CloudCheckr CMx – Why We Built It
Managing cloud infrastructure at scale across boundaries wasn’t being adequately addressed by anyone, until now.
This is a guest contribution by Jeff Valentine, Chief Technology Officer at CloudCheckr. Jeff is a growth leader for technology companies. He has started, invested in, bought, or sold 12 companies in the past 20 years for a combined value of more than $280 million.
As I write this, we are just announcing the availability of CloudCheckr CMx™: a robust, extensible, and scalable platform for enterprise-ready public cloud management. CMx is built to deliver insights about cost savings, cloud security, and compliance to the most complex organizational structures, from large enterprises to managed service providers to government agencies. And I want to tell you why we built it.
New Headwinds to Cloud Adoption
Today, the whole cloud infrastructure industry – dominated by providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) – is maturing to the point of running significant production workloads across almost every sector of the economy. Heavily regulated industries such as government agencies, banks, healthcare providers, and pharmaceutical companies have already moved some of their IT infrastructure to the cloud, and most other large enterprises have done the same. Despite this early success (likely because of it), I’ve noticed that many of these business cloud consumers are now hitting points of friction managing the breadth and depth of their infrastructure at scale.
What does “at scale” mean? It means that organizations now have cloud accounts in different providers, and they can’t see their infrastructure across all of them in the same way. Companies and publicly-funded organizations try to eliminate (or at least reduce) wasteful spending, but there are many different groups each consuming cloud resources in different ways. Information security teams must ensure that their applications are secure without slowing down their development teams. And, perhaps most challenging of all, IT departments need to provide cloud management tools to different departments through reports, internal chargebacks, and web tools that make sense given their own internal structure.
A use case would probably help.
Let’s say Acme Corp has 10,000 employees spread across 4 business units. Each business unit has their own IT organization, their own finance organization, and their own information security team. Globally, an overlay team reporting to the CIO is charged with ensuring compliance with various data residency and privacy standards, and the global finance organization has goals around reducing CapEx and hitting their EBITDA targets. Roughly 300 employees and contractors spread across 8 countries have a level of access to their cloud infrastructure that could cause an outage, data leak, or compliance violation. Acme’s largest competitor was on the front page of the Wall Street Journal last year after their customers’ personal information was discovered on the dark web, and everyone from the regional executive level through the board hopes that Acme won’t be next. When there were just a few applications running in the cloud, all of this was pretty easy and low risk, but now that Acme has reached this turning point in scale, there are literally thousands of attack vectors that could lead to leaked confidential data and blown budgets.
Cloud providers are aware of the new risks to both costs and information security, so they’ve built their offerings around a principle called “shared responsibility”. This means they provide sufficient information for each customer to own their own configurations and, legally, the responsibility for mistakes. That information comes in the form of gigabytes per month of meta-data about each and every configuration change, charge, and utilization. How can organizations the size of Acme make sense of all of that?
A Deluge of Data
The vast amounts of information necessary to manage and secure cloud infrastructure has led to four specific problems for enterprises, service providers, and public sector organizations striving to move past this inflection point in their cloud adoption curve.
The Organizational Structure Problem
Enterprises like Acme need tools that conform to their own organizational structures. Simple authentication requirements (now available through ubiquitous “Single Sign On” functionality) have evolved into a need for granular permission control, mapping cloud accounts to different departments, and combining reports across different branches in an organization’s hierarchical tree. Users that previously only needed to see costs for a single account now need to manage costs, security, and compliance across all accounts within a business unit, split out by function, group, application, and other arbitrary criteria. At scale means providing management to the right combination of accounts and users in a single pane of glass.
The Change Velocity Problem
Some companies have chosen to build tools on top of IaaS data. This sounds great, and exactly matches the pattern of how IT organizations have built BI dashboards on top of ERP and CRM systems for years. Using our Acme example again, let me tell you why the head of such a project at Acme would have been fired for trying that. Unlike relatively static ERP and CRM systems, cloud infrastructure is constantly changing. Within the past four months, CloudCheckr has cataloged more than 150 “breaking changes” to cloud infrastructure, sometimes in the form of changes to APIs that internal teams would use to build their own reporting, and sometimes in the form of bugs (though these are increasingly rare.) More often, we’re seeing changes through the addition and improvement of services. For example, AWS released Savings Plans last year with great success. But overnight, anyone that was counting on providing cost savings reports based only upon Reserved Instances (RIs) had to scramble to recode their reports. More recently, Microsoft released a new type of billing arrangement for service providers, and along with it, new requirements for billing data ingestion and account access. Internal apps, unfortunately, are doomed to consume a huge amount of resources to maintain because they go stale quickly due to the dynamic nature of cloud infrastructure data. At scale means remaining up-to-date with the cloud’s velocity.
The Multiple Cloud Problem
Large cloud consumers are managing multi-cloud environments, which leads to even more complexity. While true cross-cloud applications are rare, it’s increasingly common for companies like Acme to have different applications in different clouds. These organizations receive very different data from each provider; so different, in fact, that it’s nearly impossible to report on different clouds in the same way. An application hosted on Azure running out of Germany likely bills in a different currency—and for a different monthly billing period—than a sister application hosted on AWS running out of Oregon. And don’t even get me started on the lexicon differences! There is no common language to describe a serverless key-value pair database running on AWS with a competitive product running on GCP. At scale means having a cloud Rosetta Stone to provide total visibility across cloud and organizational boundaries.
The Data Report-ability and Discovery Problem
And last, the vast amounts of data – billions of data points per customer per month – are useless, orphaned singletons without the ability to derive insights from that data. In the past, business intelligence tools were used by IT staff to deliver canned reports that drove email summaries, executive dashboards, and web-based reporting engines. Any ad-hoc analysis of the data – the ability to summarize in different ways, compare over different time periods, and spin data into simple charts, graphs, and tables – was done either through specialized access tools or, for small data sets, PivotTables in Microsoft Excel. In contrast, cloud management is exponentially harder because the amount of data is exponentially larger. At CloudCheckr, for example, we process and store more than a million gigabytes of data for our customers, and we store it for up to seven years. At scale means quickly processing vast amounts of data to deliver repeated, consistent, and configurable reports and the capability to discover new insights and trends you didn’t know existed.
CloudCheckr CMx is the only cloud insights solution with the flexibility to meet business requirements at scale
So, why did we build CMx? CloudCheckr the company—and CloudCheckr the people—understand the problem space around the scalability of cloud management. Our insights come from our customers, all of whom already use our SaaS product to manage more than $3 billion per year of cloud spend. CMx began more than a year ago as the answer to the cloud industry’s scale-specific challenges.
How does this first release of CloudCheckr CMx do that?
- Instant insights and a unified view into cloud infrastructure – faster reporting and the addition of Pivot Explorer, a new business insight discovery tool, allows users to run configurable reports easily, revealing new usage trends that identify cost savings and resource optimization actions
- Easy integration with existing enterprise applications – a robust and complete API allows technology teams to build integrations with other enterprise IT systems to easily include cloud insights into their own business processes
- An easy-to-get-started user experience that’s flexible and fast – a new user experience, built on a responsive interface and an API-first methodology, can be used to access data on any desktop or mobile device, allowing distributed teams to collaborate without restrictions
- Enterprise-ready account and user management – manage complex, multi-cloud configurations across any combination of business units, user types, and cloud accounts
Every industry has competitors, and CloudCheckr is no exception. What is exceptional, however, is that we are one of the few companies innovating in our space. Unfortunately for our compatriots who have been acquired by larger strategics, many teams are being sidelined, shrunk, or managed for EBITDA rather than investing for growth, and their products are getting stale. At CloudCheckr, we’re doing the opposite. We’ve literally doubled our investment in technology over last year, and we’re still hiring new team members during this pandemic. I’m happy to say that some of the best people that have been victims of cost reductions at our competitors in their post-acquisition phase have now become part of the CloudCheckr family. We’re doubling-down because we see the opportunity to own the market, and our first release of CloudCheckr CMx is evidence of that.
We’re not done – not nearly so. I could go on and on about our new CI/CD pipeline, our new data lake architecture, or our modern microservices-based UI, but what it all adds up to is an ability to continue to add features that solve juicy market problems faster and more efficiently than ever. Our investment in CMx as a platform doesn’t just extend our lead once – it accelerates our product and the value we provide to our customers.
If you’re one of the thousands of companies that already uses CloudCheckr, CloudCheckr CMx is probably already enabled for your account, and if you aren’t yet a customer then you can reach out to us to schedule a demonstration. You’re going to love it.