April 14, 2022
There was a time not so long ago when very few companies trusted their most sensitive data and mission-critical workloads to the cloud. That’s no longer the case.
According to a survey published by IDG at the end of 2020:
- 92% of organizations hosted at least part of their IT environment in the cloud.
- 55% of organizations used multiple public clouds, with 21% saying they used three or more.
- 46% of applications that organizations used were purpose-built for the cloud, and 54% of them shifted from an on-premise environment.
- 32% (on average) of IT budgets were allocated to cloud computing.
Less than 18 months later, judging by other industry statistics, all or most of those percentages have surely increased. For example, in August 2021, Gartner was even more bullish on cloud adoption than it had been just four months prior, forecasting $396 billion in end-user spending on public cloud services last year and $482 billion through the end of 2022—an uptick of nearly 22 percent. By 2026, public cloud spending is expected to exceed 45 percent of all enterprise IT spending, up from less than 17 percent in 2021.
“Even absent the pandemic there would still be a loss of appetite for data centers,” Sid Nag, research vice president at Gartner, said in 2021. “Emerging technologies such as containerization, virtualization and edge computing are becoming more mainstream and driving additional cloud spending.”
As cloud adoption has become more widespread, it’s no surprise that security concerns have risen apace. With breaches and attempted breaches occurring at an increasingly rapid rate, cloud users want assurances that their environments are as attack-resistant as possible.
“Companies are facing crypto-mining malware and ransomware, distributed denial-of-service (DDoS) attacks, and the exposure of reams of sensitive information,” Threatpost.com warned. “Organizations are scrambling to stay ahead of the attackers. There’s an imperative to implement what amounts to a whole new set of cybersecurity defenses and access controls as quickly as possible—a rush that could result in misconfigurations, security gaps and oversights.”
Which is to say, nothing is foolproof (or error-free). But more than ever before, security is front-of-mind, with cloud providers (the two largest being AWS and Microsoft Azure) offering better protective measures (as one article noted, the sheer number of them can be overwhelming) and tech leaders adopting new tools and best practices.
“New services and features are being introduced within public cloud infrastructure on a daily basis,” says Nick Stover, Cloud Solutions Architect at Mindsight, “With this in mind both AWS and Microsoft have added established security baselines and benchmarks that work to improve the security of workloads and services in the cloud”.
Nick goes on to say that “these benchmarks and polices are used as a way to automate and enforce security policies within your environment allowing organizations to adopt a standard ‘secure by design’ or ‘secure by default’ approach”. These features also allow for higher visibility of the security of your solutions by continuously auditing your environment for gaps in security or vulnerabilities.
As this McKinsey report explained, “[C]loud requires secure configuration of applications and systems. But traditional cybersecurity mechanisms were not designed to ensure secure configuration or operate at the tempo required to capture the benefits of agility and speed that business leaders expect. As a result, as companies try to capture cloud value, they must adopt new security architectures and processes to protect their cloud workloads. Then cloud migration can increase not only the delivery of business value but also the security of their systems and applications compared with the old on-premises world.”
Forbes echoed and expounded on that take, writing that “a lot of mission-critical data also winds up in custom applications that people write and deploy into an infrastructure-as-service (IaaS) cloud… These environments are sufficiently different from the on-premises world. The kinds of tools people use to check the health of applications and infrastructures that were built on-premises don’t accommodate the cloud very well. On-premises security and monitoring tools were all built under the assumption of static existence. The infrastructure was set, and the applications and the data were static. The cloud inverts this thinking and is dynamic. The dynamism in the public cloud causes a lot of traditional security tools to break.”
Many current cloud security trends, with their attendant high-tech tools, are designed to address these issues. They include: cybersecurity mesh; hybrid/multi-cloud environments; cloud-native tools; borderless security based on zero-trust architecture; SDLC and DevSecOps within the cloud; centralized platforms; identity-defined security; more automation. The list goes on. But cybercriminals are always looking for gaps to exploit and establishing then maintaining a robust cloud ecosphere isn’t cheap. Consequently, some organizations remain cloud-hesitant.
“While cloud offers new opportunities to modernize services and transform operations, less than 40% of companies say they are achieving the full value expected on their cloud investments,” Accenture revealed. “Security and compliance risk remains the greatest barrier to cloud adoption. Combined with the difficulties in proactively addressing the complexity of secure configuration and a shortage of skills, these challenges can be major roadblocks to a cloud-first journey.
“Security is often seen as the biggest inhibitor to a cloud-first journey—but in reality, it can be its greatest accelerator.”
About Mindsight
Mindsight, a Chicago IT services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We have one of the largest expert-level engineering teams delivering the full spectrum of IT services and solutions, from cloud to infrastructure, collaboration to contact center. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.
Contact us at GoMindsight.com.
About The Expert
Nick earned a Bachelors in Computer Science with a core focus on Network Security from Northeastern Illinois University. With nearly 10 years of comprehensive experience in designing, supporting, and administering IT system infrastructure, Nick has a vast amount of experience in migrating production workloads to the cloud in addition to designing cloud solutions for clients based on business needs.
Cloud Migrations In Your Future?
Cloud computing isn’t going anywhere. Ensure you have the right cloud computing strategy with a partner that’s worked with cloud since those early days.
Our Cloud Insights Report is a mini-assessment, giving you insights into your current on-premise and cloud infrastructure along with top recommendations for optimizing your current and potential workloads.
See what we can do for you. Contact us today.
Like what you read?
