November 25, 2013, 10:00 AM — There’s a subtle shift that’s been going on over the past year or so in the way some IT departments regard the issue of shadow IT when it comes to the cloud.
It used to be that the goal was to prevent unauthorized use of cloud services like Amazon Web Services (AWS). Everyone had heard the horror stories of someone spinning up servers on AWS, forgetting about them and then expensing the shocking bill.
Image credit: Flickr/Looking Glass
But increasingly, IT departments instead want to enable people, even those outside of the IT department, to use cloud services. But they want to make sure that security, legal and cost requirements are met.
“What’s happening is many business units today are allowed the freedom to take advantage of outside services to meet their business goals and they’re doing so, sometimes without the knowledge or involvement of central IT,” said Kim Weins, vice president of marketing at RightScale. “At the same time, the central IT team is tasked with broader initiatives like security and governance and compliance and cost control and it’s difficult for them to do that when they are not aware of what’s happening.”
She said that she recently talked to a chief architect from a large financial services firm who said he knew of about around $200,000 worth of yearly spend on AWS but suspected that there was more usage he didn’t know about. To find out, he asked AWS if it could tell him how much spending was coming from his domain names. He learned that his company was spending $500,000 a year with AWS, Weins said.
“The chief architect said to me, ‘I don’t want to stop the usage but I want to enable it in a way that lets me sleep at night’,” she said.
That meant he wanted to make sure that applications running on AWS met his company’s compliance, security and governance requirements, she said. Cost forecasting and control was also difficult without insight into who was using AWS and for what.
Getting at the root cause of the shadow IT use of cloud services – namely, that going through the proper IT channels is just too slow – can help, said Joel Rosenberger, vice president of software for 2nd Watch. The company tries to help IT accelerate that process.
“Up until this point, most IT organizations didn’t have the skill sets or resources to be able to say, ‘this is how you can and should spin up an instance of AWS,’” said Matt Gerer, vice president of sales and marketing for 2nd Watch.
2nd Watch offers products that IT can implement to essentially build approved reference architectures that anyone, including IT engineers or line of business managers, can use to quickly and easily spin up AWS instances that comply with corporate policies. It also now offers analytics so that its customers can monitor spending. Business managers can drill down and look at costs of individual applications, users or business units.
RightScale is also now offering cloud analytics tools that businesses can use to better track employee usage of many different cloud services. Its tools also let IT administrators layer controls and governance over the usage, adding security as well as budget controls.
These kinds of tools build on the cloud analytics offerings from companies like Cloudyn, Cloudability and Newvem, which focus on offering granular details about cloud spending and ways to rein it in.
Both RightScale and 2nd Watch said that increasingly, companies are trying to empower their workers rather than shut down their use of the cloud. “The more progressive companies are saying, ‘give me the tools so I can continue to get work done, not shut it down,’” said Gerer.
Read more of Nancy Gohring's "To the Cloud" blog and follow the latest IT news at ITworld. Follow Nancy on Twitter at @ngohring and on Google+. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.