Many organizations accelerated digital transformation in response to COVID-19 to remain resilient and competitive, with heavy investments in the cloud. This trend will continue well beyond the initial stages of the pandemic, with IDC’s spending forecast on “whole cloud” services to surpass $1.3 trillion by 2025.

Unfortunately, side effects from these expanded architectures include enhanced risk of shadow IT and unauthorized cloud access, as well as disparate tool sets that can lead to governance gaps. Better visibility of assets is key to solving these issues, and one of the most powerful items in the visibility toolkit is cloud tagging – the process of labeling cloud assets by certain attributes or operational values for better organization, search, and filtering of these assets.

Let’s examine how enterprises can upskill on cloud tagging to meet the additional security and governance hurdles that come with expanded and distributed cloud architectures – and how the most advanced cloud tagging methodologies can unlock behavioral insights to optimize and automate cyber asset management at scale.

Proper tagging is at the center of effective cloud governance for reporting, chargeback, cost optimization, compliance, and more. Yet despite the value derived from cloud tagging, too many organizations don’t have a coherent strategy for this essential function. Many moved so quickly to acquire technology in the midpandemic rush to digitize that tagging sometimes became an afterthought, or tagging methodologies were not followed properly, if at all.

To be sure, understrategized migrations were a phenomenon even before 2020. But COVID-19 exacerbated the problem as more organizations scrambled to stand up new IT services and cloud resources to adapt to pandemic-era business impacts and work-from-home requirements. This is more than just an inconvenience; it’s left organizations vulnerable to increased risk from breaches, ransomware, shadow IT, and other threats.

Especially as systems scale and new technologies get added, inadequate tagging creates governance and security gaps from misaligned systems. For instance, edge computing can dramatically increase available data and slash latency – but those sensors, video feeds, or other edge assets also represent additional entry points for hackers if they’re not adequately tagged and monitored within the enterprise architecture.

Tagging enables governance and security through better data and asset discoverability and a stronger understanding of operational context for cyber assets. In that sense, think of cloud tagging as a nuanced and dynamic way to put metadata to work for the organization. Mastering your metadata allows you to enhance governance and security by better connecting and combining diverse datasets, and cloud tagging is a core operational framework for achieving this.

3 Ways to Optimize Tagging
The takeaway is that cyber-risks and shadow IT have fewer places to hide within digital systems that have robust metadata management and cloud tagging procedures in place. Advanced cloud tagging can also become the overall foundation for a more dynamic and data-driven approach to cyber asset management. Here are three priorities to help drive toward this outcome.

Take an “Algorithmic” Approach
Tags can represent not just attributes of an asset (such as region, department, cost center, owner, etc.) but also the processes these assets are subject to. This affords the opportunity to take an “algorithmic” approach to tagging – effectively setting up a rules engine that applies policies you create based on the tags that you want. This allows you to keep track of assets and the policies that govern them, even on a dynamic and elastic platform that may be scaling up or down. It’s important to thoroughly master the nuances of both attribute and policy tagging to avoid either missing out on functionality, or mislabeling tags so that unintended consequences follow.

Embrace a Culture of Tagging
Make sure to designate stakeholders to be stewards responsible for instilling a culture of tagging in the organization to enforce consistent processes and parameters. Especially with a distributed workforce, this stewardship role may involve enforcement of certain tagging formulas; retroactive tagging when developers may have added assets or functions or services they didn’t think to tag; and steady monitoring of business outputs to ensure tags are effective and optimized to the business need and the business value derived from the asset. Throughout, the steward’s role is also to ensure these considerations make their way into the automated processes required to conduct cloud tagging at scale.

Optimize for Automation, Scalability
Even the most strategic tagging methodologies can break down at scale if they rely on a manual approach that’s prone to human error and capacity limits – especially given the dozen or more tags that may define an asset and the processes and policies it’s subject to. The good news is that automated tagging protocols enable not just scalability but also dynamic infrastructure provisioning for IT financial management, as well as automated reporting for better security, compliance reporting, and cost management.

As much as tagging is at the heart of transformation, automation is at the heart of tagging. With the right tags in place, you can index and manage digital infrastructure and operations on any scale, provided you automate the process of dynamic tag writing through automatic scans or similar means. In other words, marrying tagging and automation together will ensure tagging can happen at the scale and velocity of the modern enterprise. This is the best way to create a robust foundation for an optimized cloud infrastructure – one capable of supporting advanced cyber asset management for better security, governance, and system performance.

Source: www.darkreading.com