KuppingerCole Webinar recording
KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
KuppingerCole Webinar recording
KuppingerCole Webinar recording
Good morning. Good afternoon. Good evening. Depending upon which geography you're in my name's Graham Williamson, and I'm going to be handling this webinar that we've entitled moving your business to the cloud. The webinar has come out of some research that's been done into how businesses are moving to the cloud, and we've identified some, I would say worrying trends that we feel we should highlight and indicate what can be done in regard to that In terms of the webinar rules.
This we've got too many attendees for voice, so the, your microphone will be muted, but we would really appreciate your questions. If you are thinking of a question, there's no doubt another attendees thinking of a question. So please enter your question in your control panel. It's at the bottom in the question and answer section, and we will get to the questions and answers at the end, the will be recorded. So you will be as a participant, you will get the link to that and then be able to go through it at your leisure. There's additional information you want.
And indeed, if you want to respond very interested in your thoughts on the content and any comments you might have to help us in our understanding our collective understanding of this important topic, just to slide on CAPA call for those of you who are not familiar with the organization, there's basically three strings to the bio. The first is research services and CAPA called does provide a lot great wealth of information over the last seven years in just about any aspect of identity and access management. So you can go onto the website.
You can register in the top right hand corner and you'll get free access to that research repository for a period of 30 days. So do avail yourself of that opportunity advisory services. You have access to advisors global advisors in just about, again, any aspect of identity and access management. We can arrange teleconferences with an expert in your particular field of interest. We can even arrange for on site visit if that's appropriate. The third string is the events. The largest event is the European identity and cloud conference held every may in Munich.
We also have a digital security and risk conference scheduled for the end of January, 2000 thousand and 15 in chin Zen in China and another one in July in Canberra. So do check with the website, keep up to date on what's happening there. And we would love to see you at one of those to finger call events in terms of the agenda for today, we're going to just take a look at the whole issue of taking a strategic approach to your migration, to the cloud. What we've observed is a number of organizations, taking a very tactical approach and then running into some trouble over that.
We're going to take a controversial look at what we can do in terms of our cloud services and the environment that we can adopt. And I've, I've called that the red pillar of blue pill more on that in a minute, finally, we'll then look it a way forward. And some of the things you can do to ensure that you do take a strategic approach to your migration into the cloud by way of introduction, then we have observed that's lots of companies don't think they're in the cloud, but in a bit closer inspection, they find that they are indeed.
They do indeed have people within their organization using cloud services. In many cases, this'll be in the applications development area. And there was a recent situation with the us company where again, they didn't think they were in the cloud, but their dev team had done actually quite extensive testing in the cloud and had unfortunately put some very sensitive information there with no governance over that. And I'm told they did actually dismiss two developers over that instance. So there are indeed some dangers. One is the cost.
If you've got multiple people in your organization with multiple accounts, with multiple crowd service providers, you will be duplicating services. You possibly will be running multiple VPNs. You'll possibly have log aggregation issues. A number of things that'll come out of the fact that you've got multiple people running multiple services in the cloud, but the more important ones are the risks. So the first is that poor governance. Our observation is many organizations don't extend the governance that they apply to their on-premise environment to their cloud services environment.
Another one is privacy. If you don't anonymize your test data, you could well be in contravention of the, the privacy rules in your jurisdiction. So you need to make sure that you are, you are not breaking the rules, so to speak by putting information into the cloud, that's not properly protected.
And, and the last one's policy, again, many organizations have very good policy in regard to access control for on premise applications, but they seem to throw that to the wind when it comes to the software versus service applications and not apply the same access control policy to those applications as they do to their cloud environment. So just some of the problems that we've observed organizations following, I'd like to go through. What we see is these common mistakes.
So I've got, I've got seven of them that will briefly we'll quickly go through just to make sure that we're not doing these sorts of things. The first one we've already talked about that's safeguarding privacy data, private data. So this information of a personal nature that would identify persons and most organizations, sorry, most jurisdictions have strong control over that. So in Europe, in Australia, for instance, we do have very stringent privacy control laws.
Now that says that you cannot put private data in any jurisdiction that doesn't have as strong privacy laws as we do indeed in Australia. And, and there aren't many, Singapore's just tightened up their data. Privacy laws, Hong Kong has the data privacy ordinance. So you need to make sure that you're not breaking these rules. As you move information into the cloud. If you're using test data, it's very difficult to encrypt test data. So that it's gonna be up there in clear text. You need to make sure that you have properly protected it.
And one way it's of course, to anonymize it so that if people did get a hold of it, it's meaningless to them. Anyway, poor access control. Some situations I've observed is that organizations are actually entering data manually into their cloud applications. In order to control the access control list. Other organizations are synchronizing their whole active directory into the cloud. Either way. You're not getting good access control.
If that's what you're doing, we need to make sure that our cloud services are brought under the same access control are policy, as we are enjoying on premise, oftentimes the movement to the cloud doesn't solve the identity issue. So we'll be spending, I've got another slide in a minute on, on identity. We see that as the, one of the major issues with movement into the cloud, you need to make, make sure that the identity management that you have on premise is aligned with what's happening in the cloud or vice versa.
So the cloud needs to be using the same identity access policies as you have on premise and some, some issues around that. So we'll come to a little bit more about in a moment. Oftentimes we see organizations are jumping at a point solution in the cloud. They're not taking a strategic view. Universities are particularly bad at this well, one faculty, or see an application that they would like to get into because it satisfies some requirement that they have on the faculty and with, with, without thinking through other options or indeed how they're going to manage access into that application.
They'll jump into it and, and, and solve a point of paying with the cloud service. But in the process of doing that create for themselves a rod to their back. So installing point solutions without a strategic approach is not a good idea. Single sign on is another area where we see the user requirements sort of cast to the wind as organizations take on cloud services and don't apply the same single sign on environment that they have on premise to the cloud.
So on premise, they've probably got a windows environment they're using covers tickets to give SSO to their applications and users are very happy and he introduce a cloud service application. They don't provide SSO to that. And now all of a sudden users have to start typing in username and passwords.
Again, not a good look support for, for phones and tablets is another area that needs to be addressed as you move to the cloud. The, the access that people get from an external device is sometimes needs requires more control than if they were coming in from an office based computer. So you need to have the ability to manage that.
And, and I'm pleased to say that most cloud service providers and environments now have good access for better control for access from external devices. So say two, two factor authentication requirement that possibly use the tablet device or, or phone device. And lastly, the whole area area of PI, again on premise, typically organizations have a good solution when somebody needs elevated permissions to an application, they've got ways of providing that access, logging that access and auditing it.
But then when they get to the cloud application, again, that requirement gets thrown to the wind and they don't have that same level of authentication in the cloud to the cloud service. So these are the, these are the sorts of things that you need to think through from a strategic point, as you move into the cloud, just one word on a new document that was just put up by mark Mike Small. He has written a report on the infrastructure as a service market. He's outlined seven organizations compared them in terms of their support that they provide.
Everybody's familiar with AWS, of course, Amazon web services. So one the largest supplier of cloud services in the world. They have data centers around the globe. Cloud Sigma is a provider from Zurich.
They, their product is developed to, to make things easier for organizations moving their services into the cloud. They've got hosted data centers in Las Vegas and Ric. I host their cloud service provider based in the us, but with the European operations too, their emphasis is on compliance. They've got data centers in Dallas, Phoenix, London, and Amsterdam. Everybody's familiar with HP.
They, their HP enterprise services. That's part of their HP managed cloud service family. And they again have data centers around the world. IBM smart cloud enterprise plus is an it compliant, managed service again, available in the world. Worldwide base is joint. It's a privately owned company in San Francisco and they've got data centers in the us, UK and Europe. That's just a smattering of cloud service providers. And if you take a look at the market report, I last slide, I'll show you the number for that report.
You can get information about those services and the source of things that you should be looking at as you select your, your cloud service provider. But in terms of this webinar, I would just like to contrast to different environments. And I'm seeing that there is real polarization happening in cloud services. At the moment, on the one side, we have the Microsoft Azure environment and the O other side, we have what I've calling naked cloud services. This is the AWSs of the world, the Google services, the generic cloud service providers, where you are in control and you roll your own.
The analogy to the blue pill, red pill comes from the, the movie matrix for you, matrix of fishing. You remember that Neo had the opportunity of choosing the blue pill, where he didn't have to worry about anything. He basically went about his, his business and was oblivious to the undercurrent that were in the economy, or he could take the red pill and he would be aware of what was happening. He was in charge of his own devices, and indeed had to deal with a large number of issues. And I see this is a, a relatively good analogy for what we're observing in the cloud services side of things.
So Microsoft Azure, they provide very easy migration. If you're a Microsoft Microsoft shop, you can move into the cloud painlessly. You've got a wide range of cloud services, and we'll go through those that those in a minute, the major ones virtually anything you might want to do in Azure, you can do. And they also have a very good identity solution. So the Microsoft environment sort of wraps you in cotton wool and keeps you very happy. And you can do all that. You need to do most of the things you need to do in, in that particular environment, the AWS.
And we're just using that as an example, because indeed they are the largest by long shot in terms of their cloud service. It's a very rich and full offering that they have. They've got very good support for, for developers. Some other reason why you might find it is your development shop that is already bringing you into the cloud services environment, possibly without you knowing it. They've got very good management and governance tools to allow you to plug into what you're doing in the on premise environment. And they've got very competitive pricing.
In fact, they're putting downward pressure on the cost of, of cloud services. So you've got these two areas that are giving you the services that you should, that you want, but you need to decide which way it is that you're going. So the Microsoft is yours.
I said, will give you good coverage for all of the things you want to do and, and, and provide some ability to ignore some of the background issues that that will come up in the AWS area. You'll need to make sure you develop the expertise. You need to make the services, do what you want or engage in AWS partner to provide you with that capability.
But the, the, the price is a very high performance, low cost environment that will sink in terms of the comparison between the two in the, as your environment. As I mentioned, you can do just about anything you might want to do in the VM area. You can choose whether it's windows, whether it's Linex, what size it is, what, how much Ram you want. You've got complete control on what you would like there. The services will also ramp up.
So the virtual machines available in a cloud service environment, ideal for a lumpy environment where you might have high requirements at one point and lower at another. So for instance, again, in the European, the university environment, you've got very high requirements in enrollment. So enrollment time, your usage is orders of magnitude greater than it is normally. So ideal opportunity for use of cloud services to provide and support that requirement. And then of course, it scales back down again, when you no longer need it, and that save you some money.
Now be aware that the zero environment at the basic level, you don't get the auto scaling, but under the standard service offering, you will, you will get that web services. You can put up a, a website exceedingly easily and quickly in your environment. All of the standard development environments are supported PLE. So you can do whatever you like in the web services and put up a site very quickly in terms of storage. You've got good control over what you might need there. Basic tables, blob storage is good for graphics, for instance.
So if you want to put a graphic close to your web server to, for, for rendering of web traffic, you can do that SQL database just about everything, just about everything you might want in the storage side is supported through the Microsoft environment. And again, backup and recovery is well covered.
Sorry, you don't no longer need to, to worry about that. If you've got the cloud service provider, doing your backup, that relinquish a major activity that you otherwise would have to do had services, you bring into big data analysis as your environment has good support for that, for you to do analysis of semi-structured data. As I mentioned, directory services are very good. The Azure ad environment provides all that you might want to do with your active directory. And then some keep in mind that it doesn't support L a that's not a good idea to support LDAP in the cross boundary environment.
It's it doesn't have a, the same schema that you have on your, on premise ad, but it does store all of your ad information and you can get at it through the new graph API, the O data standard API that Microsoft provide very good solution for multifactor authentication in the, in the Microsoft environment, you can get the Microsoft two factor authentication service, or indeed plug in your own. So there's good support there for your, for third party multifactor authentication environments, which will allow you, for instance, to ratchet up authentication.
If somebody's coming in from an external device, a tablet, potentially you can use your tofa to give a much tighter authentication than you might have otherwise. And I think we all learn the importance of that with the recent problem that apple had with release of private data, for some celebrities through social engineering or through indeed just guessing bruteforce attacks, they were able to break into hackers were able to break into some accounts. Two FA would have stopped that virtual studio online. That's the development environment.
If you're a Microsoft shop doing development, you will definitely be using virtual studio. BI is also supported in the cloud, the virtual networks. If you do need a VPN into the data center, that's supported as is content of every network. So it's very useful if you're running applications on a global basis. So you've got your application running in different data centers around the world. CDN will keep your application data synchronized. So just about anything you might wanna do in, in, in your Azure environment, okay. That and possibly a bit more in, in the AWS environment.
So C two is the AWS solution for virtual machines. EC two stands for elastic compute cloud. For those of you who weren't aware, and that does again, provide very easy access. You can dial up the, the, the number and size of machines you want, and very easy to, to do that, which of course is the reason that you might find your dev teams have already gone into the cloud. It's just too easy to do. S3 is the storage services from AWS.
Again, very good storage capabilities and easy to use with full backup automatic. Well, not automatically, you have to request it, but it is available to you where AWS shines in my opinion, is in its management interface. So it's got very good interface into the services within the AWS. CloudWatch provides a monitoring capability there. So you can see exactly who is accessing what services. So if you've got multiple departments in your company accessing your services, you can see how they're being used and potentially do charge back. Based on that cloud trail is analyze the surface for AWS.
So when it comes to to governance, AWS provides a lot of services for you to plug into your current governance environment so that you can monitor what's happening in your cloud services environment, Redshift, that's a data warehouse service. So if you it's a basic SQL table structured environment that will allow you to, to store your relationship relational data in, in, in the cloud, if you into the no SQL database that's provided through dynamo. So this Hudu service so provides you a good MACDU offering for big data analysis. And SLO is the new AWS tool for document collaboration.
So if you've got remote users that are collaborating, the Zala provides you the ability to look at that and be able to share information, it'll update the document as you to, or more people are actually updating a document. It'll look after that. And it'll also provides an instant messaging service, a very powerful collaboration tool in SLO. So as you can see comparable services, but in some areas, one will be better than the other ands has some extremely powerful offerings there, but the elephant in the room is identity. How do we actually manage identity? So often?
We'll we see that a company's got a very good on premise solution. They've got an ad infrastructure there. The HR system automatically provisions into ad and D provisions, but then as they move into the cloud, you know, somebody comes along and wants to get into a software as a service application, and they find that they need to synchronize that directory information into the cloud. Then they might decide, well, they're going to go into office 365, adopt the Azure environment, and they have to synchronize their data into ad. And then there's another one.
And pretty soon you can see how a proliferation of cloud services can really create a very complex cloud service environment whereby you've got multiple repositories with your directory information up in the cloud. And that's a recipe for disaster. Something that you've got to think through and make sure that as various cloud require type requirements come up, that you manage them from an identity point of view. How are you going to actually authenticate people to those services in, in terms of the op the options for identity management, there there's multiple options.
It's just, you've gotta choose one, okay. In is your environment. The basic solution or tool is the sync, which will take your on premise environment and synchronize it up to, to Azure. And now you, that's getting quite sophisticated in that. You can choose how much information you want to put in the cloud. You don't have to take everything as you did.
Initially, if you a small to medium enterprise, you probably want to go with a premier suite that gives extended services, password, hash sync, and, and, and, and things like that. That will probably suffice your basic requirements. If you're a larger organization and you want to go into a full Federation solution, ADFS will provide that for you.
So you put one or more ADFS service on premise, and then you Confederate your identities into the cloud and have your cloud applications access that there's also some third party solutions in this space, that science systems, for instance, they have a mechanism for managing your Azure environment and your on-prem environment on a single tool central by also have a, a solution there that you might want to look at. On the other side on the, the naked cloud services, you, you really do.
You should be requiring your SAS applications to adhere to the identity management environment that suits what you are providing. And you need to then think that through and decide how you're gonna do that. You might choose to adopt the Okta solution whereby with the Okta interface, you can get into multiple applications as ping one, to ping, provide a similar service in terms of access to multiple applications from a single identity provider service.
If you want to run your own in cloud IDP, you could do that by something like, that's sorry, that's identity provider service, that you could run something like sales. If you're a Salesforce organization, and you're already maintaining identities in Salesforce, you might consider using that on a wider basis for your other SaaS applications and require your SaaS applications to use your cell force IDP using a SAML interface, or you could go for a full Federation service and, and run third party Federation service, like the ping identity ping federated solution.
It will allow you to use your on-prem identity and, and then federate application mul support multiple applications from that. So there's other solutions as a, just a few, but do select and drive the, from a strategic point of view, this solution that you want to use as an organization, don't get stuck in, caught by using what a particular SaaS application might provide in terms of which environment should you go to considering we're talking this dichotomy at the moment. Okay.
I would say that if you're a Microsoft shop, that means that you you're running mostly window service, you've got, of course, your central ad environment, which is your enterprise directory. You maybe looking to move to office three, or maybe you already have moved to office 365. If you're a SharePoint customer, you definitely need to look at SharePoint online.
You know, these are all indications that Azure is the, the right environment for you. If you're doing development and it's a net shop that you have, again, good indication that it's the Azure environment that you should be, you should be going towards. If on the other hand you are, you've got a mixed environment. You might have one or two windows service, but the predominance is Linux. If you are a Gmail organization. So your enterprise environment is GML and Google docs, not outlook and Microsoft exchange.
Then again, there's probably a good reason to, for you to be sticking in the naked cloud area. So development, if you are doing development is, is probably Java or PHP. You might be using open source for activities such as code code management. So in those sorts of environment, in that sort of environment, you're probably going to be looking more at thes Google cloud type of, of infrastructure.
Now, I should just mention that we, in, in the previous slide where we looking at the various cloud service providers that Mike looked at that was HP, that was IBM. I call them industry solutions. If you are indeed an IBM shop going to the IBM environment.
And, and I would classify that in the naked cloud area, IE is the area where you do need to be rolling your own. Then, then that will be an option. But if you're not an IBM customer, I think you're probably gonna be looking at more the AWS or the, or the Google approach to cloud services. So it might be a bit too simplistic, but we're seeing is sort of a dichotomy there and, and polarization, if you like, that's a better term polarization in the market in terms of which solution you might want to go for.
But regardless of which group, where you go, make sure that you do take a strategic approach here. And there's just three topics that I would like to go through in conclusion about how you're gonna make this, this decision and how, what sort, how are you gonna, what's gonna guide your strategic approach. Okay. The first thing is governance. So in the governance space, as I mentioned earlier, you need to take your governance, rules and policies and procedures that you have in, in, in the on-premise environment and use them to the degree necessary in the cloud environment.
So those policies in procedures need to, to go across. So for instance, you do need a single approach to logging, okay, you've got log aggregation services on premise, but then you don't do any logging in, in, in, in the cloud that, that we would suggest is not very strategic. If there's access control restrictions on premise, then those need to flow to the cloud. As we talked about earlier, if you're doing security monitoring, so you've got an event monitor tool on premise, you need to tie your cloud services into that. If you've got BI services.
So you've got desk desktops and dashboards and things like that happening, you should be tying your cloud services into that as well. So that you're monitoring what's happening in that space. And particularly in AWS area, you do have good access to that sort of information. Always recommend you take an enterprise architecture approach. And in fact, a good way of making sure that you've given this governance, your cloud services environment is to extend your enterprise architecture to the cloud. So that choice included within your EA documentation. One area is in releases as well.
So you need to have the same reviews that are happening on pre to your solutions that you have in the cloud. So there's certain restrictions on what technology can be adopted on premise through your enterprise architecture, make sure that that's equivalent to, to cloud services, cuz that's providing guidance to your groups within the, the company that are looking for cloud services. So you need guidelines around, for instance, the database, how are you gonna handle your, your, your database in the cloud? What sort of encryption are you gonna put put on it?
I know this is one area that people feel very exposed when it comes to cloud services and a number of organizations I'm told won't go into the cloud because of the fact that they see their databases being less secure, I would argue that it's possible and most probable that you would have a more secure environment in the cloud if it's done properly. So test data, as we've talked before, it's gotta be protected and those same restrictions or better restrictions if you're going into the cloud, because I do know some people that in their test and dev environments use real live data.
Not a good idea should be anonymized, even if it's being used on premise, but make sure that definitely for any test data going into the cloud, that you're, you're properly protecting that release management. As we mentioned on the previous slide, you need to impose those same reviews. So if I've got to go in front of a committee to get approval, to release my code, I should go in front of the same committee. If I'm gonna release the code in a cloud environment, system management is another area that we've seen some problems.
The, you need to again, make sure that the cloud is, is, has the same controls in terms of access. Mostly again, most organizations, very good control on their systems administration internally. But I have seen situations where developers had access to the administration of infrastructure in a cloud. So it means a developer could get access to a database encryption key, for instance, not a good look. You need to make sure that you have the same control over systems opinion within the cloud environment, as you do within your on premise environment.
Keep in mind that people go to the cloud for some very good reasons. Those reasons are typically because it's easier. So put yourself in the developer's position, the developer might need to put up 10 BMS in order to do some low testing. He or she can go to the requisite committee, put in a request to it, to have 10 VMs provisioned can go in front of the right meeting to request permission to do so.
Make sure they've got budgetary approval for that expense, or they could get their credit card out and go to AWS that you need to make sure that whatever imposition is being placed on your community, that's using your technology technological resources, make sure that you, you are able to give the right management over it in the cloud, but make sure it suits the, what people are going to the cloud for, which is agility. We can very quickly put up services and take them back down again, not typically not provided in, in, in a non-prem environment. It is typically inexpensive.
I've seen some pretty high bills for provisioning BMS on premise environments. And it's very powerful.
So again, if you, if you need the power, particularly if it's only for a short period of time, those are the things that are providing great benefits to users. And the reason that many of them are looking to, to cloud services, you need to make sure that your it management within your organization, as you are controlling that and want to provide some, as we mentioned governance, some guidelines, the organization then needs to be nullable and accommodate that. And that might mean that you need to relinquish some of the tight control that you're currently placing on your it services.
Maybe it's grown up over time and it's really not that applicable at this point in time. Okay. The last slide is one that's actually comes from again, Mike Small's presentation and documentation on cloud services.
And he, he suggests there's four pillars that we need to adhere to. Okay. We need to make sure that we know what services we want. We need to define the services that we require as we move into the cloud. What level of performance, what type of encryption we want, what backups and how those are to work. If there's some nonfunctional requirements like the architecture alignment, if there's some legal requirements there that we need to accommodate, we need to define that in our service level definition, we need to consider the standards that we have.
Oftentimes organizations have gone to a great deal of effort to put in place there adherence to certain certifications in some industries, of course, more than others. But if you've done that, you need to ensure that you don't go break, that when you move to the cloud, you need to make sure that you've got the same levels of, of, of certification of your software, for instance, in the cloud, as you do on premise. And you need to make sure that you're on cloud infrastructure uses the standards that have been defined. You need to define the standards and make sure that they are adhere to it.
That should be one of the selection criteria for our cloud service is to make sure that it adheres to the standards that you want in terms of the division of responsibility, don't assume anything just because your cloud service provider is providing you a database, don't assume that it's automatically backed up. So look at who is doing what and make sure it gets written down in terms of an agreement between the cloud service provider and your organization. And we do suggest that you have a service level agreement in place for that.
And lastly, make sure that you're monitoring an audit requirements are accommodated. As we talked about before, if you are using an IM for event monitoring on premise, extend that to your cloud services. Okay.
And the, the, the measurement of what's happening in the cloud service should be provided to your monitoring and logging services on premise. Okay.
With that, I'd like to encourage any questions that you might have. So do type your questions in the question box at the bottom of, of your screen, while you're doing that.
I'll, I'll just go over these research that you might want to avail yourself on the, this particular webinar is based on an executive view called moving your business to the cloud to be published shortly. This is scenario report done on understanding cloud security that might small put in place, give you some very good pointers on the security issues around adopting cloud services and advisory report and cloud provider assurance as well. Mike did that one and then selecting your cloud provider.
That was the one that we selecting the cloud provider is the, the one that has the four pillars in it and a wealth of other good information. So that will be a good one to pick up. If you're currently looking to engage cloud services, infrastructure as a service is the one I presented in terms of the seven CSPs that we looked at. So if he'd like a comparison of those and look at the various functions that might use to evaluate them, that's very useful. The leadership compass on this identity access management and access governance is a document that Martin Kuppinger put together.
Again, a wealth of information on how to approach this governance situation. As people, as you migrate to the cloud, like hybrid environments, where we've got support, both on-prem and cloud is with us. It's something that is real and we better get used to actually adopting it. And the last one there, the executive view are cloud standard. You have to have a, a strong stomach for that. It's Mike Small again, put it together. And it's a bit scary on the various standards that you may or may not wish to impose on your cloud service provider.
So I do take a look at that executive view on cloud standards and cross reference. Okay's a question here on what if you want both Azure and AWS, both as you and AWS, I'd suggest that's probably rare in terms of wanting both, because it would be expensive to support both far better. If you could select one or the other, I'd come back to your enterprise environment. If it's office Microsoft exchange, that's a pretty good indicator that you should be looking to Azure.
Now, that's not to say that you can't run office. In fact, AWS gives you the capability of running all your office product on a AWS infrastructure, but you probably will need to run VPN into the data center to do that because otherwise you might have performance issues in running your office products in AWS environment. If you're office and you're moving, if you're Microsoft office customer, and you're moving into cloud services, that's a good indication that office 365 would be the solution. And that will automatically put you into the Azure environment.
If however, your Gmail, Google docs, probably a naked cloud supplier would be the way to go. So again, this is just a dictating a preferred approach. And obviously your individual requirement might dictate that you have to go particular one way or another, but do try and provide some governance over what you're doing and require your users to adhere to the what, whatever governances you, you are putting in place. Take the reins, take a strategic approach and make sure that it satisfies what you as a corporation need while providing what your customers are, are looking for any other questions.
Okay. I'm not seeing any other questions there. So look very interested in feedback. If you can provide us some feedback, it'd be very useful. We'd like to continue this discussion and do, do contact us and, and send me an email at GW KuppingerCole dot com. And I would appreciate your views on that. So with that, I will end a webinar and trust you and founded a useful exercise. Goodbye.