You’re currently in Stage 2: Standardizing
Based on your answers, you’re currently Standardizing — the normalizing phase of building a successful corporate cloud program. During this phase, platform teams work with operations, security, and networking teams to form a common foundation for infrastructure and security.
Common practices in this phase
For organizations in the Standardizing phase, cloud use is increasing quickly and requires a programmatic approach to cloud consumption. Day 2 activities start to become a priority as the focus shifts to building a full lifecycle management program for infrastructure and security. Priorities include:
Infrastructure
Taking collaboration to the next level via tested and validated infrastructure as code patterns published by the platform team
Implementing policy as code to automate policy enforcement and put guardrails in place before deployment
Deploying tools to gain visibility and better manage the Day 2 lifecycle of infrastructure and limit drift and over-deployment
Security
Reducing an organization's risk of breach by adopting dynamic secrets
Ensuring application availability and that critical workloads operate efficiently with performance replication
Simplifying and automating auditing and compliance requirements
Implementing advanced credential management systems, including dynamic credentials and just-in-time secrets
Benefits and challenges in this phase
Typical Standardizing practices bring specific rewards and drawbacks.
- Short term cost reductionAbility to spin up new infrastructure without capital expenditures for new hardwarePlus
- Working in silosIndividual teams tend to create standalone workflows for similar activities, with minimal cross-team collaborationMinus
- Lack of policy enforcementDifficulty enforcing cost controls and policies for security and governanceMinus
- Lack of standardizationWithout a common platform, many processes are done manuallyMinus
- Increased security riskMultiple implementations with lack of oversight leading to greater threat exposureMinus
How to move to Stage 3: Scaling
Organizations should have a platform team in place once they’re ready to move to the Scaling phase. That’s the time for these teams to spread key cloud practices across the organization and introduce self-service provisioning and automated remediation.
To reach this next stage, you need to apply Infrastructure and Security Lifecycle Management practices more broadly across multiple clouds and environments, paving the way for a true self-service developer platform. Read on to learn how to start scaling your cloud program.
Infrastructure Lifecycle Management
Infrastructure Lifecycle Management (ILM) uses infrastructure as code (IaC) to build, deploy, and manage the infrastructure that underpins cloud applications. Organizations in the Standardizing stage are taking collaboration to the next level by publishing tested and validated IaC modules that integrate policy and automate enforcement.
Those practices are accelerated in the Scaling phase. For many teams, this involves extending existing workflows even more broadly across the entire estate by making them self-service for development teams.
ILM practices to help you start scaling
- Give developers self-service provisioningBuild an internal development platform that lets application teams deploy new environments in minutes.Learn more
- Close skills gaps with no-code provisioningMake it easy for users to discover and provision infrastructure without having to write code.Learn more
- Expand to private datacentersStandardize your infrastructure platform beyond the cloud to cover your organization's private estate.Learn more
- Monitor changes with continuous validationAutomatically check assertions after provisioning to validate the health of your infrastructure.Learn more
- Get event notificationsGain better visibility by deploying alert systems that notify you when issues with infrastructure are detected — then roll forward or back.Learn more
- Streamline remediationRoll back unwanted changes or fix detected drift or infrastructure health issues as they arise.Learn more
Security Lifecycle Management
Security Lifecycle Management (SLM) uses identity-based access controls to manage the security lifecycle of your secrets, users, and services. During the Standardizing phase, organizations are using dynamic, on-demand credentials and privileged access management practices to contain secret sprawl and improve visibility.
These become the backbone of the more sophisticated security workflow that’s needed in the Scaling phase. This is when security requirements should be shifted away from developers and into a scalable cloud platform and reproducible systems and workflows.
SLM practices to help you start scaling
- Manage certificates and associated keysAutomate management of PKI certificates and their keys to establish identities for resources on networks and authenticate them for secure access.Learn more
- Protect sensitive dataSecure critical data in transit and at rest across clouds and datacenters with encryption as a service, centrally manage keys, and protect sensitive data (like PII) with transparent encryption.Learn more
- Expand to private datacentersStandardize your security tools beyond the cloud across your organization's private estate.Learn more
- Automate target discoveryUse dynamic host catalogs to automatically discover hosts and services and keep your registry up to date.Learn more
- Secure resources with multi-hop sessionsProvide access to private resources by connecting into complex network topologies through reverse-proxies that let users securely access locked-down resources.Learn more
- Establish service-based dynamic updatesUse service-based automation to dynamically update networking and security policies based on service changes.Learn more
Resources to help you start scaling
- Securing your infrastructure with HashiCorp Terraform: Enforcing guardrails with drift detection and continuous validationOnce an organization is provisioning secure and consistent infrastructure, they need to start dealing with the challenges of keeping those resources in compliance. This webinar covers how HashiCorp Terraform’s post-apply value helps users continuously enforce policy guardrails from Day 2 and beyondWebinar
- 2024 State of Cloud Strategy Survey: Cloud maturity drives business successOut of nearly 1,200 respondents around the world, only 8% qualified as highly mature in the cloud. In this “haves” vs. “have nots” world, a few trailblazers are already enjoying the fruits of cloud maturity while many others continue to struggle. Read the report to learn more.Original research