Cloud First or DevOpsing with Governance, Legal and InfoSec

In enterprises banking on agility and pushing for Cloud first. Beware of some of the implications. Learn about some of the remedies.

SaaS first, PaaS second, IaaS third so goes the mantra… That’s all fine and dandy but the thing they don’t tell you is how much you’ll depend on Governance, Vendor Management, Legal, InfoSec. There’s nothing like it to really bog down your hyper-versatile Top Gun DevOps teams.

To be successfully, you’ll need them to work on a level and agile playing field. So, welcome to the world of:

  • Vendor Risk Assessment Backlogs
  • Legacy contract review Backlogs
  • Strategizing about Cloud Service contract
  • MVPs going Prop over and over.

Also beware of being the first to have an eager legal department. What happens when your legal department becomes more cloud-savvy than the legal tzar of your powerhouse ERP company whose marketing their software in a public cloud partnership without his knowledge.

Lot’s of fun to be had.



Philippe Tremblay


Philippe Tremblay is a DevOps Lead & Product Owner for the investment arm of the Healthcare of Ontario Pension Plan (HOOPP). All this means is: he is having tremendous fun leading the transformation and applying his years of experience in cloud architecture, information security and DevOps. His favourite team of multidisciplinary misfits, is currently working to evolve HOOPP’ infrastructure and platforms to ensure the the plan can readily execute on it’s future investment strategies.