In order to decrease the occurrence and mitigate the risks of rogue public Cloud usage, IT departments must be proactive in defining their Cloud strategy and assessing usage, according to Red Hat senior Cloud technology and alliances manager, Martin Zierer.
Rogue public Cloud usage refers to running applications which are not managed, integrated or governed by a company's IT department in a public Cloud.
Zierer said it can include but is not restricted to:
- launching an instance of an operating system within a Cloud provider;
- services consumed in the Cloud;
- the rapid creation and deployment applications, which have not been double checked or properly tested within a company's own environment.
According to a survey by Symantec and ReRez across 29 countries, three quarters of businesses using public Cloud offerings are victim to rogue access. It happens to 83 per cent of large enterprises, compared to 70 per cent of SMEs.
"IT departments should become proactive and check -- either through an internal survey or usage assessment -- what type of services are really required," Zierer told ARN. "Does information need to be shared with partners and customers? Does the company have application development requirements that need to be accelerated?"
"IT [departments] need to become more approachable and proactive in understanding what the requirements of its customers and employees are because they have changed and the IT department is probably slow in catching up."
Zierer said a key point in formulating a Cloud plan is defining an open hybrid Cloud strategy that allows a company to use various Cloud services without being locked into a particular vendor or Cloud provider. This is in line with what the open source vendor is currently doing.
'Future-proofing' that strategy is also critical. "We had physical hardware a few ago, then virtualisation came along and people started to define that; now it becomes a discussion of Cloud infrastructure, and once defined, it will be kept for five to 10 years," Zierer added.
Another element is employing a platform-as-a-service so a rapid development environment (both in house and in the Cloud) is available to offer to clients. It must consider and distinguish both end user and line of business requirements.