Cloud Maturity Quiz Results

Assessment results

You’re currently in Stage 3: Scaling

Based on your answers, you’re currently Scaling — the final phase of building a successful corporate cloud program. During this stage, platform teams spread key cloud practices across the organization and introduce self-service provisioning and automated remediation.‌‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‌‌‍‍‌‌‌‍‌‌‌‌‌‌‌‌‍‌‌‌‌‌‍‌‍‍‌‌‌‌‍‍‌‌‌‌‌‌‍‌‍‌‌‌‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‍‌‌‌‌‌‍‍‌‌‍‌‍‍‍‍‌‌‌‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‌‌‍‍‌‌‌‍‌‌‌‌‌‌‌‌‍‌‌‌‌‌‍‌‍‍‌‌‌‌‍‍‌‌‌‌‌‌‍‌‍‌‌‌‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‍‌‌‌‌‌‍‍‌‌‍‌‍‍‍‍‌‌‌‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‍‌‌‌‌‍‌‌‍‌‌‌‌‍‍‌‌‍‌‌‍‌‍‌‌‌‌‌‍‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‍‌‌‌‌‌‍‍‌‌‍‌‍‍‍‍‌‌

Let's talk scaling Let's talk scaling Let's talk scaling

Common practices in this phase

Organizations in the Scaling phase are taking the cloud platform they’ve built and extending its functionality, learnings, and workflows across their entire digital estate. This includes other cloud providers, SaaS applications, and on-premises datacenters. Priorities include:

Infrastructure

Making developer tools self-service
Improving self-service workflows with no-code modules to support teams of all skill levels
Optimizing cloud spend and efficiency
Continuously monitoring infrastructureto detect drift and maintain health

Security

Advancing data protection capabilities, including encryption as a service, transparent encryption, and key management
Scaling their system of record across hybrid environments, including multiple clouds and datacenters
Creating advanced automations for managing security and network configurations
Improving visibility for auditing and optimizing secrets management tools and systems

Benefits and challenges in this phase

Typical Scaling practices have specific rewards and drawbacks.

Short term cost reductionAbility to spin up new infrastructure without capital expenditures for new hardware
Plus

Working in silos‌‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‍‌‌‌‌‍‌‌‍‌‌‌‌‍‍‌‌‍‌‌‍‌‍‌‌‌‌‌‍‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‌‍‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‌‍‍‌‍‍‌‍‌‌‌‍‌‌‍‌‌‍‌‌‌‍‍‍‌‌‌‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‍‌‌‌‌‍‌‌‍‌‌‌‌‍‍‌‌‍‌‌‍‌‍‌‌‌‌‌‍‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‌‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‌‌‍‌‌‍‌‌‌‍‍‍‌‌‌‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‍‌‌‌‌‍‌‌‍‌‌‌‌‍‍‌‌‍‌‌‍‌‍‌‌‌‌‌‍‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‍‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‌‌‍‌‌‍‍‌‌‍‍‌‍‌‍‍‌‌Individual teams tend to create standalone workflows for similar activities, with minimal cross-team collaboration
minus
Lack of policy enforcementDifficulty enforcing cost controls and policies for security and governance
Minus
Lack of standardization‌‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‍‌‌‌‌‍‌‌‍‌‌‌‌‍‍‌‌‍‌‌‍‌‍‌‌‌‌‌‍‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‌‍‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‌‌‍‌‌‍‌‌‌‍‍‍‌‌Without a common platform, many processes are done manually‍‍‍‌‍‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‍‌‌‌‌‍‌‌‍‌‌‌‌‍‍‌‌‍‌‌‍‌‍‌‌‌‌‌‍‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‌‍‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‌‌‍‌‌‍‌‌‌‍‍‍‌‌‌‍‌‍‍‌‌‍‌‌‍‍‌‌‍‍‍‍‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‍‍‍‍‌‍‍‌‍‌‍‌‌‌‍‌‍‍‍‍‍‍‍‌‍‍‌‌‌‌‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‍‌‍‍‌‌‍‌‍‌‍‌‍‍‌‍‌‌‍‌‌‍‌‌‍‍‌‌‍‍‍‍‌‍‌‌‍‌‌‌‌‍‌‍‌‍‌‌‍‍‌‍‌‍‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‌‍‌‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‌‍‌‌‍‌‍‍‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‌‌‌‍‌‌‌‍‌‌‍‍‌‌‍‌‍‍‌‌‌‍‌‍‌‍‌‍‌‍‌‌‌‌‍‌‌‌‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‌‌‌‍‌‌‌‌‍‌‌‍‌‌‌‌‍‍‌‌‍‌‌‍‌‍‌‌‌‌‌‍‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‍‌‍‌‍‌‌‌‍‌‌‍‍‌‌‌‍‌‍‌‍‌‍‍‌‌‍‌‌‌‍‌‍‌‌‌‌‍‌‌‌‌‍‍‌‌‍‌‍‌‍‍‌‌‌‍‌‌‌‍‍‌‌‍‍‌‍‍‍‌‍‍‌‌‌‌‍‌‌‌‍‌‌‍‍‍‍‌‍‍‌‍‌‌‌‍‌‌‍‌‌‍‌‌‌‍‍‍‌‌
Minus
Increased security riskMultiple implementations with lack of oversight leading to greater threat exposure
Minus

What's next

Continuing to mature in the cloud

With a mature cloud program in place, organizations in the Scaling phase can focus on deploying more sophisticated capabilities, optimizing cloud spend, and implementing developer self-service.

Infrastructure Lifecycle Management

Infrastructure Lifecycle Management (ILM) uses infrastructure as code (IaC) to build, deploy, and manage the infrastructure that underpins cloud applications. With a mature IaC platform in place, organizations in the Scaling phase can extend existing workflows even more broadly throughout development teams.

ILM practices to help you continue maturing

Enable developer self-service
Making developer tooling self-service with an internal developer platform like HashiCorp Waypoint.
Learn more
Create and use no-code modules
Ease developer self-service with built-in catalogs like no-code provisioning from HashiCorp Terraform.
Learn more
Use health assessments to detect infrastructure drift
Continuously monitor your infrastructure and catch changes when they happen using drift detection.
Learn more
Automate cost optimization tools
Put tools and systems into place that monitor costs and alert the right teams to unexpected changes.
Learn more
Manage the infrastructure lifecycle from end to end
Adopt tools and automation to continuously manage the lifecycle of your infrastructure, along with proper end-of-life processes to avoid orphaned, unused deployments.
Learn more
Implement advanced image pipelines
Ensure consistent deployments that allow teams to change a golden image once to update all downstream builds.
Learn more

Security Lifecycle Management

Security Lifecycle Management (SLM) uses identity-based access controls to manage the security lifecycle of your secrets, users, and services. From an operations and security standpoint, organizations in the Scaling phase have the tools in place to implement more sophisticated SLM workflows and systems.

SLM practices to help you continue maturing

Encrypt data seamlessly
Use advanced data protection capabilities like encryption as a service to protect critical data.
Learn more
Automate service networking
Securely drive service-to-service access through policies using dynamic service-based networking.
Learn more
Expand to private and hybrid datacenters
Standardize your security tools beyond the public cloud across your entire organization.
Learn more
Manage keys and certificates
Secure systems by automating encryption, key management, and PKI for encryption and identity workloads.
Learn more
Shift security left
Build all security systems and tools directly into the infrastructure platform for consistent protections and risk reduction.
Learn more
Secure resources with multi-hop sessions
Provide access to private resources by connecting into complex network topologies through reverse-proxies that let users securely access locked-down resources as needed.
Learn more

Resources to help you continue maturing

Managing a golden image factory across all major cloud platforms at ExperiaLearn how Experian manages machine image governance and standards across AWS, Azure, Google Cloud, Oracle Cloud, and Alibaba Cloud.
Case study
Advanced data protection with HashiCorp VaultIn this webinar, HashiCorp Vault engineers showcase the unique advantages of Advanced Data Protection (ADP) capabilities using Vault secrets engines like Key Management Interoperability Protocol, Key Management, and Transform.
Webinar
Optimize cloud spend with HashiCorp TerraformExperts break down how to best optimize cloud spend with HashiCorp Terraform in a four-part series, which covers the causes of cloud waste, how to prevent avoidable cloud waste, and how to address the provisioning skills gap effect on cloud waste.
Webinar series
3 phases of optimizing cloud and operator spend with HashiCorp TerraformDownload our cloud spend optimization guide to explore the causes of waste at each stage of cloud adoption, how a platform team and cloud operating model help unify your cloud estate, and more.
White paper