Research from F5 Networks revealed earlier this year that the EMEA region leads the way for multi-cloud adoption, although security and skill gap challenges remain.
According to the sixth annual State of Application Services (SOAS) report, 88% of surveyed EMEA organisations were leveraging multi-cloud environments, compared to 87% in the Americas and 86% in the APCJ region.
A total of 27% of EMEA respondents also claimed they will have more than half of their applications in the cloud by the end of 2020. Meanwhile, 54% agreed that cloud in all its forms is the top strategic trend for the next two to five years
The SOAS report goes on to note that EMEA organisations were more likely than any other region to choose cloud platforms that support applications on a case-by-case basis, with 43% opting for the increasingly popular approach (compared to 42% worldwide). This chimes with the fact that 70% stated that it is ‘very important’ to be able to deploy and enforce the same security policies on-premises and in the cloud. In the Americas, 69% of respondents concurred, with APCJ slightly behind on 65%.
“Inflexible, one-size-fits-all solutions won’t work anymore in the cloud, so it is encouraging to see that per-application strategies are becoming more widespread in EMEA,” said Brett Ley, Senior EMEA Cloud Director, F5 Networks.
“Every application is unique and serves a specific function, such as finance, sales, or production. Each will have end-users that scale from less than a hundred to into the millions. And each has a different risk exposure that can span from a breach being simply embarrassing to costing the business billions of dollars’ worth of damage.”
Enduring challenges and security concerns
A total of 33% of EMEA organisations cited regulatory compliance as the biggest challenge when managing applications in multi-cloud environments, which was once again higher than any other region and partly due to complexities stemming from the EU General Data Protection Regulation (GDPR).
Other pressing concerns included applying consistent security policies across all applications (30%), safeguarding against emerging threats (28%) and migrating applications between clouds and data centres (28%).
When it comes to security postures, respondents reported lower confidence levels in their ability to withstand an application-layer attack in the public cloud (only 15% were ‘very confident’ they could do so), versus in an on-premises data centre (30%) or via colocation deployments (20%).
The cloud security challenge is further exacerbated by a growing industry skill gap: as many as 66% of EMEA organisations believe they lack necessary security talent going forward. America is closely behind with 65% having claimed the same. The problem was most pronounced in the APJC region where it was an issue for 76%.
Despite EMEA’s proactive embrace of per-app cloud strategies, the SOAS report found that many still struggle to provide security parity across all application environments.
It is an ongoing issue across the world and is complicated by the sheer diversity of the average application portfolio. No generation of technology is currently leading the way. According to SOAS respondents from all surveyed regions, client-server architecture remains the most prominent and accommodates around a third (34%) of applications, with three-tier web applications coming in second at 26%. Newer mobile (14%) and microservices/cloud-native (15%) architectures are on the rise, but old school mainframe/monoliths still account for 11%.
“A heterogeneous mix of application architectures is currently the norm and highlights the fact that multi-cloud deployments are very much here to stay,” said Ley.
“It is important to realise that the notion of achieving a single application architecture or uniform infrastructure environment is a pipe dream for most organisations of scale. As such, it is imperative to have application services that span multiple architectures and multiple infrastructures. This will ensure consistent – and cost-effective – performance, security and operability across the entire application portfolio.”