Cloud computing offers advantages to enterprises, but only when done through a well-defined IT strategy. When done by individuals or lines of business – the so-called Shadow IT – unmonitored IT activity could post a significant risk. Yet sometimes the cloud moves faster than IT to meet business  needs In a recent report PricewaterhouseCooper outlines how to prudently say yes to the cloud. Images from Shutterstock.com

 

Find what’s there

Discover what shadow cloud services are being used in the organization, then categorize them according to risk: Those that should be banned or restricted, those that are often used by the organization and can continue if they pose no risk, and those that are sanctioned.

INSIDE SLIDE Assessment SHUTTERSTOCK

Establish trust

Build an atmosphere of trust in which both business and IT embrace change, where business asks for advice and IT is the advisor and orchestrator. Business strategy should be aligned to a cloud adoption strategy, one that isn’t based on saving money alone. IT should work with departments to understand functional requirements, business processes and architectures that make sense.

INSIDE SLIDE Handshake, trust partnership SHUTTERSTOCK

Face compliance 

Both side needs to understand that all IT solutions need to meet legal, contractual, regulatory and sector-based standards. Intelligent vendor management practices may help mitigate risk. Also, when choosing solutions for sensitive data, it’s very important to find providers that commit to service level agreements

INSIDE SLIDE Compliance 420 wide SHUTTERSTOCK

Lock it down

Business also has to understand IT has the knowledge to deal with data lifecycle management issues that cloud providers may skip over, as well as security issues such as access, encryption and key management, incident response continuity and data recovery.

INSIDE SLIDE lock file SHUTTERSTOCK

Keep an eye on it

You can’t let staff adopt cloud solutions and forget about them. Cloud service providers have to be managed and monitored. Consider monitoring capabilities and incident escalation processes that will give the organization real time insight into business case gaps or conflicts, security issues and other service metrics.

INSIDE SLIDE Supervise, monitor, guard SHUTTERSTOCK

Orchestrate

To avoid shadow cloud being isolated, develop an IT architectural vision that allows efficient access management and service interoperability to enable an integrated cloud. Service orchestration may help improve realizethe benefits by enabling a more integrated set of IT processes across a varied set of cloud solutions.

INSIDE SLIDE Orchestrate SHUTTERSTOCK


 

Previous articleHow prepared is your IT infrastructure?
Next articleTen tips for more secure sofware
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com