Virtualization and Cloud executives share their predictions for 2014.  Read them in this VMblog.com series exclusive.

Contributed article by Andrew Hay, Director of Applied Security Research at CloudPassage

Security will continue to be the primary cloud adoption concern

Cloud is still relatively new technology and, for most organizations, largely unexplored territory. Although the draw of inexpensive compute power, rapid scalability, and elastic utilization will continue to draw the enterprise to cloud, like moths to a flame, security concerns stand resolute.

Every survey conducted over the past two years reflects that security is and will continue to be the primary cloud adoption concern of most enterprise organizations. The "2013 Cloud Computing Outlook" survey, conducted by 451 Research's Peter ffoulkes, found that security remained "the paramount pain point, cited by 30% of respondents, with no other criterion breaking the 20% level." Likewise, the 2012 CloudPassage Security and the Cloud Survey found that 69% of respondents stated that security was a "HIGH" concern. The 2013 IDG Enterprise Cloud Computing research cited that 66% of respondents named security as the top concern for IT departments.

With the number of enterprise breaches showing no signs of decline, coupled with the surge of government surveillance concerns and growing speculations of state-sponsored espionage, all indicators point to security continuing its reign as the primary roadblock to cloud adoption.

End-to-end automation will be table stakes

We will likely remember 2012 as the year that server automation came into its own. In 2013, DevOps became a credible job title (at the time of this writing jobsites Indeed.com, Dice.com, and Monster.com showed 853, 225, and 139 jobs, respectively, that had "DevOps" in the title). Venture-backed startups are actively searching for DevOps engineers in various roles and responsibilities as well, with well-known startup job site VentureLoop.com offering 145 DevOps positions.

If IT automation were a horse, it would likely be referred to as a "sure thing".

Investors think so too. Both Puppet Labs and Chef (formally OpsCode) raised Series D funding of $30M and $32M, respectively. Newest challengers SaltStack ($685k in Seed funding) and AnsibleWorks ($6M in Series A funding) also made a splash.

It's likely that application, application stack, and server automation will become a ubiquitous model for enterprise deployment in 2014. Unfortunately, getting servers and applications up and running is not, and should not be, the finish line. Security automation rounds out the IT automation lifecycle.

Neil MacDonald from Gartner predicts that automation for enterprise security won't arrive until 2015. Enterprises, however, are actively investing in and deploying security automation products since the beginning of 2013.  A great example of security automation is Citrix ShareFile. In a recent GigaOm webinar, Citrix ShareFile discussed how, due to the dynamic scalability requirements of their product, they needed end-to-end automation of their applications and servers - automation that included security automation.

##

About the Author

Andrew Hay is the Director of Applied Security Research at CloudPassage and former Senior Security Analyst for 451 Research.