With all the talk about the potential of cloud computing, you’d figure that many enterprises would have very few workloads left on their physical servers.
Well, talk hasn’t necessarily translated into action. According to several studies, many organizations have yet to move the majority of their workloads to the cloud. Four years ago, McKinsey found that enterprises had moved only about 20 percent of workloads. The needle hasn’t moved much since then: The research firm now posits that 65 percent of workloads will continue to be hosted in private data centers for the next few years, meaning only about 35 percent of data and apps have shifted to cloud. A recent Uptime Institute survey of businesses was also cloud-cautious: 58 percent of those surveyed said most of their workloads will remain in corporate data centers.
These and other surveys of business leaders show that enterprises do see value in cloud computing and infrastructure, but they nonetheless hesitate to migrate because of perceived challenges with cloud. The good news is that none of those hurdles are insurmountable. Cloud itself often offers clarity to these reservations, allowing organizations to make the leap with confidence and take advantage of data analytics, AI, IoT and the many other uses that only cloud can deliver.
In its look at cloud use, McKinsey echoed what many other surveys have shown: Enterprises place great value in their unique workloads and they don’t want to court trouble. Because of data security and privacy concerns and an adherence to compliance, they want to lessen the risk of a breach or other failure and thus keep their prized data and applications on site.
Also, organizations rely on several cloud providers. Now, that might seem counter-intuitive to the slow migration to cloud; a multi-cloud approach should, in theory, prompt more movement to cloud. But because they rely on several vendors, some enterprises feel overburdened and don’t want to place too many eggs into these many baskets.
The solution to those and other challenges is found in cloud itself. For one, to allay the fear that workloads could lose their value by shifting away from on-site IT, cloud providers are quick to remind organizations that they’re not wedded to any one provider. They can choose one cloud provider to handle sensitive data and another provider to be the home for software development workloads. No company has to be locked-in to just one cloud service.
This universality also addresses the concern that having too many cloud providers can be chaotic, especially as more workloads shift to cloud. Cloud services give complete visibility across a user’s multi-cloud platform, even if it includes competitors’ cloud models, removing any possibility of disorder. It’s to everyone’s benefit—for user and provider alike—to minimize exclusivity and chaos in the cloud.
That said, cloud technology isn’t perfect. Cybersecurity threats rain on this parade.
Cybercriminals use all sorts of tools and methods—including malware, ransomware and phishing—to steal and manipulate data from cloud-based applications and systems. More than three billion people had their personal data stolen in just two of the top 15 biggest breaches of the 21st century, while the smallest incident since 2000 involved the data of a mere 134 million people.
And it’s not just cybercrime that keeps IT and security teams up at night; it’s also the near-constant worry that an employee error will trigger a data breach. Endpoint misconfigurations of security policies caused a third of all recent security incidents, and poor remote management policies account for hundreds of thousands of vulnerable systems. Defying even the most vigilant security policies, 93 percent of employees recycle old passwords.
Data security threats will only increase in number and complexity as enterprises migrate even more data and workloads to the cloud. Enterprises surveyed by Everest Group said 58 percent of their workloads already are or soon will be on a hybrid or private cloud, while 60 percent of organizations place sensitive data in the cloud.
If businesses want to expand their digital footprints in the cloud and grow with nimbleness and authority, they have no choice but to strengthen their data security efforts—especially with them fast-tracking cloud migration because of employees working from home during a pandemic and especially because regulations require safeguarding the privacy of certain data.
In the second part of this series on the potential of cloud, we’ll look at why businesses need to centralize and simplify the enforcement and management of data security policies so they can properly secure data across disparate cloud systems and tools—and have a smoother path to cloud-based innovation.
Security is considered a top challenge to cloud-migration initiatives. We have made this Forrester Report available to Protegrity readers. It offers custom tools to assess your cloud security maturity. To give it a try, click here to download a copy (registration required).