Cloud – the importance of a hybrid solution in managing Shadow IT

Rapid access to cloud services delivers essential business agility, but the rise in shadow IT is compromising cost, control and security. Darron Edwards, MCSA’s Lead Solutions Architect, explains the importance of a strong hybrid IT model to enable organisations to explore the benefits of cloud computing without compromising essential governance.

 

Cloud computing, Laptop with circle global on screen and icon network connection on wooden background

 

In a challenging global economy agility has become one of the most fundamental aspects of business success. Those organisations able to explore and exploit technology innovation to drive change and respond fast to new market opportunities are gaining a significant advantage. At the heart of such change is the rise of cloud computing which promises speed, agility, flexibility and innovation. Yet, as with every technical innovation, there are risks to be considered, not least in the areas of cost and control.

While more than $1 trillion in IT spending will be directly or indirectly affected by the shift to cloud during the next five years, according to research organisation Gartner, just how much of that spend will be centrally controlled and managed by the business? The ease with which business managers  can access and buy cloud services without recourse to IT is creating huge operational risks, from spiralling uncontrolled costs to security.

According to one recent survey¹, almost three quarters (77%) of decision makers have used a third party cloud application without the approval or knowledge of their IT departments.  Even more disturbing, users are aware they are breaking IT guidelines and do this in full knowledge – and over half do not know which country their cloud based data is stored in, jeopardising compliance to a raft of requirements, from PCI DSS to data protection.

This explosion in shadow IT is a serious concern for many organisations – with many only discovering the extent of unsanctioned cloud investments during the audit process.  In addition to the uncontrolled costs and clear security concerns, this fragmented adoption of diverse cloud services fundamentally constrains longer term innovation. While individual solutions may fulfil an immediate departmental need, where is the cross-functional integration or shared resource? From every angle, the rise of shadow IT raises significant operational concerns, however effective these individual cloud services may appear in the short term.

Transform, Standardise, Virtualise

How can an organisation maximise the agility of the cloud without compromising control? The key is to combine a strategic vision with an IT model that enables controlled change. The first step is to embark upon a data centre transformation by standardising, consolidating and virtualising equipment and then improving management and automation. With this streamlined and responsive IT model in place, the business is far better placed to respond to operational needs.  In addition, standards for the adoption of public cloud services can be developed to ensure consistency.

Combining the standardised model with strong communication processes across the business that highlight the speed with which the centralised IT team can respond to operational needs will be key to eradicating any business manager’s desire or need to go rogue.

For example, when a business manager raises the need for a new CRM system, the IT team can rapidly determine whether that request can be supported by the existing internal resources or opt for a cloud alternative. Critically, the deployment is undertaken within the overall IT environment, ensuring security procedures are adhered to, that the costs are always visible and that any cross-functional integration can be far more easily attained.

In essence, proactively creating a robust hybrid IT model is the key to regaining control, driving out shadow IT and ensuring the business is well placed to explore the agility of the cloud without compromising cost or security.