For many organizations, migrating IT resources and workloads to the cloud can yield tangible benefits: flexibility, scalability, resource management, cost savings, simplified budgeting, ease of deployment and enhanced updating and patching.
The cloud can deliver Software, Platform or Infrastructure as a Service. Organizations can turn to the cloud to instantly spin up machines for temporary projects and seasonal workloads, to test and develop new applications, and to provide email without having to manage on-premises equipment.
But failure to manage a cloud environment effectively can cause new headaches.
The same ease of deployment that makes the cloud so attractive can create problems, especially if an organization lacks effective policies and guidelines. Take, for instance, the hypothetical example of an organization that invests in Office 365, Microsoft’s popular suite of productivity software. The IT department no longer has to manage on-premises email, and users gain access to cloud tools such as Skype for Business and OneDrive for Business. The move has the potential to be a clear win-win.
But in reality, some users may never utilize — or even know they have access to — the other cloud tools beyond email.
When they need to collaborate on documents, they may instead use a company credit card to purchase a consumer license for a stand-alone cloud file-sharing program, rather than utilizing OneDrive.
Then, inevitably, some of these users will leave the organization. Without tools and practices to ensure proper management and visibility, the IT shop may never know that corporate data is sitting on a consumer cloud application — placed there by someone who no longer even works for the organization — creating an unnecessary monthly expense and, potentially, compliance and security issues.
Multiply these problems by the hundreds or thousands of users in a large enterprise — and by the myriad of cloud tools at their disposal — and it’s easy to see why cloud sprawl can be such a large problem for organizations.
Some of the chief risks associated with cloud sprawl include the following:
1. IT Teams Have Limited Security Visibility
Until recently, IT teams maintained rigid control over access to computing resources and were able to exercise management and visibility over sensitive data with relative ease. The cloud, along with several other significant developments in IT, has dramatically changed this situation.
In one recent survey by Forcepoint, 21 percent of cybersecurity professionals said critical data and intellectual property from their organizations were stored with public cloud services. Perhaps most worrying, only 7 percent of respondents said they had “extremely good” visibility into how users handle critical data on enterprise and user-owned devices, as well as on applications. Sprawling cloud environments in which IT teams have limited visibility and management capabilities leave organizations vulnerable to attacks and data leaks.
2. Organizations Wind Up Overspending on Cloud Deployments
When it’s easy to purchase new software or services, it’s easy for spending to increase, and when this spending isn’t managed effectively, it can spin quickly into overspending.
Organizations spend more than necessary on their cloud deployments, as a result of both initial overprovisioning and abandoned, unused resources that suck up dollars without providing any value. Too often, operational units purchase cloud resources without taking the time to accurately estimate the amount of computing, data analytics and storage resources they need.
Perhaps just as frequently, these business units spin up resources for temporary projects and then fail to pull back the resources when those projects are complete. Overspending can also happen across an entire organization — with the full backing of the IT shop — when cloud resources aren’t matched appropriately with user roles. For example, companies often pay for the “pro” or “plus” versions of software suites without realizing that many users only need basic functionality.
3. Users Don’t Get Access to the Resources They Need
When IT staff doesn’t have full control of the cloud software and services being purchased throughout an organization, they can’t connect users with the IT assets that best meet their needs and, thus, ensure that these resources are being used optimally.
Lack of optimization is closely related to overspending, but may also include scenarios in which organizations invest in the appropriate amount of cloud resources but then simply fail to provide access to these resources to the employees best positioned to use them.
An organization with a well-managed cloud environment will often have a library where users can see which resources are available and then request temporary access. In contrast, in an organization with sprawling clouds, users often have no way of knowing which cloud resources are available.
4. Software Compliance Becomes a More Difficult Task
It was easy enough for organizations to lose track of software licenses before the emergence of the cloud. Now, with users able to subscribe to cloud software and spin up resources in an instant, it’s nearly impossible for IT teams to stay in compliance with software licensing agreements unless they appropriately manage their cloud environments.
When vendors audit organizations with cloud sprawl problems, the result is often a hefty bill — an outcome that is even tougher to swallow when many of the resources causing noncompliance are “zombie” instances, servers left running that no one in the organization is using anyway.
With software management tools, organizations can ensure constant compliance, taking the sting out of vendor audits.
Learn more about keeping costs down and controlling cloud sprawl in this CDW white paper.