{"id":269,"date":"2019-05-22T14:07:41","date_gmt":"2019-05-22T08:37:41","guid":{"rendered":"https:\/\/www.cloud-kinetics.com\/?p=269"},"modified":"2024-06-21T12:47:16","modified_gmt":"2024-06-21T07:17:16","slug":"a-devops-approach-to-cloud-governance","status":"publish","type":"post","link":"https:\/\/www.cloud-kinetics.com\/blog\/a-devops-approach-to-cloud-governance\/","title":{"rendered":"A DevOps Approach To Cloud Governance"},"content":{"rendered":"<p>Cloud governance is the process of managing an organization\u2019s cloud operations under a set of rules, policies and systems that are aligned with the organization\u2019s operational guidelines as well as the global security and governance standards. The primary goal of cloud governance is to improve <a href=\"https:\/\/www.cloud-kinetics.com\/blog\/5-security-best-practices-for-cloud-migrations\/\" target=\"_blank\" rel=\"noopener\">data security<\/a> and manage risk so that cloud systems can function smoothly.<\/p>\n<p>The framework ensures that organizations have sufficient control over critical areas of cloud operations such as, data security, data and risk management, legal processes, cost management and much more. Ideally, all the sections should be working to meet common business goals.<\/p>\n<p><strong>Commonly built from IT practices already existing in an organization, cloud governance frameworks are sometimes framed afresh for the cloud. <\/strong><\/p>\n<p>Some of the governance rules include:<\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Defining management roles and responsibilities<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Data management and encryption<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Ensuring compliance with industry standards<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Managing identity and access\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Disaster recovery<\/span><\/li>\n<\/ul>\n<h2><b>Why is cloud governance important?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The cloud environment has become very complicated, especially when hybrid and multi-cloud services are being used. Cloud governance ensures that the correct framework is in place and team members can access all the cloud resources easily. It is more focused on operations, data security and cost.\u00a0<\/span><\/p>\n<h2><b>Why DevOps?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Good governance, compliance, agility and dynamism are difficult attributes to implement at the same time without compromising one or the other. To successfully maintain all of them, organizations need to adopt the DevOps approach. DevOps streamlines development to accelerate production, lowers costs of development, testing, deployment and operations, while the cloud offers scaling, automation and a standard platform to enable changes in applications.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Governance checks need to be built into all the DevOps processes and tools. It needs to become a part of security, touching every part of the processes. Most cloud computing providers, public and private, support DevOps on their platforms.\u00a0<\/span><\/p>\n<h2><b>Adopting cloud governance and DevOps<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Adopting both cloud governance and DevOps is not easy for all and traditional developers may need guidance at the beginning. Cloud Kinetics has successfully helped organizations overcome obstacles and adopt DevOps and cloud governance. Here is an example.\u00a0 \u00a0\u00a0<\/span><\/p>\n<h3><b>Cloud Kinetics and cloud governance: A case study<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Here\u2019s how Cloud Kinetics implemented\u00a0a cloud governance project for a large global financial services institution.\u00a0<\/span><\/p>\n<p>We completed the complex process of cloud governance with a set of sequential activities and well-defined goals and deliverables. The sequence of phases and activities broadly included:<\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">Defining policies<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Arriving at security controls<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Automating infra provisioning (infra as code): <\/span>\u200bMonitoring and setting alerts on policy enforcement<\/li>\n<li>Remediation: Manually or automated<\/li>\n<\/ul>\n<p><strong>At a solution level, the key features of the cloud governance solution that were implemented included:<\/strong><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Automating the creation of\u00a0cloud \u00a0resources\u00a0(subnet, security groups, storage, key vault, IAM &amp; RBAC) through Terraform<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Setting up and configuring\u00a0alerts \u00a0(based on Secure DevOps tool kit framework)\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Creating a machine-image gallery\u00a0that included \u00a0approved\u00a0images<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Setting up and configuring centralised log analytics<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Setting up a run book\u00a0for \u00a0baseline\u00a0check<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Monitoring and reporting deviations into the feedback loop<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Configuring auto-healing through cloud custodian<\/span><\/li>\n<\/ul>\n<p><strong>We were successful in implementing our goals within the planned time frame. The goals included:<\/strong><\/p>\n<ul>\n<li><span style=\"font-weight: 400;\">Complete automation of 150+ security controls as per ISO and other compliance requirements<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Complete infra as a code implementation that enables the organization \u00a0to set up cloud resources via automated deployments<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Separation of resources into various clusters enabling easier automation of network, server and other infra components<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Setting up of governance policies for proactive monitoring and alerts<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Complete remediation of incidents, deviations and events for automated response<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Complete implementation using open source and cross-platform tools (like Terraform, Cloud custodian) while ensuring reusability and easy maintenance.<\/span><\/li>\n<\/ul>\n<p><em><span style=\"font-weight: 400;\">For more updates on cloud governance, follow us on <\/span><a href=\"https:\/\/www.linkedin.com\/company\/cloud-kinetics\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">LinkedIn<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cloud governance is the process of managing an organization\u2019s cloud operations under a set of rules, policies and systems that are aligned with the organization\u2019s operational guidelines as well as the global security and governance standards. The primary goal of cloud governance is to improve data security and manage risk so that cloud systems can &#8230; <a title=\"A DevOps Approach To Cloud Governance\" class=\"read-more\" href=\"https:\/\/www.cloud-kinetics.com\/blog\/a-devops-approach-to-cloud-governance\/\" aria-label=\"More on A DevOps Approach To Cloud Governance\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":6209,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[59,37,56,50,39],"tags":[],"acf":[],"_links":{"self":[{"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/posts\/269"}],"collection":[{"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/comments?post=269"}],"version-history":[{"count":4,"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/posts\/269\/revisions"}],"predecessor-version":[{"id":2273,"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/posts\/269\/revisions\/2273"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/media\/6209"}],"wp:attachment":[{"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/media?parent=269"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/categories?post=269"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cloud-kinetics.com\/wp-json\/wp\/v2\/tags?post=269"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}