Cloud Adoption Framework for Azure

Making Governance Easier

Speaker
Title
Agenda
Introductions

Cloud Adoption Framework Overview

Governance in Azure
Framework
Assess

MVP

Evolve

Next Steps
Partner overview
Partner overviewslide
slide
Business processes and people
readiness are my biggest
adoption blockers. How do I
align with the business to get the
support we need?

My team needs to better

understand how cloud
adoption will change
governance, security, and
operations.

The cloud gives us new technical

capabilities. How do we integrate
them into our culture to serve our
customers and disrupt the industry?
Microsoft Cloud Adoption Framework for Azure

Actionable, efficient, and comprehensive

Azure cloud guidance from Microsoft to
Business accelerate your adoption journey
Strategy
Microsoft Cloud Adoption Framework for
Azure enables you align business, people
and technology strategy to achieve your
Technology People business goals
Strategy Strategy
Microsoft Cloud Adoption Framework for Azure

Adopt
Define Strategy Plan Ready Migrate
• First workload migration
• Expanded scenarios
• Understand motivations • Digital estate • Azure readiness guide • Best practice validation
• Business outcomes • Initial organization alignment • First landing zone • Process improvements
• Business justification • Skills readiness plan • Expand the blueprint Innovate
• Prioritize project • Cloud adoption plan • Best practice Validation • Innovation guide
• Expanded scenarios
• Best practice validation
• Process improvements

Govern Manage
Methodology • Benchmark Business commitments
initial best practice • operations baseline •
Governance maturity Ops maturity
The major drivers for
IT Governance

Keep risk at acceptable levels

Maintain availability to systems

and services

Consistently apply policy and audit

compliance

Protect customer data

How Do I Get Started?
Frame the conversation to mitigate tangible
1 Framework business risks through consistent governance

Assess current state and future state to establish a

2 Benchmark vision for applying the framework

Establish a Minimally Viable Product (MVP) to

3 MVP serve as a foundation for governance

Mature with each release to align Cloud Adoption

4 Evolve and existing IT functions
Approaching the Governance Conversation
How Do I Get Started?
Frame the conversation to mitigate tangible
1 Framework business risks through consistent governance

Assess current state and future state to establish a

2 Benchmark vision for applying the framework

Establish a Minimally Viable Product (MVP) to

3 MVP serve as a foundation for governance

Mature with each release to align Cloud Adoption

4 Evolve and existing IT functions
Cloud Adoption Framework - Governance
Governance End State that fosters trust and builds confidence
Cloud Governance Team
A team of governance minded cloud architects, finance,
security, operations and IT management experts can evolve
these disciplines, ensure governance consistency, and
accelerate deployment.
Corporate Policy
Governance is a big, intimidating topic.
Establish proper scope by mitigating
tangible risks through corporate policy.
What and Why of governance
Cloud Governance Disciplines
Governance is a team sport. Empower
multiple team members by decomposing
corporate policy changes into five
actionable disciplines.
How of governance
 Making Governance actionable with native tools

• Azure Blueprints • Azure Blueprints

• Azure Policy • Azure Policy
• Azure Cost • Resource Grouping
Management & Tagging
• Azure Advisor • Resource Manager
• Azure Portal Templates
• Azure EA Content • Azure DevOps
Pack • Azure Site Recovery
• Azure Backup
• Azure Automation

• Azure Blueprints
• Azure Policy • Azure Blueprints
• Azure Security Center • Azure Policy • Azure Blueprints
• Security Management • Azure Monitor • RBAC
• Threat protection • Identity • Azure AD
• Encryption • Change Tracking • Azure AD B2B
• Hybrid Identity • DSC • Azure AD B2C
• Azure Networking • Automation • Directory Federation
• Azure Automation • Update Management • Directory Replication
 Integrating 3rd Party Tools

Process 3rd parties

• OpsCompass

Cost Management 3rd Deployment 3rd parties

parties • Nagios, Terraform
• Could align to devops
tools like Chef,
Puppet, etc…

Security baseline 3rd • Discovery, • 3rd party identity

parties onboarding, and providers
• Splunk recovery 3rd parties
• ServiceNow
Assessing the Situation
How do I get started?

Frame the conversation to mitigate tangible

1 Framework business risks through consistent governance

Assess current state and future state to establish a

2 Assess vision for applying the framework

Establish a Minimally Viable Product (MVP) to

3 MVP serve as a foundation for governance

Mature with each release to align Cloud Adoption

4 Evolve and existing IT functions
Understand the business vision driving cloud adoption
Cloud Governance Benchmark tool
Evaluating current state
Cloud Governance Benchmark tool

Security management
appears to be an important
area of focus for this
customer.
Discussion – Establishing a cloud
governance MVP
How do I get started?

Frame the conversation to mitigate tangible

1 Framework business risks through consistent governance

Assess current state and future state to establish a

2 Assess vision for applying the framework

Establish a Minimally Viable Product (MVP) to

3 MVP serve as a foundation for governance

Mature with each release to align Cloud Adoption

4 Evolve and existing IT functions
 [Example]

Resource Consistency | Organization

The Foundation of all governance practices

1. Management Groups: To reflect

security, operations and
business/accounting hierarchies

2. Subscriptions: To group similar

resources into logical collections

3. Resource Groups: To further

group applications or workloads
into deployment and operations
units
 [Example]

Resource Consistency | Organization

Architecture and Tools to govern resources

Policy Definitions
1. Environment Factory:

Role-based

Templates
Resource
Manager
Deploy and update

Access
cloud environments in a
repeatable manner using Azure Portal SDK 3rd party
composable artifacts
Management Groups
Subscriptions
Resource Groups
CRUD
Query

Policy Engine Azure

Azure
Resource
Blueprints
Azure Resource Manager Graph

2. Policy-based Control: Real-time

enforcement, compliance assessment
and remediation at scale Resource
Virtual Machine Storage Network …
Provider
3. Resource Visibility: Query, explore &
analyze cloud resources at scale
 [Example]

Define a Governance MVP

Resource Governance
Resource Organization

Discussion:
• How would you structure the Management Groups based on this discovery?
• How would you divide subscriptions within MGs?
• How would you define resource groups?
• What Resource Governance Tools would you put in place?

Governance MVP
A few options to consider
Resource Organization:
Build only what you need but grow to this
hierarchy.
 MG Hierarchy: Business Unit, Geography,
Environment
 Subscription: Per Application Category
 Resource Groups: Per Application
[Example]
Resource Governance
 Create an Azure Blueprint named “Governance-MVP” .
 Enforce that users can only authenticate against existing role-based
access control (RBAC) implementation.
 Create an Azure Policy to apply or enforce the following:
 Resource tagging should require values for Department/Billing Unit,
Geography, Data Classification, Criticality, SLA, Environment,
Application Archetype, Application, and Application Owner.
 Publish the “Governance-MVP” blueprint to each management group and
assign it to each subscription
We are here to help establish and
evolve cloud governance
How do I get started?

Frame the conversation to mitigate tangible

1 Framework business risks through consistent governance

Assess current state and future state to establish a

2 Assess vision for applying the framework

Establish a Minimally Viable Product (MVP) to

3 MVP serve as a foundation for governance

Mature with each release to align Cloud Adoption

4 Evolve and existing IT functions
Partner offering slides to continue
the governance conversation
Closing
Partner proposed next steps
References to keep going
Frame the conversation to mitigate tangible
1 Framework business risks https://aka.ms/adopt/govern
through consistent governance

https://aka.ms/adopt/govern

Assess current state and future state to establish a

2 Assess vision forhttps://aka.ms/adopt/gov/Assess
applying the framework

https://aka.ms/adopt/gov/Assess

Establish a Minimally Viable Product (MVP) to

3 MVP
https://aka.ms/adopt/gov/MVP
serve as a foundation for governance

https://aka.ms/adopt/gov/MVP

Mature with each release to align Cloud Adoption

4 Evolve and existing IT functions
https://aka.ms/adopt/gov/journey
https://aka.ms/adopt/gov/journey
Thank You