Rogue clouds pushing up costs

Enterprises and small and medium businesses (SMBs) are experiencing escalating costs tied to rogue cloud use, complex backup and recovery, and inefficient cloud storage, according to Symantec Corp's recent Avoiding the Hidden Costs of Cloud 2013 Survey.
 
Rogue clouds are defined as business groups implementing public cloud applications that are not managed by or integrated into the company's IT infrastructure.
 
Industry experts predict several key issues will arise in 2013 focused on the financial pressures and security challenges of cloud computing. For instance, business continuity is seen as an important issue with the increase in cloud outages posing greater risks than security breaches.
 
Outages impact businesses and pose important concerns around data loss prevention, backup, time spent on data recovery and the associated costs. However, with preparation, organizations can build safe, agile and efficient clouds that will enable them to meet their business goals.
 
Symantec's survey estimated that 95% of organizations in Singapore are at least discussing cloud, up from 73% a year ago.
   
Rogue cloud deployments are one of the cost pitfalls. It is a surprisingly common problem, found in more than three quarters (85%) of businesses within the last year. Globally, it also seems to be an issue experienced more by enterprises (83%), due to their larger company size, than SMBs (70%). 
 
Among organizations that reported rogue cloud issues, 31% experienced the exposure of confidential information, and more than a third (36%) faced account takeover issues. The most commonly cited reasons for undertaking rogue cloud projects were to save time and money.
 
Backup and recovery
Cloud is complicating backup and recovery. First, half of organizations in Singapore use three or more solutions to back up their physical, virtual and cloud data, which increase IT inefficiencies, risk and training costs. Furthermore, 35% of organizations have lost cloud data (globally, this affects 47% of enterprises and 36% of SMBs), and 67% have experienced recovery failures.
 
Additionally, only 33% consider cloud recovery as fast and 16% estimate it would take three or more days to recover from a catastrophic loss of data in the cloud.
 
Inefficient cloud storage
The simplicity in provisioning cloud storage can lead to inefficiencies. Generally, organizations around the world strive to maintain a storage utilization rate above 50%.
 
According to the survey, global cloud storage utilization is surprisingly low at 17%. Enterprises are utilizing 26% of their cloud storage and surprisingly, SMBs utilize only 7%. In Singapore, roughly half of organizations admit very little, if any, of their cloud data is deduplicated and 38% report moving files in a cloud environment being cumbersome. 
 
Compliance and e-discovery
According to the survey, 39% of organizations are concerned about meeting compliance requirements in the cloud, and a slightly larger number (63%) are concerned about being able to prove they have met cloud compliance requirements. This concern about information in the cloud is well founded, as 29% of organizations have been fined for cloud privacy violations.
 
E-discovery is creating additional pressure on businesses to quickly find the right information. One-third of businesses reported receiving e-discovery requests for cloud data. Of those, more than half (57%) have missed their cloud discovery deadlines, leading to fines and legal risks.
 
Data in transit
Organizations have all sorts of assets in the cloud -- such as web properties, online businesses or web applications - that require Secure Sockets Layer (SSL) certificates to protect the data in transit whether it is personal or financial information, business transactions and other online interactions. However, just 22% of the companies surveyed rate cloud SSL certificate management as easy and just under half (49%) are certain their cloud-partner's certificates are in compliance with corporate standards.
 
Easing hidden costs
While these hidden costs will have a serious impact on business, they are easily mitigated with careful planning, implementation and management. Symantec officials recommend that organizations: 
  • Focus policies on information and people, not technologies or platforms
  • Educate, monitor and enforce policies
  • Embrace tools that are platform agnostic
  • Deduplicate data in the cloud
ReRez conducted Symantec's 2013 Cloud Survey in September-October 2012. The study polled 3,236 organizations from 29 countries. Responses came from companies ranging in size from five to more than 5,000 employees. Of those responses, 1,358 came from SMBs and 1,878 came from enterprises. In Singapore, 150 organizations were surveyed