Clear rules for the cloud: the lifecycle cockpit

Almost every company today uses cloud services. But when is a cloud solution from an external provider really better than a local (“on premise”) one? What rules should employees follow when using cloud offerings? Our practical example shows how companies can make the most of the market while retaining the necessary control.

Situation:

An international industrial company strives to expand its activities in cloud computing in order to exploit the technological advantages: When needed, software (SaaS) or infrastructure (IaaS) are instantly available; storage and computing capacities can be quickly expanded or reduced – depending on the needs in day-to-day business.

Challenge 1:

Every cloud service must interoperate with existing IT solutions.

Challenge 2:

The company has to rely on cloud service providers that guarantee system and data security and comply with regulations.

Challenge 3:

A “shadow cloud” must be avoided. For example, employees should not buy virtual storage space for sensitive data unless they follow clear guidelines. Cloud governance is required.

Implementation:

Together with the customer, we have developed a set of rules for the entire lifecycle of cloud services. It begins with the IT request from the business. Risk managers assess how sensitive the respective data is and which confidentiality level must be complied to. In the next step, IT purchasing selects a suitable offer. IT specialists ensure that the new software is compatible with existing systems and that users receive the necessary support. As the software ages over time, IT managers will timely decide how to replace it, ensuring that no data will get lost. Throughout the cloud lifecycle, the company has defined clear roles and workflows for all employees involved.

Due to the high speed of development in the field of SaaS and the entire IT market, software lifecycles tend to be heterogeneous. Due to the high speed of development in the field of SaaS and the entire IT market, software lifecycles tend to be heterogeneous. To ensure this transparency across the application portfolio – in particular for cloud applications – we have developed a dedicated online tool. Every IT project manager maintains this tool and can use it to track which applications are in use – regardless of whether they are operated in a cloud or on premise. In addition, this “lifecycle cockpit” makes it evident which applications are linked to each other, and which of them will soon become obsolete and should be replaced. This increases transparency and enables the company to meet new business Challenges in terms of performance and costs.

Results:

Thanks to cloud governance and the new IT lifecycle cockpit, the company retains an overview and control of its systems, data and costs at all times.

10.09.2018, Grosse-Hornke

More articles

Cyber Security: Implementing the new EU Directive NIS-2

Personal liability, painful penalties: With the new Network and Information Security Directive (NIS-2), the EU is tightening the rules for 17 essential industries. Is your company affected? And if so, how can you carry out the necessary cybersecurity health check? Learn more in our free brochure on NIS-2.

Read more "

Comply with EU regulation DORA safely and on time

The EU’s Digital Operational Resilience Act (DORA) imposes new obligations on the financial industry by January 2025. High time to get started. Our brochure will get you ready for the DORA sprint. Also included for free: an interactive checklist. It shows you which criteria your company already meets and where you need to improve.

Read more "

2021 Grosse-Hornke Private Consult