Rogue Clouds, Off-the-Grid Services

Caron Carlson of FierceCIO highlighted the Network World article below about the surprising prevalence of unauthorized cloud implementations found throughout 83% of enterprises surveyed by Symantec.
Wow, that’s huge. Think about it: 83% of businesses in a large survey pool (>3,200 IT managers) have “rogue clouds” provisioned without IT’s awareness.
While we at AIS are definitely keen on promoting the benefits of cloud services, and we also believe that any IT services consumed within an enterprise should clearly be on the radar of said enterprise IT leaders. Security, access, backup, and other policies exist for a reason.
We’re here to facilitate and improve enterprise IT service delivery, not cultivate an underground economy of off-the-grid offerings.
Emphasis in red added by me.
Brian Wood, VP Marketing
——–

Rogue clouds infiltrate enterprise

The majority of companies using the cloud have business managers who are signing up for services without consulting IT. These “rogue clouds” were deployed at 83 percent of the large enterprises recently surveyed by Symantec, and they’re among IT’s biggest challenges, reports Ellen Messmer at Network World.
The Symantec survey, which included more than 3,200 IT managers around the world, found that some of the companies with rogue clouds–20 percent–didn’t realize that bypassing IT is not the right thing to do. They believed they were saving their organizations money and simplifying the process by skipping past IT.
Symantec also found that complying with e-discovery requirements is complicated when data is stored in the cloud. In the past year, more than a third of the survey respondents had e-discovery requests for cloud data, and two-thirds of this group missed their deadlines. More worrisome, 41 percent of those confronted with this challenge never located the requested data.
http://www.fiercecio.com/story/rogue-clouds-infiltrate-enterprise/2013-01-16
———-

‘Rogue clouds’ giving IT staffs nightmares

Inefficient storage methods also seen as raising costs in cloud, survey finds
Cloud computing is increasingly being adopted by companies around the world, but IT managers say “rogue cloud implementations” in which business managers sign up for services without getting IT approval is among their biggest challenges.
This is according to a survey on avoiding hidden cloud costs that was sponsored by Symantec with interviews and polling done by ReRez, in which some 94% of the 3,236 information-technology managers in 29 countries said their companies either already were using cloud services or discussing how to do so.
“Rogue clouds” occur if sales and marketing people, for example, order up Salesforce.com without bothering to consult IT or set up Dropbox with outside vendors to share sensitive information. It’s happening to three-quarters of those using cloud, according to the survey, and it occurs more in large enterprises (83%) than in small to midsize ones (70%).
“So why are organizations doing it? One in five don’t realize they shouldn’t,” the report says about the “rogue cloud” problem. The report adds they think they’re saving money through “rogue cloud” projects and believe “going through IT would make the process more difficult.”
On top of having to deal with rogue clouds, 43% of IT managers relying on cloud-based services said they had “lost data in the cloud,” meaning they either couldn’t find it or had accidentally deleted it, said Dave Elliott, cloud strategist and director of global cloud marketing at Symantec.
This means they had to recover it from a backup, but two-thirds doing this saw recovery operations fail at some point. Of the recovery procedures IT managers had in place, 32% said they found cloud data recovery to be “fast” but 22% said it “can take 3 or more days.”
Some 61% making use of backup procedures for the cloud use three or more methods to do this, which Elliott said might be too many. One place where inefficient processes clearly seem to be occurring is in cloud storage, which is quick to deploy and you pay only for what you use. In the survey, the more than 3,000 IT managers, who work in organizations both large and small in North America, Latin America, Asia-Pacific and Europe, acknowledged they saw utilization rates of cloud storage at just 17%.
“There is a tremendous difference in this area between enterprises (which are utilizing 26% of their storage) and SMBs (which use a shockingly low 7%). This is a costly mistake, as organizations are paying for roughly six times as much storage as they actually need,” the survey report states.
“They’re overprovisioning cloud storage,” said Elliott. Another facet of the cloud storage issue is that much of the time no deduplication of data is done. About half said they either did “virtually none” or a “small amount.” This indicates there’s still the need for thinking through cloud-storage processes to optimize the benefits, said Elliott, saying Symantec recommends deduplicating data in the cloud.
Other points of concern revolve around legal issues, such as requests for electronically stored documents that are demanded for what’s known as “e-discovery” purposes in court or otherwise. The survey shows that 34% have had e-discovery requests for cloud data in the past 12 months, but of these, 66% admitted they had missed the deadline at some point and 41% said they were simply unable to do it at all and never found the requested information. This could potentially lead to fines or otherwise complicate legal situations for their organizations.
Another issue the survey asked about, managing cloud-based SSL certificates, revealed a mixed bag of activity. About a quarter of the IT managers said they thought it was “easy,” but 8% “don’t even try.” Elliott said he doesn’t know if that suggests that some companies simply are better organized to manage SSL certificates overall in the enterprise or the cloud. However, “organizations are responsible for managing their own certificates,” he said.
In its recommendations for better use of cloud, Symantec said the first thing is focusing on policies and the individuals who all have a stake to make it work, rather than merely the technologies and platforms.
http://www.networkworld.com/news/2013/011613-rogue-clouds-265854.html