How Not to Mismanage Cloud Service Management - Part 3

Governance

A service-based approach goes hand in hand with the need to establish clear governance, as it is most effectively built around the specific services we provide and consume.

As mentioned in the introduction, many organizations face doubts and concerns when it comes to adopting and operating cloud-based services. In our experience, a significant portion of the resistance we see across different departments in client organizations can be traced back to governance-related issues. Often, the underlying concerns stem from risks that could be effectively managed - or even eliminated - through proper governance frameworks.

Fortunately, there are many tools available to support this, ranging from advanced security solutions like Role-Based Access Control (RBAC) or Conditional Access, to well-protected landing zones defined by appropriate policy sets, and further to service or resource-specific cloud governance rules. These tools enable us to harness the potential of the cloud in a transparent and controlled way.

For governance to truly add value, however, it must not only be well-designed, but also clearly communicated. Everyone involved should understand which risks we aim to manage, what controls are in place to do so, and how those controls are enforced. One useful way to support this clarity is by compiling and publishing a Governance Ruleset.

Costs (FinOps)

When we initiate projects based on the business case and ROI-driven approach mentioned earlier in the service lifecycle, we can make the most of the “pay-as-you-go” nature of cloud services. There's no denying that the cloud computing model is brilliant in itself. Providers offer plenty of compelling arguments for renting infrastructure instead of purchasing it outright. However, it’s important to recognize that much of the resulting value tends to accumulate on the provider’s side - just consider the 20-30% profit margins reported by major cloud vendors.

To design our own cloud-based services cost-effectively, we have a number of tools at our disposal. From a methodological standpoint, the FinOps approach significantly enhances both governance and transparency. As part of this, cloud providers also offer native tools that support cost optimization - for instance, Reserved Instances and Auto Shutdown features help reduce usage costs, while tagging and dashboards improve visibility and control.

In our experience, even more critical than these tools is intentional architectural planning and the careful definition of decision gates throughout the service lifecycle. This is especially true because a large portion of cloud-related costs are traffic-based. In systems with broad integration - particularly hybrid environments - it’s essential to plan proactively and take all dependencies into account to avoid unpleasant surprises down the line.

Summary

Implementing a cloud strategy and introducing cloud-based services offers a great opportunity to create a more transparent, efficient, agile, and cost-effective IT organization. Both the technological and methodological tools are available to support this transformation - and by using them effectively, we help our clients fully realize the benefits of the cloud.

This blog series has offered a glimpse into how we approach this and what’s needed to make the most of these opportunities.