In today's cloud-centric world chances are you are not running just one cloud application. Many organizations are now using multiple cloud services. This will cause a management headache with multiple bills, varying levels of support from the different vendors, multiple management interfaces to learn and so on. In this blog I will present five tips on how to overcome the obstacles of multicloud.
My five tips
- Create an inventory
- Establish an acceptable usage policy
- Provide alternatives
- Establish a BYOD policy
- Educate the users
Create an inventory of your cloud applications
Most IT teams are aware of the issues related to unauthorized cloud application use (Shadow IT) within their company, but they may be significantly underestimating the extent of the problem. The first step towards taking control over cloud services is to establish an inventory of what cloud applications are regularly being used. Survey the people in your organization and/or use inventory software such a Spiceworks.
Establish an acceptable usage policy
After you have created an inventory of cloud applications, associated patterns of usage, and analyzed the risks represented by each service, it is time to think about what policies you have in place to educate your users to help police usage. In order to deal with changes keep policy wording generic such as: "Do not upload sensitive data to unauthorized cloud services."
One of the best ways to reduce the use of unauthorized cloud services is providing recommended, centrally controlled services . This solution represents a more forward thinking and long term approach to: engage your users, understand their needs, and work to resolve the issues in a way that works for them and also for the IT-department. The alternative, total lockdown, will potentially hinder users who are just trying to do their jobs as best can appear punitive, By offering authorized cloud services, you will be able to control legal and commercial terms with your vendor and also efficiently manage the usage and billing of the cloud services.
Establish a BYOD policy
Many cloud services have great functionality for smartphones and tablets. The use of these devices can bring many benefits such as the ability to get things done on the move. As many users already own such devices it is important to address the issue of corporate information, This use of a personal device at work is known as Bring Your Own Device or BYOD. If you haven't established a policy for BYOD, I recommend you make this a priority. In your policy, you should make it clear who owns the application or app, the rules around corporate data and list the authorized applications.
In larger organizations, it might be necessary to enforce some management software to separate personal and business functionalities, but in smaller businesses good education and communication backed up by a solid BYOD policy should suffice.
Educate the users
Education of the users is one of the most effective way to influence trouble-free cloud usage. It provides an opportunity both to discuss the risks and to show the approved alternatives. Highlighting the potential risks to their employer, providing alternatives and educating them with your best practice recommendations will ensure that all your efforts to reduce unauthorized use of cloud applications will be as effective as possible.
That is our five tips on how to handle multiple cloud applications. We’d love to hear any feedback that you may have, so please do get in touch.