77% of Businesses Saw Rogue Cloud Deployments in 2012

Organizations are migrating to the cloud to gain competitive advantages around speed, agility and flexibility according to Symantec Corporation‘s Avoiding the Hidden Costs of Cloud 2013 Survey.

In fact, more than 90% of all organizations are at least discussing cloud, up from 75% a year ago. Other key survey findings showed enterprises and SMBs are experiencing escalating costs tied to rogue cloud use, complex backup and recovery, and inefficient cloud storage. Rogue clouds are defined as business groups implementing public cloud applications that are not managed by or integrated into the company’s IT infrastructure.

Industry experts predict several key issues will arise in 2013 focused on the financial pressures and security challenges of cloud computing. BC is seen as an important issue with the increase in cloud outages posing greater risks than security breaches. Over the holidays, a leading cloud service provider experienced an outage, which they quickly remediated. This outage impacted businesses and posed important concerns around data loss prevention, backup, time spent on data recovery and the associated costs. However, with advance preparation, organizations can build safe, agile and efficient clouds that will enable them to meet their business goals.

"By taking control of cloud deployments, companies can seize advantage of the flexibility and cost savings associated with the cloud, while minimizing the data control and security risks linked with rogue cloud use," said Francis deSouza, group president, Enterprise Products and Services, Symantec.

Rogue Cloud Implementations
According to the survey, rogue cloud deployments are one of the cost pitfalls. It is a surprisingly common problem, found in more than three quarters (77%) of businesses within the last year. It also seems to be an issue experienced more by enterprises (83%), due to their larger company size, than SMBs (70%).

Among organizations who reported rogue cloud issues, 40% experienced the exposure of confidential information, and more than a quarter faced account takeover issues, defacement of Web properties, or stolen goods or services. The most commonly cited reasons for undertaking rogue cloud projects were to save time and money.

Cloud Backup and Recovery Issues
Cloud is complicating backup and recovery. First, most organizations use three or more solutions to backup their physical, virtual and cloud data-leading to increased IT inefficiencies, risk and training costs. Furthermore, 43% of organizations have lost cloud data (47% of enterprises and 36% of SMBs), and most (68%) have experienced recovery failures.

Finally, most see cloud recovery as a slow, tedious process. Only 32% rate this is as fast and 22% estimate it would take three or more days to recover from a catastrophic loss of data in the cloud.

Inefficient Cloud Storage
One of the key advantages to cloud storage is how simple it is to provision. Sometimes this simplicity leads to inefficient cloud storage. Generally, organizations strive to maintain a storage utilization rate above 50%. According to the survey, cloud storage utilization is surprisingly low at 17%. There is a tremendous difference in this area between enterprises (which are utilizing 26% of their storage) and SMBs (which is a shockingly low seven%). Furthermore, roughly half admit very little, if any, of their cloud data is de-duplicated, further compounding the problem.

Compliance and eDiscovery Concerns
According to the survey, 49% of organizations are concerned about meeting compliance requirements in the cloud, and a slightly larger number (53%) are concerned about being able to prove they have met cloud compliance requirements. This concern about information in the cloud is well founded, as 23% of organizations have been fined for cloud privacy violations.

eDiscovery is creating additional pressure on businesses to quickly find the right information. One-third of businesses reported receiving eDiscovery requests for cloud data. Of those, two-thirds have missed their cloud discovery deadlines, leading to fines and legal risks.

Data in Transit Issues
Organizations have all sorts of assets in the cloud – such as web properties, online businesses or web applications – that require SSL certificates to protect the data in transit whether it is personal or financial information, business transactions and other online interactions. The survey showed companies found managing many SSL certificates to be highly complex: Just 27% rate cloud SSL certificate management as easy and only 40% are certain their cloud-partner’s certificates are in compliance with corporate standards.

Hidden Costs Are Easily Avoided
The survey shows ignoring these hidden costs will have a serious impact on business. However, these issues are easily mitigated with careful planning, implementation and management:

• Focus policies on information and people, not technologies or platforms
• Educate, monitor and enforce policies
• Embrace tools that are platform agnostic
• De-duplicate data in the cloud

Symantec’s 2013 cloud survey is a result of research conducted by ReRez in September-October 2012. The study represents 3,236 organizations from 29 countries. Responses came from companies with a range of five to more than 5,000 employees. Of those responses, 1,358 came from SMBs and 1,878 came from enterprises.