A New Cloud: The Stealth Cloud?

You've heard of public clouds, private clouds and hybrid clouds, but is there room for yet another word in the cloud computing lexicon, a stealth cloud? That is, a cloud without the support of the IT department?

1 2 3 Page 2
Page 2 of 3

The Bridging or Widening the Business-IT Divide

Too much has been talked about the business- IT divide. Unfortunately, the stealth cloud has driven an even greater rift between business and IT. It is exposing, as far as the business side is concerned, the lack of flexibility, agility and responsiveness of corporate IT departments. From the CIO's perspective you can see the risks (operational, compliance and integration) of using some of these cloud services, and it simply underlines how cavalier and naïve business users are.

Corporate systems are costly to build and maintain. They are mission critical and need to support the entire operation. There is a good reason why your internal IT department cannot 'knock-out' applications as fast as a nimble start-up. How many of the 'new' cloud providers are truly enterprise ready? Relatively few.

The key issue here is that there are a set questions that need to be asked before starting to use a cloud-based application. There are questions that you have been asking on-premise software vendors for years. There are now additional cloud-related questions.

But most, if not all, business users who are starting to make cloud-based application buying decisions are not even aware of the questions to ask.

What are the Risks?

The organization is exposing itself to three key risks due to the stealth cloud.

The first is the most obvious and is debated endlessly in the press, blogs and boardrooms: security. In many ways, some of the more mature and sophisticated cloud vendors such as Salesforce.com have better security of your data than the internal IT organization. Why? Because that is what they focus on, and the revenue from their 80,000+ customers depends on it.

The second area is compliance risk. What contracts does your organization have with its customers about where data can reside. Your ISO quality and data security accreditations are based around a set of policies which should be adhered to by all staff. What contracts and security policies are your staff inadvertently breaching by using a cloud application? What are the implications on your business?

And third, reputational risk. If, or when, that mission cloud app in the stealth cloud goes down (which it will do at the most inopportune time) what will that do for the reputation of your company? How will it impact the relationship with your customers — in private — or in public? As BP clearly understands over the last few months in the Gulf of Mexico, a company can outsource work, but can never outsource the responsibility.

1 2 3 Page 2
Page 2 of 3
NEW! Download the Fall 2018 digital issue of CIO