Hybrid IT Governance: Automation is Key

Strategies And Technologies for Cloud Computing Interoperability (SATCCI)

By G C Network | March 4, 2009

As I alluded to in an earlier post, a major cloud computing interoperability event will be held in conjunction with the Object Management Group (OMG) March Technical Meeting on March…

Government Cloud Computing E-zine Launched

By G C Network | March 3, 2009

Today marks the launch of a new electronic magazine dedicated to addressing cloud computing within the government space. Over the last year during my personal exploration of this marketspace, I’ve…

NCOIC Plenary: Cloud Computing Working Group

By G C Network | March 2, 2009

Last week, I had the pleasure of participating in the NCOIC Cloud Computing Working Group. Led by Cisco Systems Distinguished Engineer, Mr. Krishna Sankar of Cisco Systems, the meeting purpose…

2nd Government Cloud Computing Survey – A Sneak Peek

By G C Network | February 25, 2009

This month, we’re in the middle of collecting data for our 2nd Government Cloud Computing Survey. to peek your curiosity (an to entice your participation) here is a sneak peek…

Government could save billions with cloud computing

By G C Network | February 23, 2009

In a recent study, published by MeriTalk, Red Hat and DLT Solutions, the Federal government could save $6.6 billion by using cloud computing or software-as-a-service. “Looking at 30 federal agencies,…

Cloud Games at FOSE 2009

By G C Network | February 19, 2009

ONLINE REGISTRATION NOW AVAILABLE Booz Allen Hamilton is launching its Cloud Computing Wargame (CCW)T at FOSE March 10-12, 2009 in Washington, DC. The CCW is designed to simulate the major…

IBM and Amazon

By G C Network | February 16, 2009

According to the Amazon Web Services (AWS) site, you can now use DB2, Informix, WebSphere sMash, WebSphere Portal Server or Lotus Web Content Management on Amazon’s EC2 cloud. “This relationship…

A Berkeley View of Cloud Computing

By G C Network | February 13, 2009

Yesterday, Berkeley released their View of Cloud Computing with a view that cloud computing provides an elasticity of resources, without paying a premium for large scale, that is unprecedented in…

Cloud Economic Models

By G C Network | February 11, 2009

One of the most important drivers of cloud computing in the Federal space is its perceived “compelling” economic value. Some initial insight on the economic argument is now available on…

Cloud Computing In Government: From Google Apps To Nuclear Warfare

By G C Network | February 10, 2009

Today, I want to thank John Foley of InformationWeek for an enjoyable interview and his excellent post, Cloud Computing In Government: From Google Apps To Nuclear Warfare. Our discussion covered…


As cloud computing continues to grow in importance, enterprises are now facing a new realization.  In their almost rampant embrace of cost savings associated with public cloud, many are just now understanding the information technology governance challenge posed by vastly different traditional and cloud computing operational models.  Often referred to as hybrid IT, supporting both models has left many executives trying to cope with a lack of hybrid IT operational experience.  Challenges can also include security concerns, financial management changes and even dramatic cultural changes.   
This myriad of challenges translate into enterprise risk across multiple levels, namely:

  • Organizational management and governance;
  • Accelerating business process speed and scope;
  • Expanding business partner ecosystem; and
  • Broadening enterprise information system user base.

To be successful, organizations should explicitly address these risks with a focused risk management strategy.  This strategy should not only address holistic activities that integrate across the business, but also on coordinated activities for overseeing and controlling high impact and high probability risks.  Some areas may even warrant organizational policy and governance enhancements include:

  •  Delegation of management decision authority to those responsible for everyday interactions with the organizations business ecosystems and IT supply chain
  • Establishment and communication of cloud ecosystem related risk tolerance through Service-Level Agreements (SLA), including delegated authority on decisions that impact the risk tolerance;
  • Near real-time monitoring, recognition, and understanding, of information security risks arising from the operation and/or use of the information system leveraging the cloud ecosystem; and
  • Organizational accountability around incidents, threats, risk management decisions, and solutions.

Figure 1: Risk Management Framework (NIST SP 800-37 Rev. 1)
Specificity around security processes, business resilience and financial management are paramount.  The dynamic and agile nature of modern business also demands using a relatively high degree of
automation in supporting multiple business functions including:

  • Customer demands for multi-channel and multi-device interaction;
  • Expanding dynamic global IT requirements;
  • Operational business decision support;
  • Enforcement of organizational governance;
  • Operational flexibility through business ecosystem API; and
  • Internal demands to deliver on the promise of IT-as-a-Service.

When automating governance and control, organization should, as much as possible, enhance:

  • The discovery and documentation of existing public cloud resources;
  • The enforcement of data and access management security policies;
  • Monitoring and reporting of all governance processes;
  • Cost controls and budget management processes; and
  • Evaluation and selection of application “cloud readiness”.

Companies that fail to automate these key processes, will not realize the operational efficiencies and agility of hybrid IT platforms.  They will also fall behind their competition, eventually to the point of irrelevance.
Exemplary of a successful transition was when a leading, Fortune 500 nutrition, health and wellness company decided to migrate applications from two end-of-life data centers.  During their initial evaluation, the enterprise found that moving to a Hybrid IT model — a mix of private cloud, public cloud and physical assets — would help them solve problems that were hindering their competitiveness.  With the expertise of a top system integrator, the enterprise transitioned to a cloud brokerage solution. This solution automated their IT governance by tying planning, consumption, delivery, and management seamlessly across public, private, virtual, hosted, and on and off premises resources. Gravitant’s cloudMatrix solution was identified as the only purpose-built solution for Hybrid IT.  Using this solution, the enterprise enhanced IT governance, reduced operational risk and transformed its IT services model from a high-cost, inflexible physical data center model into a next generation, pay-per-use model.
In accomplishing this transformation, cloudMatrix provided:

  • A seeded catalog of the industry’s leading cloud infrastructure providers, out-of-the-box without the overhead of custom integration.
  • A marketplace where consumers can select and compare provider services, or add their own IT-approved services for purchasing and provisioning.  Consumers can use a common workflow with full approval processes that are executed in terms of minutes not weeks.
  • Reporting and Monitoring that includes multi-provider consolidated billing estimates, actuals, and usage projections for accuracy and cost assignment.
  • A visual designer that includes sync-and-discover capabilities to pull all assets (VMs) into a single, architectural view and management standard.
  • Integration with service management and ticketing systems through an API framework.

In only six months, the enterprise was able to move its workloads from the existing data centers, to a Hybrid IT (private, public and physical) delivery model and provide self-service IT to business units with cost and usage transparency.  IT cost, which had previously categorized as a general percentage of overall IT spend assignment, is now available by virtual data center, service/application, and usage — permitting reporting and governance at a “cost-per-business unit” level.

 

( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)

Cloud Musings

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2015)

Follow me at https://Twitter.com/Kevin_Jackson
Posted in

G C Network