Security is the most vital function to running an application, more so than reliability, portability and cost.
As detailed in new research of 650 IT decision makers by Nutanix, nearly all respondents (95%) believe their organization would benefit from a solution allowing consistent IT constructs and operations across public and private clouds. However, the research also showed that many struggle to adopt it – with nearly three-fourths (70%) of organizations reporting their transformation is taking longer than originally planned.
Wendy Pfeiffer, chief information officer at Nutanix, said businesses want the flexibility to leverage the right tools – and clouds – for their business. “More and more businesses are realizing that a unified hybrid cloud environment – one providing consistent experience, tooling and operational practices across private and multiple public clouds – can break down silos and reduce operational inefficiencies,” she explained.
“This can help businesses fast track digital initiatives by providing a path to easily ‘lift and shift’ legacy applications to public cloud without costly re-architecting exercises. Those legacy applications will then also have direct access to cloud native technologies.”
In an email to Infosecurity, Eugene Cheeks, application security consultant at nVisium, stated that security has to become a bigger part of the DevOps process and in response to this concern, many have begun to move to a DevSecOps model. “DevSecOps, done right, addresses this problem by allowing for companies to speed up deployment of business applications and remediate security issues successfully with smaller, often understaffed teams.”
Brendan O’Connor, CEO and co-founder of AppOmni, added: “No question that security has to be part of DevOps process. However, security for cloud services encompasses much more than DevOps. Enterprises are recognizing the amount of responsibility that falls on their shoulders for the security and management of cloud services.
“Of course, the development and operations of software must have security baked in, but so does the deployment and ongoing management of the cloud services. The oft-talked about lack of SaaS and cybersecurity expertise hampers these efforts.”
The Nutanix research also determined the top challenges with managing applications across private and public cloud environments to be: securing data across both environments (54%), acquiring and retaining IT staff (53%) and cost of migrating applications across environments (49%).
Pfeiffer said finding qualified IT talent is already difficult for many businesses, “and finding IT talent that has the appropriate skills to manage both private and public cloud infrastructure is even more challenging.” In particular, the majority of respondents (88%) noted that their organization struggles to ensure their IT team has the appropriate skills to handle a hybrid cloud environment, and over half (53%) see this as their main concern.
Meanwhile, 95% of respondents noted they have to rely on different teams with distinct skill sets in order to manage public and private cloud infrastructure, which creates silos.
Steve Durbin, managing director of the Information Security Forum, said: “Shortages in skills and capabilities are being revealed as major security incidents damage organizational performance and reputation. Building tomorrow’s security workforce is crucial to address this challenge and deliver robust and long-term security for organizations in an age where we are seeing more and more remote workers.”