Last week ISG hosted its annual client and service provider conferences – Sourcing Leadership Exchange (SLE) and Sourcing Industry Conference (SIC), respectively. Several major cloud-related themes revealed themselves.
The slow adoption of infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) cloud capabilities points to enterprise caution and scrutiny. The hype of cloud adoption is quieting. Enterprises are coming to grips with exactly what the cloud can do for them and how they can utilize private IaaS and PaaS services. Enterprises realize that refactoring applications is an expensive and time consuming proposition with limited or negative ROI, therefore greenfield applications and functionality are the targets of cloud environments. Companies now realize they may have to support multiple PaaS environments. Lock-in – specifically potential future costs to migrate to a different PaaS environment – is slowing decisions.
Organizations struggle with the uncontrolled adoption of public cloud IaaS. IT and procurement departments are well aware of the uncontrolled business use of public cloud IaaS, such as Amazon and Google, but they’re unsure how to guide users so these services ensure known and acceptable levels of risks. One frustrated procurement professional told me, “We know the businesses are putting inappropriate content on public cloud services, but we don’t know what to do, so we have just given up.” As an antidote, several forward-thinking IT organizations are beginning to build use cases and options for use cases to effectively engage the business.
Security compliance and assessment remains a puzzle. It seems that organizations (IT and business users) don’t fully understand that they’re putting security and compliance at risk and don’t know how their security polices (if they have them!) need to change to accommodate security and compliance responsibly. After several joint presentations with Mayer Brown in which we outlined the potential threats of cloud computing, you could see the lights go on. Cloud security and compliance assessments are a necessity.
Governance needs to improve to speed the adoption of enterprise cloud services. Both providers and clients understand that their relationship needs to change to increase visibility and trust. Enterprise service providers inherently understand how those relationships need to change and, by proactively educating their clients, they can accelerate the building of trust and, in turn, increase the adoption of cloud services.
Both clients and service providers are maturing in the use of the cloud, moving past the initial urgency that made every CIO say, “I have to deploy something in the cloud!” At ISG, we still see a preponderance of managed services deals, but IaaS is a growing part of our engagements. My prescription? To further accelerate cloud use, service providers need to more tightly integrate cloud messages and cloud delivery into their traditional forms of service. I look forward to seeing that progress at next year’s conferences.