Many companies don’t have a formal process or policy for technology subscription consumption. As a result, these approval inconsistencies and misunderstandings surrounding authorization and governance create an uncontrolled growth known as subscription sprawl. Often, this can result from a lack of oversight due to “shadow IT.” In fact, Gartner said as far back as 2012 more than 35% of IT spending in larger enterprises can be found outside of the approved corporate IT budget. And our experience has shown us that the problem has not yet been solved.
You need a more concrete mechanism to rein in the risks of subscription sprawl and shadow IT.
The Risks
In most cases, the individuals who sign up for the subscriptions believe that their actions are innocuous, and they do not consider the consequences (or the fact that their coworkers are doing the same thing repeatedly). However, each one of those subscriptions has legal ramifications to them that can create financial and security issues. For example:
- OPEX drain
- Compliance invalidations
- Security complexities
- Data ownership conflicts
While expense sprawl is a logical detriment in these situations—you exponentially take up more and more of your OPEX from the compounded output—the negative impact on your security is more complex.
OPEX Impact
Many subscription services do not provide an easy and clear way to investigate your organization’s usage to see both who is using what and how they’re using it. For example, both technical and non-technical resources have the capability to spin up AWS instances without alerting the administrative team. Without greater visibility into your AWS environment, organizations have no easy way to identify duplicate AWS instances digging into their OPEX budget and the rogue instances that might offer access to external and malicious sources.
And since many organizations don’t have the full view into what subscriptions are being utilized, to what extent, nor to what purpose, they end up footing the bill for a security risk.
Data Ownership
It’s your data originally, but when you subscribe for a service, you are giving away a lot of sensitive information, and, often, you don’t know the processes that the company has in place for security, much less removal. With increasing regulations in place regarding consumer data, this oversight can put your company at risk of hefty fines.
Most importantly, when you fail to read the fine print of the subscription agreement, you risk signing over control of your critical data. Ensure before you subscribe that you can get your data back fully once you decide to end the subscription. If you fail to do this, the company may retain control over your client records and other documentation that was generated during the subscription period.
Diagnosing the Problem: Subscription vs. Consumption
So, we know the generic risks of subscription saturation, but Adapture experts have noticed an even bigger underlying issue.
There is a seeming confusion between subscription and consumption, meaning that many companies employ the wrong methodology in the wrong situations. Let’s define them before moving on.
- Subscription naturally requires a level of commitment between user and provider (anywhere from 1-3 years in corporate settings) and begins with a licensing fee definable per user or by volume. While it is nice to have a set price for the next several years, extricating a company prematurely from a subscription is difficult.
- Consumption is more of a SaaS approach. In consumptive models, you are often unsure of the scale of resources you will need from month-to-month, so you pay your bills based on your usage.
Each methodology is effective, but your IT leaders need to know when and where to leverage them for the greatest security, flexibility, and output.
Managed Services Could Be the Answer to Your Subscription Sprawl
Managed Services has the subscription-characteristics of burst rate and consistent pricing, and it also has the benefits of consumption where you can buy what you need when you need it. But questions remain: what do you own, what can you transition, and what can you retain when you move on?
Take Stock of Your Environment
To determine the status of your subscription sprawl, the security of your data, and your overall expenditures, it is essential that you conduct meticulous audits that determine your commitments.
In addition to our extensive experience with the consumption side of cloud, we’ve also been involved in contract negotiation since our founding, with many of our Adapture specialists having worked with these types of contracts previously. If you lack the resources to do these audits yourself, our Adapture cloud team will perform the analysis and reduce your subscription burden. From there, we will make recommendations on how to more efficiently manage your subscription and consumption resources. Most importantly, we will step in when necessary and negotiate agreements on your behalf to reduce your OPEX spend and increase your flexibility.
It’s time to know what you’re paying for and where your data is housed.