Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Cloud governance is more than security

Damien Wong | Dec. 12, 2011
For many enterprises looking to increase operational agility, cloud computing increasingly looks to be a more flexible and efficient solution.

One of the ways that consistency breaks down is that public clouds encourage ad-hoc development that doesn't necessarily comply with an organisation's standards for applications run on-premise. This may be fine for prototyping or other work that is throwaway by design. However, it's far too easy for prototypes to evolve into something more -- as often happened in the case of early visual programming languages -- and the result is applications that either have to be rewritten or that may have support, reliability or scalability issues down the road. 

Just because developers find that a given public cloud environment offers the cheapest and easiest path to write and test an application doesn't mean total application lifecycle costs will be lower. Public cloud-based development will happen though, so the best strategy is to recognise this inevitability and channel it in a way that fits within organisational standards.

Consistency goes beyond just technical factors though. Consistency between on-premise and public cloud environments also requires that the full runtime -- including the applications running on it -- be supported and certified by the same ISVs and others when running in the cloud or in the cloud (may want to clarify whether this means in a public vs private cloud, or in the cloud vs. on premises), a commitment that is as much about business relationships as technical ones.

Portability takes multiple forms. Portable computing creates scalable private clouds that can be federated to a public cloud provider under a unified management framework. Portable applications mean that developers can write once and deploy anywhere, thereby preserving their strategic flexibility and keeping their options open while lowering maintenance and support costs. Portable services simplify development and operations by eliminating the need to re-implement frequently needed functions in private clouds and enable the movement of data and application features across clouds. Portable programming models let existing applications be brought over to cloud environments or be evolved incrementally.

And, as with consistency, there are aspects of portability that aren't primarily technical -- such as whether software subscriptions and licenses can be transferred from one location to another. Consistent support and maintenance environments are also essential elements.


Organisations are expected to use public cloud providers in various forms -- the goal should be to govern that use, not block it

Cloud computing infrastructure allows for rapid experimentation and expansion. Hosted applications can often be brought online more quickly than conventional on-premise software and thereby start delivering business value faster. The reality is that cloud computing in some form will happen throughout all organisations whether as the evaluation and adoption of a new CRM platform through a formal IT process, the ad-hoc use of public cloud infrastructure by developers, or the "bursting" of an on-premise cloud to a public cloud to gain temporary capacity. Given the importance of properly securing data and minimizing lock-in to specific third-party provider, it is especially critical to bring cloud computing activity that involves corporate data or production applications under a common governance umbrella.


Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.