DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • Calendar View
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • Calendar View
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • CI/CD
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Sustainability
  • Low-Code/No-Code
  • IT as Code
  • More
    • Builder Community Hub
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • Veracode Extends DAST Reach Left Toward Developers
  • Fear of the Future
  • KubeCon 2023: Internal Developer Platforms and Developer Productivity
  • Three Strategies for Reducing MTTD and MTTR as Outage Costs Spiral
  • Observability: The Central Watchtower Your All-Seeing IT Needs

Blogs IT as Code IT Security Taming the Shadow IT Beast and Runaway Spend

Taming the Shadow IT Beast and Runaway Spend

Avatar photoBy: Brian J. Kelly on April 3, 2020 Leave a Comment

Do you know how much IT resources your employees are consuming?

Recent Posts By Brian J. Kelly
  • How Enterprise IT Teams Can Win the Hearts of DevOps
  • How Not to Sabotage Your Multi-Cloud Strategy
Avatar photo More from Brian J. Kelly
Related Posts
  • Taming the Shadow IT Beast and Runaway Spend
  • DevOps Brings IT Out of the Shadows
  • Beyond the Darkness of Shadow IT
    Related Categories
  • Blogs
  • IT as Code
  • IT Security
    Related Topics
  • cloud spend
  • devops
  • Shadow IT
Show more
Show less

According to research conducted by the Everest Group, shadow IT spending accounts for a whopping 50% or more of the IT budget. Beyond these costs, shadow IT could end up costing you big in terms of a security breach: Gartner estimates that 33% of security attacks will be on shadow IT resources by 2020. Simply put, shadow IT isn’t just an expensive problem to have. It’s a threat to your business.

You Can’t Blame Developers for Going Rogue

DevOps and application teams are a key consumer of IT resources in your organization—they’re agile teams who need to get product releases out the door quickly. They need to get the job done, and will provision any resource that will get them there, even if it means going around IT.

Still, you can’t blame these developers for going rogue: They need the right resources when they need them, and IT, busy responding to multiple tickets while juggling daily fires, can’t always meet those needs in a timely fashion. From a developer’s perspective, though, the fact that IT is firing on all cylinders to do their best doesn’t matter. For them, waiting days for resources may as well be an eternity.

Giving Your DevOps Teams the Goods

In a perfect world, DevOps and application teams would get access to the resources they need without the back and forth of ticketing systems, or the complexity of provisioning resources on systems that are totally unfamiliar systems. The latter is especially risky because it can introduce potential security holes that could be exploited by attackers.

To this end, IT’s ultimate goal should be to enable self-service provisioning for DevOps and application teams. Creating a catalog that only serves up the resources relevant to the requesting team is one option here. Through blueprints, a repeatable way to orchestrate and automate provisioning of resources, this self-service nirvana becomes a reality: IT delivers resources in minutes, not days or weeks, and developers get what they need without putting the organization at financial and operational risk.

Delivering Self-Service, but with a Safety Net

Of course, IT wants to be as efficient and agile as possible, though not at the expense of control over cost and compliance. So, while enabling DevOps, IT also needs to monitor and contain cross-cloud spend.

To accomplish this, IT can set automated quotas and limits, ensuring that user access to AWS resources, memory and more, is tightly controlled. They can also set up controls, such as power scheduling and expiration dates, to further control costs. As a result, VMs can’t be left on gobbling resources over the weekend, and demo environments shut down automatically when no longer used.

From a security and compliance standpoint, IT can prevent teams from going rogue by determining who can do what. For instance, this could be who can orders servers, workloads and XaaS—along with quotas set for spend and resource usage—to who can approve fulfillment of those orders. This way, resources are never overprovisioned, and a real tally is kept as to exactly who is using which resources across the business.

Taming the Shadow IT Beast

With a better handle on cloud spend and resource usage, IT teams can put a dent in the 44% of IaaS compute spend stemming from non-production resources that are accidentally left running, according to ParkMyCloud. At the same time, they can stay on top of security and compliance, while still giving DevOps the tools they need, with orchestration blueprints that automate resource provisioning on a repeated basis. Taming the shadow IT beast, allowing developers to access resources in seconds with a self-service catalog, frees up IT teams to tame all the other beasts they face on a daily basis.

— Brian J. Kelly

Filed Under: Blogs, IT as Code, IT Security Tagged With: cloud spend, devops, Shadow IT

« Why SaaSOps Pros Need to Manage the New Perimeter
The Dynamics of Social Distancing »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Quiz

Results to last week’s quiz are here.

Upcoming Webinars

Building Resilient Organizations Around IT and Cybersecurity
Wednesday, November 29, 2023 - 1:00 pm EST
How to Bring DevSecOps to V-Shaped Development
Thursday, November 30, 2023 - 1:00 pm EST
Scale and Standardize Your infrastructure in Azure, With Red Hat Enterprise Linux
Thursday, November 30, 2023 - 3:00 pm EST

GET THE TOP STORIES OF THE WEEK

Sponsored Content

Why AIOps is Critical for Networks

October 3, 2023 | Mitch Ashley

JFrog’s swampUP 2023: Ready for Next 

September 1, 2023 | Natan Solomon

DevOps World: Time to Bring the Community Together Again

August 8, 2023 | Saskia Sawyerr

PlatformCon 2023: This Year’s Hottest Platform Engineering Event

May 30, 2023 | Karolina Junčytė

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.