Do managers stay awake at night worrying about the cloud service bills being used up willy-nilly by their employees? If so, peace may be coming by way of a new service from Cisco.
Cisco on Wednesday announced Cloud Consumption as a Service, a SaaS product to help IT departments get a handle on all the cloud services their employees use.
“People have been going around IT for years, so in that sense, this isn’t news,” said Bob Dimicco, global leader for cloud consumption at Cisco. “The difference is the magnitude. The magnitude, in effect, means the employees from the lines of business have spoken. They want a particular tool, and they’ve got a browser, they’ve got a credit card, they’re going to start using it. But for IT and the company, it creates a tremendous amount of risk.”
Cisco reports that customers believed they were using on average 91 cloud services, but using this CCaaS product, which monitors network traffic flows to identify services being consumed, they were using on average 1,220 services. And the number was growing 112 percent year over year.
What Cisco has found is reflected in other industry studies as well. In a 2015 Brocade survey, 83 percent of CIOs reported their companies had experienced some level of unauthorized provisioning of cloud services. And 42 percent in a poll of 350 IT professionals who attended the Amazon Web Services (AWS) re:Invent reported difficulty in pinning down cloud costs and consumption in their organization.
According to Cisco, this service has a number of benefits, including:
- Visibility – It can help IT understand who is using what and where data is going, how to eliminate redundant services and how to provide business users with the best tools they need to do their jobs.
- Risks and costs: It can highlight compliance and data-protection issues. It uses industry databases to determine whether a cloud provider is compliant with HIPAA (The Health Insurance Portability and Accountability Act), for instance, and can offer the required compliance certifications.
- Benchmarking: It can help organizations choose the right service for its users and benchmark usage against peers.
Cisco is offering it on a subscription basis that it says will cost companies approximately $1-2 dollars per employee per month, depending on the size of the business. It’s offering a 30-day free trial.
“Customers said, ‘I only need to do this once,’ but they found things are changing in the industry and amongst their users,” Dimicco said.
“You need this on an ongoing basis because things change from month to month. New applications come up, or employees start to use one versus the other. Or you’ve decided to standardize on one file storage provider and you want to make sure everybody in the company is in compliance. You want to look at usage month to month so that at the end of 90 days, you’ve helped everyone start using your preferred provider, the one that’s authorized, the one where you’ve negotiated the best possible contract,” he said.
The company sees two emerging strategies among users of cloud services: a hybrid approach and a cloud-first strategy. With the hybrid strategy, the services help them understand what the lines of business are using today so they can figure out what they want to keep or change going forward, Dimicco said.
CityMD, a New York City-based organization that provides emergency room services, has a cloud-first strategy.
“We have a process where we ask users to vet some of the cloud services with IT, but there are some services that are not always coming through us. With [the Cisco product], we can understand exactly where our users are going,” said Robert Florescu, vice president of IT at CityMD.
It found its users had signed up for more than more than 500 services when it formally supported only 15 to 20. It’s been using the service since November.
“When we first did the discovery, I was surprised there were so many items there. Now we are in the process of analyzing each of them to see what is the actual business case for them. A lot of them are valid and we know about them, but there were others we had no idea about,” he said.
“It’s an ever-changing environment. New cloud services are coming out frequently. It’s not something you fire and forget. It’s something you have to keep an eye on. Because we’re covered by HIPAA, we have to make sure none of that data goes out to unauthorized cloud providers.”
That could easily happen, he explains, if, say, a marketing person uploads a document to a personal DropBox account because it’s something he or she wants to work on at home.
“They don’t necessarily know whether that document contains PHI (sensitive personal health information) because that’s not their function. That’s why it’s important for us to have this visibility into transmissions.”
The University of Arizona, meanwhile, discovered more than 950 cloud services and charges of more than $5 million with one IaaS provider that professors and graduate students were using instead of the university’s private cloud. It’s been using the Cisco service to move those users to its preferred cloud, Dimicco said.
“There are some huge potential financial benefits from using the cloud, but it’s also very easy for users to get hooked and to start more and more cloud services directly. Tracking usage and actual spend becomes a huge headache when the usage model becomes disaggregated,” said John Dinsdale, chief analyst and managing director at Synergy Research Group.
He said that while he can’t comment on this specific product, “the shadow IT phenomenon is real and IT leaders do need some tools to help them better manage the use of IT resources.”
Cisco is a sponsor of The New Stack.