5 cloud trends for 2020
The fate of the cloud is pretty much decided: It's not going anywhere and companies can rely on cloud providers to host workloads long-term.
The technology is becoming more specialized as vendors turn attention to tailored solutions across verticals. The cloud needs of the financial services industry crowded with regulatory oversight are more rigid than the needs of construction or retail.
Vendors are leaning into the cloud-filled world, responding to customer demands to integrate with other providers or lessen the security burden.
This year will offer more battles in the cloud wars, more big-name customers inking long-term deals and more vendors listening to understand the realities of where enterprises actually are in cloud adoption.
1. Hybrid multi-cloud is the predominant strategy and companies are doubling down.
The industry has whispered about infrastructure as a service and cloud computing for years, talk which accelerated as Amazon Web Services' competitors matured solutions, setting up a fight for customers.
Still, only one-fifth of enterprise applications run in the cloud, according to Forrester research.
The industry can credit a number of factors for the slow migration: legacy IT investments, the pivot from lift and shift strategies or slow corporate buy-in.
With new expectations for cloud adoption, companies are prioritizing hybrid and multi-cloud options and capitalizing on private and public cloud solutions from multiple vendors. On average, companies run 4.9 private and public clouds, Rightscale found.
Vendors have leaned into the multicoloured push, accepting "we know we aren't going to be the only cloud that you use, but we do want to be a cloud that you use," Jeremy Roberts, senior research analyst at Info-Tech Research, told CIO Dive.
A multi-cloud strategy was the foundation for CIO Dive's 2019 CIO of the Year Barry Libenson, Global CIO of Experian. The company built a strategy that allowed it to operate in a cloud-agnostic way, cognizant of customer demands for operating workloads in different clouds.
Ultimately, business cloud strategy is asymmetrical, dependent on company size. For example, one very large enterprise had more than 10,000 virtual machines on-prem and managed multiple private data centers, according to Matt Maloney, senior director technology, agility, strategy at Flexera. The company's intention was to use all three public clouds in addition to doubling down on private cloud investments.
Most organizations Maloney speaks with primarily uses one public cloud, dabbling in a variety of hyper-scale services, on top of private cloud investments, he told CIO Dive.
2. IT makes nice with finance in the name of efficiency.
Place a workload in the cloud, blink, and a company can rack up a million-dollar bill. It's an exaggeration, but not far from the truth.
IT budgets are increasing, boosted by digital transformation, cybersecurity and cloud-first/migration initiatives. Because of the shift in spending toward constantly buying technology in service-based models, it is easy to lose track and overspend on IT. The challenge boils down to cost visibility.
"The call to action isn't just spend less on cloud; the call to action is to optimize that spend so that we can go fund new initiatives," said Jarod Greene, VP of audience marketing at Apptio and general manager of the TBM Council, in an interview with CIO Dive.
In response, procurement and engineering specialists are working together to budget, forecast and plan for cloud expenses.
It allows companies to make more informed decisions about the value of the cloud beyond simply the cost of a cloud bill, Greene said.
3. Cloud security is becoming more automated — but companies have to move beyond presets.
Obsession over cloud security ramped up in 2019 and with good reason. Capital One brought industry a harrowing example of when credential management goes awry, increasing pressure on cloud vendors to do more to secure the cloud.
Across all segment sizes, industries, and job titles, people care about cloud security, Roberts said. Unlike software as a service, where security offerings are understood, the cloud introduces moving parts across on-prem or cloud-based services.
Some interconnect, creating a complex web of infrastructure, according to Roberts. "How do I manage security in an environment like that?"
The answer becomes delivering governance from the top down and enforcing policies to help create a culture of security. Once a shiny new cloud is spun up, the first step a company should take is to lock down credentials and configure databases.
Customers are also looking to cloud providers to simplify computing environments, as complexity obscures security.
Vendors are already doing a lot to automate security and cloud providers are evolving into a new breed of security provider. An undercurrent is the shared responsibility model. Amazon Web Services owns responsibility for "security of the cloud" and leaves "security in the cloud" to the customers.
4. Containers taking over as the dominant strategy for cloud portability.
Last year saw an uptick in container-focused strategies as leading vendors pivoted toward packaged application solutions. Notably, CIO Dive's 2019 Disruptor of the Year VMware unveiled a push for Kubernetes-nativity, evolving from its flagship virtualization platform.
Kubernetes is a system to deploy, scale and manage applications in containers. Introduced by Google in 2014, the company made it open source and readily available in 2015. Since its inception, Kubernetes has shaped enterprise application deployment and allowed for untethered workload flexibility.
Forrester expects cloud app development services, including container services, to become the preferred platform for application development, according to its public cloud market outlook, 2019 to 2022.
Containers offer the highest portability between different clouds, according to Maloney.
The desire for that portability underlies the trend toward multi-cloud. Containers offer a path for companies to shift workloads between clouds, avoiding lock-in and allowing vendor adoption based on best fit for purpose.
The API economy, though sometimes difficult to navigate, helps liberate workloads to run anywhere within reason, Maloney said. Containers will probably be the "de jure" method for getting workloads into the cloud and making sure they remain portable.
5. Vendors play nice in the name of the customers and their demands.
Last year brought more cooperation between vendors, with seemingly unlikely agreements between companies. In June, Microsoft and Oracle announced an "interoperability" play, allowing customers to run parts of the same workload in each cloud. And SAP is leaning into integrations with multiple cloud providers.
It feeds the emerging multi-cloud ecosystem; operating in a silo adds to fears of vendor lock-in. It's the trend of "agnosticism," Roberts said.
"Enterprise is driving that requirement with the hyperscalers," Maloney said. "They're saying, look, if you want more of my business you have to support my environment. My environment is not just your cloud."
The integrations allow companies to adopt best tools fit for purpose and offers companies agency in choosing which tools to adopt. The complication becomes managing the workloads when vendor limitations are lifted.
- CONTRACT SIEM Cyber Security Operations Engineer. REMOTE
- United Kingdom
REFCH8165 CONTRACT SIEM Cyber Security Operations Engineer. REMOTE UK SIEM Engineer. 6 month Contract. Inside IR35 Working towards a "SOC 2" environment. CLOUD (AWS) experience essential. Three key functions; Monitor, Escalate and Triage incidents. Vulnerability Management / threat intel. SIEM configuration / management, review, enhancement More specifically; Work with internal teams to identify assets. Identity applicable threat feeds and work with internal teams to remediate. Patch Patch Patch. (Help mature process / identify gaps) Configuration / fine tuning of SIEM alerts. Create dashboards, Compliance reporting. Log ingestion. Experience across ISO27001 / SOC2 / SIEM / End Point Security is essential Contact me today for more information Chris.Holt@dclsearch.com Or 07884666351
- Cyber Security Operations Engineer. REMOTE UK. SOC2
- United Kingdom
REF8164 Cyber Security Operations Engineer. REMOTE UK Internal opportunity. New position. Exclusive to DCL Search. You will be the hands on technical eyes and ears of the Cyber security capability actively working to ensure and enhance the adherence to ISO27001 and "SOC 2" controls. You role will touch on the following · Security Monitoring- SIEM · Vulnerability Management / Testing · Incident Management · Asset management · Disaster Recovery planning · Change Management AWS Cloud experience is essential as is the ability to ensure patch management is prioritised across the business. Any CLOUD SIEM experience highly desirable. Contact me today for more information Chris.Holt@dclsearch.com Or 07884666351
- Lead Security Architect
- United Kingdom
Engage with key clients in an Architectural / technical presales capacity. Including Stakeholders, end users / partners. Working on new and existing Security projects to confirm that proposed solutions are fit for purpose from both a technical and regulatory capacity. Working closely with multiple vendor . Managed security service background ideal CLOUD Security (AZURE OR AWS), IDAM background ideal.
- Threat Vulnerability Management Analyst
- United Kingdom
To monitor, identify and alert internal teams of cyber threats and vulnerabilities. MIRE Att&ck, CIS, OWASP, Vulnerability management tools MUST be able to commute to central London MUST be able to achieve UK SC Clearance. On going support and development.