Gaining visibility into the plethora of unauthorized apps on client networks is the first step in building strategies for the consumption of cloud services.
By Ellen Muraskin
May 09, 2013
Have you met the byod challenge? You’re not done with this acronym yet. Meet BYOD’s close cousin: BYOC, for “bring your own cloud.” BYOC refers to applications or infrastructure that employees have adopted to get their work done, but without the approval, management, or often the knowledge of IT staff, whether in-house or an outsourced IT shop.
BYOC is typified by storage or collaboration applications like Yammer, Skype, Dropbox, Google Drive, or Google Apps, and even SaaS mainstays like Salesforce.com. BYOC can also refer to public cloud platforms like Amazon Web Services (AWS)—computing or storage resources easily procured on demand, with a credit card.
BYOC’s minimal or nonexistent starter fees make these services attractive. Mobile, employee-owned devices make them easy to sneak past the network gatekeeper. And the opportunity to access work files and tools from any device or location—one of the cloud’s single largest benefits—makes these “rogue” apps irresistible to workers.
”[Today], management doesn’t know about these cloud applications until a line item shows up in an expense report.” Kevin Gruneisen, Senior Director, Cloud and Data Center Solutions, Logicalis Inc.
Kevin Gruneisen is senior director, cloud and data center solutions, for Logicalis Inc., a New York-based global systems integrator and cloud provider. He traces the problem of cloud “sprawl” to the economic downturn of 2008, when IT budget cuts opened a gap in staff and resources that impatient employees started filling with cloud-based apps and storage.
“Independently minded, relatively technical individuals no longer waited to ask for a budget to spend capital on a multi-thousand-dollar server, and then fight a lot of people for the use of that server,” Gruneisen says. As an example, he cites a tech-savvy marketer taking it upon herself to develop campaigns on a marketing automation SaaS platform from Eloqua, a subsidiary of Oracle Corp. in Vienna, Va. Today, he says, “Management doesn’t know about these cloud applications until a line item shows up in an expense report.”
IT LOSING ITS GRIP
“Where it got dangerous is when we started seeing more actual IT infrastructure making its way out the door,” says Antonio Piraino, CTO of Reston, Va.-based ScienceLogic Inc., a provider of tools that monitor and manage heterogeneous public clouds and private networks. “That’s where IT began to lose control.” And budget. And potentially, relevance.
Of course, there’s no recovering that control unless companies see the risk to their bottom lines as clearly as IT pros do. But those risks are easy to find. First, there’s data security: If IT management can’t see data being transferred via Google Drive or Dropbox or iTunes, it can’t control its spread. Second, cloud “sprawl” has costs in productivity: Employees not standardizing on the same tool can’t collaborate, can’t realize process efficiencies or volume pricing advantages, or realize savings in in-house server virtualization.
WHERE’S APP MANAGEMENT?
“If IT doesn’t have insight into the project, chances are, they don’t have the appropriate technology in place to manage the application, either,” says Piraino. He notes that AWS itself just validated this argument by launching a month-long free trial of Trusted Advisor, its own cloud management tool. According to Amazon, this will monitor a customer’s AWS cloud environment and suggest how to save money, boost performance, and close security gaps.
Those interviewed agreed that resellers must justify reasserting control by taking a more consultative role. The first part of that process is discovering the BYOC choices clients may have already made, and what other choices exist.
“[Channel pros and IT shops] need to be more curious,” says Eric Bisceglia, director of products at Woburn, Mass.-based LogMeIn Inc., which provides private cloud remote access, collaboration, customer care, and remote IT management. “They need to better understand the different cloud services out there. If they can save their clients hours of research, they can play a critical consultant role.”