Public cloud services such as Azure provide a wide variety of services that are very easy to implement and consume without the interaction and integration of a company's IT team. This implies the risk that some departments and teams could create an idea to implement their own shadow IT that may not comply with the company's security and regulation policies.
The easiest way to mitigate that risk is for a company to sign an extension to an existing Microsoft Enterprise Agreement (EA) to integrate a dedicated part of Azure consumption. This provides the option to access the Microsoft Enterprise portal for Azure and define budgets per team or organization.
After having enabled Azure for a company from the contract side, we are now able to implement the basic guidelines for using Azure; so-called Azure governance. Azure governance...