Introducing the Well-Managed Cloud Framework

stackArmor
2 min readJul 17, 2019

--

stackArmor has developed the Well-Managed Cloud Framework based on over 10 years of cloud operations experience. Current cloud frameworks are focused on migrations, establishing landing zones and providing optimized hosting models — they do not address issues around post-migration operations. stackArmor’s Well-Managed Cloud framework draws upon best practices from Amazon’s Well Architected Framework, Microsoft’s Cloud Operating Model, Google’s Site Reliability Engineering (SRE), ITIL and NIST publications.

The stackArmor Well-Managed Cloud framework provides a cloud operators point of view and incorporates best practices based on real operational experience.

The Well-Managed Cloud framework provides an actionable blueprint that is described in greater detail below. A Well-Managed Cloud is based on five pillars of operational excellence.

Cloud computing technology is evolving rapidly and constantly changing. Serverless, containers, microservices and pay-as-you-go AI enabled services are emerging rapidly. While technologies may change, the principles governing the consumption of cloud services stay constant. The underlying principles that drive operational excellence are steadfast. These are categorized into five areas.

  1. Security Operations (SecOps): Digital organizations are operating in an increasingly hostile environment. Cybersecurity threats and incidents are increasing rapidly and will continue to grow in ferocity and velocity. A strong Cloud Security Operations (SecOps) program is critical. Security operations (SecOps) covers all operational and tactical activities to ensure confidentiality, integrity and availability of data. Tracking security activities, time to resolution and continuous monitoring by criticality are key metrics that must be reviewed as part of the cloud operations scrum.

2. System Operations (SysOps): System operations includes tracking the optimal consumption and performance of cloud computing services including compute, storage, network and developing meaningful metrics. Cloud computing is not like traditional infrastructure and usage must be actively reviewed.

3. Financial Operations (FinOps): Cloud computing offers a pay as you go consumption model. Most organizations perform tactical cost optimization using reserved instances, spot instances etc but do not adequately focus on consumption and utilization. Cloud financial operations are focused on managing overall cloud product margins and profitability by creating meaningful metrics that empower executive oversight of cloud utilization and costs.

4. UX Operations (UXOps): Monitoring and managing the user experience is critical to identifying surges and capacity issues that may impact system usage. Monitoring business services and endpoints using easy to interpret metrics that can be used to detect and remediate user experience issues.

5. Compliance Operations (ComplianceOps): Monitoring and reporting compliance with security controls, reviews and submitting critical data are essential for organizations in regulated markets. Compliance operations includes performing time-bound activities based on FedRAMP, FISMA, PCI-DSS, HIPAA, CJIS or SOC2 requirements.

Read more about how you can implement the Well-Managed Cloud framework in your organization

https://stackarmor.com/stackarmor-well-managed-cloud-framework/

--

--

stackArmor
stackArmor

Written by stackArmor

AWS cloud migration, managed services, security and compliance for HIPAA, FFIEC, ISO 27001, SOC 2, FedRAMP, FISMA and NIST standards.

No responses yet