According to RightScale’s 2018 State of the Cloud Survey, 85 percent of enterprise organizations now have a multi-cloud strategy, with companies reporting that they use nearly five different clouds on average. While the multi-cloud strategy has undeniable benefits, there is a risk of “cloud sprawl” that could lead to wasted resources, rising costs and security challenges.
To reduce risk, organizations should implement a cloud governance program. This is different than cloud management, which is meant to ensure the efficient performance of cloud resources. Governance involves maintaining control of the cloud environment through the creation of rules, policies and processes that guide the deployment and use of clouds.
The ease of provisioning often leads to cloud sprawl. With just a few mouse clicks, employees can quickly deploy cloud services to help them do their jobs. IT deployment processes seem hopelessly slow and bureaucratic by contrast.
However, unauthorized cloud provisioning creates a number of business risks. Data scattered across various platforms with no central oversight increases the risk of data loss or data leakage. Deployed without IT’s knowledge or consent, rogue clouds increase the risk of duplication of services, inadequate protection and unnecessary spending.
Gartner analysts project that overall cloud spending will reach $206.2 billion this year — but $14.1 billion will be wasted on clouds that are either no longer in use or have overprovisioned capacity. Another survey finds that cloud-managed infrastructure is woefully underused, with an average CPU utilization of less than 5 percent.
The sad part is that this waste is entirely avoidable. Cloud sprawl almost always occurs because organizations simply haven’t done a good job of establishing guidelines and procedures for individuals provisioning cloud resources on their own.
As risk and expenses mount, expect organizations to establish formal cloud governance guidelines. According to RightScale, more enterprises are creating “centers of excellence” to focus on cloud governance — 57 percent reported they have already established a cloud governance team, and another 24 percent said they plan to do so soon. These central teams are focusing on planning which applications to move to the cloud (69 percent), optimizing costs (64 percent) and setting cloud policies (60 percent).
Forrester recommends creating a cross-functional governance team of representatives from departments across the organization. This group can provide an overarching view of operations and identify common practices and requirements. In conjunction with IT staff, the governance team can use that broad information to help identify cloud requirements, establish provisioning standards and define usage best practices.
The team’s first job will be to assess the environment to determine how many cloud applications and services are actually being used, who is using them and how they were provisioned. This will be important for identifying cloud resources that may be either unused, underutilized or duplicated.
After identifying all cloud assets, the team should work on establishing guidelines for what applications and workloads are appropriate for the cloud, how and when they should be migrated, what security measures should be developed, and who should have administrative privileges. Ideally, administrative access should be limited to very few people in order to maintain central control of updates, configuration changes and new service requests.
For many organizations, the path to effective cloud governance will be impeded by a lack of resources and skill sets. Partnering with an experienced solution provider can help gill these gaps and bring much-needed expertise.
If you’re looking for ways to get a better handle on your cloud usage, give us a call. Our team of solution architects can help you evaluate your current environment and work with you to ensure your resources are properly aligned with business requirements.
