What is cloud sprawl?

cloud security

In many cases, the variety of cloud services on the market has resulted in a multi-cloud' business world, with IT departments adopting multiple cloud service providers for a variety of needs.

But thanks to the huge number of available services, IT has struggled to keep track of all these cloud services, let alone to try and integrate them all, issues which in turn can lead to inefficiencies and security weaknesses within organisations.

Over 73% of 500 IT and line-of-business decision makers surveyed by NTT Communications admitted they find it difficult to manage their organisation's cloud platforms. Just over three-quarters say that departments within their organisation have commissioned a cloud service without the involvement of the IT department.

In addition to this, 83% of respondents use the free versions of Dropbox and Google Drive to store company information without official clearance to do so, raising clear security and data compliance issues.

This is known as cloud sprawl, where excess workloads are running in an organisation, often without the company's knowledge. One example is if a developer tests a portion of a system in Amazon Web Services (AWS) but forgets to delete the workload, leaving it running and costing money.

An employee using a personal Dropbox to store company documents so they can work from home is another problematic example. It is particularly challenging for IT officers or departments trying to keep track of cloud instances such as unsanctioned applications, which in turn causes additional storage costs and security threats.

The difficulties of managing cloud sprawl are further compounded by the issue of managing data. When companies are blind to who is accessing their apps, or when unsanctioned apps are being used by staff, it makes it impossible to know where sensitive data is being stored. Even secure cloud offerings don't protect against company information being stored in browser caches.

To solve the service sprawl dilemma, current solutions monitor, regulate or deny cloud services to employees. But these are just short-term fixes that negate the benefits of rapid cloud adoption. Demand for continuous cloud adoption isn't slowing; neither is the problem.

It's not a matter of stopping user needs, but building an IT strategy around those needs. IT departments should work to understand user requirements and build their product roadmaps for their organisations around those needs.

IT departments shouldn't just say no' to something because of the IT risk without first considering the business advantage or business risk of not adopting a particular technology. Establishing clear policies for employees on using the cloud, and working across departments to understand business needs, is a good first step to managing cloud sprawl.

Picture: Bigstock

Esther Kezia Thorpe

Esther is a freelance media analyst, podcaster, and one-third of Media Voices. She has previously worked as a content marketing lead for Dennis Publishing and the Media Briefing. She writes frequently on topics such as subscriptions and tech developments for industry sites such as Digital Content Next and What’s New in Publishing. She is co-founder of the Publisher Podcast Awards and Publisher Podcast Summit; the first conference and awards dedicated to celebrating and elevating publisher podcasts.