The “How enterprises can ensure success with the public cloud” survey and report that was underwritten by Datapipe released some great data points last week. The part of the survey that took me back a bit was the fact that, of those surveyed, 63 percent say that leveraging cloud governance systems will likely be accepted in their organization. Only 7 percent think cloud governance systems will be ignored (see Figure below; click to enlarge).

Governance, and, specifically, cloud governance, did not see the levels of uptake that many had hoped to see. Coming from an enterprise architecture background myself, I’ve been screaming for governance since cloud computing began to explode, including the policy-driven use of services and management of resources. However, most enterprises that deployed cloud-based platforms did not see the need, given that their deployments were small, and not at all complex.

The rise in the acceptance of cloud governance is due to a few key trends:

• The rise of complexity, and the enterprises’ inability to build cloud-based systems without using many different cloud technologies. The rise of multi-cloud is basically the result of enterprises applying best-of-breed clouds to each application/solution. The prediction that most enterprises would only leverage a single cloud provider, public or private, did not come true.
• The capabilities of existing cloud governance and management systems improved significantly over the last few years. In the past, these systems only added complexity and confusion. With many generations of cloud governance technology to build upon, most cloud governance technology providers have finally figured out how the technology can add more value. Today’s solutions are relatively easy to use, and cost effective.
• Enterprises learn from their mistakes. Many build cloud-based architectures that quickly reach their tipping points, in terms of services and resources under management. The enterprise can’t keep up with the growing management, security, and governance requirements, and seeks automated solutions to remove staff from the complex management and governance tasks.

Complexity drives all governance

So, what happened in the last few years is that the complexity and the size of cloud deployments exploded. As you can read in the report, the growth of cloud instances translates into companies becoming comfortable with cloud computing concepts. With comfort comes speed to deployment, and with speed to deployment comes complexity.

Enterprises leverage private, public, and hybrid cloud computing architectures, but are moving to complex, multi-cloud architectures as well. Multi-cloud typically means more than a single public and a single private cloud provider, where you mix many different public and private cloud computing brands, and cloud computing models.

How do you manage complexity? The best approach is abstraction, or the ability to place all of the public and private cloud computing resources behind a “single pane of glass,” meaning that the resources are managed using a single technology, typically service-level or resource-level governance (CMP, defined below).

The complexity around the use of cloud computing arose around two key trends:

• First, the comfort that the enterprises now feel with the cloud, and thus the willingness to deploy whatever cloud technology is a good choice for systems as they relocate to the cloud, or are built new on the cloud.

• Second, the rise and fall of shadow IT, and thus placement of clouds that may have been deployed by a department within the company, out of reach of IT. Now, the departments are looking to hand off the management of these “rogue clouds” to enterprise IT. Enterprise IT is collecting dozens, sometimes hundreds of these systems, including systems built on all types and brands of clouds.

The value of cloud governance

When considering governance, there are a few types to consider.

A cloud services or API governance approach focuses on automation and governance at the cloud-services layer. Cloud-services governance is a general term that refers to the process of applying specific policies or principles to the use of cloud computing services or APIs. The objective of cloud-services governance, as well as tools that provide support for this concept, is to approach governance by placing an abstraction layer between the services and those who manage the services. Examples of this technology include Apigee and Mashery.

Businesses can manage these intricate interfaces through the use of a CMP (cloud-management platform). CMPs are also governance technology and methodologies, but CMPs take a different approach than services governance by focusing on the cloud resources themselves, such as storage, compute, and database services, versus just the interfaces into the resources, such as services or APIs. Examples of this technology includes Servicemesh (now owned by CSC), and Rightscale.

Of course, there are no standards to define cloud governance technology operations. Each technology takes their own approach to solving the governance problem, including how they approach the use of policies and automation to affect the operational aspects of cloud services or cloud resource governance.

The popularity around the use of this technology comes from the value that it can provide to enterprises moving to the cloud. For most, to understand the value of any governance solution, yomust define the cost of the inefficiencies if a cloud governance approach and technology is not leveraged.

Generally speaking, those who move to cloud can live without a cloud governance strategy and technologies for the first few deployments, and manually perform most management and governance operations. However, as we found in the survey, the 2^nd or 3^rd cloud deployment hits a tipping point in the number of cloud services and resource under management. Enterprises can then no longer manage the increasing number of cloud services, and the number of cloud types and brands typically increase as well.

So, the value is really defined as what money is saved if we avoid a complete breakdown in cloud management, and thus the failure of the cloud-based platforms to support the business solutions. Instead of incrementally defining the value, as we would any technology that provides new and needed capabilities, the use of cloud governance really becomes the table stakes for getting into cloud computing at all. Thus the value of cloud governance is coupled with the value of cloud computing itself.

Cloud governance has turned a corner. Where it was once avoided because the cloud deployments were simple and small, the number of cloud deployments, and the complexity of those deployments makes cloud governance no longer optional.