A recent survey of 100 UK CIOs suggests close to nine in ten believe unsanctioned use of cloud services has created long term security risks for their organisations, and about 84 per cent believe cloud adoption reduces their organisation’s control over IT more broadly.
The survey, commissioned by Fruition Partners, looks specifically at IT service management (ITSM) trends in large UK companies (organisations with more than 1,000 employees).
The results suggest CIOs are still very concerned a lack of maturity around cloud service management and application support within enterprises is driving more ‘Shadow IT’ in their organisations.
About 60 per cent of respondents said there is an increasing culture of ‘Shadow IT’ in their organisations, and 79 per cent believe there are cloud services in use that IT does now know about.
Over three quarters (78 per cent) of CIOs stated that the rest of the business frequently does not seek their advice when it comes to the procurement of public cloud services, and about one in two CIOs believe their employees are side-stepping their own IT departments and going directly to cloud service providers for application support.
“CIOs need to remember that while the availability of public cloud services may mean they need to provide fewer IT services themselves, it doesn’t reduce the need for the management of those services. In fact, it’s arguable that the need for rigorous management actually increases. Of course you should expect public cloud services to work faultlessly, however you’d be crazy to blindly trust that they will, without managing and monitoring how those services are delivered to the business,” said Paul Cash, managing director of Fruition Partners UK.
Cash explained that regardless of the type of cloud service IT departments should still be managing them internally rather than “handing over all responsibility to cloud providers.”
“CIOs must make it easier for employees in other lines of business to work with the IT department to source the cloud services they want,” he said. “There are simple initial steps they can take to do this, such as creating and publishing a comprehensive service catalogue which is exposed to the entire business. A service catalogue that lists sanctioned public cloud services will reduce the impact of shadow IT and make it far easier for employees throughout the organisation to buy cloud services from the IT department – while ensuring that IT can control and manage the services that are implemented.”