Are Cloud Costs and Sprawl Casting a Shadow? How FinOps Can Help

A dedicated FinOps team should include governance expertise to identify and control risk when instances of shadow cloud are brought to light.

It’s no secret that cloud is considered a key ingredient for organizational success through digital transformation. The proof is in the adoption; Gartner notes that by 2025 more than 85% of organizations will align around cloud-first principles, and more than 95% of new digital workloads will run on cloud-native platforms, a stunning increase from 30% in 2021. What has been less frequently discussed are the financial management challenges that come with cloud’s increasing value for agility.

As cloud adoption has increased, so have the challenges of understanding whether there’s waste in cloud spending—not just in terms of efficient use but also if there are instances of “shadow cloud.” Shadow cloud, like shadow IT, can be found when business units or departments decide they don’t want to wait for centralized IT, and stand up their own instances of cloud to achieve a goal.

Given the need for business agility during our time of ongoing global change, line-of-business leadership may want the time-to-use-case acceleration provided by cloud now, not later. In much the way SaaS applications like Salesforce were often adopted and deployed outside traditional IT processes and oversight, cloud adoption is increasingly skirting IT’s line of sight.

See also: Visibility into Costs Critical for Cloud Migration Success

FinOps: a new framework to manage a new challenge

A new framework, FinOps, a term coined to combine Finance and DevOps, improves outcomes as business and technical teams work together to get more value from cloud and manage financial operations and compliance issues related to cloud. As noted by the FinOps Institute, “FinOps is an evolving cloud financial management discipline and cultural practice that enables organizations to get maximum business value…FinOps is the practice of bringing a financial accountability cultural change to the variable spend model of cloud, enabling distributed engineering and business teams to make trade-offs between speed, cost, and quality in their cloud architecture and investment decisions.”

IDC states that FinOps is an approach that reduces the risk of cloud conflict and waste. They note in IDC FutureScape: Worldwide IT Industry 2022 Predictions, “The establishment of cloud financial operations (FinOps) teams is an important strategy for managing portfolio inflation.”

In Is FinOps the Answer to Cloud Cost Governance?, Gartner analyst Lydia Leong writes,1 “Executive leaders should sponsor a cloud operating model that implements a cross-functional cloud economics practice that encompasses the three key IT finance pillars of IT financial management, cost management, and demonstrating the business value of IT.” However, Gartner disagrees that a dedicated team is needed, writing, “it should rarely be the responsibility of a dedicated FinOps team.”

Given the prevalence of shadow cloud, the dynamic nature of cloud adoption, and how key cloud is to business agility and resilience, it’s too important not to have a dedicated team’s focus––as IDC agrees. But there are additional reasons to dedicate a team to FinOps.

FinOps not only helps financial control, but it also helps manage risk

The organization-wide oversight provided by a dedicated FinOps team not only can help surface shadow cloud and bring discipline to cloud spending, it can provide support for risk management. As an example, shadow IT is a known risk source, but one that’s generally within an enterprise’s traditional IT perimeter.

With shadow cloud, the risk is no longer confined to an easy-to-define boundary. Because shadow cloud consumes and exchanges services via the internet across a variety of internal and external systems, the traditional perimeter managed by IT is now completely permeable.

Given the popularity of cloud microservices, there could be tens or hundreds of different services carrying the company’s data assets across the internet. Every instance of cloud that exists outside organizational safeguards and governance thus represents a potential risk. A dedicated FinOps team can and should include governance expertise to identify and control risk when instances of shadow cloud are brought to light.

Three steps to take now to benefit from FinOps

For business and financial leadership, now is the time to:

  1. Drive and expand awareness of FinOps use cases. If your executive leadership is only focused on managing cloud costs, ensure they have a fuller understanding of the ways in which FinOps can support risk reduction.
  2. Plan for the resources needed for a dedicated FinOps team. Would a 6% or 8% cloud expenditure reduction pay for a dedicated FinOps team? Would reducing the security risks associated with ungoverned instances of cloud support the value case? Reach out to your services partners and leading industry analysts to develop a plan to bring FinOps to life.
  3. While standing up FinOps, mitigate risk now. Even before your organization can stand up a dedicated FinOps team, there are steps to take now to mitigate risk. Review POs and purchase agreements to identify “outside of IT review” use of major cloud provider services. Use auditing processes to identify cloud consumption that exceeds plan. Bring these topics to your Cloud Center of Excellence or cloud workgroups, and start documenting where FinOps can and should focus.

As IDC notes, there’s no slowing growth in the cloud market given the ongoing transitions to digital-first economies. The use of increasingly diverse, and in some cases shadow, cloud instances are accompanied by critical operational challenges. It’s time to consider taking FinOps from theory to practice.

1 Gartner, Is FinOps the Answer to Cloud Cost Governance?, 19 October 2021, Lydia Leong

Leave a Reply

Your email address will not be published.