A New Cloud: The Stealth Cloud?

You've heard of public clouds, private clouds and hybrid clouds, but is there room for yet another word in the cloud computing lexicon, a stealth cloud? That is, a cloud without the support of the IT department?

1 2 3 Page 3
Page 3 of 3

What Can be Done About it?

Cloud computing cannot be ignored.

The genie is out of the bottle. Cloud computing is here to stay. As long as business users have a browser and an Internet connection then the problem exists.

Is the simple solution to ban Internet access? No. That will drive the stealth cloud ever further underground. Business users will buy laptops with 3G cards and completely bypass IT. Ridiculous you say, but I can think of two recent examples where this has happened and proved to be a pointless waste of company time and money.

So the solution to this problem comes from the most unlikely of places: the Italian kitchen and PASTA.

P: Policy. What is the corporate policy for cloud computing? Remember, that "It is banned" is not an acceptable answer. That will drive the stealth cloud further underground. What types of applications can be cloud? Should you be providing a cloud platform for users such as Force.com? The Policy needs to be pragmatic if it is going to be adhered to.

A: Amnesty. You need to find out what business users are doing, but they are unlikely to tell you if they believe that they will suffer either in terms of their career or being prevented using the application. The Amnesty period needs to be less than a month to drive urgency and it needs to very clearly and widely communicated. For example, after the Amnesty end date any use of cloud computing outside the Policy is a disciplinary offence.

S: Support. End users need to believe that if they are honest in the information they give during the Amnesty it will be used to help them and support them. Therefore, IT needs to support them using the application — NO MATTER how UNRELIABLE you believe (or know) that the application is. This will be very hard and require a huge level of self control.

T: Technology Evaluation. This is a full evaluation, both technical and commercial, of the cloud applications being used. This is probably a non-trivial activity, based on the huge number of applications that are being used and the time taken to really find out about some of the smaller companies.

A: Adoption. Now you need to build your cloud architecture for the company. This may consist of many of the applications currently being used but will also involve some users migrating from their chosen application to the corporate standard. Then you need to work hard to drive up the adoption of the chosen application, but that is nothing new.

The Final Word

As the CIO, you need to sprint to get ahead of the ball through the policy, amnesty, and support phases. Only then are you in some level of control and can evaluate the true risk to the business of the stealth cloud. After that the technology and adoption phases can and will take some time.

Cloud computing is here to stay. Business users are voting with their browsers to use cloud applications, but they are often unaware of the risks that they are putting themselves and their companies under. PASTA is an acronym describing an approach to evaluate and control the risks of cloud computing in your corporation. As CIO, if you can't stand the heat, get out of the kitchen.

Ian Gotts is the founder and CEO of Nimbus, a business process management solution vendor.He is the author of 6 books including, 'Common Approach', 'Uncommon Results', 'Why Killer Products Don't Sell' and three 'Thinking of...' books on cloud computing.

1 2 3 Page 3
Page 3 of 3
Time is running our to share your experience. Take the 2019 State of the CIO survey today!