Shadow IT: Is This Any Way to Run an Enterprise?

4/4/14

Some call it the CIO’s worst nightmare. Others say it is the harbinger of 21st Century enterprise productivity. No matter what you call it, however, shadow IT is a fact of life at almost every organization, whether those at the top care to admit it or not.

Shadow IT is cause by individuals taking it upon themselves to spin up their own data resources on third-party infrastructure without approval from IT. It’s an insidious practice because what at first appears to be a convenient and less costly way for knowledge workers to accomplish their tasks invariably ends up posing serious management and governance issues, and could even jeopardize the entire enterprise security apparatus.

It is for these reasons that many are calling for a hard line against shadow IT. Better to stamp out the practice altogether than let it encroach upon critical data and applications. But then, what do you do when a rival develops a key application or exploits a lucrative new opportunity because their teams have ready access to vast amounts of scalable, flexible infrastructure? With the hardline approach, you may remove a potential future security threat, but the competitive disadvantage is real and immediate.

The other option is to allow shadow IT, but in a way that preserves both user flexibility and the enterprise need for control and management. One way to do this is through application-layer governance and security. By placing encryption, key management, discovery and other policy-related functions at the app level, users are free to traverse the infrastructure of their choice while the enterprise maintains control of what’s really important: data. If someone happens to break the security of either your own or your provider’s cloud infrastructure (which will still be maintained, even in an app-centric environment), the damage is minimal because everything on the app level and above is still secure.

Can app-layer security be beaten? Of course, no system is foolproof (fools are simply too ingenious), but in this way the enterprise at least gets to loosen up the reins a bit when it comes to provisioning applications and resources while still getting piece of mind that their data assets are not subject to a free-for-all.

Make no mistake, though, app-layer management will require a fair bit of recoding, although Cisco, Sun Management and others are already out with various app-layer systems and platforms to make the going a little easier.

Building your own private cloud, either at home or on hosted infrastructure, will help smooth some wrinkles as well. As long as the enterprise has basic PaaS or IaaS architectures in place, users will be able to pull the necessary resources as needed, going outside the firewall only if IT deems it necessary. With application-layer governance, this entire process can be automated using pre-established policy templates and architectural frameworks.

Dealing with Shadow IT is a clear case of “if you can’t beat ’em, join’em.” IT could easily stymie the ability to seek resources on the cloud, but that would essentially task one department with interfering with another’s productivity. In the old days of finite, silo-based resources, this was necessary, but now that unlimited scalability is here there is no reason to play the heavy hand…

…except the fear of doing something different.

 

 

 

Advertisement

When the Cloud Becomes the New Normal

3/24

Right now, the cloud is new and exotic. While the number of businesses that use the cloud is approaching the 75-85 percent range, the amount of actual data on the cloud is still relatively small — a few exabytes at best vs. the five or so zettabytes that make up the entire global load. This is why it is still somewhat of a status symbol among data center techies if they can say, “yeah, I’m running a few workloads on the cloud”.

But if the growth projections are accurate, it won’t be long before the cloud becomes the go-to solution for both storage and application needs. Regardless of whether the actual systems that hold and process data are housed in the local data center or in a third-party facility, they will most likely be cloud-based by the end of the decade. The last bare-metal holdouts will be reserved for only the highest-priority, most mission-critical functions.

Naturally, this represents a fundamental shift in the way data is both managed and utilized, not just for the enterprise but virtually anyone who powers up a PC or turns on a cell phone. The impact this will have on security, governance, productivity and a host of other factors have been dealt with by countless bloggers across the Web, so I’m going to take a step back from those micro issues for a moment and talk a little about how it will change the way we utilize data in our personal and professional lives.

One thing that is becoming increasingly clear is that there will be no escaping the digital universe. The cloud makes it possible to handle orders of magnitude more data than traditional infrastructure, at a fraction of the cost, and industries across the globe are preparing to leverage this state of affairs by adding data collection and transmission capabilities to just about everything we buy — from cell phones to car tires to new-fangled eco light bulbs. Heck, if Google has its way, our glasses and even contact lenses will soon be able to keep a digital record of everything we do and say.

Under this ‘Internet of Everything’ as it is being called, our digital selves will become even more important in the furtherance of our goals, both processional and personal. In the old days, crucial, life-altering relationships developed primarily through face-to-face contact — at parties, trade shows and other functions. These days, they are just as likely to arise from Facebook and LinkedIn, with audio/video conferencing taking the place of national or even regional confabs.

Life itself, then, will move at an increasingly brisk pace. Products, particularly software, will be developed and put on the market faster, trends will come and go at a more quickly, finite sets of information will circulate around the globe, and virtually any service or application will be available with a customized server/storage/networking ecosystem in the blink of an eye. Our children’s children will wonder why their parents ever had to ‘download’ apps or music to those big, clunky smartphone things.

But even while we become awash in information, the cloud will also make it easier to parse through it all to find the crucial pieces of data that make the difference between success and failure. Big Data analytics have been designed with the cloud in mind, leveraging both its storage capacity and core processing capabilities to sift through data faster and more efficiently than any one mainframe or rack-filled data center could hope, and turning up nuggets of digital gold even if users are not exactly sure what they are looking for.

At the same time, we’ll be able to drill ever deeper into worldwide data patterns in order to make connections that would otherwise go unnoticed. Buyers and sellers will link up no matter how remote. Collaborative environments will seem almost natural as individuals harness the proper resources and talents to further their projects. Personalized data experiences will become the norm, even if the users of this data are relatively few in number. Forget about micromarketing, we’re well on the way to nanomarketing where finding that one person out of a billion is no longer the stuff of dreams, or chance.

And all of this is the result of the federation of data infrastructure in the cloud. In this brave new world, individuals will be able to spin up the data environment of their choice just as major corporations have been doing for years, and no one will ever hear that “resources or services are not available”, provided they have the ability to pay for them.

It may have become cliché to call the cloud “the new data paradigm”, but that does not mean it’s hyperbole. The cloud is remaking everything from core data and telecom infrastructure to the most esoteric mobile app.

For those in the data and infrastructure industries, the time to get on the right side of history is now. 

 

Buying the Cloud

3/14/2014

Following up on my earlier post “Selling the Cloud,” one of the first things providers need to do in order to close the deal is educate prospective clients on how to buy the cloud. Despite all the hoopla in recent years, cloud computing is still relatively new, and many users are still growing accustomed to its capabilities and operational behavior.

Until now, cloud services and infrastructure tended to sell itself. After all, it’s cheaper, more flexible and, believe it or not, more reliable than traditional enterprise infrastructure. In the coming years, however, more and more users will look past those benefits and start asking themselves: “How can the cloud help achieve my goals?”

This is where the challenge begins because it will be up to the provider (or systems developer in the case of private cloud infrastructure) to help define what those goals are and then implement the proper services and resources to accommodate them — to teach prospective clients how to buy the cloud.

To do that, you’ll need to wade deeply into client’s business model(s), target markets, processes and, of course, their legacy infrastructure. The more you understand where they are at right now, the more you can guide the transition to a cloud-based data environment. Are they a web-facing organization? Then scalability will likely be key. A traditional commercial enterprise? Data and application offloading might be the ticket.

To that end, it’s no wonder we’re starting to see the rise of cloud platforms tailored to specific verticals like healthcare and ecommerce. These are prime examples of what I was talking about earlier when I said providers need to focus on solutions to real-world problems, not just the nifty new technology.

For the most part, data and infrastructure needs can be categorized as short-, medium- and long-term problems. A short-term problem may be the need for additional storage to offload legacy data and applications. Medium-term may be a full dev/ops environment for performance evaluation. Long-term might see the need for an entire virtual data center, complete with mirrored backup to one or more alternate cloud sites.

The foot in the door, of course, is the short-term need. These are usually the most well-defined and can (hopefully) be addressed by existing services or platform offerings. If not, it’s probably time for a conversation between the front office, sales, marketing and development on how to expand the product line-up.

The cloud, then, is not your typical enterprise solution in which specific needs are met by the latest technology or top-flight software. The cloud can be almost anything the user wants it to be, which provides a great deal of flexibility but at the same time requires a fair amount of guidance. The provider or platform developer is the only one who can provide that guidance, but only if they take the time to really understand the user’s point of view.

It’s the difference between forging relationships with clients, or partners.

Selling the Cloud

3/11/2014

It doesn’t matter if you are a cloud provider looking for new clients, a platform developer in search of deployments or an enterprise looking to build next-generation data architecture, the first step in any transformation is the sales pitch.

But how do you go about convincing people that the cloud is the right way to improve their lives, particularly when there are still wide differences of opinion as to exactly what “the cloud” is?

There are any number of sources on the Web that describe the cost efficiency of the cloud, its flexibility, scalability and various other -abilities that populate IT-speak. That’s fine to get the proverbial foot in the door, but in order to close the deal you’ll have to be ready add some sizzle to that steak — rather than dwell on what the cloud is, focus on what it’s supposed to do.

And for that, we have to look beyond mere infrastructure to the application layer. The fact is, there are numerous ways in which enterprise workloads can be created, maintained and shared that simply aren’t possible with traditional architectures. There’s a company called Asana, for example, that provides advanced collaboration tools that leverage cloud-based instances to connect disparate team members for key projects, even across mobile platforms. And database companies like EnterpriseDB Corp. are churning out steady streams of solutions aimed at building and populating cloud-based clusters literally in minutes. Heck, the dev/ops advantages alone should sell themselves, with entire mock infrastructure ready to go virtually on-demand.

The point is, in order to get the prospective client to put ink to paper, the conversation needs to move past the esoteric and into the practical. CIOs are interested in real solutions to real problems, and it isn’t enough to say “we’ll just get you on the cloud and work on the fine points later.”

Sales and marketing teams, then, should bone up on the real-world cloud applications that are changing business processes every day, and where possible, create bundled packages with the application developers themselves. In this way, the cloud becomes a working system that produces results from day one rather than another technology deployment that may or may not deliver the ROI that was promised.

There will probably come a day when the distinction between the enterprise data environment and the cloud will cease to be. In the meantime, however, there is money to be made in the transition, but only for those who know how to keep customer’s eyes on the real prize.