CIO - The explosion of cloud apps in the enterprise, largely happening outside the CIO's purview, threatens to rattle companies in many ways. Highly regulated companies can find themselves suddenly out of compliance. Business-critical cloud apps can fail to deliver adequate service. Then there's the ever-looming security risk.
A swath of market research studies is highlighting this problem:
For starters, the public cloud market will reach $191 billion by 2020, up from $58 billion last year, according to Forrester. Cloud platforms will generate $44 billion, and cloud business services will hit $14 billion.
Netskope's cloud report shows enterprises having an average 461 cloud apps running in their organizations -- nine to 10 times the number IT departments estimate.
Cloud-based file-sharing services present a particularly tricky problem. Employees might store corporate data on personal cloud services beyond the reach of IT and backup devices. When those employees leave the company, IT doesn't have any idea what data has been lost.
Cloud Disaster Looms Without CIOs Involvement
Spiceworks, a network for IT professionals, surveyed 500 IT pros, and nearly half said employees are using cloud-based file storage, sharing, and synchronization services that get around IT-owned systems. While 31 percent discourage the use of such services only 4 percent actually block employees from using them at all.
There's no question cloud apps are booming, while IT stands mostly on the sidelines. Now there are signs of a fallout when the CIO isn't involved, such as a pharmaceutical company foolishly sending HIPAA data to a cloud service provider. When business leaders sign on with a cloud service provider without the CIO vetting the provider, assessing risk, monitoring and managing service level agreements (SLAs), trouble can arise quickly.
[Related: Why CIOs Shouldn't Block Rogue Cloud Apps]
It gets worse. On behalf of Compuware APM, Research in Action conducted a survey of more than 740 senior IT professionals about their concerns over cloud computing adoption. The shocking finding: Nearly three out of four respondents fear cloud service providers are hiding problems that can impact performance.
"The vast majority of CIOs are dissatisfied with their cloud SLAs, feeling that they are too simplistic, do not address the risks of operating in the cloud and do not provide adequate visibility," says Mike Masterson, director of cloud solutions at Compuware APM. "Less than one-quarter of those surveyed are happy with their cloud assurance and, having handed control over to their cloud providers, are now biting their nails thin while looking for ways to regain control."
Today's CIO Is Tomorrow Cloud Services Broker
But a new role of the CIO is emerging: the cloud services broker. More than one-third of IT departments already act primarily as services brokers, and this model is expected to expand rapidly in the next 12 months, according to new research commissioned by Avanade, a managed services provider.
As cloud services brokers, CIOs can push cloud service providers to deliver detailed SLAs. In Research in Action's survey, the top three metrics that respondents would like to see in a cloud service provider's SLA are response time and quality for every end user interaction, availability based on deep, continuous monitoring, and real-time SLA reporting.
Bottom line: Like any broker with expertise in the minutia of a contract with large dollars at stake, the CIO understands the importance of the SLA and other technical requirements that ensure compliance, security, reliability and performance. A good SLA benefits the business as well as the end users.
Tom Kaneshige covers Apple, BYOD and Consumerization of IT for CIO.com. Follow Tom on Twitter @kaneshige. Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn. Email Tom at email@example.com
Read more about cloud computing in CIO's Cloud Computing Drilldown.
- The New IT Explore enhanced productivity for IT staff, and seamless integration across IT operation management systems. Download now.
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- Single-Vendor Security Ecosystems Offer Concrete Benefits Over Point Solutions IT security decision-makers from companies with 100 to 5,000 employees evaluates the current endpoint security solution market based on Forrester's own market data,...
- Best Practices for Security and Compliance with Amazon Web Services This paper will discuss what part of the shared responsibility equation customers are responsible for and what some of the recommended security practices...
- Bringing software licenses into compliance A hospital group received a software license audit, so they called in CDW to help define and manage their software licensing status.
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will... All IT Careers White Papers | Webcasts
Our 28th annual survey results show which IT skills are in high demand and which are cooling off. Also, see how your salary stacks up to peers' with our Smart Salary Tool.