Gartner estimates the global public cloud service market to reach $331 billion by 2022, up from a projected $214 billion in 2019.¹ Enterprises’ love affair with all things cloud shows no signs of letup.

However, as Gartner cautions, less than one-third of enterprises have a documented cloud computing strategy. The numbers indicate cloud investment is occurring without a clear plan to realize ROI. One product of this undefined strategy is cloud sprawl — enterprises adding and paying for cloud computing resources that are unneeded and inadequately managed.

While enterprises, hopefully, start to think more strategically about how cloud computing fits into their overall digital transformation spend, IT teams can take steps immediately to control cloud sprawl. Solutions are available to help control costs, mitigate risk and more proactively manage cloud-based computing to increase productivity and ROI.

Even those cloud requests that pass over a CIO's desk can be spun up and left to run in the cloud beyond their utility time, quickly running up an enterprise's cloud computing bill. To control and limit further cloud sprawl, enterprises should consider these practices:

1. Gather foundational data. Establishing a baseline of your organization’s current cloud computing workloads must be the first step. Make use of the reporting and discovery tools from your cloud vendor(s). For example, AWS can tell you how many of your users are using the AWS cloud, and how many instances they have running. Similarly, Azure has a portal which offers visibility into applications in use.
2. Close the application buffet. Unrestricted application access is a sinkhole of spending in the cloud. Implement identity management tools for access controls and privilege management, to define user profiles, including what applications and configurations can be served up to whom and for how long.
3. Integrate ITSM further. IT Service Management (ITSM) tools can be brought into play to not only process inbound ticket requests but add another layer of governance accountability. Leverage the Service Catalog with ITSM to capture, control and track all new requests for spinning up cloud resources. Use an approval workflow for those requests that go beyond the established guidelines.
4. Let automation be the bad guy. Developers, researchers, and creatives love to tinker, but unfortunately, if they’re using cloud resources, the cash register is ringing along with them. Automation can limit exposure to cost overruns by enforcing end dates on all applications, based on policies and rights. Stakeholders can view this data via dashboards, giving them an overview of all cloud resources currently running, and not just at the end of the billing cycle.
5. Preserve IT budget. DevOps.com has reported that cloud waste will hit over $14 billion in 2019.² Using a self-service reporting and dashboard solution you can gain better tracking and control across all cloud-based applications, pinpoint the cloud instances not in use, and help erase cloud costs that are not providing any business value. With this improved approval and reporting structure, you can better forecast cloud computing needs and proactively allocate budget for more strategic tasks.
6. Know when to switch off. The ease with which a developer or QA professional, for example, can spin up cloud instances is great for immediate productivity but creates havoc on longer-term cost control. These instances can have a lot of memory and capacity and, after the task is completed, be forgotten about and continue to run. They are adding to the cloud computing bill since no one switched them off. Consider leveraging tools like an identity engine combined with automation which can make sure cloud-based apps and resources are not still running after a person has offboarded, or switched jobs, and those applications are no longer relevant. Automating application controls, whether onboarding or offboarding, also serves also to mitigate risks due to unmanaged ‘rogue’ applications or unauthorized access.

Cloud Course Correction

Putting into practice automated controls to secure application end dates, limit access, and retire applications upon offboarding begins to establish a more secure, manageable cloud computing structure for an organization. Further integrating ITSM and capturing new requests for spinning up cloud applications adds another powerful layer of control. All these practices help to end the ‘Wild West’ atmosphere cloud computing has been working in, and replace it with a more rational, budget-aware approach to leveraging cloud environments.

The timing is right to improve governance of cloud computing and prove its ROI and value to an organization’s larger business strategy. While cloud computing is so closely tied to digital transformation, as Gartner notes, about two-thirds of enterprises have opened their checkbooks without a clearly defined strategy. IT can take a leadership role here in part by executing better controls, achieving greater insight into all cloud computing activities, and position itself for budget approval in the future when new initiatives inevitably surface.

When is a good thing too much? IT can answer this by eliminating wasteful cloud instances and preserving budget for true value-add tasks.

1.  Gartner, “Forecast: Public Cloud Services, Worldwide, 2016-2022, 4Q18 Update,” April 2019
2. DevOps.com, “Cloud Waste to Hit Over $14 Billion in 2019,” February 2019