SHARE



ABOUT THE AUTHOR


Gary Audin
Gary Audin is the President of Delphi, Inc. He has more than 40 years of computer, communications and security...
Read Full Bio >>
SHARE



Gary Audin | February 28, 2013 |

 
   

Those Hidden Cloud Costs

Those Hidden Cloud Costs Rogue implementations represent a major portion of the problem.

Rogue implementations represent a major portion of the problem.

Experience with the cloud is relatively new to most enterprises. Those who have entered the cloud market do not have years of cost control experience. Many enterprises can be overpaying for cloud services, not because they are overcharged but due to over-subscription of services.

Some departments may be rogue implementers. Recovering data from the cloud when there is failure can be slow, so why pay for it if it is not possible to recover in hours instead of days? Is the enterprise cloud storage being used efficiently? Can the cloud providers respond to e-discovery requests by the deadline date or even find the data? If not, why use the cloud?

Symantec has released a report, "Avoiding the Hidden Costs of the Cloud, 2013" that covers these issues. When 94% of the organizations surveyed are at least discussing cloud implementations, then the costs need to be addressed on a broad scale. The survey was ambitious, reaching 3,236 organizations in 29 countries. Every country surveyed produced 100 to 300 responses. The survey has reliability with less than a 2% margin of error.

The first and I think most interesting hidden cost is rogue cloud deployments. These are deployments where a department or group decides to subscribe to cloud services directly, thereby avoiding IT. Subscribing to cloud Unified Communications (UC) may be very attractive when the IT department is still in UC evaluation mode. There may be other rogue deployments; it could be that some marketing staff decided to use Dropbox to share information with outside vendors. It really does not matter why; it should not be done.


Source: "Avoiding the Hidden Costs of the Cloud, 2013"

When you analyze the chart above, you notice that the rogue problem is not improving. Half of the respondents reported the rogue problem has not decreased while 29% stated that it has become more frequent. This is not the provider's fault. However, providers could report to IT when subscribers independently initiate cloud services. This is unlikely to be done for free services and is not in the best interest of the sales person for paid cloud service providers.

With a rogue cloud deployment, sensitive enterprise information moves beyond the control of IT and is not secure. About 75% of the respondents to the survey reported having this situation. The survey says it is more common in enterprises (83%) and less common in SMBs (70%). This may be because the organizational silos common in enterprises make it easier and probably more desirable to go rogue.

What makes the rogue implementation dangerous is that 40% of the rogue deployment created significant potential exposure of confidential information. This included account takeovers, stolen goods and services, and even defacement of web sites.

When asked "Why are they doing rogue implementations?" one in five said they did not realize they should not do it. This is an internal problem that goes beyond IT. The CXOs should be made aware of the problem and institute specific policies to avoid rogue implementations. The single biggest incentive to go rogue is the slow processes that IT makes the internal customer go through to accomplish an implementation. Those implementing rogue deployments point out that they saved time and money.

Some other findings in the survey include the fact that 68% of the respondents could not restore lost data because the backup or the archive did not work. Imagine if the e-mail or voice mail files were lost. When it came to e-discovery requests, 66% of the time the deadline was missed. 41% of the time the request could not be met. Another finding is that cloud storage is inefficiently used. Storage utilization was found to be low at 17%. Finally, only 40% of the cloud provider's SSL certificates complied with the enterprise internal standards.

The report concluded with four recommendations:

1. Focus on policies covering people and information, not the technologies.
2. Policies must be monitored and enforced through education.
3. Look for tools that are not specific to a particular platform. The tools should be agnostic.
4. Watch for duplicated data in the cloud and remove it.

Also see my blog on cloud cost control, We Need Cloud Expense Management.





COMMENTS



April 19, 2017

Now more than ever, enterprise contact centers have a unique opportunity to lead the way towards complete, digital transformation. Moving your contact center to the cloud is a starting point, quick

April 5, 2017

Its no secret that the cloud offers significant benefits to enterprises - including cost reduction, scalability, higher efficiency, and more flexibility. If your phone system and contact center are

March 22, 2017

As today's competitive business environments push workforces into overdrive, many enterprises are seeking ways of streamlining workflows while optimizing productivity, business agility, and speed.

April 20, 2017
Robin Gareiss, president of Nemertes Research, shares insight gleaned from the firm's 12th annual UCC Total Cost of Operations study.
March 23, 2017
Tim Banting, of Current Analysis, gives us a peek into what the next three years will bring in advance of his Enterprise Connect session exploring the question: Will there be a new model for enterpris....
March 15, 2017
Andrew Prokop, communications evangelist with Arrow Systems Integration, discusses the evolving role of the all-important session border controller.
March 9, 2017
Organizer Alan Quayle gives us the lowdown on programmable communications and all you need to know about participating in this pre-Enterprise Connect hackathon.
March 3, 2017
From protecting against new vulnerabilities to keeping security assessments up to date, security consultant Mark Collier shares tips on how best to protect your UC systems.
February 24, 2017
UC analyst Blair Pleasant sorts through the myriad cloud architectural models underlying UCaaS and CCaaS offerings, and explains why knowing the differences matter.
February 17, 2017
From the most basics of basics to the hidden gotchas, UC consultant Melissa Swartz helps demystify the complex world of SIP trunking.
February 7, 2017
UC&C consultant Kevin Kieller, a partner at enableUC, shares pointers for making the right architectural choices for your Skype for Business deployment.
February 1, 2017
Elka Popova, a Frost & Sullivan program director, shares a status report on the UCaaS market today and offers her perspective on what large enterprises need before committing to UC in the cloud.
January 26, 2017
Andrew Davis, co-founder of Wainhouse Research and chair of the Video track at Enterprise Connect 2017, sorts through the myriad cloud video service options and shares how to tell if your choice is en....
January 23, 2017
Sheila McGee-Smith, Contact Center/Customer Experience track chair for Enterprise Connect 2017, tells us what we need to know about the role cloud software is playing in contact centers today.