Businesses tailor their use of cloud infrastructure to the needs of their business.Organizations need consistency across environments – security most of all.
Whether they are responding to government mandates or C-level
demands, organizations use the public cloud to participate in
industry ecosystems, leverage cloud-native architectures, and
deliver applications at the speed of the business. Despite the
strategic imperative, organizations are much less confident in their
ability to withstand an application-layer attack in the public cloud
versus in an on-premises data center. This discrepancy illustrates
a real need for easy-to-deploy solutions that can ensure consistent
security across multiple environments.
87% of organizations are multi-cloud and most still struggle with security.
Following through on their strategic initiatives, organizations continue to adopt cloud platforms at a high rate, with 27% of respondents reporting that they will have more than half of their applications in the cloud by the end of 2020. When we asked organizations how they decide which cloud is best for their applications, the number one answer was on a “case-by-case, per application” basis. This approach necessitates using multiple providers, and three out of four respondents report that they have applications in two or more cloud providers. This per-application strategy is required because each application is unique and serves a specific function within the business. Each can have end users that scale from less than a hundred to into the millions. And each has a different risk exposure—from a breach, to public embarrassment, to costing the business billions of dollars in damages.
It is imperative to have application services that span multiple
architectures and multiple infrastructures to ensure consistent
(and cost-effective) performance, security, and operability
across the application portfolio.
There are many challenges in managing a multi-cloud environment, and maintaining security, policy, and compliance are chief among them as reported by respondents:
- • Applying consistent security policies across all company applications
- • Protecting applications from existing and emerging threats
- • Complying with regulations
This is not surprising as evidenced by 71% of organizations reporting a skills gap in security. The highest skills gap lies in the discipline of protecting their applications from attack and breach according to 54% of respondents. The location of those apps matters as well. Organizations report a much lower confidence in their ability to withstand an
application-layer attack in the public cloud. While 62% report they are confident in their ability to protect applications in an on-premises data center, only 45% of organizations are confident in their ability to protect applications in the public cloud.
F5 INSIGHTS FOR KEY FINDING 02
The notion of achieving a single application architecture or uniform infrastructure environment is a pipedream for most organizations of scale. Instead, leading organizations recognize that the most efficient and effective way to treat each application uniquely while operating and securing applications across heterogeneous architectures and environments is through a set of application services that abstract the application logic from the underlying infrastructure.
The challenge of providing security parity across all application architectures and infrastructure is brought into even sharper relief by taking a snapshot of the average application portfolio.
According to the survey respondents, no single application architecture has the majority. Three-tier web and mobile app architectures come in first at 40%, with client-server following right behind at 34%. Microservices/cloud-native architectures are on the rise at 15%, but old school mainframe/monoliths still account for 11%. With each new generation, additional business value is created and captured, yet the investments, value, and insights arising from the previous generation of architecture is still necessary—which leads to organizations having a diverse application portfolio.
Given the heterogeneous mix of application architectures in a typical organization’s portfolio, it is understandable that over a third of respondents reported that refactoring legacy applications for modern environments is a priority for digital transformation. Additionally, it highlights the fact that multi-cloud will be the norm for the long term. It is imperative to have application services that span multiple architectures and multiple infrastructures to ensure consistent (and cost-effective) performance, security, and operability across the application portfolio.