A new Vanson Bourne survey of UK CIOs on behalf of Fruition Partners has found that the majority of chief information officers (CIOs) have concerns that cloud computing and cloud storage could see them lose control over their IT and security, with 84 percent admitting they have such worries.
This is despite CIOs seeing the benefits of cloud services such as cloud backup, with many being in the process of migrating further services to the cloud.
The survey further illustrated that the majority of organisations are experiencing the use of shadow IT services – systems and solutions used within companies without approval from the IT department in question – with 89 percent of CIOs feeling that this development represents a long-term security risk for their business, Computing reports.
In addition to experiencing the use of shadow IT, the survey revealed that the vast majority of CIOs don’t apply the same IT service management processes to public cloud services as they do to their internal systems.
Managing director of Fruition Partners UK Paul Cash said: “You should expect public cloud services to work faultlessly, however you’d be crazy to blindly trust that they will, without managing and monitoring how those services are delivered to the business.”
Examples of shadow IT used within the workplace typically include employees’ personal instances of cloud storage services such as Dropbox, Apple iCloud, Google Drive and Microsoft OneDrive. In order to minimise the risks inherent in using such services, CIOs should monitor their networks and devices to seek out usage of these services, while outlining acceptable usage policies to staff that clarify the company’s position regarding their use.
In many cases, a more secure, business-focused alternative to an existing shadow IT service could return control to the IT department and deliver employees the functionality they need, reducing risk and increasing information security.
In addition, businesses seeking to outsource elements of their IT to the cloud would do well to partner with a cloud service provider whose internal processes are sufficiently robust. ISO certifications such as ISO 9001 and 27001 are a good indication that a cloud service provider has effective IT service management processes in place, which should go some way towards reducing the perceived risk of loss of control.