5 cloud trends for 2020
The fate of the cloud is pretty much decided: It's not going anywhere and companies can rely on cloud providers to host workloads long-term.
The technology is becoming more specialized as vendors turn attention to tailored solutions across verticals. The cloud needs of the financial services industry crowded with regulatory oversight are more rigid than the needs of construction or retail.
Vendors are leaning into the cloud-filled world, responding to customer demands to integrate with other providers or lessen the security burden.
This year will offer more battles in the cloud wars, more big-name customers inking long-term deals and more vendors listening to understand the realities of where enterprises actually are in cloud adoption.
1. Hybrid multi-cloud is the predominant strategy and companies are doubling down.
The industry has whispered about infrastructure as a service and cloud computing for years, talk which accelerated as Amazon Web Services' competitors matured solutions, setting up a fight for customers.
Still, only one-fifth of enterprise applications run in the cloud, according to Forrester research.
The industry can credit a number of factors for the slow migration: legacy IT investments, the pivot from lift and shift strategies or slow corporate buy-in.
With new expectations for cloud adoption, companies are prioritizing hybrid and multi-cloud options and capitalizing on private and public cloud solutions from multiple vendors. On average, companies run 4.9 private and public clouds, Rightscale found.
Vendors have leaned into the multicoloured push, accepting "we know we aren't going to be the only cloud that you use, but we do want to be a cloud that you use," Jeremy Roberts, senior research analyst at Info-Tech Research, told CIO Dive.
A multi-cloud strategy was the foundation for CIO Dive's 2019 CIO of the Year Barry Libenson, Global CIO of Experian. The company built a strategy that allowed it to operate in a cloud-agnostic way, cognizant of customer demands for operating workloads in different clouds.
Ultimately, business cloud strategy is asymmetrical, dependent on company size. For example, one very large enterprise had more than 10,000 virtual machines on-prem and managed multiple private data centers, according to Matt Maloney, senior director technology, agility, strategy at Flexera. The company's intention was to use all three public clouds in addition to doubling down on private cloud investments.
Most organizations Maloney speaks with primarily uses one public cloud, dabbling in a variety of hyper-scale services, on top of private cloud investments, he told CIO Dive.
2. IT makes nice with finance in the name of efficiency.
Place a workload in the cloud, blink, and a company can rack up a million-dollar bill. It's an exaggeration, but not far from the truth.
IT budgets are increasing, boosted by digital transformation, cybersecurity and cloud-first/migration initiatives. Because of the shift in spending toward constantly buying technology in service-based models, it is easy to lose track and overspend on IT. The challenge boils down to cost visibility.
"The call to action isn't just spend less on cloud; the call to action is to optimize that spend so that we can go fund new initiatives," said Jarod Greene, VP of audience marketing at Apptio and general manager of the TBM Council, in an interview with CIO Dive.
In response, procurement and engineering specialists are working together to budget, forecast and plan for cloud expenses.
It allows companies to make more informed decisions about the value of the cloud beyond simply the cost of a cloud bill, Greene said.
3. Cloud security is becoming more automated — but companies have to move beyond presets.
Obsession over cloud security ramped up in 2019 and with good reason. Capital One brought industry a harrowing example of when credential management goes awry, increasing pressure on cloud vendors to do more to secure the cloud.
Across all segment sizes, industries, and job titles, people care about cloud security, Roberts said. Unlike software as a service, where security offerings are understood, the cloud introduces moving parts across on-prem or cloud-based services.
Some interconnect, creating a complex web of infrastructure, according to Roberts. "How do I manage security in an environment like that?"
The answer becomes delivering governance from the top down and enforcing policies to help create a culture of security. Once a shiny new cloud is spun up, the first step a company should take is to lock down credentials and configure databases.
Customers are also looking to cloud providers to simplify computing environments, as complexity obscures security.
Vendors are already doing a lot to automate security and cloud providers are evolving into a new breed of security provider. An undercurrent is the shared responsibility model. Amazon Web Services owns responsibility for "security of the cloud" and leaves "security in the cloud" to the customers.
4. Containers taking over as the dominant strategy for cloud portability.
Last year saw an uptick in container-focused strategies as leading vendors pivoted toward packaged application solutions. Notably, CIO Dive's 2019 Disruptor of the Year VMware unveiled a push for Kubernetes-nativity, evolving from its flagship virtualization platform.
Kubernetes is a system to deploy, scale and manage applications in containers. Introduced by Google in 2014, the company made it open source and readily available in 2015. Since its inception, Kubernetes has shaped enterprise application deployment and allowed for untethered workload flexibility.
Forrester expects cloud app development services, including container services, to become the preferred platform for application development, according to its public cloud market outlook, 2019 to 2022.
Containers offer the highest portability between different clouds, according to Maloney.
The desire for that portability underlies the trend toward multi-cloud. Containers offer a path for companies to shift workloads between clouds, avoiding lock-in and allowing vendor adoption based on best fit for purpose.
The API economy, though sometimes difficult to navigate, helps liberate workloads to run anywhere within reason, Maloney said. Containers will probably be the "de jure" method for getting workloads into the cloud and making sure they remain portable.
5. Vendors play nice in the name of the customers and their demands.
Last year brought more cooperation between vendors, with seemingly unlikely agreements between companies. In June, Microsoft and Oracle announced an "interoperability" play, allowing customers to run parts of the same workload in each cloud. And SAP is leaning into integrations with multiple cloud providers.
It feeds the emerging multi-cloud ecosystem; operating in a silo adds to fears of vendor lock-in. It's the trend of "agnosticism," Roberts said.
"Enterprise is driving that requirement with the hyperscalers," Maloney said. "They're saying, look, if you want more of my business you have to support my environment. My environment is not just your cloud."
The integrations allow companies to adopt best tools fit for purpose and offers companies agency in choosing which tools to adopt. The complication becomes managing the workloads when vendor limitations are lifted.
- Senior Cyber Risk Consultant, UK - Remote first- Exclusive
- United Kingdom
- Depended on experience.
Cyber Security Risk Consultant to join specialist, people first security consultancy. WARNING if you want a large, slow moving, high politics, high travel security consultancy that demands their a pound of flesh this is NOT for you. Client focused opportunity. Prior consulting experience is essential within Cyber Security. Experience working with businesses to identity and make recommendations to mitigate cyber risk. Some of the nice to have certifications. CRISC, ISO27001 Lead implementer, CISA, CISM, CISSP UK based - remote first mentality. (With some travel) Training budget Unlimited holiday Looking to interview immediately Unable to offer sponsorship.
- identity access Management Consutlant
- Upto £80,000 plus benefits
An Identity & Access Management Consultant is needed for an expanding business based in the United Kingdom. (Remote role with monthly office meet ups) The Identity & Access Management Consultant will be responsible for the technical design and implementation of Identity & Access Management/IAM products for a wide variety of clients. Deliver bespoke end-to-end consultancy service to our clients, from gathering requirements through to implementation. Work in a close team designing, developing, and implementing first-class IAM solutions. Manage client relationships, working closely with key stakeholders to continually evaluate business requirements and ensure the highest quality solution delivery. If you are interested we are looking for an individual with Previous experience working within the IAM or CIAM field is essential, Strong knowledge with SAML and Oauth and ideally OpenID Previous experience from any of these technologies: One Identity, SailPoint, Saviynt, Ubisecure, Ping Identity, would be advantageous
- 17'5 NOT 4 7R4P | Pen testing Lead 100k++
Lead Penetration tester wanted please. - This is however a Master level as appose to padawan. 1. 100k+ for the skilled individual. 2. Research / training time 3. Hybrid role- 3 days at home 2 in the office with the team in London. (11am - 16:00) 4. Exclusive opportunity. So yours to hear about if you are quick. Infrastructure and Web application / red teaming pen testing experience Someone that can scope, deliver and speak to clients.
- It's Pen Testing, The good, the bad and the ugly
- United Kingdom
A new lead Pen Testing opportunity, AND slightly different from the usual you may see. The good, the bad and the ugly… Lalalalala la laa laaaa The GOOD 1. £90-110k for the skilled individual. 2. Research / training time 3. Hybrid role- 3 days at home 2 in the office with the team in London. (11am - 16:00) 4. Exclusive opportunity. So yours to hear about if you are quick. The bad 1. You have to apply or email me so we can speak. 2. 17'5 NOT 4 7R4P or click bait The ugly 1. It’s only ugly if you don’t reply and someone else you know gets it. Infrastructure and Web application / red teaming pen testing experience Someone that can scope, deliver and speak to clients. Apply today for more information.