Welcome!

@CloudExpo Authors: Dana Gardner, Pat Romanski, Liz McMillan, Yeshim Deniz, Elizabeth White

Related Topics: @CloudExpo

@CloudExpo: Article

SaaS and Cloud Sprawl By @SoftwareHollis | @CloudExpo [#SaaS #Cloud]

CIOs Unaware of Majority of Cloud and SaaS Proliferation

SaaS and Cloud Sprawl - What IT Doesn’t Know Can Definitely Hurt You

The advancement of technology has led to widespread Cloud data and SaaS application usage throughout enterprises - ask anyone who uses applications such as Dropbox, Salesforce, Jive, Marketo, NetSuite, Google Apps, Twitter, Workday or any of the thousands of other software titles out there. And CIOs are largely unaware of the "SaaS Sprawl" in their organizations - and unprepared for the implications of this invasion.

These Cloud applications are available for just about every role in a company - from human resources to marketing, there's an app for that.  And odds are, someone in your organization is using it - most likely without IT knowing.  And this has the potential to create some serious problems in areas ranging from compliance to security to backup & recovery.

As application (primarily SaaS and Cloud nowadays) usage within organizations continues to spread and accelerate, IT professionals are largely unaware of the massive scale of Cloud application utilization according to studies done by Netskope and others.  However, IT continues to be held responsible for many of the implications resulting from this widespread proliferation.

Gaute Solaas, CEO of Cloud-based Business Intelligence vendor iQumulus commented, "This is entirely consistent with what I see with our customers and partners.  They are interested in Big Data solutions, but what's really impacting their business the most are the hundreds and thousands of smaller, disparate and often distributed applications and data repositories spread across the typical enterprise and up into the Cloud.  Organizations are struggling to cost-effectively get value out of this rapidly growing number of un-connected systems."

A recent study by Netskope validates this - they found that IT experts misjudged Cloud application usage within their companies by as much as 90%. In the Netskope report, when asked to approximate the number of Cloud and SaaS applications in use by their organization, IT professionals estimated that their company only used between 40 and 50 applications. According to Netskope, which based its conclusions on recordings of Cloud application events from "hundreds of thousands" of users across desktop and mobile platforms, actual use averages around 397 applications.  And this is in addition to the hundreds to thousands of disparate and potentially distributed on-premises "legacy" apps and data sources that companies have.

Here are the top five categories mentioned in the report, and the number of Cloud apps per enterprise on average:

  • Marketing - 51 Cloud applications
  • Human Resources - 35 Cloud applications
  • Storage - 26 Cloud applications
  • Customer Relationship Management and Sales Force Administration - 23 Cloud applications
  • Collaboration - 23 Cloud applications

Marketing and human resource applications include a large set of functions, while Cloud storage applications operate on a much narrower scope. Companies that have elected to standardize storage apps, like Google Drive or Dropbox, discovered many of these applications are unauthorized but used widely.

Even if the IT department does not know it, company data is being revealed through a wide range of these Cloud applications. In addition, according to the recent study, many of these applications do not meet company compliance or security standards.  Of significant concern, approximately 77% of these Cloud apps are not "ready for corporate use" because of issues such as auditability, security or governance/compliance issues. This causes IT departments to have the added challenge of trying to secure more apps than they originally thought, by as much as 10x more.

Another concern (and missed opportunity) for the organization is that all these apps represent isolated and un-integrated data silos. Critical business functions such as Business Intelligence are made increasingly difficult when the organization is faced with a large and growing number of incompatible and disparate systems.

Lori Witzel, a software technology expert at Spanning - a software vendor who provides enterprise-class backup and recovery capabilities to organizations who have mission-critical applications and data in the Cloud, raises another concern - the very real possibility of data loss.  Line-of-business professionals are used to IT being responsible for backup and recovery of their applications and data.  In the SaaS and Cloud world, many people mistakenly believe that it is the SaaS or Cloud vendors responsibility to back up all that valuable data - this is very rarely the case.

Witzel comments on this - using Marketing as an illustration of the situation, "as if the expectations CMOs must meet weren't daunting enough, CMOs now find themselves expected to take on a responsibility previously owned by IT: protecting Cloud data in those applications owned by Marketing."  Witzel continues with some sage advice on the topic, "check your terms of user and service level agreements: in most cases, the ultimate responsibility for protecting an organization's marketing and sales data/metadata rests with the Cloud application owner or with IT."

Of course, if IT doesn't know about your Cloud application, the responsibility for being the "Cloud Data Protector" relies with you - the application owner.

With all this in mind, some CIOs may consider blocking any unsanctioned apps. Aside from the simple fact that IT is unaware of the various apps being used, it can be an up-hill battle to discover which activities within these apps are being performed, and limit such activities.

This is simply because the majority of these apps are being used because someone or a group of people within the organization felt that these apps would be useful - and some even critical in their daily work lives. For instance, Twitter plays an important part for the marketing team, as well as for researchers and analysts, who examine the shared and collected data from this application.  So CIOs attempting to limit such apps are likely to face howls of protest.

Clearly, CIOs need to be aware of the parties these Cloud applications are trying to address, before limiting unsanctioned app usage. As Sanjay Beri, Netskope CEO said, "Sometimes saying no to Cloud apps is like saying no to business."

More Stories By Hollis Tibbetts

Hollis Tibbetts, or @SoftwareHollis as his 50,000+ followers know him on Twitter, is listed on various “top 100 expert lists” for a variety of topics – ranging from Cloud to Technology Marketing, Hollis is by day Evangelist & Software Technology Director at Dell Software. By night and weekends he is a commentator, speaker and all-round communicator about Software, Data and Cloud in their myriad aspects. You can also reach Hollis on LinkedIn – linkedin.com/in/SoftwareHollis. His latest online venture is OnlineBackupNews - a free reference site to help organizations protect their data, applications and systems from threats. Every year IT Downtime Costs $26.5 Billion In Lost Revenue. Even with such high costs, 56% of enterprises in North America and 30% in Europe don’t have a good disaster recovery plan. Online Backup News aims to make sure you all have the news and tips needed to keep your IT Costs down and your information safe by providing best practices, technology insights, strategies, real-world examples and various tips and techniques from a variety of industry experts.

Hollis is a regularly featured blogger at ebizQ, a venue focused on enterprise technologies, with over 100,000 subscribers. He is also an author on Social Media Today "The World's Best Thinkers on Social Media", and maintains a blog focused on protecting data: Online Backup News.
He tweets actively as @SoftwareHollis

Additional information is available at HollisTibbetts.com

All opinions expressed in the author's articles are his own personal opinions vs. those of his employer.

CloudEXPO Stories
The use of containers by developers -- and now increasingly IT operators -- has grown from infatuation to deep and abiding love. But as with any long-term affair, the honeymoon soon leads to needing to live well together ... and maybe even getting some relationship help along the way. And so it goes with container orchestration and automation solutions, which are rapidly emerging as the means to maintain the bliss between rapid container adoption and broad container use among multiple cloud hosts. This BriefingsDirect cloud services maturity discussion focuses on new ways to gain container orchestration, to better use serverless computing models, and employ inclusive management to keep the container love alive.
Artificial intelligence, machine learning, neural networks. We're in the midst of a wave of excitement around AI such as hasn't been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. This time is (mostly) different. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Pattern recognition can equal or exceed the ability of human experts in some domains. It's developing into an increasingly commercially important technology area. (Although it's also easy to look at wins in specific domains and generalize to an overly-optimistic view of AI writ large.) In this session, Red Hat Technology Evangelist for Emerging Technology Gordon Haff will examine the AI landscape and identify those domains and approaches that have seen genuine advance and why. He'll also ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and cost-effective resources on AWS, coupled with the ability to deliver a minimum set of functionalities that cover the majority of needs – without configuration complexity.
The term "digital transformation" (DX) is being used by everyone for just about any company initiative that involves technology, the web, ecommerce, software, or even customer experience. While the term has certainly turned into a buzzword with a lot of hype, the transition to a more connected, digital world is real and comes with real challenges. In his opening keynote, Four Essentials To Become DX Hero Status Now, Jonathan Hoppe, Co-Founder and CTO of Total Uptime Technologies, shared that beyond the hype, digital transformation initiatives are infusing IT budgets with critical investment for technology. This is shifting the IT organization from a cost center/center of efficiency to one that is strategic for revenue growth. CIOs are working with the new reality of cloud, mobile-first, and digital initiatives across all areas of their businesses. What's more, top IT talent wants to w...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like "How is my application doing" but no idea how to get a proper answer.