Professional Documents
Culture Documents
Your guide to
managing cloud sprawl
What you will learn Chapters
Conclusion
1
Introduction
51 %
verifying
49 %
security
policies
37
visibility to
% infrastructure
security
compliance1
Besides the inefficiencies created by running rogue In a world where multiple cloud instances and
apps or excessive workloads, cloud sprawl can also on-premises servers can exist within one IT
amplify security risks—and in the C-suite, that’s a organization, protecting against security threats
cause for concern. A recent survey indicated that becomes increasingly complex. More workload
61 percent of CEOs worry that security issues pose owners mean more devices to monitor, more apps
a threat to growth.2 and data backups to manage, more potential for
data loss. And for most companies operating in a
hybrid cloud environment, increased complexity is
viewed as the number one challenge.3
Performance and productivity: your guide to managing cloud sprawl 3
Point solutions can help solve specific security manage and monitor all aspects of your cloud’s
needs as they come up, but they don’t address the security and performance.
big picture. In fact, adding point solutions often
places additional responsibility on security teams As IT spend on cloud-based infrastructure
who are already overburdened managing their continues to rise, addressing cloud sprawl now with
existing infrastructure. a powerful, integrated approach to management
and security can save you headaches down the
A modern solution that answers the challenges of road. By focusing on a solution that provides
cloud sprawl needs to be holistic. You must be able visibility and control across all of your resources,
to see across your entire hybrid environment— you will reduce operational complexity—and risk.
every workload, app, and endpoint—to proactively
60 %
60% of IT spend will be on cloud-based
$ infrastructure by 2020.4
Performance and productivity: your guide to managing cloud sprawl 4
Manage configuration
Governance across your
at scale
hybrid environment
Apply fixes, make updates,
Establish guardrails for
and address configuration
compliance and drive
drift by implementing
accountability with policy-
automated policies.
based management and cost
optimization.
Chapter 01
Today’s security threats are relentless, and attacks—whether internal or external. And in
rapidly evolving. Your organization needs a a hybrid environment, it’s essential to have
comprehensive “always on” and “assume breach” actionable insights that allow you to respond to
strategy in place to be prepared for the inevitable incidents quickly.
Chapter 01: Safeguard your enterprise with end-to-end security 6
44 %
Hijacking of accounts
53%
Unauthorized access
39%
Insecure interface/APIs
33 %
External sharing of data
A truly integrated, end-to-end infrastructure security solution gives you a unified view of all your machines,
networks, and services, allowing you to protect your environment proactively, and reactively. When you
have a holistic understanding of your security posture, you can:
• Remediate against vulnerabilities
• Make ongoing assessments and recommendations
• Rapidly deploy built-in security controls
• Integrate existing processes, tools, and partner solutions
• Reduce attack surface with predictive analytics
• Centrally manage security policies
7
Security:
What’s at stake?
74%
of organizations are storing
some or all of their sensitive
data in the public cloud7
87 % 23.2
cloud-related
of CIOs see encrypted threats per month8
network traffic as a threat6
Security checkpoints
Are all your cloud Are you monitoring Are you able to respond to
resources protected? for threats 24/7? a threat immediately?
8
Chapter 02
Data is your organization’s most critical asset, and business, regulatory, or legal requirements. And in
data protection is one of the top challenges that an era of anytime, anywhere computing, your users
IT must constantly solve for. Downtime reduction and customers expect your apps and processes
and avoiding data loss are essential for business to run 24/7—on-premises and in the cloud—
continuity, and protecting historical data from regardless of platform or physical location.
system or human error is typically mandated by
Chapter 02: Protect all your data, everywhere 9
By the numbers:
Just how vulnerable is your data?
$
93%
of companies that
21.2K
lost their datacenter
$ for 10-plus days due
to a disaster filed for
average cost of data bankruptcy within one
breach per day9 year of the disaster10
554M
records lost or stolen
in H1 201612 3.04M
records compromised
every day13
Chapter 02: Protect all your data, everywhere 10
Application checkpoints
Are you running mission-critical apps
in the cloud?
Chapter 03
Applications drive business KPIs and end user code level, or deeper within the infrastructure,
interactions that must be understood and and it’s difficult to see holistic performance metrics
managed. Visibility is the challenge: you can’t fix across your entire hybrid ecosystem.
what you can’t see. Problems can reside at the
Chapter 03: Bridge the gap between apps and infrastructure 12
But insight into your IT systems and processes performance and usabillity of your apps and
is about more than having a tool to provide services, making deep analyses and gaining
dashboards or reports. It’s about improving the insights from all of your on-premises, cloud, and
multi-vendor solutions.
Dependency-aware monitoring:
Linking apps and infrastructure
Using an application and IT service dependency mapping tool, you can automatically discover relationships
and dependencies between IT components to help you accelerate troubleshooting and root case analysis.
With an up-to-date view of dependencies, you can expedite your app and workload migrations, whether
you are migrating to the cloud or other destinations.
App tier
23.96.31.2
Tomcat
23.96.42.3
Postgres
23.96.42.5
Chapter 03: Bridge the gap between apps and infrastructure 14
Chapter 04
In a traditional datacenter environment, manual out-of-the-box dashboards and queries that can
hotfixes are common—but often result in be configured to execute whenever you receive
numerous “snowflake” servers that can’t be an alert, instead of relying on administrators to
managed or replicated. This problem is avoided find and fix the same issues every time they occur.
in the cloud, where you can automate common There’s no code to write, and integration is vastly
processes using configuration management. less complicated with smart automation tools that
It is much simpler to use built-in policies and are ready to go.
Chapter 05
In a hybrid cloud model, you need a consolidated Using a holistic solution, you can deploy out-
view of your IT architecture in order to implement of-the-box dashboards, queries, control, and
consistent policies that will support compliance. policies to address a broad range of compliance
Traditional policy management tools simply and governance issues, including access, logging,
aren’t designed for the complex world of auditing, and reporting. You’re able to create truly
cloud computing. flexible policies—defining by workload what you
can and can’t do—that can be monitored, checked,
and adjusted as issues arise.
Chapter 05: Governance made easy 19
• Allowed locations
• Allowed resource types
Under control and good to go
• Allowed storage account SKUs
Control, convenience, efficiency, and
• Allowed virtual machine SKUs
• Apply tag and default value
reducing overall infrastructure maintenance
• Enforce tag and value costs are just some of the benefits you
• Deny creation of public IP addresses can achieve in your hybrid cloud with an
• Require storage account encryption integrated management solution. Cloud-
native tools—based on data intelligence
and machine learning—offer policies that
are “good to go” at the time of setup.
There’s really no need to reinvent the wheel
or rely on manual processes when you
implement a management solution that’s
made for the cloud.
20
Case study
Conclusion
As more and more cloud services are being adopted by organizations—both on
the IT side and the business side—complexity has increased, making it a challenge
to manage a sprawling cloud environment.
© 2017 Microsoft Corporation. All rights reserved. This document is provided “as-is.” Information and views expressed in this document, including URL and
other Internet Web site references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any
intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.