The critical role of trust in moving to the cloud

  • Article

By Richard Villars, Vice President Datacenter & Cloud Research, IDC Print

This blog post is the first in a series of industry expert posts on trusted cloud focused topics.

 

"When should I move to the cloud?"

One of the most frequently asked questions from CIOs and business leaders is, "When will cloud become the dominant delivery model for IT products and services?"

While it's challenging as an analyst to identify a transition point across the wide range of applications that organizations own and operate, today, when it comes to infrastructure, the answer is quite clear. At the end of 2015, companies were twice as likely to "buy" server, storage, and network hardware to deploy in their own datacenters as they were to "rent" infrastructure via a cloud delivery model. Sometime in 2019, we expect that organizations will be just as likely to rent infrastructure as buy it, with cloud-based delivery extending its dominant role thereafter. When we include infrastructure-intensive SaaS and PaaS services like backup, archiving, databases and data analytics, the crossover point is in early 2018.

Net Net: In less than two years, cloud will be the dominant delivery model for the underlying infrastructure upon which organizations are running their company and transforming their business.

Why the cloud?

A key force driving this transition is the expanded role that cloud services will play in extending the value of all an organization's datasets and data-intensive applications. IT organizations already recognize the critical role that elastic and scalable cloud services play in enabling new data services that support next-generation systems of engagement and analytics. Over the next two years, IDC expects these same cloud platforms to play an ever greater role in extending the value of existing databases and data warehouses. They must enable rapid expansion and reduce operational costs for these critical systems of record.

These systems of record are the rock (the system of trust) upon which you build your relationship with customers and partners. Bad experiences for you are bad experiences for your customers. With the shift to cloud-based IT, your cloud service provider's datacenters will become the de facto home for growing set of these systems of trust in the next two years. The question you should be asking right now is whether the provider of your cloud environment can deliver a trusted cloud?

So, what is "a trusted cloud?"

The first trust requirement for most organizations is that they need a secure cloud. Forward-thinking organizations understand that the single word "security" includes a diverse set of challenges across four major areas:

  • Data integrity: All data is protected, recoverable, and immutable
  • Service fidelity: The collection and delivery of data and applications is predictable and shielded from network disruptions
  • Content control: All access to content conforms to standards for privacy and protection of intellectual property
  • Data control: Any use of data and metadata for deep analytics conforms to defined legal and ethical specifications

A trusted cloud provider delivers a holistic set of cloud solutions that address all of these security requirements regardless of whether they are driven by legal and regulatory requirements, or based on customer expectations for high-quality service.

Earning "trust" is not just about security alone….and earning trust is not a one-time event. Technical, legal, regulatory, and cultural expectations when it comes to security, privacy, resiliency, and compliance are constantly in flux. Your cloud provider can play an important role in keeping abreast with these changes, but your organization has the ultimate responsibility for ensuring the integrity, fidelity, and control of your data. To navigate these shared responsibilities, a critical characteristic that a trusted provider of cloud solutions must deliver, both on-premises and as a service, is transparency.

Transparency means that you have more information about, and more timely delivery of updates on changes in, your provider's data handling principles and practices, contract terms and conditions, current and future services offerings, service and system downtimes, and emerging industry best practice on data sharing.

I've just scratched the surface for some key trust considerations including security and transparency. While some organizations are still navigating selection of a trusted cloud, across the industry the transition to a predominantly cloud-based IT environment is well underway and will cross a critical threshold in the next two years. Now is the time to identify which partners are taking the right steps to ensure that they can deliver a sustainable "trusted cloud" platform, today, and for the future. IDC will continue to explore the ideas of trusted cloud principles and practices in the next installment of this blog post series, "Navigating trusted cloud considerations: Transparency, security, privacy and compliance."