Managing the success-compliance balancing act

There’s little doubting that the demands on IT are more intense than ever. The proliferation of technology has created a world where everything is mobile, connected, interactive, immediate, and fluid.

At the same time, C-suite leaders are making demands that IT can struggle to fulfil –whether that’s enabling new product or service lines, evolving and automating the supply chain to drive efficiency, enabling modern working practices or transforming the customer service, or go-to-market model for the business.

While IT is expected to flex with these requirements, businesses leaders often don’t understand that the internal IT department has to ensure that projects meet UK and EU compliance and data-sovereignty demands.

>See also: How to build the best hybrid cloud for your business

It’s a quandary that many CIOs are facing up to and summarised in the results of recent VMware research amongst 1,800 IT decision makers across EMEA.

While over two thirds (69%) said they are under pressure to modernise IT within the next 12 months, they’re spending significant amounts of time tackling compliance and regulation – an average of nine hours per week for each IT department.

While this seems like a large amount of time, of greater concern was that almost half (47%) didn’t feel this amount of time is adequate to deal with the increasing demands of compliance and regulation that is in place.

It begs the question: how do CIOs balance the need to support the business and ensure IT runs efficiently, while ensuring they remain fully compliant?

The current landscape

The rise of the public cloud has in part added to the pressures on the CIO and this critical balancing act.

With the increasing mandate for IT to show how it is supporting business needs – growth, market share, revenue, while not increasing capex – using public cloud services has become more prevalent in the IT armoury.

Services can be spun up quickly to meet demands, on a pay-per-use basis and turned off when not needed. What’s not to like? Well let’s look a little more closely.

Let’s call it the ‘bill shock’ and ‘IP shock’ for the CIO. With departments using public cloud services, often paid for on numerous credit cards and often not noted as an IT expense, their visibility into how much is being spent has become cloudy.

The IP shock comes into play as individual credit cards are used to procure services for app development, maintenance and deployment – vital IP can be locked behind those credit cards when that employee moves on.

In addition, while IT departments are striving to innovate to provide greater value to the business, their ‘day jobs’ still require ‘keeping the lights on’ while ensuring quality, safety and efficiency.

For many CIOs, this can mean being the custodians for companywide audits, ISO standards, specific industry sector protocols, country and regional data regulations, and EU data privacy laws.

A balancing act for sure. So putting mission critical data in the public cloud has added to their angst of where their data resides, how secure it is, and how complaint it can really be. This sense of lost control is not a comfortable or sustainable position for most CIOs.

Hybrid cloud helps answer the business success-compliancy balancing dilemma by being able to maintain all the security and compliance rigour that has already been established within the business with the agility and business benefits of the public cloud.

Addressing the balance by moving to hybrid

With hybrid cloud, the CIO no longer has to choose between their onsite environment and public cloud services when they can leverage both, using one common platform that they know, are familiar with and can trust.

A true hybrid cloud environment allows organisations to treat private and public clouds as a single entity, moving workloads in and out of the public cloud when necessary without needing to invest in costly and time-intensive migration projects or additional hardware to solve the problem.

Critical applications can deliver the performance they need, while resources can be allocated and provisioned where required.

Above all, hybrid cloud can leverage existing IT policies to meet security, compliance and control requirements.

In doing so, it addresses some of the concerns CIOs have when it comes to meeting data sovereignty and compliance requirements.

>See also: Cloud computing now the norm in a predominantly hybrid IT market

It provide CIOs with the opportunity to strike a balance between supporting the business and ensuring they remain fully compliant.

Issues around compliance have grown in stature over the past 18 months and it is imperative customers can ensure their data resides in a location of their choosing, fully compliant with local sovereignty laws.

By knowing where their data is at all times, IT can spend more time working on helping the business – offering a scalable and flexible infrastructure that answers the call to fulfil the demands business leaders place upon it.

 

Sourced from Richard Munro, VMware

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Compliance
Data Sovereignty