alphaspirit - Fotolia
Public cloud, where a third-party provider makes computing services available over the internet, is big business, with Gartner predicting a total market size of almost $400bn in 2020. While public cloud can be divided into various elements, the two most common are infrastructure as a service (IaaS) and software as a service (SaaS).
The number one player in the IaaS market is Amazon with Amazon Web Services (AWS), closely followed by Microsoft Azure. The SaaS market is more mature and filled with many more companies. Well-known SaaS applications include Microsoft Office 365, Google G Suite, Salesforce, and Adobe Creative Cloud.
Both these types of public cloud offer organisations a wide range of potential benefits – such as increased agility, reduced upfront cost, operating expenditure (opex) payments, faster time to market, great ability to experiment, technical flexibility – but new areas of risk are created, too. IT asset management professionals will be well placed to mitigate many of these.
Cost management is a top priority
One of the top priorities in public cloud is, or should be, cost management. It is so easy to overspend with both IaaS and SaaS deployments – tracking, understanding and managing what is being used, where, and by whom is a key task for any organisation using public cloud. Organisations should also be mindful of regulatory and compliance risk and the potential negative productivity impact from SaaS sprawl.
A huge attraction of IaaS is that it is so easy to get started. You simply log into the portal and the virtual world is your oyster – you can deploy virtual machines (VMs), start up SQL databases, start monitoring your internet of things devices, stream video, back up servers, create disaster recovery plans and a whole lot more.
A huge danger of IaaS is that it is so easy to get started. People across the organisation can start doing these things with little to no oversight, and with no thought to the overall cost and what that might mean for departmental or overall budgets.
There is a fundamental difference between using resources on-premise and in the cloud. On-premise, you have already paid for the server hardware and the software licences – so having them up and running is generally considered a good thing. The more you use them, the better your return on investment (ROI).
When it comes to on-premise Windows VMs, the primary concern is finding yourself under-licensed for the number of Windows servers you have running. Most organisations will count the number of physical cores in their servers and license appropriately with Windows Server Datacenter, giving them unlimited virtualisation rights across those machines.
A key selling point for services such as Microsoft Azure and Amazon AWS is that you pay for what you use. Rather than investing up-front in physical hardware (and the required software licences) only for them to end up being hugely under-utilised, simply use the cloud to create VMs that match your immediate requirements. This is great, but be aware: the definition of “in use” to public cloud providers is “turned on”. This means every time someone leaves a VM on but doesn’t use it, your business is wasting money.
Let’s look at an example. In a 31-day month, there are 744 hours. That’s 744 hours you can be billed for cloud resources. Many cloud resources are not required constantly, particularly those being used for test and development, so simply turning them off can bring big savings. Turning VMs off over weekends will instantly remove 192 hours from that bill.
Next, define “working hours” and turn off VMs outside these times – that will result in another large reduction in uptime. Say “working hours” are 7am–7pm – that’s another 276 hours when the resources can be powered down, for a total reduction of 468 hours. If your VM costs £3 an hour, that’s £1,404 a month saved or, if it’s left running, wasted. There are many other elements to controlling costs in an IaaS environment. Three other options are:
- Monitor over-provision of cloud resources. There is a significant cost difference between a VM with 48 cores and one with 16.
- Are people using the resources on which they’re spending money, or could they change to a lower, and cheaper, configuration?
- Review purchase methods. Although pay as you go – typically the default IaaS payment method – is highly flexible, it is not always the most cost-effective option. Many cloud providers offer reserved instances, which enable cost savings on long-term cloud workloads. Detailed cost reporting and analysis are required to ensure the best use of these options.
Public cloud governance is easier said than done. Here are three vital things you need to know:
- Which clouds are in use?
- What resources are being created?
- Who can create them?
Once that’s done, you need to engage with stakeholders throughout the organisation to take the new guidance on board, and work with their teams to ensure it is followed.
“People, processes, tools” is an oft-stated maxim in the world of IT asset management, and public cloud is no different. The first two parts, although they may involve new specifics, will be relatively similar to what is being done to manage an on-premise environment. Tools, however, will almost certainly be different.
Keeping cloud under control
Many traditional software asset management (SAM) tools cannot fully manage public cloud environments, which means IT asset managers are likely to need to look at an additional product to help keep their cloud environment under control.
The scope of a cloud management tool is wide, covering areas such as cost management, automation and security. Other parts of the business will be looking at cloud tools, too, but with different priorities and requirements. If you have a DevOps team, talk to them – they may have a tool in place already and, if you’re lucky, it could do what you need from an IT asset management perspective.
The main challenge with managing SaaS spend is finding out what is in use. IT departments typically underestimate the number of SaaS apps in use by a factor of 15-20. This is a huge black hole in financial, compliance, regulatory and security risk.
Read more about cloud cost management
Strategic thinking and careful planning can help you squeeze the maximum value out of your multi-cloud environment. Here are eight tips to help you get started.
As IT departments prepare their 2019 budgets, we assess how to avoid paying too much for cloud services.
This has arisen because SaaS makes everyone a potential procurer of software, which means it will bypass traditional IT procurement processes. With often nothing installed on a user’s machine, you will need to turn to new discovery methods to start managing this risk. Research indicates that there is no single discovery solution that will find all your SaaS usage. It is therefore vital to approach this challenge from multiple angles to get the full picture. For example, discovery based on accounts payable and expense system integration won’t find free SaaS apps, and network monitors won’t find apps used by employees on their mobile phones or home networks.
Once you have a suitably complete picture of your SaaS usage, start optimising it. Cost optimisation is similar to managing perpetual licence contracts – identify large spend items, determine renewal dates, co-term agreements, and leverage your buying power. The challenge added by SaaS is supplier proliferation. Whereas before you may have managed a handful of perpetual software suppliers, you now have a multitude to deal with.
SaaS management tool supplier Zylo says that its customers, on average, are processing 60 renewals a month. To cope, you should build a renewals calendar listing renewal date, contract term, notice period and value. This will enable you to make a start on working out which contracts to target.
In doing this, you will probably find you have multiple contracts with the same supplier. Sales, marketing and IT may have all signed up separately for a Dropbox account, for example. Talking to these contract owners is a vital part of stakeholder engagement for a SaaS manager as you will be able to better forecast demand and negotiate a single contract with the supplier in question.
The next step is to discover which apps are being used, and how frequently. In the same way as you would remove unused copies of Visio or Project from a user’s machine, you can remove unused SaaS subscriptions.
Many SaaS management tool suppliers provide this functionality. You can factor these recovered subscriptions into your demand forecasts and renewal negotiations. One of the benefits of per-user SaaS licensing is that it is easier to reclaim unused licences because there is nothing to uninstall on a user’s machine; access is simply removed by the tool administrator.
Looking at the cost management aspects of optimising SaaS spend is a good starting point for a SaaS management programme because the benefits are tangible in terms of reduced spending, and this helps to build momentum. However, the bigger opportunity is in managing the risk and compliance aspects of SaaS usage. The regulatory framework in which firms now operate requires better control over data processing and IT security in general.
SaaS apps are a privacy minefield. Your usage of them is tracked second by second, and you may have little control over where your confidential and sensitive data is stored. For this reason, it is vital that you track and report on this information. Some SaaS management tool suppliers provide data to help you check the compliance status of a particular supplier. Some produce fine-grained reports highlighting where apps have elevated permissions – for example, read and delete your emails – and where they have been connected to other applications, for example granting calendar access to public scheduling services such as Calendly.
This extra data helps you create a risk profile for your SaaS usage and this enables you to optimise your estate for risk, compliance and security. For example, you may mandate that file-sharing apps are prevented from running in your cardholder data environment to comply with PCI-DSS requirements. Such application blacklisting is available from some SaaS management suppliers.
However, rather than perpetuating the perception of IT as the department that says “no”, SaaS management also enables us to play a role in improving employee experience and engagement. With the proliferation of apps for a particular use case, it becomes possible for SaaS managers to gain an insight into which apps are most popular in a given category. You can then build a catalogue of recommended apps, rather than imposing a top-down tool selection on employees.
This catalogue may end up migrating your organisation to a common solution, cutting down on SaaS sprawl and the proliferation of middleware caused by departments using different apps for the same thing. For example, you may be able to determine that users prefer Dropbox to Box or OneDrive and influence new users to choose Dropbox. Some tool suppliers facilitate this by providing the ability for SaaS managers to send surveys to users and generate a monthly net promoter score for a particular app.
So, far from being a threat to IT asset managers, the shift to SaaS delivery of applications has a significant upside. New tools, procedures and, potentially, team members will be required, and they will play an increasingly important role in improving the productivity of employees.
ITAM industry analyst, AJ Witt, contributed to this article.