A mentor of mine in the consulting business once told me that consultants have a “Golden Searchlight,” which could be shined on issues that had been either inadvertently overlooked or carefully hidden. But, once the Searchlight revealed an issue, it had to be dealt with, no matter how painful or embarrassing, so the advice was to be careful where you shine it. A corollary to this is the maxim, “Just because it’s true does not mean you have to tell everyone about it.”
The rogue cloud – the unsanctioned use of public cloud resources by business users to get around IT’s process – is one of those issues that the Golden Searchlight concept might apply to. We all know it’s out there – a recent Symantec survey reveals that 83% of IT managers believe their users have employed the public cloud for business needs – but how much your users are spending there is the $64 question.
Recently a CIO had an idea – he’d ask his Expense group to pull a report on how much money was being reimbursed for credit card charges to Amazon. The answer was sobering, to say the least – the amount being spent was an order of magnitude higher than he’d expected.
The gut-wrenching truth hit him in a number of ways:
- The size of the spend meant that this was the work of more than a handful of bad apples – the practice had become commonplace and accepted in his company
- The spend represented money that should have been spent in the IT budget – so while IT spending was growing, his share of it as a percentage was shrinking
- At a certain level, the spending represented a repudiation of IT’s monopoly as the supplier of IT infrastructure to the business – he truly was competing with Amazon
- Even though he’d had no visibility to these purchases, he assumed that he was ultimately on the hook for any security issues coming out of them
Once a CIO has this revelation, the need to quickly get a competitive private cloud offering becomes clear. We don’t think internal IT needs to match Amazon pricing and provisioning times, but it needs to significantly improve the status quo in order to stanch the flow of rogue activity. Pricing that recognizes Amazon’s and provisioning in less than a week is likely going to keep IT in the game.
The hardest part may be matching the Amazon customer experience – if you insist on the legacy justification and approval gauntlet that may take weeks by itself, you may be fighting a losing battle. Why not take credit cards? Your competition does.
We can’t understate the need to move quickly to get a small private cloud going to establish a beachhead from which you can manage perception and slow down the rogue purchases. Many internal IT teams don’t have skills in areas such as Service Catalog development and management, or SLA monitoring, reporting and chargeback. And, when it comes to private cloud, they may be tangled up in political territory disputes and vendor wars. If these risks sound like they might be relevant to your world, you might consider bringing in outside assistance to drive a fast, workable private cloud effort.
External providers can help in a number of ways to deploy a private cloud quickly, including:
- Framing the situation and defining needs that reflect political realities
- Architecting a practical, low-risk design that is compatible with current assets
- Building a simple service catalog, the foundation of the customer experience
- Creating a POC to validate the design will perform as envisioned
- Deploying a small private cloud to show example of next-generation IT services
- Running the private cloud alongside your team in order to train, then turn over
If your curiosity does get the better of you, and you go to your Expense group for the truth, it makes sense to be discreet in your request, so you can use the data you get back in the manner you’d like to. And, just in case, be sure you’re sitting down.