In a recently published report, one of Forrester Research’s five key cloud predictions for 2020 is that cloud management providers will tackle cloud security. With the Capital One breach, the first major breach in a public cloud, the industry has a new focus on security public cloud services. Small and midsize businesses (SMBs) are more likely to use public cloud services over specialty providers and private clouds. As such, SMBs need to focus on cloud management.
Effective cloud management can prevent holes in your security protections and save you money.
Cloud management, as a practice, formalizes access, licensing, usage, security, and spending for your cloud services. Instead of focusing on each cloud application or service independently, Cloud Management as a practice oversees and manages the big picture.
Seven key components of Cloud Management are:
- Document which cloud services are needed and used based on each person’s role within the organization
- Based on need, determine the level of access for each person/group based on their roles and responsibilities
- Understand and document subscription and licensing rules for each service, to ensure you can optimize subscriptions and spend
- Create standardized on-boarding work flows to ensure new employees and those changing roles are
- Provided access to only the cloud services they need
- Are assigned appropriate access to features, functionality, and data within each system
- Access to data is consistent across cloud services
- Create standardized off-boarding work flows to ensure:
- All cloud services accounts are deactivated, preventing orphan accounts from being left open
- Data within each cloud service is archived or transferred to other user(s), preventing data loss
- Cloud subscriptions/licenses are modified to prevent unnecessary costs
- Track licensing and subscriptions to:
- Adjust your subscriptions to match your need, as allowed by each cloud service
- Identify and remove unused licenses
- Understand and manage your spending
- Actively search for, identify, and manage use of unauthorized cloud services to:
- Minimize or eliminate “Shadow IT” risks with respect to security, data loss, and compliance
- Identify and move users from duplicate services to authorized services
- Provide training on authorized apps and services, preventing the need to use other services
- Identify cloud services needed or wanted by staff, but not yet available through and authorized app or service
By applying the basic tenants of cloud management you can reduce your security risks, optimize your services and licensing, and better manage your spend.
Cumulus Global offers Cloud Management tools and services. Contact us for a free, no obligation Cloud Advisor session to learn more.