Seemingly everything is migrating to or already running on cloud infrastructure in 2016—from virtualized compute and storage services, and cloud-hosted enterprise apps to Big Data processing engines and Internet of Things (IoT) networks. Infrastructure-as-a-Service (IaaS) platforms are what everyone’s on, everyone’s interested in, and what everyone and their mother are trying to predict the future of.
Enter a new crop of cloud research, including F5 Networks’ State of Application Delivery in 2016 survey, venture capital (VC) firm North Bridge and research analyst firm Wikibon’s fifth annual Future of Cloud Computing study, and Skyhigh Networks’ and the Cloud Security Alliance’s (CSA) The Cloud Balancing Act for IT: Between Promise and Peril report. This survey, study, and report contain collectively seven predictions and trends that chart where cloud infrastructure is headed this year. The research forecasts evolutions in cloud-based technology including more complex and diversified architectures, a rising number of IT use cases, and new cloud security vectors to guard against.
1. Hybrid Clouds Take Control
According to F5 Networks’ survey, 81 percent of the more than 3,000-plus businesses the application delivery platform surveyed say their organizations are operating or planning to operate in a hybrid cloud environment. North Bridge’s survey confirms the same trend, stating that, while three quarters of company data in significant volumes is currently living in private or public clouds, company data in hybrid cloud systems is forecast to double over the next two years.
Rather than strictly on-premises or wholly public or private cloud deployments, enterprises and small to midsize businesses (SMBs) alike feel more comfortable keeping their computing and data eggs in more than one basket; one where workloads move back and forth between local servers and large datacenters, orchestrated to give, let’s say, a popular retail website the flexibility between its local compute power and a public cloud provider such as Amazon Web Services to allocate resources during a spike in traffic load.
Hybrid infrastructure is also handy if you’re processing a hefty Big Data batch, likely running within the cloud-computing platform or hooked into one of the popular Hadoop distributions. Hybrid clouds make it easier to scale to large, distributed computing tasks like this, for instance, when taking a large batch of Hadoop data and running it through a business intelligence (BI) tool for analysis. Hybrid clouds haven’t tapped their full potential yet, either. North Bridge’s survey states that only one in four hybrid cloud users believe their organization is leveraging 50-100 percent of their hybrid cloud capabilities.
2. It’s All Managed Microservices
Cloud-based applications are the opposite of siloed entities; they’re interlocking webs of codependent processes and services. Cloud applications are moving more and more toward microservices as a default architecture, a trend strengthened by the synergistic rise of containers and OS virtualization as the pervasive development technology of the time.
According to F5 Networks’ survey (which polled respondents on use of 24 different types of application services), 30 percent of businesses use all 24 services, and 60 percent use 10 or more services. These application microservices span areas such as availability, identity and access, performance, and mobility, from load balancing and application access control to caching, compression, and virtual desktop infrastructure.
The other key aspect of microservice cloud architectures is how they relate to the modern security paradigm. F5 Networks’ survey states that four out of the top five application services most widely deployed are security services, with 83 percent of respondents deploying a network firewall, 81 percent using antivirus solutions, 75 percent using an SSL VPN, and 72 percent deploying anti-spam solutions. In 2016, the security services most respondents plan to implement include DNSSEC, identity federation, global server load balancing, and wider single sign-on (SSO). Cloud security strategies require a complex array of measures, countermeasures, and counter-countermeasures, and microservices are an ideal means to build them.
3. Chief Information Security Officers are Essential
Businesses don’t always consider how a tectonic change in the technology their organization is running on should impact the way an executive structure functions. For many, the answer to cloud infrastructure and all the security concerns that come with it is a Chief Information Security Officer (CISO). According to the Skyhigh Networks and CSA survey, 60.8 of the 209 respondents—all working at enterprise businesses in various industries worldwide—say their organizations currently have a CISO overseeing security policies, regulatory compliance, and data privacy.
The survey also shows that larger companies are significantly more likely to hire a CISO versus smaller ones. While 82.4 percent of companies with more than 5,000 employees have a CISO, only 50.6 percent of companies with fewer than 5,000 employees have one. Depending on the business reporting structure, the CISO might report to a CIO, CEO, CFO, or to a General Counsel, the study states.
The most important correlation the CSA survey makes between cloud trends and the rise of CISOs, though, is data loss. Of the respondents, 65.7 percent of organizations “concerned about data loss” have a CISO, while only 50 percent of unconcerned companies have one. “Companies that have a CISO perceive their security challenges differently from those without a CISO to manage information security. Across the board, there’s a skills shortage,” the survey states. “Companies are finding it challenging to recruit and hire people to fill information security positions. The lack of security professionals to maximize the value of technology investments is the top barrier to detecting and stopping data loss, respondents say.”
4. Planning for the Unexpected Breach
According to F5 Networks’ survey, the top five cloud-based application security challenges respondents now face are increasingly sophisticated attacks (58 percent), employees breaching security policy (52 percent), complexity of security solutions (42 percent), too small of a security budget (41 percent), and personal device-based data leaks (37 percent). Given this glut of possible exposed endpoints and attack vectors, businesses are beginning to spend as much time game-planning for a breach as protecting against it.
CSA’s survey echoes many of the same current security challenges, including lack of actionable threat analytics, an insufficient security budget, and lack of skilled security professionals, but states that 82.2 percent of companies now have some form of incident response plan in place. About 44.5 percent of companies have a complete plan in place and 41.7 percent have a partial one, planning for scenarios including data loss or manipulation, intellectual property (IP) breach, loss of reputation or trust, or financial loss. The survey also states that 24.6 precent of companies have now taken out cyber insurance policies.
5. More Business Departments Exit the Premises
The stigma around cloud infrastructure is all but gone for the majority of organizations, and as such many of the traditionally on-premises departments and teams within businesses are moving their systems and in some cases their entire operations into cloud platforms. According to North Bridge’s survey, 81.3 percent of sales and marketing, 79.9 percent of business analytics, 79.1 percent of customer service, and 73.5 percent of human resources and payroll activities have transitioned to the cloud. North Bridge pays particular attention to HR, as in its 2011 survey the company predicted it was the third least likely sector to be disrupted by cloud computing.
6. IT Puts Both Feet on the Cloud Bandwagon
The last bastion of on-premises infrastructure for many organizations is the nuts-and-bolts IT department. On-premises IT will always exist in some form, but in-house IT, development, and DevOps teams are moving a significant percentage of processing and services to the cloud, according to North Bridge’s survey. The study reveals that of the 952 enterprise, software, and technology companies and users surveyed, 85.9 percent of web content management, 82.7 percent of communications, 80 percent of app development, and 78.9 percent of disaster recovery operations are now cloud-based.
7. SaaS Wins the Cloud Services War
The “as-a-service” landscape has boomed in the last half decade, and is now in the throes of a survival-of-the-fittest. As many of the countless platform-as-a-service (PaaS) companies pivot to new models or fall by the wayside, the software-as-a-service (SaaS) market grows ever more entrenched.
According to North Bridge’s survey, SaaS is the most pervasive cloud technology used today with a presence in 77.3 percent of all organizations, an increase of 9 percent since 2014. As a consequence, return-on-investment (ROI) expectations are high, with 78 percent of businesses expecting to see results within three months. 58 percent expect ROI in less than three months for PaaS services.
The market is also taking shape around a diverse but core selection of players, showing that organizations are choosing to stash resources and virtualized infrastructure with more than one provider rather than investing in a single cloud platform. North Bridge’s survey states that while 61 percent of PaaS users only use one vendor, 71 percent of SaaS adopters use more than one vendor. Forty-six percent validate choosing multiple vendors due to the variation in capabilities. The market is thinning out, though, with 75 percent of companies using fewer than 10 total vendors. As established cloud IaaS and SaaS platforms begin offering much of the same capabilities and functionality, 2016 may be the year we see the wordy acronyms drop in favor of a more holistic cloud services market.