Risk
4/2/2010
09:52 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

IT Spending On Cloud Ratcheting Up

A Sandhill Group survey shows enterprise interest in -- and IT spending on -- cloud computing accelerating over the next three years.

The weak economy and IT cost cutting appear to have been a primary driver of cloud computing over the last two years, but the report found those to be secondary reasons to go to the cloud. "Forty-nine percent of companies are driven to the cloud for business agility reasons, while only 46% are motivated by cost efficiency," the report states.

The ability to produce the software that supports a new product or service seems to happen faster in the cloud. A developer can produce iterative versions that deploy easily because they've been developed in the deployment environment, and they scale there without added work.

A chief architect at a petroleum company is quoted as saying: "I've seen 'skunkworks' projects where smart developers figure out something to do with the cloud over the weekend. They come in and show it to their boss and their boss is blown away because it took a tenth of the time and cost of what it would if done in the normal way... The cloud brings together these pockets of innovation in the company. We need that."

"Innovation is one of the key ingredients. Let's go out there and find new ways to get to market with new applications. It's a big driver," Pemmaraju said.

Nevertheless, the cloud remains an attractive alternative cost-wise. Interviewees didn't hesitate to describe the cloud in the report as "an order of magnitude cheaper than comparable on-premises solutions."

A different angle on the savings came from a CIO, quoted as saying cloud computing and on-premises computing are roughly equal in expense at the three-year mark. But cloud computing starts to pile up savings over the next few years because there is no hardware refresh involved at the end of three years. None of the interview subjects were named.

Another conclusion in the report is that many small businesses and some medium sized businesses consider the cloud to be a more secure form of computing than their own operations. The survey and followup interviews indicated small companies "know they don't have the security they need to have in their own environments. They consider the security of the leading cloud vendors to be far better than anything they could hope to have," Pemmaraju said.

Many companies will weigh their need to continue secure handling of certain kinds of data with their desire for lower cost and more agile cloud computing. The result, the report predicts, will be rapid adoption of hybrid cloud computing approaches, where some use is made of the public cloud in conjunction with internal operations.

"Both our qualitative interviews and survey data found little use of hybrid clouds today. However, our survey indicated the biggest growth will be in this area," the report concluded.

The Sandhill Group reports on major trends in computing for the investment community, such as the venture capitalists located along Sandhill Road in Menlo Park, every two years.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3861
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

CVE-2014-3862
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

CVE-2014-5076
Published: 2014-09-02
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

CVE-2014-5452
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations.

CVE-2014-6041
Published: 2014-09-02
The Android Browser application 4.2.1 on Android allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\u0000javascript: sequence.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.