Establishing Governance for Hybrid Cloud and the Internet of Things

Establishing Governance for Hybrid Cloud and the Internet of Things

Martin Wolfe
DOI: 10.4018/978-1-5225-0759-8.ch013
(Individual Chapters)
No Current Special Offers


This chapter is focused on the current and future state of operating a Hybrid Cloud or Internet of Things (IoT) environment. This includes tools, data, and processes which allow an organization to use these assets to serve business goals. Examining governance in this context shows how it works today and how it should change, using some real-world examples to show the impacts and advantages of these changes. It is a high level overview of those important topics with prescriptive detail left for a future and follow-on analysis. Finally, all of the lessons learned, when combined together form a governance fabric, resulting in a set of techniques and actions which tie together into a supporting framework and set of processes. The important questions include: Why does governance matter in the deployment and operation of Hybrid Cloud and IoT? If governance already exists how must it change? What are the important and salient characteristics of governance which need special focus? Thus, this analysis gives a context of how today's governance approach should change when moving to a Hybrid Cloud or IoT model.
Chapter Preview


The focus of this chapter is a review on the unique perspective of governance when deploying, operating or using a Hybrid Cloud or Internet of Things (IoT) technical infrastructure. This type of governance has many unique considerations, but understanding the similarities with traditional ITIL-style governance ensures the most important foundations are not ignored. It is the combination of new and existing techniques which are key to the success of governance in this rapidly changing style of technology deployment. It is these similarities and differences which are key guiding principles in how to establish a governance process when working with different service providers, in different locations, all with different approaches to security, deployment and operations. The need for technical integration, for the sharing of data and resources, is the typical and seemingly obvious entry being the first thing considered for change or update. The more important and vital need is to establish a set of processes where it is well understood how services interact, how they are chosen, how they are secured, how they are deployed, how they are updated and how they are operated.

Throughout this chapter, the various stages of governance as it applies to Hybrid Cloud or the IoT will be covered. It is important to understand how governance may change and is applied when deploying an infrastructure versus when it is being operated or updated. In addition, in this chapter the terms infrastructure or environment are used interchangeably throughout the text. The broader relationship between the key governance stages is shown in Figure 1.

Figure 1.

The important stages of hybrid governance


Many organizations and companies, small and large, are using services from various providers, and they are doing it now, either with the blessing of their Information Technology (IT) staff and just as often without IT knowing that it is happening, a common phenomenon called Shadow IT (Raden, 2005). For those companies which are relatively new, say less than 5 years old and around 100-1000 employees, this is likely how they are currently opperating. Their base assumption is focused on the idea that IT infrastructure is not something they need to own, but just use as needed, much like power and water. Everything treated as a utility. For existing organizations, who have legacy assets with stricter data and compliance protocols, there is a mix of these existing assets (data, servers, policies, and processes) and the need and desire to use new capabilities, often provided by outside vendors and in fact managed by those vendors. They want to use and experiment in an agile fashion, with new business models while keeping the cost of this experimentation as low as possible. While it always depends on the size and type of company, the mindset of the IT team is often different from those focused on business goals. Thus, governance, rules, and policies on how technology is used to meet business goals are going to have a different focus in each of these groups.

Key Terms in this Chapter

Net-Centric / Net-Centricity: A continuously-evolving, complex community of people, devices, information and services interconnected by a communications network to achieve optimal benefit of resources and better synchronization of events and their consequences (Net-centric, 1 st paragraph).

ITIL: This is an acronym for Information Technology Infrastructure Library and is intended as a guide for describing the processes and procedures used to govern a technology environment, especially infrastructure and data centers. Included in this are the roles and delivery plans focused on topics such as incident, problem, and change management. ITIL advocates that IT services are aligned to the needs of the business and support its core processes. It provides guidance to organizations and individuals on how to use IT as a tool to facilitate business change, transformation and growth (What is ITIL Best Practice?, 2016). A large number of processes are addressed both for pre-delivery, runtime, operations, and post-delivery. This is not specific to an organization but is intended as a foundation for an organization to define their specific processes, procedures, roles, and delivery plans.

Governance: Generically governance is a set of processes and models that define roles and how people and technology are used to both influence and control the design, delivery and operation of a system. This view on governance has a technology bias, but is generally applicable to most any context.

Internet of Things (IoT): This is a connected network of physical and logical objects, devices, and structures. It combines both physical and logical objects where logical objects could include specific data sources, all interconnected and sharing information in a chain of connectivity. It relies on a Hybrid Cloud model in order to function effectively (Internet of Things, 1 st paragraph).

Defense in Depth: Originally a military a strategy for ensuring redundancy when systems and procedures fail, this is typically applied to technology deployments. Focused on both security “at the edge” and the redundancy of each component in a system of systems context, this approach ensures that any one component will not reduce the reliability of the whole system.

Blockchain: Blockchain is a peer-to-peer distributed ledger technology for a new generation of transactional applications that establishes trust, accountability and transparency while streamlining business processes. Think of it as an operating system for interactions. It has the potential to vastly reduce the cost and complexity of getting things done. The key to Blockchain is assuring data integrity and data lineage (Why Create The Project, 1 st paragraph).

Hybrid Cloud: This a cloud deployment model that combines several cloud environments, typically more than one. These remain separate environments but are connected together, combining on-premises collocation, managed services and off-premises cloud-native services. All of this can be presented to the consumer as a single service providing a specific functionality. Furthermore, the intent of a Hybrid Cloud is to allow for simple services to be enhanced through the combination with other services in a single pool of capability (Cloud Computing, Hybrid Cloud section).

Complete Chapter List

Search this Book: