All business today use the public cloud in one form or another. As that usage grows and evolves, cloud maintenance becomes a more complex challenge. While the need for many aspects of that maintenance are visible, there are many that can grow and evolve out of sight of the business. To that end, here are five public cloud maintenance requirements you may not have considered.
1. Managing Governance, Risk, and Compliance (GRC) Evolution
Cloud maintenance starts with mitigating risks via a cohesive approach to governance, risk management, and compliance (GRC). This is particularly important in the public cloud, where automation is crucial to visibility into security, risk, and compliance workflows as part of best practices and standards for cloud compliance.
With that in mind, here are five recommendations for ensuring a proper governance, risk, and compliance framework for cloud assets and operations:
- Gain a complete picture of the cloud deployment processes, the underlying assets, and their ownership within the organization.
- Create a well-defined policy for deployment, management, and running cloud applications along with strong data management controls.
- Fully understand the shared security model between the organization and the cloud provider.
- Create a true governance plan where cloud assets, cloud services, business objectives, business processes, and policies are clearly documented, along with their operational relationships.
As more business units move workloads to multiple cloud providers, InfoSec teams lose sight of who’s doing what, and what resources they’re using. The visibility problem gets worse with DevOps spinning up VM instances and deleting them. This all leads to the challenge of obtaining real-time inventory of workloads and makes it complicated to secure them.
2. Instance and OS Patch Management
Patch management in the public cloud can be challenging because most Linux system administrators are more familiar with using a command line, so Linux instances to a Windows-dominant environment present unique challenges.
The open source code base of Linux can introduce countless bugs and vulnerabilities that must be patched to avoid exploitation. Companies can turn to cloud solutions like Pivotal Cloud Foundry to ensure both Linux and Windows servers are quickly and fully patched when new vulnerabilities are announced. This enables automated patch management solutions in multi-cloud and multiple OS platform environments.
3. Managing Dev/Test Cloud Instances
The cost savings and agility of quickly spinning up instances in the public cloud for dev/test saves development teams from building the entire environment from the ground up. What may get overlooked are instances left running by testers and developers.
This means unnecessary costs for cloud storage overnight when no activity is taking place. Fortunately, major cloud providers have tools that enable alarms and parameters to shut down unused instances if they are underutilized.
4. Keeping a Handle on Shadow IT
There is no doubt that public cloud services have become the foundation of improved efficiency, productivity, and communication in organizations. It also has led to the proliferation of shadow IT.
As departments and individuals take advantage of applications, services, data storage, and sharing beyond IT’s approval, it becomes difficult to govern and secure the network. By 2020, one-third of security breaches will be due to shadow IT, according to Gartner.
Businesses can head off shadow IT that hampers public cloud maintenance in various ways, including:
- Taking application and user inventory to assess potential issues and make appropriate changes
- Closely monitoring for unknown tools and applications, along with periodic scanning for enterprise-wide vulnerability
- Utilizing network sniffers and security scanning tools to get detailed information about new and unknown data streams
Although monitoring is not the cure-all for shadow IT and the security challenges it poses, it sets the stage for needed risk assessments or alternative solutions. The best remedy is for IT teams to be proactive with employees and engage their needs.
One way to do this is by ensuring that the help desk is responsive and open to new requirements needed by employees to do their jobs. By taking these and other proactive steps, it’s possible to mitigate the risk of shadow IT and safeguard the security, profitability, and efficiency of the entire company.
5. Continuously Evolving Your Cloud Application Suitability Model
Organizations are constantly challenged to find ways to make the most of the public cloud, which has led to the current multi-cloud strategy. But applications are never static. They change and grow along with the needs of the organization. It can be easy to become complacent and make assumptions about workloads, applications, and instances in terms of their placement in the public cloud.
It’s not uncommon to find the need to repatriate an application into a private cloud or on-premises data center because of changing security or cost needs. Rightsizing instances can fall by the wayside as application needs change and the business is suddenly paying for more than it needs, or the workload has grown beyond the particular instance type and is now hampering smooth operations.
By developing a continuous model of cloud application suitability and aligning network infrastructure to cloud computing, businesses can stay one step ahead of challenges that increase costs and operational bottlenecks. Ultimately, all of these cloud maintenance requirements play a part in keeping a business on track. The more visibility and monitoring that is in place, the easier it is to make the most of the public cloud for growth, innovation, agility, and cost savings.