Table of Contents
- Summary
- Market Categories and Deployment Types
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About GigaOm
- Copyright
1. Summary
Traditional IT and hosted services are being converted into cloud services and apps worldwide, making them increasingly important to organizations. There has also been a rapid increase in apps and data use, which means organizations must manage that data usage, ensure privacy standards in line with data sensitivity, and provide compliance with a range of global regulations and privacy standards. Managing these issues poses a number of challenges for organizations, and the problem is compounded when legacy companies with a history of governance on-premises lack tools that natively support cloud-hosted applications and SaaS services.
A cloud governance framework consists of policies and processes designed to ensure an organization’s operation and management of cloud services adhere to the necessary regulations and standards of its particular industry. Cloud governance tools help an organization’s IT and compliance managers define and maintain cloud policies, privacy and data retention levels, and the appropriate security policies across an organization. They enable organizations to manage their data and compliance requirements and build operational resilience.
Cloud governance tools are required to provide a high level of automation to show compliance with governance standards across a wide range of enterprise data sources and to include third-party clouds and apps. Such automation is necessary to assess and categorize the enormous amount of both structured and unstructured data in an enterprise as part of a compliance management system, with artificial intelligence (AI) and machine learning (ML) providing rapid search capabilities.
The end goals for all types of organizations, particularly for those in heavily regulated industries, are to simplify the reporting and management of data, provide a uniform view of information that can be processed to gain management insights into compliance issues, and to add value with impact assessments and risk quantification.
Enterprises today have to balance numerous conflicting objectives with their governance vendors. Solutions must enable compliance with current regulations and be flexible enough to accommodate future changes in environmental, social, and governance (ESG) policies, and respond to stakeholder requests for trust and ethics governance.
In this Radar report, vendors can be grouped into three business models:
- Cloud service providers (CSPs) who offer governance, risk, and compliance (GRC) tools with their cloud computing and storage services
- Specialized providers of GRC tools who offer GRC tools over a software as a service (SaaS) platform
- Workflow and software providers who offer GRC tools with a database or workflow service
This GigaOm Radar report highlights key cloud governance vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Cloud Governance Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.