud Management and Governance are similar, they cover different layers in cloud policy. Simply put, Cloud Governance is a set of rules on top of Cloud Management.
Having a Cloud Governance framework in place is an absolute must to realise compliancy and allow a safe migration to, and growth in the cloud. Rules, policies, and automated processes must be applied to security, financial management and asset performance management. The risk of not investing in the right governance model and tooling upfront is that you can end up with technical debt in no time. Cloud Governance must not only integrate with Cloud Management but also with application development. Organisations need to understand their application and DevOps requirements before starting on a go-to-cloud journey.
There is not one single product that does everything, so governance solutions are a mix of products that include security, API management, resource management, and perhaps other technologies to address specific needs. By implementing a Cloud Governance platform a higher level of automation, visibility, and consistency will be achieved across all environments, private and public, ensuring that customers operate at the highest level and achieve the full benefits of Cloud infrastructure.
About the authors
Chief Enterprise Architect and IT Strategist, Capgemini
Har’s expertise is defining architectures and solutions to guide and govern digital transformations of organizations, especially in the Defence and Public domain.
Stein Rune Hognes,
Business Development Manager, Airbus Defence and Space AS
Stein’s expertise comes from his long background as an officer in the Royal Norwegian Airforce and from the Defence industry working on Joint, combined operations and Joint Intelligence, Surveillance and Reconnaissance systems and processes.