Despite Security Concerns, Enterprises Continue Their Rush into DevOps and Cloud
The benefits of cloud and agile methods certainly outweigh the risks, but the risks are real.
By George V. Hulme
Enterprises are moving as rapidly as they can to digitally transform their organizations. Consider the findings from a Gartner survey released this spring where 42 percent of CEOs reported that their digital transformation efforts are well underway. In order to succeed, these organizations are embracing cloud computing and software-defined data centers for on-premises systems, as well as facilitating agile development and management systems such as continuous delivery and DevOps.
The catch? They must be able to do so securely, but organizations are moving so quickly to embrace cloud and DevOps that security practices may not be able to keep up. In a survey conducted by solution provider Insight, the 2017 Intelligent Technology Index Survey, IT professionals expressed areas where the transition to cloud is less than smooth: Roughly three out of 10 respondents said that the cloud presents data availability challenges, while a third said they are concerned that cloud services implementation is too disruptive. This would explain why roughly half of those survey respondents, 55 percent, cited security as the top area to spend in cloud.
The Insight report also found that while only 15 percent of survey respondents report having completely shifted to public clouds, 47 percent say that they are more than half of their way there. “A decisive 61% of IT leaders report a more flexible and collaborative IT environment, 59% believe their data environment is safer, and 55% are experiencing better remote access,” the report said. When it comes to security, 63 percent said security is central when it comes to deciding what cloud services to use.
Despite the enterprise data management and security challenges, many enterprises view public clouds as being more secure than their on-premises systems. But this is largely broken down by geography. According to a survey conducted by the anti-malware vendor Bitdefender, respondents in the U.S. view cloud as more secure, while the majority of respondents in both Germany and the UK believe their own data centers are more secure.
Hybrid Remains Strong
This rift in vision when it comes to cloud and security, along with the need by some to keep IT systems close, will keep a considerable number of workloads on-premises for the foreseeable future. As market research firm Markets and Markets found, hybrid cloud adoption will outpace the overall IT market at a screeching pace of 23 percent for at least the next four years, when it reaches nearly $94 billion in total size.
The Insight survey also found that 51 percent of those surveyed are turning to cloud services to secure their cloud systems. Expect that percentage to only climb higher as more enterprises learn that trying to secure cloud systems with legacy security technologies is costly and ineffective.
While the majority of workloads will eventually find themselves in public clouds, the nature of enterprise clouds for the immediate future will remain hybrid -- that is a blending of public and privately run clouds and data centers. According to the Bitdefender survey, US respondents said that hybrid cloud provides more flexibility, productivity and security while also allowing for expansion.
Furthermore, according to their survey, many enterprises face significant security challenges with cloud including 51 percent citing lack of system visibility, 41 percent a lack of policies, and 34 percent concerns about unauthorized access.
What does this mean for the enterprise? It means organizations will need all the help they can find securing their public clouds, private clouds, and hybrid environments. To keep up, securely, enterprises must learn how to secure their systems and apps at the speeds they now operating with DevOps and their digital transformation efforts.
Interested in DevSecOps and the cloud?
Join us at our cybersecurity conference, the Cloud Security Summit, Oct. 23-24, in New York and learn first-hand from enterprises that navigating the challenges of the cloud, including such topics as edge security, application security, DevSecOps, Ransomware, DDoS attacks via IoT and more.
About the Author
George V. Hulme is an internationally recognized information security and business technology writer. For more than 20 years Hulme has written about business, technology, and IT security topics. From March 2000 through March 2005, as senior editor at InformationWeek magazine, he covered the IT security and homeland security beats. His work has appeared in CSOOnline, ComputerWorld, Network Computing, Government Computer News, Network World, San Francisco Examiner, TechWeb, VARBusiness, and dozens of other technology publications.