Cloud control is a serious concern to CIOs, argues Paul Cash.
The increase in cloud adoption continues unabated, with analysts at IDC recently predicting that IT infrastructure spending will grow at a CAGR of 15.1% from 2014 to 2019. By this point, IDC says, spending on cloud will be 46% of the entire IT budget.
In 2015, Fruition Partners commissioned independent research among CIOs about their use of cloud computing and identified that they had a range of serious concerns over cloud control. In 2016, the research was repeated and extended to cover 400 CIOs of large organisations in both the UK and the USA, and across a range of industry sectors.
Immature cloud management creates risk
The most concerning finding is that 80 per cent of CIOs admit they do not apply the same comprehensive IT service management processes to cloud as they do for in-house IT services. When compared to last year’s figures, the research finds while there has been a slight improvement in overall cloud maturity, there is still a long way to go. In fact, more than 85 per cent of CIOs still say that the proliferation of public cloud computing services is reducing the control their organisation has over the IT services it uses. CIOs are highly concerned by the negative impacts of this trend, with three-quarters of them saying it leads to financial waste, and increases the business and security risks to the organisation.
In the light of these risks, CIOs cannot afford to ignore the fact that the need for rigorous management is actually greater, not less, in the cloud. Part of the solution to this is making better use of the IT Service Management (ITSM) tools that they already employ to manage in-house IT. The survey found that while in-house IT services are, on average, managed by a combination of six established ITSM processes, cloud-based services are, on average, only subject to four, and only a fifth of CIOs report that ITSM processes have been applied to all cloud services.
Controlling cloud sprawl gets easier
Shadow IT is also a particular concern that is affecting CIOs’ control over enterprise IT: two thirds of respondents believe that employees signing up to a cloud storage service, CRM applications or collaboration applications is creating a culture of shadow IT within their organisation, with 62 per cent saying that there are cloud applications being used in the business without the IT function’s knowledge.
There is a ray of light in these findings: the wider use of service catalogue functionality contained within ITSM solutions means that 71 per cent of those who use this kind of application say that it is helping them control cloud sprawl. By using a service catalogue, CIOs can help minimise shadow IT: if it’s easy and hassle-free for users to choose and use officially-sanctioned cloud services, then they are less likely to follow a DIY route.
Avoiding the blame game
Another concern is that the more responsibility CIOs hand over to third-party cloud providers, the more they open themselves up to the ‘blame game’ if one of those services fails. This is evidenced by the finding that more than half of respondents say that if users have problems with cloud applications, such as Salesforce or Dropbox, they deal with the cloud provider’s support team directly. While this may take the support burden off corporate IT, when things go wrong it’s not clear who is responsible, particularly if SLAs are not being correctly put in place or monitored.
There is one encouraging sign in terms of improving control over the cloud: last year, only 27% said they could and did use ITSM tools to orchestrate cloud platforms. This year, that figure has gone up to 40%. However, that still leaves 44% who have the tools but aren’t using them for orchestration, and 16% who don’t have the right tools in place at all. Orchestration is an essential part of the cloud management process, and CIOs should focus on putting this technology to work.
Bringing the cloud under control with ITSM
In short, CIOs face a growing challenge from the cloud. The opportunities that the cloud offers to reduce costs, improve productivity and introduce a ‘consumerised’ service experience are well-recognised but CIOs cannot blindly trust that public cloud services will work flawlessly and be delivered perfectly at all times. Nor can they ignore the risks of shadow IT creating a parallel, uncontrolled universe.
Making better use of existing ITSM investments is an important part of the solution through ensuring that the technology is used as effectively for managing public cloud technology as it is for in-house systems and private cloud. For example, by offering users functionality such as self-service access to approved cloud services, or by using ITSM to manage assets and service providers, CIOs can start to bring the cloud under control.