Virtualization Technology News and Information
QAD 2018 Predictions: Information Security Becomes a Key Reason to Move Mission-Critical Apps to Cloud

VMblog Predictions 2018

Industry executives and experts share their predictions for 2018.  Read them in this 10th annual series exclusive.

Contributed by Evan Quinn, principal marketing director at QAD

Information Security Becomes a Key Reason to Move Mission-Critical Apps to Cloud

In the early days of the cloud, potential cloud app (SaaS) buyers were frightened of deploying to cloud due to the perception that cloud had weak information security. Companies preferred the familiarity and comfort of running their own data centers, including managing their own on-premise security, particularly for mission-critical applications like ERP that manage "source of truth" and sensitive data.

Earlier Cloud adopters, approximately through 2010, therefore focused on cloud deployment for apps with a lower bar for security than ERP, like CRM, HCM, BI and sidebar apps like travel expense management. Cloud ERP adopters were in the minority - until recently. The prediction: In 2018, information security will become a primary reason to adopt cloud.

Ironically, nearly two decades after the start of SaaS, the information security offered by leading cloud providers will compel companies to choose cloud. Why?

1.  Hacking has evolved into a frightening, ongoing threat to companies of all sizes, locations and industries. Consider all the large companies that suffered major breaches in 2017, like Verizon, Merck, Equifax and even the USA National Security Agency. Few companies can keep up with the required expertise and associated cost of state-of-the-art information security best practices and threat prevention, detection and remediation.

2.  Cloud providers, aware of the security concerns from the first decade of the 2000s, have continually invested in improving information security.

3.  A cloud provider scales information security investment across their customers - cloud providers MUST excel at information security as part of their cost business.

4.  The need for expertise and the associated cost of information security goes beyond threat management and includes compliance (e.g. ISO, SSAE, GPDR, etc.) and systems management (patching, DR, etc.).

That does not mean that all SaaS and IaaS providers are created equal in terms of information security. Cloud buyers, knowing that some cloud providers offer state-of-the-art security and maintain a commitment to keep up, will (a) use security to justify moving to the cloud, and (b) use information security capabilities as a key decision point for choosing SaaS and IaaS providers. Generally, smaller providers, that have a hosting and managed service provider heritage, will be at a disadvantage due to smaller customer bases and the related inability to spread cost. In addition, providers with global security and compliance capabilities have an advantage over more regional and local providers, not just due to scale but also because, in terms of business transacting, there are few companies left on the planet that are not exposed globally.


About the Author

Evan Quinn 

Evan Quinn is a principal marketing director at QAD. He has been a developer, product manager and in marketing at major banks, and leading technology vendors like Oracle and Symantec. 

Published Monday, January 08, 2018 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2018>