by James Staten on October 25, 2011
You know there are developers in your company using public cloud platforms but do you really know what they are doing? You suspect it’s just test and development work but are you sure? And if it is production workloads are they taking the steps necessary to protect the company? We have the answers to these questions and you may be surprised by how far they are going.
It’s tough being an infrastructure & operations professional these days. According to our ForrSight surveys for every cloud project you know about there could be 3 to 6 others you don’t know about. Business unit leaders, marketing and sales professionals and Empowered developers are leading the charge. They aren’t circumventing I&O as a sign of rebellion – they simply are trying to move quickly to drive revenue and increase productivity. While every I&O professional should be concerned about this pattern of shadow IT and its implications on the role of I&O in the future, the more immediate concern is about whether these shadow efforts are putting the company at risk.
The bottom line: Cloud use isn’t just test and development. In fact, according to our ForrSight research there’s more production use of IaaS cloud platforms than test and development and broader use is coming (see Figure 1 below). The prominent uses are for training, product demonstration and other marketing purposes. Our research also shows that test and development projects in the cloud are just as likely to go to production in the cloud as they are to come back to your data center.
So how much should you be concerned about this trend? Well first off, you can probably forget about trying to stop it. Your focus should be on determining how much risk there is in this pattern and this may take a leap of faith on your part because as of right now, your developers know more about how to use public cloud platforms than you do. This means they are more knowledgeable than you about what it takes to make them highly available and secure. This experience deficit is a much more problematic issue than anything else because when you start asking your developers what they are doing to ensure the availability of their applications on IaaS, you don’t really even know what to ask.
Sure, you can ask what they are doing to ensure availability but do you even know what the availability options are on the leading clouds and how best to leverage them? Do you know what data replication takes place by default and what options they could turn on?
At the same time, you can’t just trust the developers to care as much about data integrity, BCDR and availability as you do because, normally, they entrust this to you. So rather than engage in a frustrating back and forth that risks misunderstanding by both parties, let’s see if we can accelerate your learnings, bring these cloud efforts out of the shadows so you can learn exactly what is going on and how much you really should be worried.