Shadow & Rogue Cloud Usage
Today’s businesses are increasingly finding that the speed of business is faster than the speed of IT. As a result, users are turning to independently identified cloud technologies to solve those business problems. These cloud technologies are often times implemented without the knowledge or consent of the IT department at large. This is known as rogue IT. These rogue or shadow cloud solutions present several problems to the IT department at large. In addition to the corporate data and compliance policies being put at risk; IT departments have to be concerned with increased WAN utilization, licensing issues, and business continuity.
In 2009, Gartner predicted that 25% of new business applications written in 2014 would be written outside of the IT department this year. (link: http://www.gartner.com/newsroom/id/1212813) What this means is that an increasing number of organizations are consuming technologies often without the knowledge of the IT department.
IT departments traditionally plan for every contingency when creating a new service offering. The problem with Rogue IT is that often times the IT department has no awareness of the technology, solution, and potential risks that it possesses. Employees may not be aware that the software / cloud solution that they are using is not supported by the IT department. These two factors combine and create the potential for business critical data and processes to exist in an environment that doesn’t meet corporate standards.
Often times IT departments don’t have the luxury of simply banning the use of these cloud services. In addition to the additional work load that would have to be taken on by the team it is very possible that the existing cloud solution is the best answer. As a result of this, the right approach to the problem of rogue cloud usage is to identify the usage, consider risks and issues with each particular example, and implement a strategy of incorporating those cloud services into your IT service catalog.
Microsoft has recently placed its app discovery tool into general release. The Cloud App Discovery tool is part of Microsoft’s identity solutions suite and is a tool that is part of Microsoft’s Azure Identity Accelerator. The intent of the tool is to help organizations identify cloud usage and determine if it is possible to integrate those solutions into Microsoft’s single sign-on solution that is part of Azure AD. Microsoft’s no cost Cloud App Discovery tool isn’t the only solution for identifying cloud applications and as such the results from the tool should not be considered a complete analysis. However, considering the simplicity of the tool, it is a great start to helping IT organizations learn about unknown cloud usage.
In future blog posts I will discuss the Cloud App Discovery deployment tool as well as other tools in the Azure Solution Accelerator.