| | AUGUST 20219CIOReviewgovernance and sensitive data management) and data protection controls(identity & access management, backup, encryption, tokenization and data loss prevention). On the operational data store side, different data integration/migration as well as eventually consistent application patterns(when applicable) will need to be devised to address data gravity challenges.AutomationOne of the major benefits of public cloud is the ability to provision infrastructure programmatically which reduces the time to value and increases speed & agility of any enterprise IT organization. In addition to provisioning cloud infrastructure programmatically through infrastructure as code tools like Terraform and CloudFormation, it is also imperative to automate security(for example IAM role provisioning, firewall rule creation/updates, cloud account creation, encryption key generation, security code scanning) and application delivery pipelines. The automation of infrastructure, security and application through devsecops tools, practices and operating models should be treated as a key enabler & accelerator of enterprise cloud adoption journey.ResiliencyPublic cloud enables enterprises to have a cost effective and better high availability & disaster recovery posture. As part of the cloud adoption journey, enterprises need to incorporate proper change & release management, incident response , high availability and disaster recovery designs at infrastructure, data and application level based on the service level objective(SLO) requirements of a given workload.Governance, Risk and CompliancePublic cloud brings agility, speed, cost and elasticity benefits for the right set of workloads. However, enterprises(especially the ones that operate in a regulated industry) need to account for compliance risks as well as handle different aspects of cloud governance(including third party management, data, security, privacy, availability/business continuity and architecture). To be compliant, regulated enterprises need to do control objective mapping exercise to different standard frameworks like COBIT, NIST PCIand CCMas well as regulations like HIPAA, FFIEC, GLBA, CCPA, GDPRthat are applicable to their industry and implement the appropriate controls to mitigate operational and compliance risks.Cost ManagementThe pay by the drink model or continuous consumption-based billing of public cloud brings new risks. Finops is a new approach for cloud cost management that brings a combination of technical capability and financial management cultural & operating model changes. Cloud cost management strategy needs to include tagging of all resources, identification of untagged resources, detailed cost visibility, forecasting, budgeting, tracking, allocation, reporting & anomaly detection as well as right sizing & optimization.
<
Page 8 |
Page 10 >