2016 Cloud Predictions

The move to the cloud is still prevalent and largly accepted as the new normal for IT. As legacy systems fall to the wayside, the transfer of mission critical applications and operations into a cloud infracsturcture is ubiquitous. IDC sees the same pattern and has predicted that cloud software will grow to surpass $112 billion by 2019. That said, what does that mean for the cloud computing landscape?

Below are five predictions we believe will come to fruition during 2016:

Prediction #1: SasS is the new black

When choosing whether to replace depreciated equipment or go to an as-a-service provider, businesses are now choosing the provider option. Traditional vendors have become too involved for businesses, causing them to turn to SaaS. In fact, the fear of as-a-service is subsiding completely, with companies looking to solve more and more problems with it.

Although many marketing, HR and sales departments have already moved to SaaS, IT has been slower to join the migration. But in 2016, we’ll see more IT departments move to SaaS and other as-a-Service offerings, rather than simply assisting other departments’ move.

Many people view IT as a service, and larger companies have incorporated service-now IT into their structure. But now, all types and sizes of companies are adopting this structure. For many companies, disaster recovery will represent the first move into the service-now sphere. Because most companies don’t want to invest in the amount of capital that’s required to solve for disaster recovery well, they will leverage DRaaS providers to take care of it.

Prediction #2: A changing data center landscape

Once companies move their major applications to SaaS, you may think there’s no point of up-keeping a datacenter. But many important apps that haven’t moved to SaaS still need taken care of. Companies can hire cloud providers with a focus on IT resiliency to run those apps and take the worry off their shoulders.

Providers like Bluelock can jump in at this point to host and protect applications while IT (or the software provider) modernizes them so they can eventually convert to SaaS.

Prediction #3: A new era of accountability in the “always-on” business

We’ve seen CIOs fired for data breaches, but they will now take the blame for downtime and outages, too. Corporate apps have managed to dodge scrutiny, but social media will soon start exposing more problems and add accountability to this area.

For example, if a plane doesn’t take off when it’s supposed to, passengers will often complain about the airline on social media. Likewise, if someone takes their car into the auto shop to be fixed and the part isn’t there yet, they’re likely to let their frustration out on the Web. These are just a few examples of how social media can bring attention to dependencies on applications to run critical business operations. All companies want to make sure the service they’re offering goes uninterrupted to keep customers happy and competition off their tail, and the CIO will feel that pressure.

Prediction #4: More thought build, buy or partner

Should you hire in-house expertise or outsource your need to an as-a-service provider? More companies are now opting for the as-a-service option. Because recruiting and keeping great IT talent continues to be a struggle for most companies, they will feel even more pressure to put the talent they do have to work on innovation and growth initiatives rather than low priority but business critical essentials like disaster recovery.

Companies recognize that disaster recovery takes a tremendous amount of expertise, time and money, so it will be a top outsourcing initiative in 2016.

Prediction #5 - As Production Security improves, the Intruder Community increases attacks on adjacent non-production environments with replicated data.

Flanking a defense is a common approach attackers leverage to probe for weaknesses in a defense. Less common is the scenario where attacking a seemingly unrelated and separate target can produce the same or nearly the same impact. The digital age has enabled this to be the case. Digital assets like personal information, credit and secrets; unlike physical assets like gold, cash or munitions can, and in most cases does, exist in multiple places.

Historically this secondary or tertiary data has typically been out of date, in a company owned facility, and frequently not attached to the network in any meaningful way. As online storage-use increases in cloud, and disaster recovery; and, advanced availability techniques move what was once a cold site into an always-on warm or hot site to reduce recovery times and decrease data loss, those very sites become outstanding targets for intruders.

Modern techniques including virtualization, continuous replication, cloud-based storage services like DRaaS, and storage services like Amazon's Glacier, place what was once protected data (i.e. offline data, vaulted data, and difficult-to-mount data) into an always-on, less secure environment compared to the environment the data’s in when it's considered production.

A simple, but perhaps expensive approach, is to treat backup and recovery data – and the associated services or sites – to the same standards as their production counterparts when it comes to security technology, investments and operations.

The majority of companies will not care whether the breach occurred through the front door, the back door, or in this case, at a completely separate location. A breach is a breach and as we've learned the hard way, the impact can be significant.