How to Build a Cloud Center of Excellence

CCOE blog post image with a cloud team long image Cloud Center of Excellence (CCOE)

As more enterprises move to the cloud, leading cloud service providers, like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) have introduced cloud migration tools and services aimed at large-scale enterprise environments. You’ve surely heard about the broad benefits of moving to the cloud in time savings, cost, and flexibility. It’s not the whole story. As modern enterprise IT continues to evolve alongside cloud solutions, the list of reasons to switch has grown substantially. Moving to the cloud means becoming a new type of organization with a Cloud Center of Excellence (CCoE).

To ensure cloud adoption and migration success, organizations must have the right skills and structure in place. The optimal way to achieve this is by setting up a centralized Cloud Center of Excellence. So, what does it take to build a CCoE team and put them on the path to planning, acting, and overcoming? In this blog, we will walk you through the process of the CCoE concept, which remains fairly new in the world of enterprise IT.

What Does a Center of Excellence Do?

To put it simply: a Cloud Center of Excellence (CCoE) is a task force within your company that is completely dedicated to foreseeing and addressing the challenges associated with moving to the cloud. Your CCoE will help your organization plan out a solid strategy backed by a clear vision to ensure the cloud migration project not just ticks all of the boxes but delivers on its promises to the business. In addition to overseeing the technological changes, a CCoE will drive the adoption agenda by coordinating with internal stakeholders and providing structured, accurate information to all those who require it.

The CCoE will carve a clear path to ensure your company avoids the common pitfalls of a cloud adoption initiative. 

Who Should Be Part of a CCoE Team?

The CCoE team will be responsible for the initiative throughout the whole process, from the research and planning face to the complex adoption. Individuals on the team may maintain a day-to-day role within your organization or they may be hired on temporarily and solely for the CCoE team. Additionally, you may only need to bring certain individuals onto the team for short periods of time. However, Gartner stresses that the CCoE team “should not be outsourced.”

Depending on the size of your organization and your timeline for migration, you may identify overlap in some of the above roles. When assembling your team, aim to select five individuals with each one holding a different role off this list by first determining which roles are most pertinent to your organization’s transformation needs.

Aim for Skills Diversity

Ideally, you’ll be able to select individuals who already have cloud experience. The cloud is multi-disciplinary by nature, so assembling a team with a broad range of different but related skills will make your CCoE team even better equipped for understanding and adopting the many emerging technologies that will be introduced and considered during the cloud transformation process. 

Consider Cloud Adversaries

Many organizations prioritize individuals who are proponents of cloud adoption, but it could also be beneficial to choose at least one skeptic and bring them onto the CCoE team. This individual will soon embrace the change and may eventually help you convince others in the organization who held similar reservations to them. 

Seek Out Team Players

When choosing who will be on your CCoE team, ensure you choose individuals who showcase good communication, collaboration, and boardroom skills as regular team meetings will play a crucial role in successful cloud adoption. 

The CCoE Team’s Challenges and Duties

Your Cloud Center of Excellence team needs to consider the detailed logistics of creating your cloud infrastructure, preparing your workforce, and establishing new policies, processes, and procedures for infrastructure migration and management. The team will ultimately have to consider the following for a successful migration and cloud adoption process.

Failover and Recovery

When services go down, your company needs a way to minimize the impact it has on your business and its users. This requires a well-planned environment complete with a disaster recovery plan that will enable you to get back up and running quickly. The plan needs to balance the cost of the backup infrastructure with the availability requirements, which can be a tough equation to figure out.

Resource Provisioning

When a user requires a stable, compliant, and secure environment for an application, you need to make it easy for them to provide that infrastructure. These same tools increase the portability of your workloads and can make monitoring performance more straightforward across your entire organization.

However, you can’t simply opt for an Infrastructure as Code (IaC) tool, like Chef or Puppet, and take away users’ freedom to use the cloud when and how they choose. This freedom is important and provides flexibility and independence to your users, you just need to put the right “guardrails” in place, first. 

Application Development

The cloud holds incredible potential for cost reduction and increased security, but only if you use it correctly. To realize these benefits in full, you need to approach the application design process using the cloud’s distributed architecture in the right way. 


When it comes to securing your cloud, the CCoE must be security conscious in each step and decision. Migrating infrastructures, applications or services to the cloud without understanding that identities are the new perimeter or increasing security overhead requires careful preparation. This starts by understanding that any cloud-based deployment, whether building out a new infrastructure or building a new application, requires clear communication between lines of business, IT, and security teams. Without clear communications about business needs and objectives and a candid discussion of related threats, organizations open themselves to a whole array of new risks. CCoE needs to start by getting control of your security sprawl and imposing a central security strategy. The key to this strategy is having the ability to continuously monitor and audit your environment and when issues occur, having the ability to react at speed and scale.

Asset Management

Asset management is a crucial part of cloud infrastructure management and optimization. After all, you can’t manage it if you don’t know that you have it. Therefore, the first essential step in asset management is to gain complete visibility into all of your assets that are distributed across the cloud so you can monitor them accordingly. 

Cloud Infrastructure Entitlement Management

Like asset management, Cloud Infrastructure Entitlement Management (CIEM) is a crucial part of cloud security. Therefore, your CCoE should plan to gain complete visibility into all of its person and on-person identities and understand the effective permissions of each across the cloud so they can be monitored accordingly. 

Additionally, the right monitoring tools will help prevent “cloud sprawl,” which is the unmanaged or under-controlled growth in consumption of cloud resources that will drive up costs and make your infrastructure more vulnerable to security risks. 

Change Management

When it comes to your organization’s cloud transformation process and agenda, the CCoE team is going to be the driving force behind it.  The Cloud Center of Excellence team works with senior management so they can gain insight into strategic initiatives and further develop, manage, and implement them across the organization. The CCoE assists with change by acting as an intermediary between departments, promoting transparency, and ensuring smooth collaboration as they align the actions of various teams to ensure everyone’s on track to achieving the organization’s overall objectives. 

Cloud Training

While last in this list, it is certainly not the least important. Staff cannot be expected to just “find their way around” the new cloud environment. By far, one of the most expensive and time-consuming parts of moving to the cloud is training staff in all of the new technologies associated with it. Educating your teams on how the cloud is different from your traditional infrastructure is important to developing their knowledge and ensuring best practices are upheld. 

Prepare for a Successful Cloud Journey

As you migrate to the cloud, it’s important to delegate the many duties associated with cloud adoption to the right members of your organization. Ultimately, while moving to the cloud is by no means a simple process, with the right Cloud Center of Excellence team to drive the process and the right tools to secure the cloud, your organization can enjoy the flexibility, scalability, and emerging capabilities associated with the public cloud

The post How to Build a Cloud Center of Excellence appeared first on Sonrai Security.

*** This is a Security Bloggers Network syndicated blog from Blog - Sonrai Security authored by Eric Kedrosky. Read the original post at: