Published: 25 January 2019
Summary
Organizations are embracing public cloud IaaS for on-demand capacity, self-service and automation, but these benefits introduce new governance challenges. This document provides technical professionals with guidance on the policies and tools to achieve IaaS governance.
Included in Full Research
- Prework
- Align Governance to Your Organization’s Cloud Strategy
- Form Your Governance Team
- Describe Your Cloud Governance Principles
- Align Your Organization on Terminology
- Step 1: Define Policies
- Step 1.1: Define Your Goals for Cloud Governance Policies
- Step 1.2: Write Your Policies and Assign Into Gartner’s Cloud Management Platform Categories
- Step 1.3: Make People Responsible and Make Decisions That Impact Policies
- Step 1.4: Define Policy Exception Strategy
- Step 2: Implement Preventative Controls
- Step 2.1: Identify Policies for Which You Can Implement Preventative Controls
- Step 2.2: Configure Policies in Cloud Provider’s Native Tools
- Step 2.3: Define User Account Creation Workflow
- Step 2.4: Automate Account Creation Workflow and Attach Policies
- Step 3: Gain Total Visibility
- Step 3.1: Enable and Lock Down Logging for All Cloud Resources
- Step 4: Create an Audit Process to Implement Retrospective Controls
- Step 4.1: Establish Continuous Automated Audit
- Step 4.2: Map Remaining Policies to Tools That Can Automate Policy Checks and Enforcement
- Step 4.3: Define Remediation Outcomes
- Step 4.4: Implement Automated Remediation Workflow
- Step 5: Implement Tooling Integration Strategy
- Step 5.1: Integrate Data Repositories
- Step 5.2: Federate Identity and Enable SSO
- Follow-Up