Enterprise Security

Cisco Aims to Pin Down Shadow IT

Cisco on Wednesday unveiled Cloud Consumption as a Service, an offering designed to help enterprises discover and continually monitor public cloud use — aka “shadow IT” — across their systems.

Shadow IT systems in an enterprise or organization expose it to security risks and hidden costs and may give rise to compliance issues.

CCaaS Functionality

Organizations are using up to 20 times more cloud services than IT is aware of, according to Cisco, and the problem exists in companies of all sizes and in all industries.

Cloud Consumption as a Service will give users a broad view of their organization’s cloud usage. It will help them establish strong cloud governance processes, improve onboarding and oversight of cloud service providers, and better align cloud services with their business needs.

Users will be able to protect their brand and intellectual property, deliver cloud services more rapidly to meet line-of-business needs, reduce cloud costs by up to 15 percent by consolidating cloud services, improve service performance by foreseeing the impact on infrastructure — and simplify cloud management with the right people, process, and tools, Cisco said.

Although Cisco has come up with a “great definition of the problem,” and CCaaS promises “lots of desired benefits,” it’s not clear how the company will implement its system, observed Peter Scott, chief strategic officer at DivvyCloud.

“What Cisco technology is required to be in place?” he wondered. “Does it require all cloud services to be provisioned via a Cisco centralized system, or registered?”

How Shadow IT is controlled is “critically important because if it doesn’t align with the customerization of the cloud and growing DevOps approach, it will be useless,” Scott told the E-Commerce Times.

The Proliferation of Shadow IT

“We do see a significant amount of enterprise software development and IT operations work, including cloud services, that are not necessarily sanctioned by central IT or management,” noted Jay Lyman, a research manager at 451 Research.

Nearly 15 percent of the roughly 1,000 IT pros responding to the firm’s Voice of the Enterprise survey in Q4 2014 reported significant spending on Shadow IT, and nearly 45 percent reported skunkworks-type Shadow IT, Lyman told the E-Commerce Times. Just over 40 percent reported no Shadow IT.

CipherCloud last year reported that the average global enterprise used more than 1,100 cloud applications, of which 86 percent were Shadow IT.

One very large company, for example, discovered more than 100,000 backups in its public cloud that it didn’t know existed, while a smaller customer discovered that 25 percent of its infrastructure was potential waste.

“Employees are turning to cloud applications to help them get their jobs done,” said Lise Feng, director of communications at CipherCloud.

The cloud “has empowered workers to become their own IT procurers, and enterprises on legacy IT are just over the last year pivoting to address the issue,” she told the E-Commerce Times.

The free and low-cost availability of infrastructure, environments, and services via public clouds (such as Amazon Web Services), SaaS applications, and open-source software — along with a lack of responsiveness or timeliness from enterprise IT shops — is spurring the drive toward Shadow IT, 451 Research’s Lyman suggested.

“The pay-as-you-go model of cloud and SaaS makes it difficult” to detect Shadow IT in the corporate budget, noted DivvyCloud’s Scott.

Embracing the Shadow

Despite the dangers of Shadow IT, organizations are “working to normalize and standardize them so that they’re sanctioned by central IT or leadership” instead of prohibiting them, Lyman said.

That approach, together with the increased adoption of cloud computing infrastructure and services, has given rise to the need for systems that can monitor and measure the costs of different clouds and cloud services.

That’s an argument for Cisco’s Cloud Consumption as a Service, suggested Lyman, as it “may help organizations more simply and effectively set up self-service capability for their teams and business units so the transition from Shadow IT to sanctioned IT is smoother and faster.”

Richard Adhikari

Richard Adhikari has written about high-tech for leading industry publications since the 1990s and wonders where it's all leading to. Will implanted RFID chips in humans be the Mark of the Beast? Will nanotech solve our coming food crisis? Does Sturgeon's Law still hold true? You can connect with Richard on Google+.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Richard Adhikari
More in Enterprise Security

E-Commerce Times Channels