Symantec’s 2011 State of Cloud Survey examines how organizations are adopting cloud computing and dealing with the changes it can impose on their approach to managing IT. According to the survey, organizations have mixed feelings when it comes to security – with a majority ranking it as both a top concern and top goal of moving to the cloud. The survey also revealed that IT organizations may not be adequately prepared for the move to the cloud, as almost half of the respondents said their IT staffs are not ready at this time.
2. Methodology
• Survey performed by Applied Research
• 5,300 global organizations
– SMBs: Person in charge of computer resources
– Enterprises: Tactical and Strategic
IT Management, CyberSecurity Management,
and C-level professionals
• Cross-industry
2
3. Key Findings
• Security in the cloud is both the #1 goal and the #1 concern for IT
• IT staff is not completely ready for the move to cloud
• While interest in cloud is high, few organizations have crossed the finish line
• For those who have implemented, a ‘reality vs. expectations’ gap exists
3
4. Cloud Security Top Goal and Top Concern
• Improving security is the #1 goal of organizations implementing cloud
• Most (87%) believe cloud will not impact or will actually improve their
security posture
• Yet, they rate security as their #1 concern. Top threat models?
– Mass malware outbreak at your cloud provider
– Hacker-based data theft from your cloud provider
– Sharing sensitive data insecurely via the cloud
– Rogue use of cloud leading to a data breach
– Data spillage in a multi-hosted environment
5. IT Staff Not Ready for the Move to Cloud
• Half rate their IT staff as ‘less than somewhat prepared’ to handle cloud
• Less than 1 in 4 IT staff have cloud experience
5
6. IT Staff Not Ready for the Move to Cloud
• Almost half report they are growing their cloud staffing
• Large reliance on outside consultants to bridge the gap
7. Lots of Discussion …
• Organizations aggressively moving to all forms of cloud
• Three-fourths (75-81%) at least discussing cloud
7
8. With a High Interest in Cloud Security Services
– Email services such as management or security
– Security management
– Web and IM security
9. Few Have Crossed the Finish Line
• However, only 11-19% have finished implementing
– SaaS: 19%
– Private IaaS/PaaS: 17%
– Public IaaS/PaaS: 17%
– Hybrid IaaS/PaaS: 11%
9
10. Reality Not Meeting Expectations
• Large gaps between expected and realized goals
– Increased IT agility (42%)
– Improved DR readiness (43%)
– Increased computing efficiency (43%)
– Reduced OpEx (43%)
– Increased security (37%)
10
11. Symantec Recommendations
• Take the lead in embracing cloud computing
• Set information and application tiers
• Assess your risk and set appropriate policies
• Get started now
11