CLOUD COMPUTING
disciplines, and a lot of them utilize sensor data and the Internet of Things, which generate a staggering amount of data. The cloud is really the only thing that provides the bursting ability that allows researchers to take on massive amounts of information and stand it up or stand it down, depending on what they want to do with it.”
The cloud vendors are also tapping into old organizational prejudices, albeit not necessarily deliberately.
“I think there is a presumption among researchers very often that the local IT organization is too expensive, too slow and might even be leveraging the grant to build out infrastructure,” said Edward Chapel, senior VP at NJEDge. net, a nonprofit technology consortium of academic and research institutions in New Jersey. “The CIO looks at the researchers and thinks, ‘They’re doing an end run around me, creating inefficiencies and liabilities that will get dropped right into my lap.’ There’s what you might call a historical layer of distrust there.”
It’s also likely that the researchers who go directly to a cloud services provider are not exercising the due diligence a circumspect university CIO would pursue for what are essentially software-as-a-service agreements, Chapel said. “The researchers are not IT administrators,” he explained. “They just want to get their work done, and the cloud helps them to avoid the often steep climb they face
going through the local technology organization.”
The ability to stand up a cloud environment in minutes without IT department oversight does come with risks. According to IT industry analysts at Gartner, by 2020 more than a third of successful attacks on organizations will be accomplished through their shadow IT resources. But it’s important to keep in mind that Gartner’s prediction isn’t a knock against cloud computing, per se, but a reminder of the risks posed by IT assets that are essentially invisible to
the IT department.
“The thing that people forget,” Deumens said, “is that once
you get a virtual machine from Amazon, you own it and you’re responsible for its configuration and its system administration. That’s okay if all you have are simple problems, but what happens when bigger problems arise, when security is not done properly, when patches aren’t applied, or when there are new mandates on properly managing restricted data? Some of this stuff is really hard, and that’s when shadow IT becomes a real risk for the university.”
Gartner’s prediction suggests that shadow IT will be with us for the foreseeable future, which makes old strategies for rooting out and eliminating unmanaged technologies seem like futile exercises. In fact, Gartner recommends establishing a culture of “acceptance and protection versus detection and punishment” to organizations looking
for solutions to their shadow IT challenges.
“Don’t think about limiting access, but filtering access
and establishing a base-level control gate,” Mungovan suggested.
The University of Florida is going even further with an emphasis on dramatically increased access for its researchers through a model Deumens calls “Research- as-a-Service.” He said the school has come a long way in the management and orchestration of its shadow IT by drawing researchers back behind the firewall, where they find faster deployments and computing resources enhanced by public cloud capabilities.
“It’s definitely more carrot than stick,” he noted. “We created an environment that is dedicated to research computing that exists for the most part on our own infrastructure. People get an allocation in the form of the number of cores and number of terabytes of storage, which gets allocated to them within one to two business days. We tried to make it a deal they couldn’t refuse, and it really seems to be working.”
Although the bulk of the university’s Research-as-a- Service offering is provided locally, the school also employs the cloud to add elasticity to the service, Deumens said. It’s one of the secrets of the strategy’s success, for both the university and the researchers.4
10
CAMPUS TECHNOLOGY | June 2017