Cloud sprawl and an oil spill - what do they have in common?

Today cloud sprawl (that is, when end-users engage in the unsanctioned use of cloud services) is on the rise. Many organisations are struggling to retain control of IT as employees increasingly take matters into their own hands.

Cloud sprawl has become particularly evident over the last three years, driven by the maturation of cloud services as well as growing consumer and corporate acceptance of the technology. Unfortunately, for the first two of these years, it went unaddressed as the concept remained relatively new and IT managers were unaware it might grow into the problem it is today. It was not anticipated that as cloud computing caught on in the IT department, consumers would show similar enthusiasm and even begin to drive adoption in the workplace themselves.

The trend began with employees frustrated by the inefficiencies of the IT department. Rather than join the queue for someone else to solve their problems, some began taking tasks typically delegated to IT into their own hands, such as creating CRM accounts. As a result shadow IT, IT solutions deployed internally without explicit approval, began to take root as cloud services were furtively adopted in the interest of short-term efficiency.

More recently, the lessening of concerns around the security of data in the cloud, paired with increased acceptance of the consumerisation of IT in the workplace, has facilitated the growth of both shadow IT and cloudsprawl. This is a significant problem for the CIO – these cloud services may not be suitable for enterprise use, are often managed by individuals without the proper authority, and are rarely integrated into the workplace correctly.

Nipping cloud sprawl in the bud

Cloud sprawl shares certain similarities with an oil spill – once you realise you have a problem, it is already very difficult to clean up. As such, preventative measures are often the best action a company can take. The key to this approach is to bring cloud services under a more governed system, the structure of which is owned by the CIO.

While there are numerous appropriate uses for cloud services, there are many inappropriate ones too, including dealing with highly secure data, and always-on mission critical or life-or-death imperatives, such as air traffic control. There are other workloads and IT systems that are not ideal for cloud either -legacy technologies, systems with high input-output processing requirements, and other complicated systems that can often be very expensive to implement in the cloud.

Unfortunately cloud sprawl is immune to these issues, and continues to operate regardless of circumstances, sometimes hampering efficiency, and occasionally resulting in more serious consequences. It's hard to pin responsibility when it comes to cloud sprawl, so prevention really is paramount. Control, governance, accountability, and consultancy service integration can all help.

Is the IT department losing control?

Some IT departments have been slow to adapt to workforce demands, losing control and visibility of what users are spending money on. Five years ago it would have been very hard for a head of sales to build their own CRM system – now it's a browser click and credit card payment away. The CIO may not know that the sales director is off to Salesforce for their CRM needs, but they'll certainly see the after-effects when they can't integrate the ERP system and experience loss of visibility.

So what can be done to avoid cloud sprawl? The reality is that this is relatively new ground - lessons about cloud sprawl are still being learned. Although the more modern end user centric management tools are able to report and track the usage of cloud services such as Box.com or Salesforce.com within the enterprise, there remains a distinct lack of client-side consulting services specifically designed to address this problem and very little advice regarding the infrastructure required to link one cloud to another and keep sprawl under control. Without this infrastructure, there is a real possibility a company could unknowingly end up with multiple systems competing with one another to do the same job.

In addition to understanding these infrastructure requirements, many CIOs also need to learn to better communicate, and be more in tune with the wants and needs of the wider business. There is often a gap between IT and business, with few people in between who speak a common language – it's up to the CIO to bridge that gap.

Holding cloud service providers accountable

Cloud services providers can play a big part in slowing cloud sprawl by encouraging cloud-readiness assessments, allowing businesses to check if they are ready for certain products and offering alternatives if they aren't. Presenting a selection of services a company could use, then working together to pick only the most relevant would act almost as a cloud sprawl assessment, and could go a long way towards solving the problem before it begins.

Service providers often exacerbate the problem by concentrating all of their efforts on selling, rather than identifying redundancies or pointing out inefficiencies with clients' current systems, and offering solutions to fix these. Hopefully, as the market for cloud services continues to evolve, so will awareness about the growing problem of cloud sprawl and the impact it has on business efficiency.

Tim Patrick-Smith is the CIO of global ICT services provider Getronics.