How to Determine the Right Data Governance

Apr 5, 2018

Unlike commercial or education customers, government customers have certain certifications such as CJIS and IRS1075 that need to be adhered to in order to be in compliance with the federal government data mandates. For many government IT organizations fear, uncertainty, and doubt (FUD) can arise resulting in misinformed decisions on where to place data/compute within the cloud based on these two certification categories. These decisions will result in higher consumption costs, reduced functionality/capability while not necessarily achieving any more security or even certification compliance by just moving everything into a government data tenancy such as Azure Government Cloud.

So why the FUD? Here are common answers to my question: “Why do you want the majority of your environment in a government tenancy?”

  • We have no idea what data is governed today, nor how – easier just to move into a government tenancy
  • Most of our systems access CJIS or Tax information
  • We have data that has HIIPA requirements
  • Azure Government is for Government customers with government data
    • Or; Azure Commercial is for commercial customers and is not as secure as Azure Government

All the answers above are valid answers, but each has a significant amount of FUD associated with it. Taking the easy way out and just moving data/compute into a government tenancy doesn’t necessarily enable you to be CJIS or IRS1075 certified. Yes, cloud provides government customers the ability to achieve certification by leveraging the independent audits of the cloud provider for a portion of the OSI model, but that in itself does not guarantee that application will be certified.

Many customers don’t understand the true differences between Azure Commercial and Azure Government clouds and how to leverage both together. As an example, both HIIPA and FedRamp2 certifications are available in both tenancies. Many times this means that data that was once Government only now can reside in the Commercial tenancy and allows customers to take advantage of agile technologies such as BI, Data Lakes, Chat Bots, etc., that may not be currently available in the Government tenancy.

Overall, Government customers should view Azure as a cloud solution while leveraging the two cloud tenancy models; Commercial and Government. Determining the data governance requirements and then leveraging both tenants will maximize capabilities and minimize consumption costs. Both of which are very important to a successful cloud adoption.

So what should a government customer do? 

Planet’s Enterprise Cloud Readiness (ECR) for Azure provides customers with a framework to enable a full datacenter lifecycle transformation. The development of phases and engagements that are made up of both technical implementation and in-depth workshops are designed to equip new and existing Azure customers with a framework for operating within the Microsoft Cloud without sacrificing security, integrity, or design standards.

ECR begins with an initial Enterprise Cloud Assessment (ECA) that provides an overview of a customer’s current datacenter and workloads running, potential cost savings to move to the cloud, and organizational readiness for cloud transformation; both operations and development. We continue with a series of interactive workshops regarding Azure resources and topics, such as subscription design, network architecture, resource taxonomy, Role-Based-Access-Control, billing optimization, logging & alerting, and other integrated services key to an enterprise-grade structure in Azure. It is critical that new Azure customers become intimately aware of and familiar with key Azure settings and services to protect workloads in the cloud and operate cost-effectively. A good portion of the ECR engagement is spent educating and designing what will become the base-line architecture for the customer’s initial subscription(s) or enterprise virtual datacenter.

This initial deployment will act as the “Hub” for IT to establish a centralized environment to host common services, enforce policies, and enable the rest of the organization to innovate and build without sacrifice. ECR provides the flexibility for customers to engage and build the foundations that are needed for their current journey to the cloud.

To learn more about ECR and how to begin a journey to the cloud please feel free to contact us.

Follow us @PlanetCloudStrt