IT shops are rapidly turning their attention and adjusting their budgets to accommodate cloud computing, according...
to a new TechTarget survey of more than 500 companies across North America.
Public cloud is becoming a double-edged sword.
James Ruppert, security engineer at Campbell Soup
The survey, which polled companies of all sizes across a variety of different industries from January through March 2011, found that a whopping 70% have budgeted for cloud computing initiatives this year, compared with fewer than 10% of companies in 2010.
It's still only a tiny percentage (below 10% for most companies) of their overall IT budget. Nevertheless, two thirds of respondents have a roadmap in place for moving to cloud services over the next 6 to 12 months; this time last year, only a handful of surveyed companies had a cloud strategy in place.
"We're figuring out how to use cloud … we're cautious about it and waiting for the standards and governance to develop a little bit more," said Lana Davenport, data security services analyst at FedEx Corp. "The biggest concern is with data ownership at this point," she added. "Data is the most valuable asset that we have."
Private cloud before public cloud
Given the complexity of integrating internal security, auditing and compliance processes with external cloud services, most IT shops are turning to private cloud initiatives first.
"We have a small budget to start a pilot for private cloud, but we're not touching the public stuff for security reasons," said Thamnu Sihsobhon, senior information officer at World Bank.
Approximately 60% of respondents said they have some portion of a private cloud infrastructure, but they need more virtualization and automation in place to get closer to a cloud computing architecture. Management and self-service provisioning tools are lacking, according to most respondents, and many said they would need additional hardware before they could support Infrastructure as a Service internally.
A lack of staff skills to support a private cloud implementation was also a top reason why IT shops are not undertaking cloud projects this year. The majority of respondents said they would be creating new roles for cloud computing initiatives, but there would be no net gains in overall staffing.
The number of companies that cited security as the number one barrier to adopting cloud services actually increased year over year, from 26% in 2010 to 31% in 2011. About half the audience said there had been some progress by vendors towards addressing security and transparency, but still not enough.
Dave McCandless, director of IT at Navis, part of Cargotec Inc., noted that "the land rush is clearly there for cloud" but said he agreed that there is still trepidation about moving to public clouds. "We want the reduced cost of Infrastructure as a Service, but we're not willing to share that infrastructure with someone else."
Small and large companies in the cloud
Among the small to medium-sized business segment (100-1000 employees), it wasn't clear if they saw a strong cost benefit when moving to public cloud services compared with keeping the application in-house.
We have a small budget for private cloud, but we're not touching the public stuff.
Thamnu Sihsobhon, senior information officer at World Bank
Large companies (1,000+ employees) expressed more worry about the additional management headaches associated with integrating external services. Campbell Soup Co., for example, already uses around 80 Software as a Service providers for business specific applications, and integrating these back into internal systems was a challenge. Mostly though, it's still the security implications of data living outside of its four walls that is the biggest concern.
"Public cloud is becoming a double-edged sword," said James Ruppert, security engineer at Campbell Soup Co. "On the one side, the providers are usually the best at what they do and can provide the service better then we could internally. On the flip side, it makes the same companies bigger targets for hackers."
He noted the recent security breaches at major security firms, like RSA and Barracuda Networks. "They prove that nobody is invulnerable to human error," he said.
Jo Maitland is the Senior Executive Editor of SearchCloudComputing.com. Contact her at email@example.com.