Zombie servers: the silent killers of Australia's cloud budgets and security

By Scott Morris*
Tuesday, 22 October, 2024

As Australia’s digital economy reaches new heights spurred by cloud adoption, there is an important and heightened risk we need to face up to: zombie servers. These are pieces of ICT infrastructure that often lie idle or non-functional across enterprise and government hybrid, multi-cloud environments yet continue to consume valuable resources.

In Australia, ICT spend is set to tip over $133 billion this year alone. The goal should be that none of those dollars go towards assets that are not in use anymore. As digital leaders have stepped up the pace in adopting cloud services, applications, and infrastructure at an unprecedented level, such inefficiencies are not tolerable.

Our digital ecosystem and economy are plagued by a trail of these unchecked, unmonitored, and unsecured servers mostly because a lot of teams create servers for ICT projects and fail to take them down once completed due to a lack of visibility. With each new cloud provider used, complexities are increasing and relying on traditional tools for visibility will not suffice anymore.

Without a holistic perspective, these dormant servers remain hidden, silently draining resources. The financial impact of these costs is staggering, with some reports estimating between 25% and 30% of all servers and virtual machines (VMs) being zombies. It’s not just about one zombie server — it’s about the cumulative effect of these overlooked assets. That is why achieving unified visibility across your entire hybrid, multi-cloud environment is crucial. For instance, an organisation might unknowingly spend $85,000 a month on these idle servers, amounting to over $1 million annually.

According to a study by the United States Natural Resources Defense Council (NRDC), at least US$30 billion in server capital (the financial investment in these zombie servers) is sitting idle worldwide. It is not only the money spent that is critical here. Every idle server still needs electricity to run, so decommissioning zombie servers is therefore not only a good business decision but also environmentally friendly.

There is no evidence to suggest a decline in zombie servers will be happening in the near future if we do not take the necessary steps, and we have every reason to be concerned the AI- and cloud-driven digital boom of the last few years will supercharge these figures.

So why aren’t we shutting these servers down with more urgency?

Put simply, they’ve been incredibly difficult to detect and costly to uncover in the thicket of different cloud environments. Manual tracking methods are prone to error and delays, creating complicated hurdles for those trying to keep up with the quantity of servers that need to be dismantled.

On top of this, our digital environments are becoming more complex, with ICT teams often juggling multiple cybersecurity, cloud and data tools across a range of public, private, and hybrid multi-cloud environments.

To tackle these issues, we need to ensure we are using tools that have infrastructure wide network visibility, automation capabilities, and centralised control. Automated discovery and analysis across both on-premises and cloud environments provides a clear pathway to say goodbye to old-school and costly manual methods.

If we can solve our zombie server issue, we can maximise our investment into, and benefits we can gain from, the cloud computing revolution — all while making us more environmentally friendly, freeing up crucial resources, and gaining traction towards our whole-of-nation cybersecurity ambitions.

*Scott Morris is Australia and New Zealand managing director for networking and security company, Infoblox.