News

Beware of 'rogue clouds' and hidden costs, warns Symantec

Archana Venkatraman

As a growing number of businesses migrate to cloud platforms, SMEs (small and medium-sized enterprises) and large businesses are experiencing escalating costs tied to rogue cloud use, complex backup and recovery, and inefficient cloud storage, warn Symantec.

Symantec defines rogue clouds as those public cloud applications implemented by business groups that are not managed by or integrated into the company’s IT infrastructure.

Symantec.JPG

Its latest study – Avoiding the hidden costs of cloud 2013 survey – revealed that rogue cloud deployments are one of the cost pitfalls and are becoming a common problem with as many as 77% of businesses experiencing rogue cloud situations, or unauthorised use of cloud services, in the last year.

For instance, a company’s sensitive data enters the cloud without organisation’s knowledge or approval when a sales manager signs his department up for Salesforce without consulting IT or when marketing team shares important launch materials with outside suppliers via an unauthorised Dropbox account.

Cloud computing services provide unprecedented benefits but there is also a darker side to cloud that organisations may overlook. The hidden costs of cloud implementation that can negate the benefits if not properly contained, it said.

Dangers of a rogue cloud

The study found that rogue clouds are more common among large enterprises (83%) due to their larger company size than SMEs (70%).

Among organisations that reported rogue cloud issues, 40% experienced the exposure of confidential information, and more than a quarter faced account takeover issues, defacement of web properties, or stolen goods or services, the study found.

The use of rogue or unauthorised cloud can put sensitive business information into a position where it could be compromised, without approval from IT or high-level management, the company warned.

The most commonly cited reasons for undertaking rogue cloud projects were to save time and money, according to Symantec. Those responsible are doing it in order to save time and money, and yet the results may in fact be the opposite, Symantec further warned.

The security company advised that taking measures such as focusing policies on people rather than technologies as well as monitoring and enforcing policies could help mitigate the risk and avoid hidden costs. It also advised organisations to take other measures such as using tools that are platform agnostic and deduplicating data in the cloud.

“By taking control of cloud deployments, companies can seize advantage of the flexibility and cost savings associated with the cloud, while minimising the data control and security risks linked with rogue cloud use,” said Francis deSouza, group president, enterprise products and services, Symantec.

Among other findings of the study, it revealed that cloud use is complicating data backup and recovery process – a process used by almost all IT executives as part of their disaster recovery strategy.

A majority of organisations are using three or more tools to back up their physical, virtual and cloud data resulting in increased complexities and inefficiencies. It also found that almost half (43%) of respondents have lost cloud data while a majority (68%) has experienced recovery failures.

Enterprises also rated cloud recovery as a slow and tedious process with 22% citing it would take three or more days to recover.

Another surprising finding of the study was that the cloud storage utilisation rate is as low as 17% among the organisations surveyed. Many organisations use cloud computing services to overcome storage challenges.

Advance preparation could help businesses build safe, agile and efficient clouds that will help them achieve their business goals, the company said.

The global cloud study surveyed more than 5,000 employees from 3,236 companies including large enterprises and SMEs.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy