Higher Education’s Trouble with Cloud Sprawl
“Cloud sprawl occurs when different departments in an organization, such as a university, start using cloud services independently without central coordination. Imagine the research department using one cloud service, the admin offices using another and student services using yet another — all to quickly meet their needs without waiting for IT approval,” says Justin Hurst, CTO for the Asia-Pacific region at Extreme Networks in Tokyo. “While this can lead to quick solutions and innovation, it also creates a tangled web of cloud services that's hard to manage, secure and optimize.”
Hurst says the term “cloud” covers everything from big enterprise apps like Microsoft 365 to personal storage apps like Dropbox and Infrastructure as a Service platforms like Azure for building applications. “This variety makes it easy for cloud sprawl to get out of hand, especially because most users aren't tech experts. They often need help distinguishing between IT-provided resources, consumer-level tech and enterprise cloud solutions.” He adds that the confusion can lead to higher costs — and even security risks — as different services pile up without proper oversight.
Identifying and Mitigating the Impact of Cloud Sprawl
Cloud sprawl is an inevitable reality for many universities. But it’s avoidable with the right tools and strategy.
“If you’re using Software as a Service solutions, maybe you’re spinning up Teams or SharePoint sites. Depending on how easy the environment is to do these things — create virtual machines, team sites, groups and SharePoint resources for the average, in-the-trenches, working-day, rank-and-file users — you can get into the trap of sprawl,” says Justin Wagner, CDW SaaS solutions consultant. “There’s just all these resources that are out there that don’t necessarily need to be there long-term.”
But determining whether cloud sprawl is an issue for you might not be a simple question. Instead, you have to gather information first.
“Identifying cloud sprawl in higher education begins with addressing the human side. One of the most effective ways to gather information from staff and departments is through surveys, interviews and regular meetings where faculty and administrative personnel share their cloud usage patterns and needs,” Hurst says. He adds that this process helps to create a culture of open communication and collaboration between IT and other departments, which is crucial in uncovering “shadow IT.”
“Shadow IT refers to the use of unauthorized cloud services or applications by employees, often without the knowledge or approval of the IT department. Understanding the specific requirements driving the use of various cloud services can help prevent the rise of shadow IT and the subsequent cloud sprawl,” Hurst adds.
KEEP READING: How to integrate IT operations when colleges merge.
There are some advanced methods for limiting access to shadow IT, Wagner says, such as Microsoft Defender for Cloud Apps. “If your domain name, for example, is out there in Dropbox land or Google land, it will see those kinds of things and alert your IT department.”
But, Wagner adds, a more preventive and direct stance could be to communicate to users that they should not participate in shadow IT, and to create an open communication policy so they feel they can reach out when they need something and be part of “building good IT culture.”