June 2nd, 2014
Corporate departments act on their own, contending IT is too slow in creating a path to cloud services
IT departments need to watch out for business units or even individual workers going rogue and bypassing IT to go straight to the cloud.
Theres a tug-of-war tension in the enterprise right now, said Gartner analyst Lydia Leong. IT administrators very rarely voluntarily want to go with the public cloud. I call this the turkeys dont vote for thanksgiving theory. The people who are pushing for these services are not IT operations people but business people.
When marketing, events or other corporate business units conclude that IT is dragging its feet on the way to the cloud, the contract for the services themselves. IT often doesn’t discover the move until oit shows up in the tech expenses papers.
Right now business strength lies in going around IT, said Rob Enderle, an analyst at the Enderle Group.
Enterprise IT often sees the cloud as a risk. If you go to a large IT meeting, theyll generally place the public cloud as one of their top three or four threats because their line organizations, like marketing or manufacturing, go around IT to set up their own cloud service deals. They can get something cheaper and faster than they could by going through IT but its probably not compliant, he added.
Several analysts said theyve talked with enterprise IT executives who are facing such issues. None of the execs, though, want anyone to know its happening to them.
Jeff Kagan, an independent analyst, said the problem lies in the fact that these are still the early days of corporate cloud services use. Companies lack rules for the technology and users are more eager than IT try it out.
This is the wild, wild West where there are no rules, he added. People are used to storing their own information on their own laptop. Storing it on the cloud doesnt seem to them all that different from what theyve been doing. Were stepping into this cloud world bit by bit and every company has different challenges. This affects many of them.
The Bring Your Own Device (BYOD) trend has contributed to the user push to the cloud, analysts say.
People have gotten pretty comfortable using their own smartphones and tablets at work. IT has had to adapt and learn to manage a network that theyre not totally able to control.
People, who dont want to wait for IT to catch up will contact companies like Google or Amazon directly and simply start storing data in the cloud.
It’s also about departments using clouds to get around budget constraints and a lack of capacity in IT, said Dan Olds, an analyst at Gabriel Consulting Group.
In a lot of ways, this reminds me of the 90’s when departments went wild with building their own data centers and IT capabilities. In a lot of cases, that resulted in higher costs, security vulnerabilities, and poor integration, Olds said.
When IT is left out, its personnel has no idea how secure the clouds are or exactly where the information is being stored. It also means IT can’t negotiate the best deal — one that could encompass many different departments or data stores.
Best case, organizations might end up spending more on cloud services than they would if they mounted the service on systems the data center already owns, said Olds. Worst case, the organization could find that critical data is now outside their firewall and perhaps could be accessed by folks who shouldn’t be able to see it.
Since analysts doubt IT can stop businesses from bypassing them on a whole-scale level, they say the tech execs need to set up strong cloud governance policies.
Its not really acceptable for IT to say no when someone wants to use the cloud, said Leong. They need to set up service agreements with approved providers and set up controls for how secure information needs to be. How do they provide risk management? How do they make this work instead of just saying, You cant do this.
Every time we take a step further into the information age, its unprotected, said Kagan. IT says theyre swamped just keeping everyone connected. They dont really have the time to proactively protect against future threats. They have to make the time.