Cloud Governance and Policy-Enforcement
CumuLogic platform integrated governance module allows enterprises to manage and control the usage of private and public cloud resources required for regulatory compliance, budget management or security purposes.
CumuLogic platform allows enterprises to use Cloud Services on private and public clouds. Services such as Database-as-a-Service, Message Queue-as-a-Service, Caching-as-a-Service and others improve developers productivity and enable simplified DevOps process, and controlling access to cloud resources and services is imperative to maintain security, compliance and keep IT budgets in check. CumuLogic’s granular, policy-driven, role-based access control modules allow IT to define access controls, restrict access to production environments, track and manage department chargebacks.
Governance of Clouds, Platform and Services
CumuLogic’s governance module is an integrated policy-driven and role-based access control system, which provides fine granular, role-based access to various cloud resources and maintains security of cloud resources and data.
Role-based Access Control
CumuLogic platform integrates with existing Active Directory and LDAP systems and allows you to extend your existing authentication, users’ roles and policies to the cloud – or create new roles, groups and criteria-based policies.
Several roles can be created and assigned appropriate Access Control List (ACLs) of private and public cloud resources, cloud services such as database services and actions on services such as backups and restores, API usage and any other custom resources.
You can create a number of roles for target audiences such as developers, QA, Ops personnel, etc. and assign them to different access levels of cloud resources. Roles can be assigned to specify groups of users or individual user accounts. For example, you want to create a role called QA for your QA team. QA team must be allowed to deploy applications for testing, provisioning resources such as databases and frameworks and also be able to configure/modify databases, initiate full backups of databases or restore from database snapshots. Also, you may want to limit the cloud or cloud region for QA, for instance, to only provision applications on Amazon cloud’s region US-East and internal private cloud in Silicon Valley datacenter. CumuLogic’s platform allows you to assign granular controls and extend or modify these controls in real time.
Quotas and Financial Controls
Quota and financial controls assign quantity or financial quotas in terms of cloud resources or usage amount. CumuLogic’s platform allows you to control expenses by individual project, group or role. You can assign budget codes to users, groups and roles and map them against your finance codes.
Auditing and Reporting
Using audit logs, you can track users and group activity across all the cloud resources. You can also register email notifications on specific user actions.
Geographical policies controls who can deploy applications or use what resources from which cloud. Geographical control allows you to maintain tighter security and compliance on restricted environments such as production systems or HR applications. It also allows enterprises to prevent inadvertently deploying sensitive, regulated applications on public clouds.
Entitlements control usage of cloud resources by registering users’ entitlements to certain services or certain clouds, storage and applications. Users will only be allowed to use the services or resources for what they are entitled to.