Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

The public cloud adoption trends sweeping the enterprise

Citing security and other concerns, many organizations have passed on public cloud. But is the technology finally ready for enterprise prime time?

Public cloud adoption has grown significantly over the past few years, as even the most skeptical IT pros admit the technology is right for certain use cases. Spending on public cloud services is expected to exceed $127 billion in 2018, up from $56.6 billion in 2014, according to industry analyst group IDC.

But, even as adoption grows, many organizations still question whether they can use public cloud to run all mission-critical workloads.

The answer, however, depends on several factors. To protect data, a business' most mission-critical applications are kept close. In fact, by law, certain data must be protected. And while this does not preclude operating on or storing that data in a public cloud, it does require special care, including data encryption at rest and in transit.

Evaluating public cloud security, efficiency

Concerns around public cloud security abound. But, with a multi-tenant environment and fear of a security lapse hurting their business, most cloud providers strive to be as secure as possible. And, because they have significantly more resources than the average data center operator, cloud providers fully maximize their security investments. As a result, an enterprise's in-house security operations rarely match up to the cloud.

Like security, many IT pros question the efficiency of public cloud operations. Because anything else would be unmanageable, cloud instances tend to be very cookie-cutter. While most of your own instances will easily map over, there will be corner cases, especially when handling big data. And public cloud is just beginning to offer a solution for extra-large or GPU instances.

The use of containers rather than traditional hypervisors also impacts server instances in a major way. And until the dust settles around this new container and infrastructure approach, organizations may delay moving jobs to the public cloud.

In addition to server instances -- which are really just one aspect of the cloud -- networking and storage have major efficiency implications. Most cloud or virtualized instances are underprovisioned with storage I/Os, substantially impacting both performance and cost.

Through the use of local instance storage, more I/O is becoming available. However, failure to treat this as just temporary storage may lead to a loss of data access. If a server crashes, local stores are no longer available, making it difficult to guarantee that a copy of written data is sent onto a network store in a timely fashion. Ask your cloud provider about this before signing up.

Meanwhile, networking is becoming more sophisticated, as public cloud providers implement software-defined networking (SDN). More tenant control over the VLANs that connect virtual servers and storage is coming into place. As industry standards emerge, this should become relatively easy and better than most on-premises alternatives.

Storage resources remain somewhat inflexible in the cloud, but SDN is leading to software-defined storage, which will offer another layer of orchestration and virtualization.

IT skills gap also deters some from public cloud adoption

While public cloud is ready to host many mission-critical workloads, it seems, as aforementioned, that it's not fully there yet.

Additionally, some IT pros don't feel ready to take the leap. Many have lots of legacy gear and a profound reluctance to let it go. On the other hand, some fear job security or the inevitable application re-write that comes with cloud, but that's not really a cloud issue -- it's a matter of corporate or strategic need.

The job security question is inevitable when data center teams consider that, with cloud, part or all of a data center is moving from a hands-on model to a remote and virtual model. Running clouds properly takes new skills. Wise admins have been obtaining those skills, creating a gap between themselves and those that aren't ready for cloud. At some point, most data centers will reach a tipping point where the cloud-ready team has critical mass -- but it doesn't have to be that way. A good IT strategy involves a training and career path for the team.

Hybrid clouds have been offered as a public cloud alternative, but they carry a severe risk; data can be in the wrong place, either needed in-house but in the cloud or vice-versa. Additionally, hybrid cloud data can be vulnerable when moving between public and private clouds. Hybrid clouds are exceedingly popular at the moment, but, after organizations tackle issues related to staffing and legacy systems, the hybrid model may just be a half-way step to public cloud.

About the author
Jim O'Reilly was Vice President of Engineering at Germane Systems, where he created ruggedized servers and storage for the US submarine fleet. He has also held senior management positions at SGI/Rackable and Verari; was CEO at startups Scalant and CDS; headed operations at PC Brand and Metalithic; and led major divisions of Memorex-Telex and NCR, where his team developed the first SCSI ASIC, now in the Smithsonian. Jim is currently a consultant focused on storage and cloud computing.

Next Steps

What to consider when choosing a public cloud provider

Which market leading public cloud provider is right for you?

The world of cloud requires a new IT mindset

Dig Deeper on Infrastructure (IaaS) cloud deployment strategies

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What are your concerns about public cloud adoption?
Wrote about this yesterday, I think the game has officially changed.
When the bad guys want in, the cloud - even a corporate-only cloud - we be very little protection. The entire current system is built on matchsticks and secured with stern warning signs. It's been astonishingly ineffective at stopping any serious intrusion. Now we're worried that letting others share will somehow spoil our paradise...? If we're thinking security, we better start shutting things down a lot closer to home.
I agree that "by law, certain data must be protected. And while this does not preclude operating on or storing that data in a public cloud, it does require special care, including data encryption at rest and in transit."

Gartner released the report “Simplify Operations and Compliance in the Cloud by Protecting Sensitive Data” in June 2015 that highlighted key challenges as “cloud increases the risks of noncompliance through unapproved access and data breach.”

The report recommended CIOs and CISOs to address data residency and compliance issues by “applying encryption or tokenization,” and to also “understand when data appears in clear text, where keys are made available and stored, and who has access to the keys.”

Another recent Gartner report concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files stored in SaaS applications”.

Ulf Mattsson, CTO Protegrity
The job security issue is very real. I believe that to minimize it by saying that "a good IT Strategy involves a training and career path for the team" misses the real issue. There is a lot of passive aggressive avoidance of cloud solutions by incumbent IT teams. I think that IT teams will only get less passive (and more aggressive) as the story with cloud unfolds further. That story is about more efficient data centers, that do not need as many people per system to run them.

I agree that being an experienced and effective cloud administrator is definitely a valuable skill. But with cloud, you will be able to manage a lot more (which was coming anyway along with better orchestration). In addition, the networking, server, and storage guys who used to work in the last few cubicle rows will not be there anymore. Either will the equipment that they used to support.

Retraining the IT team to move their skills further into the business itself is definitely a strategy that some will excel at. After all, smart technology savvy workers, who can get more work done by using tools are what the workforce needs. However, don't think that the inbound recruits from the IT team (and it will only be the best of the class), aren't displacing people on the business side, or deferring new hires.

At the end of the day, it's all a drive toward more efficient business models. Companies that leverage cloud technology to create business advantage will force their competitors to do the same. Many of these same advantages can also be gained leveraging private cloud and running it yourself. The good news for Legacy IT is that according to Gartner, IT Spend only accounts for about 5% of an average mid market company's operating expenses. The bad news is that 65%+ of that amount is simply the basic cost of running the IT Department, with salaries making up the lion share of that. If a cloud strategy can reduce that 5% to 2.5% or less, Chief Executives and CFO's will suddenly get very interested in cloud. If the savings is closer to 1% or even 2%, and the transformation is hard work, they will gravitate to optimizing other parts of their business such as sales or manufacturing.

My advice is to find ways to innovate with cloud first. Identify things that enhance the success or growth of the business, and are less risky to do with an elastic investment model. Think about the concept of "fail fast". IT usually can't afford to fail, because failures typically came with large capital expenditures that were very visible when they didn't pay dividends. Now ideas and innovation can be rolled out more easily and scaled up or scaled back when the true value is determined. Cloud is definitely a game changer, but don't view it as a way to save dollars moving legacy applications. View it as a way to do things that you can't do today. Eventually, that original 5% in legacy IT will shrink, and if your innovation is helping the business grow, there will be plenty of room for a team that supports that growth.

Steve Struthers, VP & CTO DynTek
Steve, That's a good assessment. The opportunity to gain agility and to create new approaches is one of the great values of the cloud concept. Anyone who wants job security should look for ways to add value to the business they are in and not indulge in ways to delay the inevitable transition. Having said that, the holdouts in mainframe systems and COBOL code continues to astonish me. 30 years after UNIX, we still have 400 billion lines of COBOL floating around. Never underestimate the IT industries unwillingness to change!