Originally published in Information Age, 10th November, 2017

How can CIOs tackle issues such as shadow IT and take back control of the cloud, which is an increasingly vital part of most businesses?

Few challenges that the CIO has faced in recent years are as big as taking control of the cloud. In the past, it was easier to manage on-premise applications, but the cloud quickly did away this kind of control.

To highlight this, research commissioned by Fruition Partners has consistently showed that CIOs had a range of serious concerns over cloud control. The problem is, many CIOs don’t appear to apply the same comprehensive IT service management (ITSM) processes to cloud as they do for in-house IT services. Comparing the results of the last two pieces of research, worryingly showed that while there has been a slight improvement in overall cloud maturity, there’s still got a long way to go.

One of the key issues is the adoption of public cloud leading to reduced control over the IT services organisations are using. There are some concerning negative impacts of this trend, for one, it leads to financial waste, but it also increases the business and security risks that the organisations face. In an age where businesses already face cybersecurity threats from every direction, this can exacerbate the challenges IT already faces.

It’s all in the shadows

CIOs cannot afford to ignore the fact that the need for rigorous management is greater, not less, in the cloud. Part of the solution to this is making better use of the IT Service Management (ITSM) tools they already employ to manage in-house IT. While in-house IT services are, on average, managed by a combination of six established ITSM processes, cloud-based services are, only subject to four. Further, only a fifth of CIOs report that ITSM processes have been applied to all cloud services.

Another key concern is that Shadow IT is continuing to affect CIOs’ control over enterprise IT; employees are still signing up to cloud storage services, CRM applications or collaboration applications.

For IT, it can be hard to know how many cloud applications are being used in the business without their knowledge. Businesses need to take back control of the cloud, but this can be a challenge for many.

Taking back control

Taking back control is difficult, with CIOs increasingly handing the reigns to third-party cloud providers; leaving themselves more open to the ‘blame game’ if one of those services fails.

If a user experiences problems with cloud applications, such as Salesforce or Dropbox, often the user goes straight to the cloud provider’s support team. While this may take the support burden off corporate IT, it’s not clear who is responsible for a fault, particularly if SLAs are not correctly monitored.

There is one encouraging sign in terms of improving control over the cloud; when it comes to using ITSM tools to orchestrate cloud platforms we have seen a positive increase – however at best this figure is still less than 50% of businesses.

CIOs need to ensure that IT is using the tools they have for orchestration – and those that don’t have any such systems should be looking to put them in place. Orchestration is an essential part of the cloud management process, and CIOs should focus on putting this technology to work.

Another benefit would be the wider use of service catalogue functionality contained within ITSM solutions, which will help to control cloud sprawl. By using a service catalogue, CIOs can help minimise shadow IT; if it’s easy and hassle-free for users to choose and use officially-sanctioned cloud services, then they are less likely to follow a DIY route.

Effective management

Cloud can reduce costs, improve productivity and introduce a ‘consumerised’ service experience which businesses cannot afford to ignore. However, this does not mean that CIOs can blindly trust that public cloud services will work flawlessly and be delivered perfectly, all the time. CIOs need to explore how they can make better use of existing ITSM systems as a key part of the solution.

ITSM technology should be used as effectively for managing public cloud technology as it is for in-house systems and private cloud.

By offering employees functionality such as self-service access to approved cloud services, or by using ITSM to manage assets and service providers, CIOs can start to bring the cloud under control and reduce the risks of shadow IT whilst keeping employees happy and enjoying cost benefits.

Sourced by Alan Johnson, General Manager UK&I at Fruition Partners