Enterprises have an average 461 cloud apps running in their organizations (nine to 10 times IT's estimates), according to some reports. Line-of-business managers hesitate to bring in the CIO out of fear of being blocked. If CIOs can remove this fear, everyone, it turns out, benefits.
一家制药公司的员工在使用云服务提供商紧缩临床试验的数据去流氓,只为CISO后来才发现,该公司是合规的,因为HIPAA数据可能找到进入一些负载 - 所以他阻止上传HIPAA数据。
“我敢肯定,他们不是唯一的,”海梅Barnett是Netskope,云应用分析公司的营销副总裁,谁有关事件表示。
"IT can be like a company's general counsel." -- Sanjay Castelino, Spiceworks
Business users at another company signed on with a cloud service provider without IT's knowledge and made the mistake of assigning one of their own as the sole admin -- a single point of failure, in the parlance of the tech set. It's something IT would never have done nor allowed. When the admin abruptly left the company, business users were forced to scramble.
Rogue Apps Can Bite the Business (and Users) in the ...
"Some things that come back to bite the business also come back to bite the users," says Sanjay Castelino, vice president of marketing at Spiceworks, a network for IT professionals, who related this incident.
If you think these horror stories are a rallying cry for CIOs to seek out and destroy rogue projects, it's not. These stories came out of this week's CITE Conference and Expo in San Francisco, specifically at a breakout session entitled "Let Your Users Go Rogue Without Going Off the Range," where panelists made up mostly of marketing executives argued for CIOs tohelprogue projects be more successful.
[Related:Even 'Rogue' Clouds Can Be Secured, Experts Say]
在云服务和移动应用时代,流氓项目正在蓬勃发展。企业在他们的组织运行的平均461个云应用 - 九到10倍IT的估计 - 根据Netskope的云报告,该报告覆盖到成千上万用户的看着几十亿的交易。
A whopping 85 percent of these apps aren't enterprise-ready even though many are business critical. Apps span everything from CRM to business intelligence to software development.
CIOs wanting to block these rogue cloud apps face an uphill battle.
"Blocking doesn't work, blocking breaks business process," Barnett says. "Ninety percent of usage is in blocked apps."
Why Cloud Vendors Should Befriend the CIO
Part of the problem is that the CIO is brought late in the decision process, if at all. Many cloud service providers at the CITE Conference admitted to courting end users directly, thus bypassing the IT department's slew of security requirements, service-level agreements and other technical hurdles.
But cloud service providers and app makers can benefit greatly from a CIO, such as ushering the rogue tech throughout a company. Speaking to CITE Conference attendees, Bret Taylor, CEO and co-founder of Quip, a mobile word processing app with built-in collaboration capabilities, says engineers at a company were using Quip without the CIO's knowledge. After the discovery, the CIO called Taylor, wanting to talk.
"Quip went to 100 percent of the company in two weeks," Taylor says.
除了云服务提供商,业务线经理犹豫带来的CIO出于害怕被阻止。如果CIO可以消除这种恐惧,巴尼特说Netskope的研究显示,企业用户愿意与CIO工作,制定和执行政策。毕竟,他们并不想从一个流氓高科技项目遭受反吹,该公司在风险看跌期权。
[Related:CIOs Must Become Technology Consultants]
To this end, CIOs need to become more like internal consultants to the business, advising business leaders how to adopt a cloud service while still maintaining compliance and security. CIOs can act as a kind ofcloud services broker打在管理员帐户,合同谈判,用户访问权限和其他技术细节的作用。
Spiceworks Castelino says CIOs can be pivotal in assessing and laying out the risk for each option and then letting the business user decide the course of action. While this wouldn't necessarily take liability off of the IT department, he says, the CIO can ward off trouble as a respected partner in the decision-making process.
"IT can be like a company's general counsel," Castelino says.
Tom Kaneshigecovers Apple, BYOD and Consumerization of IT for CIO.com. Follow Tom on Twitter@kaneshige。按照一切从CIO.com的Twitter@CIOonline,Facebook,Google +和LinkedIn。Email Tom attkaneshige@cio.com
Read more about cloud computingin CIO's Cloud Computing Drilldown.
This story, "Why CIOs Shouldn't Block Rogue Cloud Apps" was originally published byCIO 。