Security more important than availability when it comes to apps

For the first time, security surpasses availability to become the number-one priority for application deployment as organisations move to the cloud.

  • 7 years ago Posted in
F5 Networks has published the EMEA results of its 2017 State of Application Delivery report. The only global report of its kind is now in its third year, surveying over 2,000 IT, networking, application, and security professionals worldwide to examine the role application services play in allowing enterprises to deploy apps faster, smarter and more securely.
 
EMEA is set for a dynamic year in this respect, as the average organisation plans to deploy 18 app services in the next 12 months, compared to the 2016 global average of just 11. As the threat landscape continues to evolve in complexity, speed and availability were for the first time deemed less important that overall application protection, with the most important services cited including network firewalls, anti-virus and SSL VPN solutions.
 
An era of cloud expertise
 
The highest area of investment for 2017 in EMEA was the use of on-premise private clouds (46 per cent). Almost half of respondents (48 per cent) stated the private cloud would have the most strategic importance to their organisation in the next two to five years, and that three quarters (76 per cent) of their apps would be in the cloud by 2017.
 
The most important security feature was that the cloud should provide the same level of security and auditability as other similar on premises services (61 per cent). This hints that organisations are concerned about the disruption moving to the cloud can have on operations.
 
Nevertheless, respondents indicated that a shift towards a more agile, multi-cloud world is gaining momentum. Globally, four out of five respondents indicated they are adopting hybrid cloud models. The main challenge here is maintaining consistent security policies across multiple environments (25 per cent of respondents).
 
“Businesses are putting their money where their strategy is when it comes to cloud,” said Ryan Kearny, CTO, F5 Networks.
 
“There are still challenges to overcome but the global shift to embrace hybrid scenario clearly shows a growing recognition that agility and speed can be achieved without compromising security, provided there are consistent policies and solutions in place.”
 
On a global scale, the more apps a company has deployed, the greater motivation to reap the operational benefits of the cloud, with respondents running the largest number of applications (3,000+) reporting the highest percentage of apps in the cloud.
 
Sophisticated cyber-attacks changing priorities
 
A new era of security vigilance is required as security teams expand beyond traditional firewalls and legacy enterprise perimeters. Organisations with a web application firewall (WAF) and DDoS mitigation services had the highest confidence in their ability to withstand an application-level attack and interestingly, cloud-first organisations have more confidence in their security.
 
“This past year, not a week went by without some hack or vulnerability making the headlines,” said Kearny.
 
 “And yet there is no sign that security breaches are slowing digital transformation. Our report shows how the sometimes-competing demands of customer and data protection inform companies’ deployment of apps and app services, and can usher in security best practice at a time when it’s needed most.”
 
The top security challenges cited were the increased sophistication of attacks (64 per cent) followed by employees underestimating the impact of not following security policy (53 per cent). However, despite over half naming employees as one of the top challenges, a third (32 per cent) admitted a lack of IT security skills or training within a company was challenging.
 
Operational scale and programmability rise to the top for DevOps
 
On a global scale, the increase in app services and continued expansion to the cloud is driving organisations to automation and orchestration to scale operations across environments.  As a result, over half of respondents now view API-enabled infrastructures and templates as important, up from 31 per cent and 22 per cent last year, respectively. Scalability and OpEx reduction remain the top two drivers for the use of SDN frameworks, and companies are increasingly showing a tendency toward standardisation, with 39 per cent relying on only one framework in 2017, compared to 32 per cent in 2016.