Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

6 hard truths IT must learn to accept

Dan Tynan | Oct. 18, 2017
The rise of shadow IT, shortcomings in the cloud, security breaches — IT leadership is all about navigating hurdles and deficiencies, and learning to adapt to inevitable setbacks.

Instead, Gartner predicts that 90 percent of organizations will adopt a hybrid infrastructure by 2020, keeping some IT resources in house while outsourcing others to public or private cloud providers.

There's no question the cloud has had a dramatic impact on IT operations, but it hasn't always lived up to the hype. A June 2017 survey of 300 IT pros found that 80 percent said the cloud wasn't meeting their expectations due to problems with security, compliance, complexity and cost. According to a January 2017 survey by cloud management firm RightScale, from 30 to 45 percent of enterprise cloud spend is wasted.

That's because a lot of companies reflexively moved to the cloud with no clear understanding of why or how to do it, says Lowe.

"Merely moving a critical service to the cloud does not automatically make it more reliable or scalable," he says. "To truly take advantage of the cloud, software needs to be architected and implemented differently, using microservices instead of monoliths."

And some organizations that thought they could move all their legacy apps to virtual machines in the cloud have had a rude awakening, adds Tom Mainelli, VP at IDC.

"Companies will always find some app they can't virtualize," he says. "Like an expense program that's 25 years old and the company that built it has been gone for 15 years. You'll probably never be fully rid of old proprietary apps your company uses every day."

 

3. Your systems have already been hacked

It's a given that your corporate network has been compromised and your data is at risk. Things are only getting worse. In fact, data breaches increased 40 percent in 2016, according to the Identity Theft Resource Center.

The question is, What can you do about it? Many enterprises respond by investing in network security appliances. That's the wrong approach, says Meikle.

"Everybody wants systems that are easy to manage and hard to breach," he says. "But they usually end up with big ticket security appliances that are hard to manage and sensitive data that remains unprotected. A smarter approach is to assume your environment has already been compromised and design your security plan around that."

Instead of trying to protect networks and devices, smart IT organizations focus on securing company data on those endpoints, says Mainelli.

"Obviously you don't want your networks or end points compromised, but what happens once somebody plugs in a USB drive?" he says. "Is the critical data the company relies on secure? What happens when it's moving from email to email or hard drive to hard drive?"

Security has gotten worse in part because there are more devices and more data to protect, says Cameron. But technologies like Docker-based containers for cloud data and AI-driven automated breach detection are helping to mitigate the problem. And after high-visibility breaches like Equifax and Yahoo, Cameron says the C-suite and the board are finally starting to pay attention.

 

Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.