Moving Beyond Cloud Management To Cloud Portfolio Management

Cloud Portfolio Management

Virtually every enterprise will be leveraging a portfolio of public and private clouds – whether by strategy or circumstance. In the 2013 – State of the Cloud survey, RightScale found that larger organizations are choosing multi–cloud (77 percent) with the majority of those (47 percent) choosing hybrid cloud strategies.

The ability to successfully manage and optimize your portfolio of applications across your portfolio of clouds will make the difference in how much business value IT can deliver to your organization. Cloud Management is an important piece of the puzzle, but companies are looking for more.

In order to deliver the significant business value that a cloud portfolio can provide while ensuring the necessary level of governance, enterprises require new approaches. Cloud Portfolio Management (CPM) is a new type of solution — designed to help companies capitalize on this growing array of cloud technologies.

Cloud Portfolio Management solutions provide a comprehensive set of management capabilities that span all aspects of cloud usage across a broad variety of cloud options, going well beyond what vendor-specific public or private cloud management features provide. CPM solutions are designed to provide the enterprise with a single pane of glass to manage a portfolio of applications and optimize usage across a portfolio of clouds. They enable companies to choose the right cloud — public or private — for each application and to move applications between clouds as circumstances change. And they prevent lock-in and provide investment flexibility.

Here are six key characteristics of a Cloud Portfolio Management (CPM) solution. 

1) Abstracting Multiple Clouds

For the greatest efficiency and control, large companies abstract the significant differences between public and private clouds – and use a consistent management solution across these disparate environments. A Cloud Portfolio Management (CPM) solution allows you to operate seamlessly across varied cloud services and private cloud environments. Each cloud will differ in a wide variety of characteristics, including APIs, behaviors (for example how clouds provision storage differently), resource sizes and types, and security capabilities.

2) Delivering Self-Service IT

A critical requirement of enterprise cloud initiatives is to provide developers and application teams with self-service access to cloud services. Enterprise developers often face 4-8 week delays for the approval, purchasing, and provisioning of servers. Shadow IT has emerged as a reaction by developers and the business units they serve to these significant delays. Self-service access to cloud decreases the time it takes to access infrastructure from months to minutes, unleashing innovation and helping to speed new products to market. In order to deliver self-service capabilities and bring shadow IT into the fold, central IT organizations need to provide the same easy access to infrastructure that developers have come to expect from public cloud services. Internal users are unlikely to be satisfied with modest improvements to lengthy waits when they can take advantage of ever-increasing public cloud options.

3) Providing Governance and Controls

Many CIOs have little or no visibility into existing shadow use of cloud resources. As enterprises embrace self-service access to cloud infrastructure, IT organizations also need to ensure that they have visibility and governance across their portfolio of public and private clouds. The first challenge is to gain visibility across all cloud usage. Enterprises need a comprehensive view of which applications have been deployed in which clouds. In addition, they want to easily see how each application is architected, which technology components were used, and what security configurations are in place. To comply with regulations and internal policies, companies also need access to detailed audit trails that track every change.

The second challenge is putting in place appropriate governance controls. This includes identity and access controls that define what each user can do as well as budget controls that ensure costs stay within approved budgets.

4) Automating Lifecycle Management

Cloud Portfolio Management (CPM) provides a platform to manage cloud-based applications across their entire lifecycle — from development and test to staging and production – with full visibility and version control. CPM also supports modern practices including agile development, continuous deployment, dynamic configuration, and DevOps. As organizations seek to gain control over VM sprawl, best practices for application deployment have evolved to dynamic configuration of servers using such tools as Chef, Puppet, and Salt. These tools enable the creation of consistent, repeatable, and clone-able servers and deployments. CPM solutions will support a choice of configuration management tools while providing support for the unique requirements of multiple clouds. CPM solutions should offer out-of-the-box configuration templates with the ability to customize or create new templates that meet the specific requirements of the organization. Version control helps companies to manage changes over time and ensure consistency from development through production.

5) Deliver Application SLAs

Cloud environments require new and innovative approaches to ensure that applications meet required SLAs. A CPM solution helps organizations to architect and automate applications to deliver both scalability and reliability. Cloud-based applications can be scaled horizontally by adding more instances to an application tier and scaled vertically by upsizing instances. Cloudbursting among cloud resource pools can help to provide additional flexibility as application demands grow. CPM solutions can act as a key foundation by enabling all three Scaling options. In addition, cloud experts know that it is critical to plan for failure. Outages are inevitable – whether you are using a public cloud, your data center, or an outsourced provider. Spreading risk across vendors is a critical requirement for your CPM solution. In addition, to ensure that you can automate failover and DR strategies in the event of a cloud outage, a SaaS-based CPM solution will ensure that your management plane is operating even if your private or public cloud is experiencing problems. As a result, you can increase reliability and deliver SLAs.

6) Managing and Optimizing Costs

Cost management is an essential component of managing the financial options and impacts of a cloud portfolio strategy. As business units embrace the value that cloud delivers, usage and costs can easily spiral if not carefully managed and continuously optimized. The variable cost model of cloud computing introduces significant opportunities for savings, but also requires new approaches to minimize waste and optimize your spend. Users can often overprovision capacity or forget to de-provision temporary resources. A cloud cost analytics solution provides visibility into past, present, and future cloud usage and provides the critical information needed to manage spend. A cost management solution enables enterprises to do “what if” analysis on different deployments, clouds, and purchase options (on-demand cost vs. pre-purchased cost scenarios, for example).

Cloud Portfolio Management is a critical technology foundation that will support enterprise multi-cloud strategies and help drive innovation, growth, and efficiency. By implementing a CPM solution, IT teams can deliver self-service access to cloud services while maintaining the necessary governance, control, and cloud cost optimization. Understanding the role of CPM will help you deliver on your multi-cloud strategy and help your organization innovate and grow.

By Bret Clement

Louis
More CISOs will have to deliver revenue growth to protect their budgets and grow their careers in 2023 and beyond, and a core part of that will be getting multicloud security right. It’s the most common infrastructure strategy for ...
Metasploit-Penetration-Testing-Software-Pen-Testing-Security
Vulnerability Scanners Cyber security vulnerabilities are a constant nuisance and it certainly doesn't help with the world in a current state of disarray and uncertainty. Vulnerabilities leave businesses and individuals subject to a wide range ...
Patrick Melampy
Cloud On-Ramp and Protecting Performance The expansion of remote work and the massive growth in usage of cloud-based applications have stressed existing infrastructure and put a keen focus on the performance of everyone’s network environment ...
Gilad David Maayan
Network Security in the Public Cloud What is Network Security? Network security is a strategic approach to securing an organization’s resources and data across the corporate network. It helps protect organizations of all sizes, industries, ...
John Peluso
Save Your Organization on Cloud Costs Organizations of all sizes are currently navigating their plans to avoid the recent surge in cyber-attacks and data breaches and preparing for unforeseen setbacks. Building a sensible backup and ...
10 Leading Open Source Business Intelligence Tools
Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up the decision-making process. Open Source Business Intelligence Tools make it easier to have our raw ...
Gilad David Maayan
What is SASE (Secure Access Service Edge)? SASE (Secure Access Service Edge) is a term coined by Gartner to refer to a new architecture for networking and security that combines both functions into a single, ...
Gary Bernstein
WordPress Website Security You've spent time, effort, and money building your website, so don't let it become outdated and run-down by not taking proper care of it. Here are tips on WordPress Website security, speed, ...
Disaster Recovery Plan.png
Twitbook.png
Disaster Plan.png
The Report.png

PLURALSITE

Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization. 

(ISC)²

(ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees.

CYBRARY

CYBRARY Open source Cyber Security learning. The world's largest cyber security community. Cybrary provides free IT training certificates. Courses for beginners, intermediates, and advanced users are available.