Simple effective cloud adoption and strategy for better L2 assurance work
Hi All, As line two looking and cloud risk, I want to know what strategy / architecture can be adopted for a customer (banking) who has so far adopted cloud in a fragmented manner with no centralized model (dump things here and there, open tenants here tenants there across AWS, Azure, Google) causing whole painful and time-consuming yet inefficient cloud / tenant reassessment for risk and security teams every time they open a tenant or introduce a cloud service, etc. With the aim to achieve simplification and consistency across cloud controls and ongoing cloud assurance and assessment. I am looking for a recommendation / strategy to rectify what is already in place and avoid ad-hoc ineffective cloud adoption as business initiatives come up. A robust model / approach to address above mentioned challenges. Please also share any article / resources for this matter. Thank you in advance.
It is a decent methodology to pick applications that are independent and easy to relocate so the disturbance is restricted to that application and spotlight is on gaining from the cloud reception measures.