Virtualisation and cloud computing are finally becoming a reality, with a new study indicating that adoption is increasing, together with faster deployment and greater tangible benefits. But there are mixed feelings about how secure these systems will prove to be.
These are among the finding of a new research initiative on the trends and issues based on the state of the cloud and software-defined data center (SDDC) for 2016, conducted by cloud security automation company HyTrust, with Intel as primary sponsor.
The research digs deep into the current thinking of high-ranking executives in corporations in the US and UK, building on the views of more than 500 senior business and tech executives, 60% director-level and above.
“The resistance to virtualisation clearly being overcome – the benefits now far outweigh the concerns,” states Intel. “We believe that by this time next year, the number of companies engaging in cloud migration will be even higher, and they will come from even more diverse industries.”
The view is indeed positive: 65% of the respondents predict faster deployment in 2016, while 62% anticipate increased adoption. About 51% say they will see greater tangible benefits and a quantifiable ROI, such as enhanced efficiency, agility, flexibility and provisioning.
Nearly half, 49%, see greater adoption of network virtualisation, while even more, 53%, say the same about storage virtualisation.
Of the C-level executives surveyed, the predictions are:
* Increased adoption: 66%
* Faster deployment: 62%
* Greater tangible benefits: 49%
* Adoption for network virtualization: 48%
* More use of public cloud: 45%
Some aspects of virtualization and the cloud that have in the past received less attention now seem to getting on the front burner as well. While 50% anticipate greater use of the public cloud, a strong 38% predict adoption for workloads traversing hybrid clouds, and nearly as many, 38%, tout the hyper-converged infrastructure. On a particularly optimistic note, 41% now expect better alignment of security strategies specifically to address SDDC.
SMBs or mid-sized organizations rank growing trends approximately 10% (or more) higher than large enterprises in the areas of increased adoption (including for network virtualization), faster deployment, and alignment of security strategies to address specific needs and requirements.
“This survey is truly interesting in that it uncovers a new level of maturity in migration toward virtualisation and the cloud. It’s long been happening, but now it’s happening faster and with greater conviction and comfort than perhaps ever before,” says Eric Chiu, president of HyTrust. “Security and privacy have always been the critical inhibitors, and no one denies that these issues still concern senior executives. But now we can also see that technologies like those offered by HyTrust, which balance a high level of security and control with smooth automation, are having a major impact.
“The benefits of virtualised and cloud infrastructures are undeniable – think agility, flexibility and lower cost, among many other advantages – and the obstacles to enjoying those benefits are increasingly being overcome.”
The issue of asset protection, not surprisingly, is more nuanced – many of the business and technology professionals surveyed harbour no illusions about the dangers involved, even as they voice more comfort with the overall environment.
Most importantly, about 70% of those asked say they believe security will be less of an obstacle to greater SDDC adoption by the end of 2016. However, no one thinks the problem will go away: 25% say security will still be an obstacle, and more than half, 54%, predict more breaches this year, whereas only 11% foresee less. Yet in a sign that awareness of potential solutions is rising, 21% say that there will be fewer breaches but only after corporations apply a strategic focus to the issue to address those requirements.
Perhaps not surprisingly, 71% expect to see more or about the same number of issues in the areas of internal compliance and auditing with cloud and SDDC deployments.
What might be most relevant in the area of security, however, is an apparent disconnect between high-ranking executives and those tasked with managing or engineering the network.
C-level executives expect to see:
* Security less of an obstacle: 74% (the highest of any category)
* More breaches: 54%
* Fewer breaches: 18%
* Fewer, but only after a strategic focus on security: 17%
The responses here are roughly similar between C-level executives and those at the VP and Director level. Professionals at the “manager” level, however, seem to have some different views:
* Security less of an obstacle: 62%
* More breaches: 39%
* Fewer breaches: 10%
* Fewer, but only after a strategic focus on security: 33%
More than half the respondents, 52%, identify the perception of inadequate security along with the fear of lower security levels than are available in a physical data centre – as the biggest security gap holding back SDDC deployment. Technology isn’t seen as an ideal answer just yet: 44% decry the lack of solutions from current vendors, the immaturity of vendors or new vendor offerings, or issues with cross-platform interoperability. While the numbers here are somewhat similar across the different groups, there are some interesting discrepancies.
For example, among C-level executives, the perception of inadequate security comes in at 37%; among system administrators, who presumably are most familiar with the technologies involved, it’s 54%.
The issue of perception also extends to overall concerns most likely to slow down migration to a software-defined data centre:
* Data centre outage: 56% find it ‘likely’ or ‘most likely’
* Data breach/security risk: 67% find it the highest concern
* Compliance or audit failure: 58% find it ‘likely’ or ‘most likely’
* Loss of operational efficiencies: 59% find it ‘likely’ or ‘most likely’
* Lack of automation and orchestration: 58% find it ‘likely’ or ‘most likely’
In addition, there is no lack of denial regarding ongoing concerns. When asked to identify the number one issue that that keeps organizations from virtualising all applications, including those seen as mission-critical, security concerns rank first at 45,6%. Budget restraints come second but far behind at 20%, while performance concerns at register with15,4%. Other worries include operational or process challenges, architectural constraints, and even a lack of understanding by management regarding the potential benefits.
SMBs are twice as concerned about security as large enterprises (50%), who view security (30%) and performance (30%) with equal concern.
There’s also a disparity in answers here based on job title, and it offers a revealing look at corporate priorities. A full 60% of those in the IT Systems Administrator/Engineer category cite security as their top concern. Executives at the VP/EVP/SVP level are somewhat similar, with 51,2% agreeing. Among those in the C-suite, however, security gets the nod from only 36%, not far above budget restraints at 28%. This distinction is even sharper in the Director category where budget officially takes the top spot at 30%.
Respndents were asked what it will take for this technology paradigm to move forward even faster? Effective automation – reducing the need for manual processes while ensuring top-tier security – is widely seen as being important to large-scale deployment of SDDC strategies and technologies. A majority 90% of the respondents agree with that premise; the numbers are almost unanimous across all groups, IT Systems Admins and Engineers coming in at 93%.
The answers are also almost identical when respondents are asked about enforcing consistent policies aligned to meet compliance, security and business needs in a hybrid cloud deployment. Somewhere between 91% and 97% of all business and technology professionals (and 94% overall) either agree or strongly agree with the premise.
