A recent survey by Stacklet of over 700 IT professionals and engineers highlights cost optimization, strengthening security posture, and adopting best practices as a key priority for the next year
Stacklet, developers of the industry-first cloud governance as code platform based on the open source Cloud Custodian project, today announced new research that revealed cloud governance, in terms of enforcing cost, compliance, and security policies tends to be a pivotal inhibitor to cloud adoption (86% of the respondents) and is a top priority for organizations in the new year. More than half of the respondents (57%) are prioritizing cost controls and optimization while 48% of the respondents are looking to strengthen their cloud security posture while implementing industry best practices (51%).
“As more and more companies are starting to increase their cloud usage, cloud security and cost management has become critical”
Cloud governance is a framework of policies, procedures, and tools focused on ensuring cloud deployments are operating securely and efficiently. While deemed necessary, organizations struggle to collaborate on and enforce governance policies without hindering developer velocity to multiple tools, manual workflows, and cross-functional groups.
The survey included over 700 IT professionals, developers and solutions architects from a cross-section of mid- to large-size companies in industries such as software, financial services, government and computers and highlighted issues and challenges with respect to cloud governance.
Key findings include:
- Cloud governance enforcement is inhibiting the acceleration of cloud adoption and usage. The majority of respondents (86%) find it challenging to enforce cost, compliance, and security. As a result, they view this as an inhibitor to innovation in the cloud.
- Lack of collaboration and communication across groups make it hard to implement policies: Almost half (46%) of surveyed organizations find it challenging to collaborate across developer, operations, and security teams to implement security policies. Similarly, over one-third (36%) highlighted collaboration across finance, business, and development teams for cost control policies as a challenge.
- Manual processes and complex policies make security policy enforcement difficult at scale: 44% of the respondents picked manual processes, reviews, and workflows as a challenge to strengthening cloud security, while 40% of the respondents found security policies difficult to understand and implement.
- Multiple deployment tools and lack of visibility make cloud optimization challenging: In addition to lack of collaboration, respondents selected the varied choice of deployment tools used by development teams (39%) and lack of visibility into resources (38%) as critical challenges to controlling and optimizing spend in the cloud.
Governance as code is a new paradigm that enables organizations to use code to manage and automate various aspects of governance, including cost, operations, security, and compliance. Organizations are shifting to this paradigm to reduce the operational overhead of traditional governance tools and processes. Governance as code also encourages continuous collaboration and establishes agility by providing a standard, declarative language that different stakeholders can easily understand and adopt.
“As more and more companies are starting to increase their cloud usage, cloud security and cost management has become critical,” said Travis Stanfield, co-founder and CEO, Stacklet. “This research shows organizations are lacking proper governance and collaboration across various groups from engineering to finance, making it challenging for organizations to enforce the right policies and control costs. By adopting cloud governance as code model organizations can remove the friction associated with traditional tooling and processes while innovating securely in the cloud.”