Provide consistent landing zones based on an application archetype subscription strategy to minimize subscription sprawl. Expand the definition of requisite components to better fit the governance and compliance needs of a cloud-mature enterprise.
The landing zone concept is not unique to a cloud provider but rather an essential concept that governs digital transformation and cloud adoption in general. Most cloud journeys begin with developers creating cloud resources and publishing workloads to the cloud in a minimal effort that is quite rewarding in itself. When it comes to the enterprise, data that is easily moved or transited through the cloud is subject to regulations and compliance requirements that can easily become difficult to navigate without planning and consideration.
A landing zone is a configured environment with a standard set of secured cloud infrastructure, policies, best practices, guidelines, and centrally managed services. It may be the first step in the cloud migration journey yet, from experience, it’s generally a journey in itself and a review process that ends up shaping long term cloud adoption and cloud provided loyalty for the enterprise.
As you can imagine from the real world, a “landing zone” should be a clean, secure, regulated and compliant zone that an aircraft can use and that has to adhere to a minimal set of requirements specific to the aircraft type that the landing zone is servicing. Landscape has to be maintained and growth or annexes location, size and access has to be planned and controlled in order to continue serving and servicing the ever evolving models of aircraft. For cloud platforms, applications and services are the digital representation of aircrafts.
Companies may not have a formal process or policy for technology subscription consumption. Approval inconsistencies surrounding authorization and governance generate a landscape that allows an uncontrolled growth known as subscription sprawl.
According to Gartner back in 2012, more than 35% of IT spending in larger enterprises can be found outside of the approved corporate IT budget.
Whether you’re just starting your cloud journey or you already have an established cloud footprint, on Azure, IBM, AWS or across cloud providers, the need for a landing topography is necessary and a continuous review process is required as both cloud solutions and platforms evolution is to be considered.
Main landing zone areas of interest (contact or subscribe for more on the following):
- Identity and access management
- Policy management
- Management and monitoring
- Network topology and connectivity
- Shared services infrastructure
A perception that I have witnessed across organization size is that the subscriptions activities are innocuous, environments or resources being disposable and therefore with little to no consequences. A less considered aspect for cloud subscriptions is the legal ramification that can create financial and security issues like:
- OPEX drain — where is your cloud subscription budget coming from ? Keeping a close eye on rogue, unused resources is key.
- Compliance — not just data in transit or at rest but subscribing to services gives away sensitive info and may omit procurement or removal company policies. With increasing regulations in place regarding consumer data, this oversight can put your company at risk of hefty fines. Read the fine print of the subscription agreement.
- Security — the impact on this particular metric is more complex.
Subscription and Consumption
To clarify the lines between subscription and consumption, consider that both may come with a price tag yet one is predictable, sizable while the other is foretasted and includes a margin of error.
Subscription naturally requires a level of commitment and includes a definable level of cost either by user, volume or environment size.
Consumption model can be foretasted and limited by the right SKUs, yet an exact scale of resources necessary month-to-month is only known after the fact as the bill is based on usage.
Having a company operating model and policy is effective and IT leaders need to adhere to them and regularly review cloud subscriptions and usage to leverage them for the greatest security, flexibility and output value.