Virtually every company is operating a hybrid cloud strategy today. In fact, they have been for some time so it’s not really anything new. At SafeNet, a hybrid cloud means that you have some technology and infrastructure that you operate and manage in house, and some that you rely on 3rd parties to operate and manage for you. Payroll functions have, for many companies, been handled and processed by 3rd parties but other HR functions have been kept in internal IT systems.
We have seen economies and benefits (as well as some risks) that can be derived from operating IT services on public and shared infrastructure. Companies have access to elastic, instant and easy-to-manage services that reduce the burden on IT operations as well as increase employee productivity and communications. However, in an unregulated manner, employees inadvertently allow sensitive information to sit in potentially exposed areas outside of the corporate policy and enforcement.
The drive to maintain corporate compliance as well as benefit from the economies of the public cloud will drive more innovations around compliance in these environments. Therefore, over time, we believe the strategy will be for the hybrid cloud to continue its shift away from the private infrastructure in to the public infrastructure. Mobile and remote access, instant provisioning and more manageable IT costs provide inevitable momentum that will force the market to deliver solutions to the problems around governance and compliance of data.
This momentum will also drive more generalized cloud-oriented solutions for businesses. Software startups today rarely consider developing software for on-premise deployment because they know that business will prefer to acquire new solutions and innovations as a service. Large businesses today already rely on cloud-based collaboration, CRM, payroll, accounting, data archival, anti-spam and anti-malware technologies. The next wave will come in the form of more generalized desktop applications such as presentation, document editing and, importantly, email solutions. Cloud-based solutions naturally solve problems of access in every corner of the globe and on every device.
We also believe that these trends also reduce the complexity and costs of managing software licenses. Software licensing represents an important aspect of our business at SafeNet – and while we help companies manage licensing for the products they build – we struggle with containing and managing the costs of the licenses we consume. Our ability to be nimble and to shift platforms are hampered not only by data migration and training factors – but also because of license agreements that entrap us financially. Moving to cloud-based software solutions reduces the financial constraints of traditional on premise software and greatly relieves the burden of managing deployed software. Cloud-based software solutions provide us with easy, centralized and instantly variable options – they also shift the compliance burden on to the vendor and away from the customer – relieving us from the constraints of audit and so on. However the ease in which we can access software on demand has to be tempered with the ease at which sensitive data can fly out of our company.
Solutions to both cloud data governance (an enterprise problem) and cloud software access control (an ISV problem) will accelerate the already rapid move in favor of the public side of the hybrid equation.
So, how will this affect IT departments? We believe that over the long term, the focus of the IT department will be much less around managing equipment either in the server room, the desktop or the employees pocket and more on accessing control interfaces that manage security, policy and governance of data. The era of controlling data by firewalling, end point control and physical access will give way to authentication federation and policy, key and encryption management and remote solutions for virtual machine ignition and portability. We believe that public cloud providers will deploy more sophisticated security technologies that enable strong, cryptographically provable protection while companies retain the electronic keys that govern their data. Data compliance solutions will shift from the end-point to the server side (in the cloud), providing IT with more effective means for controlling and managing policies. This inevitably leads to greater compliance with less complex tools for the IT department.