The governance of cloud computing policies has become too reactive and unco-ordinated at many IT organizations, according to a new report from U.K.-based Ovum.
The research firm said cloud computing governance offers up the same challenges as other areas of IT governance. With service-oriented architecture (SOA) governance, application lifecycle management (ALM) governance, IT service management (ITSM) governance all established as necessary for organizations engaging in those practices, IT departments have been sluggish on cloud computing governance and policies.
Laurent Lachal, a senior analyst covering business process management for the research firm and the report’s author, said a new approach is needed to manage policies and procedures around cloud computing. He added that the new IT model cannot thrive without an effective governance framework that facilitates coordination between various IT and business teams.
For organizations looking to handle this growing issue, Ovum recommends companies stay focused on enabling flexibility with their cloud governance initiatives. If particular business unit has gone around IT and procured public cloud services, that is usually a sign that these services are needed in the enterprise, Lachal said.
“In many cases, it’s about the shortcomings of internal IT,” he said.
While the creation of “shadow IT” behind the back of the CIO is a serious issue that is contributing to the piecemeal approach to cloud computing policies, IT leaders must be flexible and adapt to these new services as opposed to stamping them out.
“It’s about bringing these guys back into the fold, without them necessarily stopping the usage of the public cloud in question,” Lachal added.
He warned that cloud governance should not just be about control and making sure business units behave themselves. It should also be about empowerment, the realignment of objectives, the encouragement of smart behavioural change, and delivering on business goals.
At last month’s EMC World 2010 conference in Boston, the company told conference attendees that IT shops will soon consider hiring “private cloud architects” to help manage cloud services across geographically disperse data centres.
“I’m not sure if it’s an entirely new position, but it’s definitely a new filter on existing IT architects,” said Ted Newman, global practice director for private cloud services at EMC Corp. “They’re responsible for understanding and developing a balanced portfolio of services and underlying technologies around internal and external resources.”
For Lachal, IT governance in general is about federating the different efforts of the enterprise to let business units work together cohesively.
“Cloud governance is not just about understanding how a company approaches the cloud and remains in control of this, but also how the use of the cloud impacts all the other areas of IT, such as security governance, data governance, and ITSM governance,” he said.
He said the idea of a cloud architect is a good one, because the role can promote co-ordination between IT teams. Taking the “centre of excellence” approach to cloud, gathering different perspectives, and coming together to see how they can federate their approach to cloud as part of a broader IT governance point of view, Lachal said, is another best practice.