The democratization of the cloud within the enterprise has freed operational costs, productivity, and innovative possibilities across departments that have formed the basis for digital transformation. The downside is, that freedom has led to unchecked cloud sprawl that is hampering security and cost containment. In fact, 53 percent of all cloud users and 64 percent of mature cloud users estimate that 30 percent of cloud spend is wasted, according to the RightScale 2017 State of the Cloud Report.
Cloud sprawl is uncontrolled growth of computing resources, the foundation of cloud-based IT services, that exceeds the resources required for a definite number of authentic users. Controlled cloud sprawl is a sign of healthy cloud management and can be achieved by using good practices in IT operations. Organizations can use the following as a checklist when developing a detailed strategy to control cloud sprawl:
1. Clearly Define and Communicate the Cloud Strategy
The cloud strategy, related processes, benefits, and costs need to be communicated clearly to the user community, and appropriate expectations should be defined.
This means managing migration and use policies, role-based access control, and much more—and requires clear communication of the strategy defined by stakeholders and users.
CISOs must explain the elements of risk-based granular security policies/enforcement to business managers to define how business processes should and shouldn’t work.
The CFO and IT department must have ongoing communication about protocols for funding that clearly defines mission-critical investments from executives who support innovation and growth.
Lastly, managers and department heads should be involved in defining the cloud strategy. They must then receive clear communication on defined policies and protocols that must be communicated to employees in writing. These are critical aspects of a successful strategy in an age where businesses must find ways to optimize their hybrid cloud architecture.
2. Develop a Cloud Migration Strategy
In many ways, the cloud migration strategy will pave the way for safeguards against cloud sprawl if handled correctly. Cloud migrations have many moving parts, so the strategy has to be carefully planned up front. That means having a thorough understanding of which workloads to move where and why they should be moved, as well as when and how.
3. Conduct Regular Cloud Audits
Cloud services health checks are a major key to curbing cloud sprawl, as they cover all aspects of cloud services, including:
- VM instances
- All other infrastructure components
Cloud auditing includes identifying the risks and new requirements for securing data in the cloud, aligning the system with the company’s policies, determining the system’s weaknesses and vulnerabilities, evaluating controls, and implementing a risk assessment plan. Auditing also helps organizations ensure that cloud services are aligned to business needs at all times.
4. Implement Role-Based, Automated Identity Management
Based on the cloud strategy and policies, businesses should enact a strong governance framework for provisioning and consuming cloud services based on roles within the company. That means establishing role-based access control policies that clearly articulate who has the authority to create new VMs.
It is also important to have identity access management in place based on roles for apps and services. This will enable staff onboarding as well as cloud services and access provisioning across the organization. By making these practices part of the BYOD policy for secure access, organizations can balance security, productivity, and agility while reinforcing policies that help prevent cloud sprawl.
5. Develop Cloud Policy and Protocol Triggers
In the digital business, cloud policies are fundamental to controlling cloud sprawl. These can include:
- Controls that enable automatic shutdown and de-provisioning of workloads and unnecessary VMs after a certain time.
- BYOD policies that govern how devices are used to access applications and other cloud services.
- VPN use policies for remote workers accessing SaaS solutions.
Whether it is developer groups, departments, or even individual employees, the ease with which anyone in the enterprise can utilize cloud services via the enterprise network continues to increase shadow IT challenges. A recent IT decision maker survey from web gateway platform provider iBoss shows that 87 percent believe that employees are accessing cloud applications without informing IT.
These are just some of the triggers that show how demands for greater access, agility, and collaboration in the modern enterprise will continue to make cloud sprawl a growing problem over time. The best solution for these seemingly disparate problems that all connect to the cloud is to create a holistic approach to cloud management. The ideal scenario is to bring together discovery, education, technology, protocols, and governance so that cloud management can adapt to the changing needs of the organization.
Creating a Holistic Approach to Cloud Management
While all of these policies and protocols go a long way toward preventing cloud sprawl, they all must be backed by a platform that makes it possible to manage numerous cloud providers holistically. FNTS’s Navigator is a solution for businesses that uses a streamlined single-pane-of-glass approach to managing and standardizing security policies and controls across hybrid and multi-cloud strategies.
Navigator provides an approach for ensuring the standardization of policies, procedures, governance, and cybersecurity workflows and controls. This includes the ability to collect, analyze, consolidate, and report performance and utilization metrics for better usage and cost transparency.
Cloud sprawl is actually a symptom of a much larger challenge: the lack of a unified approach to providing transparency, communication, monitoring, and governance of all aspects of cloud use across the business. The goal is to create a cloud strategy that incorporates all five of these individual strategies into a holistic approach governed by an end-to-end solution like Navigator. This enables businesses to enact multi-cloud management best practices that make the most of cloud resources while minimizing costs and waste.