Cloud sprawl is the distribution of organizational data across multiple cloud-based applications. This situation arises when business departments use different clouds such a Dropbox, Google Drive, Skydrive, iCloud, etc. This sprawl is not a good strategy because control has been completely lost to the CIO and IT Asset Managers, with organizational data scattered about on multiple platforms, and data security at great risk.
Information Week published an online magazine article focusing on cloud sprawl. The article identifies a main cause for sprawl of easy access to free or low cost cloud-based applications:
Inexpensive cloud applications that don’t require corporate approval are walking through the door unchecked as well — from CRM to email to marketing automation. As the situation develops, poorly managed end-user cloud purchases and deployments make for fragmented, redundant, unmanaged and inefficient cloud-based outsourcing decisions with little or no input from IT. http://www.informationweek.com/4-ways-to-prevent-cloud-sprawl/240146526
A second reason for cloud sprawl is that cloud technologies are fairly new to organizations and are without policies to standardize their use. Without a directive from an organization detailing how an employee should access the cloud (and which cloud to access), employees do what is comfortable and useful to them. Doesn’t that sound a lot like BYOD (Bring-Your-Own-Device)? The issue is that Bring-Your-Own-Cloud strips away control and security processes from an organization. Some cloud programs do not communicate or transfer files well, and without standardization, the opportunity for information to be lost, recreated, or otherwise compromised increases. In the C-level executive’s eyes, cloud sprawl translates into money lost.
Despite the risk of financial and information loss, the third reason for cloud sprawl comes from the C-level executive. With the cloud touted as the latest and greatest, each C-level executive has ideas on what should be standard and why that scenario is best as well as the political pull in an organization to make it happen. The problem that arises is when each C-level executive in an organization acts on their vision. There are enough cloud storage application offerings for each one to present a unique solution and bring chaos to the organization’s automation plans. So, which cloud storage application do you choose? It depends on who you are talking to, quite frankly.
So what do you do about cloud sprawl? You make a decision. That is one of the only solutions to this issue and is also one of the best. Most employees will adhere to a corporate policy so long as it doesn’t hamper their job performance. If organizations designate a specific application to use that is cross-platform (Google, Android, Mac, iOS, and Windows), employees are likely to comply. For that chosen application, IT security actively takes steps to monitor the upload and download from that one, known, application. Data security risk is reduced and disaster recovery/business continuity enhanced. The organization is safer and more efficient, and employees are happy. Eliminating cloud sprawl translates to successful C-level executives, which in turn leads to a productive IT Asset Management environment.