Inside The Shadows Of SHADOW IT

Inside The Shadows Of SHADOW IT

Inside The Shadows Of SHADOW IT 

Recent NASA audit report brings an interesting perspective on IT & Cloud Governance.

A recent report from the office of the inspector general of NASA regarding the adoption of cloud computing technologies across the organization provide an interesting look at the phases NASA is going in cloud computing adoption. NASA was a cloud pioneer with the development of OpenStack cloud platform and project Nebula for providing private cloud services. Currently 10% of NASA 1.5 Billion $ IT budget is spent on cloud computing, but the prediction is that in the next 5 years all NASA public data will move to the public cloud and 75% of all new IT program will begin in the cloud.shadow-IT

The Inspector General report uncovers that several NASA applications moved into the cloud without the knowledge and authorization of the office of the CIO. On one occasion, two moderate impact applications “moved to a public cloud and operated for 2 years without authorization, a security or contingency plan, or a test of the system’s security controls.”

On other occasions, the inspector general reviewed 5 different contracts for the procurement of cloud services and found they “failed to fully address the business and IT security risks unique to the cloud environment“.

Cloud governance is a challenge to all CIO’s. NASA is no different although one can imagine that if this is how things are for NASA (a respectable organization in all terms) then what is the situation for others?

Shadow IT is not a new phenomenon, but cloud computing surely contribute for it heavily. According to Gartner, in 2015, 35% of organizations overall IT spending will be managed outside of the IT department. Cloud offerings that target the business users of the organizations by providing fast flexible solutions without the pains of involving the IT department are responsible for the majority of those “hide from IT” spending.

Not everyone thinks that Shadow IT is bad. Some researches indicate that Shadow IT promote innovation in the business and allow the business users to reach their goals faster. PWC 2013 digital IQ survey demonstrates a strong linkage between being “strong performer” and reduced control on IT spending.

In NASA report, the inspector office finds that lack of “enterprise-wide cloud-computing strategy” caused some of the failures described in the report. The slow adoption of such a program resulted in systems migrating to the cloud without authorization or proper risk management process.

So what lessons should be learned from the report? That lack of cloud strategy is the worst possible option. The business users across the organizations will continue to search for fast and flexible solutions for their applications, and SaaS vendor will continue to target them and bypass IT functions. Lack of cloud strategy will result in application moving to the cloud without any authorization and knowledge of IT functions and probably without any risk management at all. CIO’s across the globe should understand that formalizing cloud strategy today is not an option, it is a must.

By Moshe Ferber,

Moshe Ferber is an entrepreneur and security expert, with 20 years’ experience in information security.  Mr. Ferber has focused on various aspects of cloud technology as an entrepreneur and investor. After founding cloud7, a Managed Security Services Provider, He is also invested in startups FortyCloud and Clarisite –  innovative solutions for information security and governance. For more information can be found at www.onlinecloudsec.com.

(Image Source: Shutterstock)

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

Technology Advice Report: 2014 Business Intelligence Buying Trends

Technology Advice Report: 2014 Business Intelligence Buying Trends

Technology Advice Report: 2014 Business Intelligence Buying Trends For nearly every business, the concept of business intelligence is nothing new. Ambitious organizations have been searching for any type of data-driven advantage for some time now – perhaps for as long as they’ve existed. However, the historical use of competitive intelligence pales in comparison to the…

Cloud Infographic – Cyber Security And The New Frontier

Cloud Infographic – Cyber Security And The New Frontier

Cyber Security: The New Frontier The security environment of the 21st century is constantly evolving, and it’s difficult to predict where the next threats and dangers will come from. But one thing is clear: the ever-expanding frontier of digital space will continue to present firms and governments with security challenges. From politically-motivated Denial-of-Service attacks to…

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter The city of the future is impeccably documented. Sensors are used to measure air quality, traffic patterns, and crowd movement. Emerging neighborhoods are quickly recognized, public safety threats are found via social networks, and emergencies are dealt with quicklier. Crowdsourcing reduces commuting times, provides people with better transportation…

2014 Future Of Cloud Computing Survey Results

2014 Future Of Cloud Computing Survey Results

Engine Yard Joins North Bridge Venture Partners, Gigaom Research and Industry Collaborators to Unveil 2014 Future of Cloud Computing Survey Results SAN FRANCISCO, CA–(Marketwired – Jun 25, 2014) – Engine Yard, the leading cloud application management platform, today announced its role as a collaborator in releasing the results of the fourth annual Future of Cloud Computing Survey,…

Featured Sponsors

Sponsors

What To Do When You’ve Outgrown Your Basic Business Software

What To Do When You’ve Outgrown Your Basic Business Software

What To Do When You’ve Outgrown Your Basic Business Software You know that feeling. You have multiple business products that aren’t communicating, meaning your employees are doing more work, uploading redundant data into different systems. The software is sluggish and can’t be accessed via browser. You’re paying per user, which is starting to get painful.…

Placement Opportunities - Find Out!

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

You can help continue to support our community by social sharing, sponsoring, partnering or contributing to this great educational resource.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter