We are currently witnessing a huge transformation in how computing is done, with on-premises infrastructure being steadily and rapidly replaced by cloud infrastructure. If smartphones were the technology story of the last decade, then Infrastructure-as-a-Service (IaaS) may very well be the story of this one.
This change is taking place very rapidly In 2016, revenues for cloud service providers grew from $16 billion to $22 billion, a massive 38% leap forward. This growth can be seen on balance sheets across the industry. To cite three examples that are strongly representative of the industry as a whole: Amazon Web Services (AWS) saw 55% growth in 2016; Microsoft Azure saw 116% growth; and IBM saw 35% growth. Amazon’s public cloud business is so strategically important that the only reason they turned a profit in Q3 2016 was because of the $1.1 billion generated by AWS cloud services. Without this, Amazon’s $816 million profit for the quarter would have been a $300 million loss.
These numbers are not an aberration. The market research firm Forrester has had to continually revise their public cloud growth estimates upwards. They recently mentioned:
“We predict that the public cloud market will generate revenues of $236 billion by 2020 — 23% higher than our 2014 forecast. The increased size of the 2020 public cloud market reflects faster-than expected growth, especially for cloud platform revenues, whose 2020 total of $64 billion will be 45% higher than we projected two years ago.”
Forrester is not alone with these kinds of estimates. Gartner is right there with them, stating that, “by 2020 more compute power will be sold by IaaS and PaaS cloud providers than sold and deployed into data centers.”
This transformation could be accelerating even faster if not for concerns over cloud security. Survey after survey shows cloud security is the number one concern of IT professionals who are planning to move applications to the public cloud. Nearly 45% of North American and European respondents to a Gartner survey from May of 2016 noted it as their main concern; no other issue received a greater than 15% response.
Who is responsible for security in the cloud? Cloud service providers such as AWS have adopted a “shared responsibility model” where they secure the infrastructure itself, and their customers secure their own workloads.
While many providers do offer some basic tools for workload security, these are usually rudimentary at best. It’s for this reason that most security and risk professionals prefer to use third-party security solutions to enhance or simply replace the security options offered by their cloud provider. Such solutions are significantly more comprehensive and tend to be agnostic of the underlying infrastructure, so they can secure, monitor, and report on multiple operating environments.
Vendors like CloudPassage have an important role to play in this huge change that we are all witnessing toward cloud computing.