Enterprise Public Cloud Adoption Stifled by Privacy, Security Concerns

Globally, organizations believe utilizing the cloud provides significant value to the enterprise. But Barracuda found privacy and security concerns are delaying cloud adoption.

The majority of IT leadership say privacy and security concerns are restricting the adoption of public cloud services within their organization, despite finding significant value in its adoption, according to a report from Barracuda Networks.

Conducted by Vanson Bourne, researchers surveyed 750 global IT leaders responsible for their organization’s cloud infrastructure to gain insight into public cloud benefits and challenges. Researchers focused on roadblocks to adoption, as well as web application security.

The report found that organizations expect to see about 76 percent of IT infrastructure running in the public cloud in the next five years. Currently, organizations have about 45 percent of their IT infrastructure running in the cloud.

Further, 36 percent of organizations still do not back up data to the cloud.

Cloud adoption in healthcare varies by organization. A 2018 Gartner study found just 30 percent of hospital data centers will be based in the cloud by 2022, while Netwrix showed those that do leverage the cloud do so to store healthcare data (74 percent), employee data (74 percent), or customer data (68 percent).

Across all sectors, Barracuda sees organizations moving their infrastructure to the public cloud, but security is the biggest concern, which is slowing faster adoption. In fact, 70 percent of organizations named security as the key restriction to its implementation.

Further, 38 percent said that greater public cloud adoption is also hindered by costs and 28 percent named compliance as one of the largest roadblocks.

“Security has been a perennial concern, even for those at the forefront of cloud adoption,” researchers wrote. “While adoption rates for public cloud continue to grow, security continues to be a number one roadblock — understandable considering the volume and variety of threats organizations must face today.”

“Many are choosing third-party security solutions as a result, claiming that if such efforts are successful, they could unlock tremendous business benefits,” they added.

These security roadblocks included the actual security of public cloud infrastructure (42 percent), the potential impact from cyberattacks (36 percent), and public cloud application security (33 percent).

Researchers explained that these are valid concerns, given 75 percent of respondents have already been targeted with a cyberattack. These numbers are even more alarming given just 56 percent had been targeted in 2017.

IT leaders also shared their views on the top threats facing cloud infrastructure: 45 percent named sophisticated hackers, 40 percent are concerned about app vulnerabilities, 38 percent see phishing as a leading threat, and 37 percent are worried about exposed corporate networks.

When it comes to web app security, IT leaders acknowledged the severe consequences that can occur with poor security: 55 percent are worried about critical data theft; 52 percent named successful cyberattacks; and 47 percent are concerned about losing customers.

IT leaders responded that they need better protection for web apps that can be accessed by external parties or through mobile devices, as well as those that involve personally identifiable information or commerce.

However, alarmingly: 35 percent of these leaders admit their web apps aren’t fully secured.

These issues raise the probability of data breaches and services outages, trickling down to serious financial and reputational damage as “keeping hackers at bay is a constant drain on resources.”

On average, organizations spend about six hours each week on managing and preventing security breaches, while about 29 percent spend an entire day or more each week on security-related tasks.

Network integration was also listed as a serious concern, including how to integrate public cloud with legacy tech, improving integration with private cloud, and integration with on-premise infrastructure.

But overall, researchers named network integration as a key factor to cloud adoption: 41 percent said they want to see better integration between public and private cloud networks.

To improve security of the cloud, Software Defined Wide Area Network (SD-WAN) was named as the tech of choice to achieve secure integration. Just 23 percent of respondents have deployed SD-WAN, but another 51 percent are currently or planning to implement the tech within the next 12 months.

What’s more, SD-WAN is being used by over half of organizations that have added security to their public cloud.

“Respondents are looking to SD-WAN solutions to resolve not only network issues but also security concerns,” researchers said. “Respondents realize that cloud provider native security solutions may not provide sufficient capabilities and are looking for third-party providers to help them overcome adoption barriers.”

“A single solution combining advanced security and SD-WAN in one appliance at each gateway edge works best for those that want enhanced application performance, network flexibility and agility combined with industry leading security,” they added.

According to the report, cloud adoption will grow once security barriers are removed. About 65 percent of respondents would move more applications to the cloud, and 56 percent would build more apps in the cloud. Another 48 percent would use more partners to support cloud adoption.

Forty-two percent viewed reduced IT expenditure as one of the biggest benefits to cloud adoption, followed by greater scalability (41 percent). Another 39 percent named greater agility and IT staff being able to focus on higher value tasks (38 percent).

“Given that security concerns were cited by over half of respondents as a barrier to cloud adoption, more than any other factor, it’s clear that addressing such challenges is absolutely critical if organizations want to drive business success in the future,” researchers concluded.

Next Steps

Dig Deeper on Health data threats