November 4, 2016
According to a study released this week by Scalar Decisions Inc. an ‘overwhelming’ three quarters (77%) of Canadian organizations feel they are not doing enough to address cloud security on both the IT and business sides. The study, conducted with senior-level IT practitioners from across Canada, found a shortfall in the implementation of several key security items that underpin cloud security: responding organizations identified that they have yet to implement security items such as data classification and accountability (54%), client and end-point protection (57%), identity and access management (48%) or application-level controls (59%).
According to the study, cloud-based delivery is becoming mainstream as approximately 60% of Canadian organizations have adopted cloud as an IT delivery model – yet almost half (48%) have no formal cloud security policy in place. Across all levels of expertise – from experienced cloud users understanding the complexities of cloud transformation, to novice users – security was cited by 75% of respondents as the number one ongoing post-adoption issue to be addressed.
“The high adoption of cloud-based delivery tells us that security is not a barrier to cloud, but is still something that needs to be addressed in a vast number of businesses,” said Neil Bunn, chief technology officer at Scalar Decisions, an information technology services provider.
“Utilization and understanding of the cloud is low. Security remains the number one expressed concern across all levels of cloud experience, yet there is an evident disconnect between organizations’ worries regarding cloud security and the actions being taken to mitigate the existing risks.”
Growth of workloads transitioning to the public cloud is not slowing down. The research, commissioned by Scalar and independently conducted by IDC Canada, found Canadian organizations anticipate that over the next 12 to 36 months the percentage of workloads hosted in the public cloud will increase significantly: respondents expect their cloud-based workloads to increase from 31% to 35% in 12 months, and to 41% in 36 months.
Similarly, surveyed IT decision makers anticipate significant increases in the percentage of their IT budgets allocated to the public cloud. On average, respondents estimate their IT budget to increase from 20% to 25% in 12 months, and to 29%t in 36 months.
The research also examined users’ experience with the cloud in relation to their level of sophistication. Experienced users, representing one-in-five respondents (19%), were found to have significantly stronger planning, assessment and design foundation than novice users.
On average, 86% of experienced cloud users have formally documented processes, in comparison to only 42% of novice users. Individuals with cloud experience were also found to understand the complexity of cloud transformation, and are more likely to recognize the need for specialized experience. Among the experienced respondents surveyed, nearly all (95%) indicated that cloud security is an expertise or skillset where external partners can provide value. Notably, all (100%) IT departments at experienced users surveyed have a formal roadmap for moving other workloads to the cloud.
“Cloud benefits and business value become progressively more sophisticated as organizations’ experience with the cloud increases,” added Bunn. “Viewing cloud security and cloud adoption as non-severable concepts, coupled with investing in a continuous optimization approach in line with the Cloud Experience Model are key factors to achieve success in a rapidly changing marketplace of cloud based services and capabilities.”
The full study can be downloaded via https://www.scalar.ca/en/landing/2016-scalar-cloud-study/