No longer is the cloud only for the corporate world. Public and private higher education institutions are embracing cloud platforms — such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud — as a way to make their IT infrastructure more flexible, cost-effective, and secure.
The cloud benefits everyone in a college or university — including undergraduate and graduate students, faculty members, and support staff. Yet IT departments don’t always know how to pivot to the cloud and away from legacy IT systems. Further, once they do, they often run into challenges that are unique to the varied computing needs in higher education.
Your university, college, or other institution may have a well established cloud practice, or you may be getting started. No matter where you are in your cloud transformation, here are the higher education cloud management challenges your institution might face and the ways you can overcome them:
The Challenge: Complexity
Colleges and universities are often highly decentralized in the way they develop projects and manage initiatives. Different schools, campuses, departments, and individuals have autonomy to make decisions on their own, including starting and stopping technology projects. That makes institution-wide cloud environments inherently complex and difficult to easily manage from an IT, finance, or security perspective.
Whether your university adopts a single-cloud or multi-cloud approach, you will need complete visibility into your resources, spending, and security. Administrators may have to log into multiple accounts in order to aggregate cost, billing, and resource utilization data. It’s easy to miss costs for unused or underutilized resources, security and compliance vulnerabilities, and hidden charges that other departments may incur. Therefore, you need to find ways to simplify cloud management so that nothing slips through the cracks.
The Solution: Visibility
The first step in reducing the complexity of the cloud is to gain visibility. This can be achieved through the use of a third-party cloud management platform. Cloud management tools give organizations both an overview of their cloud infrastructure in a way that aligns accounts and services to how and why an organization leverages the cloud. It can also give you the ability to drill down into individual accounts to access more granular data.
When it comes to the cloud, it’s especially important that IT can collaborate across teams. Working off of and sharing the same set of information with stakeholders can help preemptively answer questions and increase the transparency around cloud costs — especially key for finance leaders and other decision-makers.
Visibility in Action:
The customizable dashboards and reports in CloudCheckr CMx help administrators understand exactly what’s happening in their cloud at all times. They can also share data across departments, to show utilization and spend to decision-makers. Integrating CloudCheckr CMx with single sign-on (SSO) capabilities can make it easy to share granular information across the organization.
That visibility was key for Cornell University. CloudCheckr helped Cornell consolidate 65 individual AWS sub-accounts for different colleges, departments, and individual users into one university account. CloudCheckr also provides administrators with actionable insights into resource inventory, billing data, permissions, and more — without having to log in and out of different sub-accounts.
Simplicity goes a long way in helping stakeholders feel comfortable with a university’s cloud investment. Sarah Christen, Assistant Director of Community Platforms and Cloudification Services at Cornell University, explained the role that CloudCheckr helped play in the university’s cloud transformation. “By offering total visibility and valuable recommendations, CloudCheckr helps people feel even more comfortable stepping into the AWS Cloud,” she said.
The Challenge: Tracking and Reducing Costs
For those in charge of IT operations, the cloud represents a simpler way to scale infrastructure. Gone is the lengthy approval process for procuring new hardware — not to mention the time to implement it. Instead, increasing storage and compute capabilities is done with the push of a button.
This is a benefit as well as a burden for higher education organizations. Just as it’s simple to spin up resources immediately, it’s all too easy to leave them on and incur unwanted costs. Research projects, new student initiatives, and e-learning are inherently prone to being started and stopped by individuals of varying technical expertise throughout a school. Often, administrators don’t realize this has happened until the monthly bill is posted. And, it’s not easy for them to know which costs should continue because they aren’t familiar with the details of the program or project.
Additionally, different academic and support departments in a university will have different cloud needs. Therefore, IT needs to stay on top of billing and invoicing those departments for the resources they use. Chances are the institution will have multiple sub-accounts beneath the payer account. This gives cloud administrators more work when it comes to managing costs, unless they can consolidate the information in a single pane of glass. IT also has to take budgeting into account and find places to save money without losing functionality.
The Solution: Cost Allocation and Optimization Tools
Every dollar counts when it comes to the cloud. By finding opportunities for savings, institutions can put that money back where it matters most: into their education and research initiatives. Cloud management technology can help higher-ed IT departments get a complete view of their cloud resources. This, in turn, enables them to optimize costs through smart purchasing decisions and get more out of the cloud.
Administrators also need to understand where their costs are coming from. A cloud management platform helps institutions allocate costs correctly, giving administrators a big picture view of who’s using which resources and helping them drill down into individual accounts to analyze spend. Automating information transfer — either via file sends or APIs — to send to billing teams for different departments and functions can make re-billing simpler and more itemized. This is a tremendous level of support for cost-recovery groups and internal rebilling personnel, who can easily see and understand the charges. IT departments can also add service fees and surcharges if the university requires this type of cost-sharing.
Cost Optimization and Allocation in Action:
The cost optimization tools in CloudCheckr CMx can identify unused and idle resources, with specific cost savings, and provide recommendations for right sizing. Organizations that put Reserved Instances in play can also take steps to audit what they’ve provisioned. Is it too much or too little? Looking at the historical usage data that CloudCheckr provides can give them some clues to where they can right-size. CloudCheckr CMx also provides recommendations for these and other credits and discounts with major cloud providers, including AWS Savings Plans.
Cornell University needed the ability to see where their sub-accounts were spending money and bill them appropriately for the services they were using. CloudCheckr helped them break down costs and find ways to save money in the process.
“Before, we didn’t have a good way to allocate costs for specific cloud services to the colleges, departments, or other users who were benefiting from them,” says Christen. “Now, with CloudCheckr, we can easily see who is using which resource and invoice them appropriately.”
The Problem: Security Breaches and Non-Compliance
Universities are subject to numerous regulations and standards tying into privacy for students, staff, and even community members, such as patients at a university teaching hospital. For IT, it may seem intimidating to manage all that data in the cloud, especially without the right security and compliance governance at their disposal.
Under the shared responsibility model, public cloud providers ensure the security of the cloud infrastructure, but the customer is responsible for maintaining the security of their data. If the customer leaves security vulnerabilities unaddressed, the personally identifiable information, personal health information, payment card industry data, and other sensitive information of students, faculty, staff, and others is at risk.
Unfortunately, it’s incredibly easy for viruses and malware to spread over vast university networks, which makes this private data especially vulnerable. With so many devices spread across campus — and others accessing the cloud off-campus — administrators have to find ways to keep data secure.
The Solution: Security and Compliance Governance
Cloud management software gives universities and colleges an extra layer of protection. Security and compliance monitoring are crucial features to look for, as are the ability to fix vulnerabilities if and when they occur. These tools should also help universities monitor change, analyze potential security gaps, and take snapshots of a cloud environment’s security settings to roll back changes if needed.
Many platforms offer the ability to review security issues via a workflow or remediate them through automation. Setting up a workflow to alert users on an issue can help administrators get the right person to determine if remediation is needed and determine the solution. Automating fixes, on the other hand, can help speed up workflows and resolve issues much more quickly. Connecting a cloud management platform through an API can bring additional insights to a university’s other security solutions.
IT administrators also need to ensure that their cloud environment is compliant with industry regulations and laws concerning personally identifiable information. They may need to follow compliance frameworks, including HIPAA, PCI DSS, NIST, and others, to ensure the integrity of student, staff, and faculty personal records, emails, research, and more.
Security and Compliance Governance in Action:
Security and compliance monitoring and remediation are invaluable for large institutions with thousands of individual machines on a given network. Cornell University saw firsthand the power of CloudCheckr’s security best practice checks. When a malware attack threatened servers on a specific operating system, CloudCheckr gave the university insight into who was affected to mitigate the problem.
“Through the CloudCheckr dashboard, we were easily able to see anyone who was running an affected server in the cloud and remind them to apply the patch,” Christen said. With CloudCheckr, the university could also set granular Identity and Access Management (IAM) policies, clean up security groups, and use a number of pre-set alerts to monitor changes to their infrastructure.
Everything You Need for Higher Education Cloud Management
CloudCheckr brings higher education institutions greater control over their cloud governance. From managing complexity and cost to ensuring security and compliance, CloudCheckr helps college and university IT departments manage cloud sprawl and meet their business objectives.
With CloudCheckr, higher education institutions can:
- Gain actionable insights into billing details, resource inventory, permissions, and more
- Easily allocate cloud costs to colleges, departments, and individual users
- Improve and maintain compliance to bolster security and performance
- Ensure that cloud costs remain under control to divert funds back to research and education initiatives
Discover how CloudCheckr helped Cornell University save money, improve security, and gain control over their cloud infrastructure. Read the case study.
Have questions about how CloudCheckr can solve your higher education cloud management challenges? Schedule a 1:1 demo to get the answers.