Getting a Handle on ‘Shadow IT’
Shadow IT, the systems and solutions used inside organizations without explicit approval, are becoming a fact of life for most organizations. Indeed, industry studies estimate that nearly 30 percent of IT spending occurs outside the IT department, a total that is expected to rise by an estimated 5 percent over the next several years.
Given that reality, cloud vendors are beginning to offer ways of monitoring public cloud services used within organizations. The latest is Cisco Systems (NASDAQ: CSCO), which rolled out a "cloud consumption as a service" software offering this week designed to keep track of who's using what public cloud services.
The company's internal analysis finds that public cloud usage has jumped 112 percent in the last year with large enterprises using an average of 1,220 individual public cloud services. The sweet spot for Cisco's new public cloud monitoring platform is this: "There are significant business risks associated with uncontrolled adoption of public cloud services," the company warned, ranging from "regulatory compliance and data protection, to business continuity, cost and service performance."
Cisco said its public cloud monitoring service combines analytics and benchmarking tools to help reduce security risks while managing costs. IT administrators can use the results to help determine the proper mix of cloud services required for the organizations they support.
The Cisco monitoring platform arrives at a time when enterprises are being urged by some industry watchers to leverage Shadow IT as a variation on the broader bring-your-own-device movement. The trick is to specify clear boundaries to adoption while ensuring compliance with security and—in the case of data—regulatory rules.
Proponents further argue that appropriate use of Shadow IT could make enterprises more agile and better able to innovate. “Shadow IT for the right reasons, in the right areas, can create value," Hank Marquis, research director at Gartner, told a recent conference on IT trends. "You have an untapped pool of resources all around you. The dark side is you’ll be responsible for the bad decisions all those shadow IT people make."
With that in mind, Cisco is betting more enterprises are looking for ways to monitor public cloud usage within their organizations. In promoting its new consumption service, the company cited estimates of an average of 91 unauthorized cloud services being used within customers' organizations.
The consumption service tracks cloud traffic, including software-, infrastructure- and platform-as-a-service offerings. It then calculates what percentage of traffic that constitutes Shadow IT. The service then provides a "risk score" for each public cloud provider.
Cisco's cloud consumption service is available now through its channel partners. The new service is currently priced at approximately $1 to $2 dollars per employee per month, depending on the size of the business, the company said. Overall, Cisco estimates, business are using at least 20 times more cloud services without the approval of IT administrators.