on 9/9/2019 by George Nelson, VP of cloud services, ServerCentral Turing Group

Like most things in the world of data, creating and maintaining governance policies in a multi-cloud environment requires constant compromise and negotiation.

I’ve asserted in the past that there’s no silver bullet for establishing data governance policies in multi-cloud environments. Here, I’ll offer some insight on why that’s the case, along with some guidelines for how IT leaders with multi-cloud environments can think about data governance.

Data governance is a bit like fitness: more than a destination, it’s an ongoing process — a lifestyle, even. Just as you can’t get in shape over the course of six months and then be in shape indefinitely without further work, you can’t implement data governance policies and then ignore them and expect them to provide any benefit.

To realize the benefits of data governance, you must treat it as an ongoing process. This can be tricky because it means you must get executive buy-in not only for the initial gap analysis and policy development but also for the ongoing assessments and adjustments as your organization changes its technology or adds new cloud environments and applications.

Image: WrightStudio - stock.adobe.com

Image: WrightStudio – stock.adobe.com

While these basic principles of data governance are true anywhere, they’re even more important in organizations that rely on multiple cloud environments. This is largely because no two cloud providers have the same security capabilities or features.

The diversity of cloud provider capabilities is also why it’s important to think of data governance for multi-cloud from a policy standpoint rather than a tactical standpoint. Because of the constantly growing set of tools, changing philosophies, and varied monitoring capabilities available from cloud providers, it is important to ensure governance policies account for this and are updated frequently. 

To make sure your multi-cloud data governance policy stays up to date, be sure to include provisions for the following:

  • How often you will review and update your policy. This should be at least quarterly, but more frequently if there is a significant change in the business or cloud providers.
  • When and how the introduction of a new technology, product, or service will trigger a policy review. 
  • When and how policies will be tested.
  • When to evaluate alternative cloud providers vs. update your governance policy.

Data governance shouldn’t be overly simplified

Given the complexity that’s created when you treat data governance as a process, it’s natural to try to simplify that process by applying uniform data governance rules across an organization.

Unfortunately, that strategy doesn’t work.

The promise of increased flexibility, agility, and cost savings is driving CIOs to rapidly migrate applications, workloads and data to the cloudBrought to you by Hitachi

Trying to have a data governance policy that treats all data types the same would be a bit like having a single cooking strategy for every type of food you bring home from the grocery store. You may want to grill your hotdogs, but that’s not going to go well for your oatmeal or your coffee.

This reality becomes unavoidable when working with multiple cloud providers. To determine when and how you might use the services of each, you must first know whether their data governance tools and procedures meet the requirements of your data — not just hotdog and grill, but also the temperature each grill can reach and whether the people eating the hotdog keep kosher or vegan or gluten-free.

To use an example that involves data: imagine you plan to leverage multi-cloud to improve vendor resiliency.

If one cloud environment experiences a DDoS attack, you could shift affected services to another cloud. While the premise is simple enough, the execution gets complicated when you take data governance into consideration.

Each cloud environment has unique toolsets and monitoring capabilities. To ensure that your data is adequately managed from one cloud to the next, you’ll have to have a plan for how to uphold governance protocol in both cloud environments — for every type of affected data.

That’s not an easy task, but it’s much easier when you have those governance protocols clearly laid out ahead of time.

As you consider how multi-cloud data governance applies to various parts of your organization, you’ll probably discover that it makes sense to consider governance issues during the environment or application design phase, when it’s possible to adjust to streamline future practices as much as possible.

For simpler solutions, rethink your infrastructure

I’ve just said that it’s unwise to oversimplify data governance policies for multi-cloud environments; however, I do tend to think the simplest solutions are the best.

As you consider cloud providers, look for those with functionalities that make data governance easier, including SAML integration and APIs that extend your role-based access. Look for tools that allow for automated data tagging and archiving to streamline your data lifecycle requirements.

Finally, ensure that the cloud provider maintains a rich set of tools to allow for visibility into how you may be complying with organizational policies. Steering clear of providers that don’t offer these capabilities will make your life a lot easier.

To further simplify your data governance, you may want to rethink your approach to the cloud altogether. A multi-cloud setup will require more complex data governance rules than a setup that involves two or fewer cloud providers. You may be able to achieve similar functionality by blending your virtualized environments — say, VMware — with a public cloud, or by combining in-house bare-metal servers with a private cloud environment.

Data governance is a balancing act

Like most things in the world of data, establishing and maintaining governance policies in a multi-cloud environment requires constant compromise and negotiation. As you establish and adjust policies at your organization, be sure to keep the big picture in mind.

George Nelson is the vice president of cloud services at ServerCentral Turing Group (SCTG). SCTG offers cloud-native software development, AWS consulting, cloud infrastructure, and global data center services.The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT.
Collected at:  https://www.informationweek.com/cloud/best-practices-governing-data-in-multi-cloud-environments/a/d-id/1335644?_mc=NL_IWK_EDT_IWK_bigdata_20190909&cid=NL_IWK_EDT_IWK_bigdata_20190909&elq_mid=92827&elq_cid=27653255 

9 thoughts on “Best Practices: Governing Data in Multi-Cloud Environments”

  1. Hey there just wanted to give you a quick heads up.

    The text in your article seem to be running off the screen in Opera.
    I’m not sure if this is a format issue or something to do with internet browser
    compatibility but I thought I’d post to let you know. The
    style and design look great though! Hope you get the
    problem solved soon. Thanks

  2. Greetings! I know this is kinda off topic but I was wondering which blog platform are you using for this
    site? I’m getting fed up of WordPress because I’ve had problems with hackers and I’m looking at alternatives for
    another platform. I would be great if you could
    point me in the direction of a good platform.

  3. This is very interesting, You are a very
    professional blogger. I have joined your rss feed and sit up for looking for more of your wonderful
    post. Also, I have shared your site in my social networks

  4. Hi there I am so grateful I found your blog, I really found you by mistake, while I was browsing on Digg for something else,
    Anyhow I am here now and would just like to
    say cheers for a remarkable post and a all round thrilling blog
    (I also love the theme/design), I don’t have time to look over it all at the moment
    but I have book-marked it and also included your RSS feeds, so
    when I have time I will be back to read more, Please do keep up the great b.

Leave a Reply

Your email address will not be published. Required fields are marked *