Let’s call 2014 "the year that cloud apps struck back.''
On the plus side, it was a year of rapid growth in the cloud. Osterman Research found that the businesses it surveyed use an average of 14.3 cloud apps. IDC estimated that spending on public cloud services grew to $56.6 billion in 2014.
But the growth has outpaced corporate controls, which has led to three worrisome cloud trends in 2014:
- Businesses juggled too many cloud apps. The cloud was supposed to end IT complexity. Unfortunately, in many cases, it’s just replaced management complexity with administrative complexity. A study from Capgemini found that nearly half of CIOs believe that they are using more apps than they need—which is pretty significant when you consider the time each app demands of IT admins for security, integration, mobility, billing and, worst of all, endlessly adding, removing and changing user and device settings. The key takeaway: it’s time to stop adding apps and start consolidating functionality and vendors.
- Too many people had access. From US Airways’ inadvertent pornographic tweet to Uber employees monitoring customers’ travel data, hindsight has made clear that many companies lack checks and balances. The key takeaway: Businesses need more stringent controls over who can access and utilize corporate cloud apps.
- Passwords became the weakest link. From corporate Dropbox folders to nude celebrity photos, 2014 was rife with high-profile cloud hacks that took advantage of weak passwords. At the same time, a recent survey found that 89 percent of ex-employees retained at least one login and password from their former employer. The key takeaway: strong passwords, single sign-on solutions and strict access termination processes are more essential than ever.
The IDC study referenced above also estimates that spending on public cloud services will more than double by 2018 to reach $127 billion. The risks will grow just as fast.
Here are five trends I expect to be talking about this time next year:
1. Extremely high reliability will no longer be a luxury.
According to Intuit, 37 percent of SMBs are already fully cloud adopted. For any business that relies on the cloud for mission-critical services, the classic 99.9 percent uptime guarantee is no longer enough—not when that amounts to 8 hours of downtime a year. Look for 99.999 percent uptime (which promise less than 26 seconds of downtime a month) to be the new standard.
2. The cost of litigation will make compliant archiving the new norm.
Most businesses associate compliant archiving with HIPAA and SOX. But archiving will become essential for all businesses, not just regulated businesses. That’s because compliant archiving slashes the mounting burden of eDiscovery (a 2014 report by eDiscovery.com found an average of 479 GB collected in eDiscovery projects prior to filtering and processing). This isn’t just email archiving, though—chat transcripts, too, for example, will also need to be archived to protect your company.
3. Businesses will begin to take the ex-employee menace seriously.
In September, the FBI warned that “disgruntled and former employees pose a significant cyber threat to US businesses.” The question is: will businesses institute rigorous access auditing and offboarding policies before the inevitable headline-grabbing hack?
4. Administrators will look for opportunities to consolidate providers.
If the average of 14 cloud apps per SMB are all sourced from different providers, that means there are 14 separate vendors to pay, 14 control panels to manage, 14 support teams to work with, and so on. It will become increasingly important for companies to consolidate providers to more effectively manage their entire cloud.
5. Companies will take control over data on mobile devices.
According to SMB Group, 83 percent of SMBs have deployed mobile apps to improve productivity. Imagine how much corporate data now lives on personal phones and tablets. Businesses will recognize the need for mobile device management—and will embrace apps that don’t just sync data across devices, but make it simple for administrators to both remotely wipe data as well as to restore it when devices are lost or stolen.