IT spending on cloud technologies, including public cloud providers, is expected to rise from 12% in 2017 to 18% within the next two years, according our Truth in Cloud study. This trend is likely to continue as more organisations plan to increase the workloads they have across multiple cloud platforms. With a growing number of apps and services available, and the benefits cloud offers – agility, ease-of-use, time-to-provision – it is easy to see why cloud adoption is on the rise.
In fact, over half (56%) of organisations today operate with a cloud-first strategy. Further, business leaders are realising the potential of using multiple cloud platforms: nearly six in ten businesses (58%) that currently use one cloud provider plan to expand their portfolio across multiple platforms.
Multi-cloud solutions offer an agile and cost-effective way for businesses to improve resilience, data security and workload management. But organisations must pay close attention to selecting cloud service providers (CSPs) that are right for their business and their specific IT requirements.
Many organisations have moved past thinking about cloud solely from a cost perspective. Rather, the areas that are of most importance to organisations when it comes to selecting a CSP include data privacy, security and compliance (60%), workload performance (49%) and workload resilience or uptime (43%).
It’s encouraging to see organisations embracing a multi-cloud approach as they strive to achieve digital transformation. But as they increasingly distribute their data across multiple clouds to advance their cloud journey, it is critical that enterprises understand exactly who has the responsibility for their data in the cloud.
Worryingly, many organisations are making incorrect assumptions about the data management capabilities offered by their cloud service provider, leaving themselves exposed in multiple areas. The majority (83%) of businesses believe that their CSPs take care of data protection in the cloud. More than two-thirds (69%) expect their cloud provider to take full responsibility for data privacy and regulatory compliance of the data held on their platform, with three-quarters (75%) of businesses even saying they would leave their cloud provider as a result of data privacy non-compliance.
Yet cloud service provider contracts usually place data management responsibility onto the service user. Organisations need to understand clearly their retained responsibilities in order to avoid the risks of non-compliance, which can have massive implications on their business.
With the EU General Data Protection Regulation (GDPR) now in force, businesses can’t afford to mishandle their data since they will be the ones who face the repercussions, regardless of whether their data is stored on their own private servers or hosted on a third-party cloud platform.
Our research also reveals dangerous misconceptions around the responsibility for cloud outages, with six in ten (60%) respondents admitting they have not fully evaluated the cost of a cloud outage to their business and are therefore ill-prepared to deal with one. A similar percentage (59%) also believe that dealing with cloud service interruptions is the primary responsibility of their CSP, while most (83%) believe that their CSP is responsible for ensuring that their workloads and data in the cloud are protected against outages.
Although cloud service providers offer service-level objectives on infrastructure availability, it is ultimately the service user’s responsibility to ensure that their critical business applications remain resilient in the event of an infrastructure outage and that data is protected against loss or corruption.
The information a company holds is its most valuable asset and businesses must have full visibility into their data and be accountable for protecting it, regardless of where it’s located. Not only will this will help avoid the risks of non-compliance or loss of revenue through downtime, but it can also help organisations to glean better insights from their data to improve customer experiences, manage costs, improve research and development, and build brand loyalty.
The future’s bright
Despite the challenges that a multi-cloud approach can bring, the opportunities it can provide are far greater.
Using multiple clouds enables businesses to increase resiliency and minimise any risk of downtime: if any of their cloud service providers suffer an outage, businesses can simply switch to another one of their platforms. Our research found that resilience and uptime is one of the most important aspects organisations consider when selecting a CSP. The ability to move workloads between platforms also allows businesses to pick and choose the right CSPs for specific job functions or workloads.
With more companies embracing a cloud-first mentality and introducing multi-cloud approaches into their organisations, the need to navigate the complexities of a multi-cloud world is critical. As with on-premises environments, companies should consider all aspects of data management as they journey to the cloud, from data protection, regulatory compliance and workload portability to business continuity and storage optimisation.
Although businesses can export their data to the cloud and reap the benefits of doing so, they must remember that they cannot export their data management responsibilities.