Trailblazers embrace the cloud and feel secure
A recent CIO Magazine report describes four characteristics or best practices shared by IT trailblazers.
This blog series explores each of the four characteristics of trailblazers described in the report:
- They embrace the cloud and feel secure
- They use service management best practices
- They automate IT services
- They provide greater development agility
Embrace the cloud
IT trailblazers see the value of cloud and embrace it. While their overall cloud adoption outpaces that of the other respondents, they are not taking such large risks that they jeopardize the businesses they support. They are leveraging hybrid cloud to deploy applications twice as often compared to others, who tend to deploy on-premises. Hybrid cloud is becoming the de facto entry point to cloud, especially when some stakeholders are hesitant due to perceived risks. It keeps sensitive workloads private while other workloads get the flexibility and speed of public clouds like Amazon or Azure.
Over the next decade, as the trailblazers acclimate to their hybrid cloud environments, we expect 35 percent to 65 percent of all workloads to take the next step and move to public cloud. That means private on-premises cloud implementations will shrink to somewhere between 35 percent and 50 percent. The public cloud then becomes the main vehicle to deliver apps and infrastructure at scale globally.
Many large organizations think the job of security is to build motes around data centers and infrastructures to keep things out versus letting them in. That’s a legacy perspective. The threat landscape has changed. The only way to take full advantage of cloud is to adapt their security paradigms to outside-in versus inside-out. Consider three points to accelerate that transformation:
- Legacy mindset needs to be done away with.
- Do it differently, not the way you did it before.
- The cloud is not less secure. But it is more complex. Automation is critical!
Even though as an industry we say it’s simplified, the cloud is actually more complex in some ways because of the number of endpoints and service possibilities. The key is to automate cloud security so it doesn’t present risks to the customer and/or business.
For example, some of the most far-reaching security breaches have occurred because an IT worker failed to patch a vulnerable web server in an on-premises data center. Patching and configuration management need to be done both on- and off-premises. Regardless of where they happen, solid process management and solid technology enablement (i.e., automation) will ensure that the appropriate policies are executed. An automated approach is key to managing change at scale, and could very well prevent the next highly visible breach — if process and technology are leveraged appropriately.