Author Centrally But Deploy Globally
Tip No. 6: The ability to author centrally but deploy globally
Policy will move with your applications in the cloud. Localized differences [time zones, IP addresses, service-level agreements (SLAs), etc] must be mapped automatically during provisioning. This can be challenging, as policy itself is often riddled with unanticipated dependency.
Tip No. 7: Offer a global view of the application network
You need an application-centric management and monitoring system. It must be accommodating to the subtleties of application protocols so it can provide an actionable view of problems as they occur.
Tip No. 8: Flexibility in policy language
The mechanics of governance always come down to complex details in security policy. It is through policy that you manage, adapt and control all communications between services. A richly expressive policy language will give you the tools you need to manage any situation.
Tip No. 9: Apply SOA lessons to the cloud
Think of cloud governance as evolved SOA governance. Any cloud governance solution should be as applicable to traditional SOA as it is to the cloud.
Tip No. 10: Utilize the cloud in the solution
If a vendor is serious about the cloud, a cloud governance solution should make use of cloud services.