Cloud adoption soars in regulated industries
That's according to a new study by the cloud security firm Bitglass, which analyzed traffic from some 130,000 organizations in North America and reported a 71 percent surge in cloud usage across the board in the verticals it evaluated.
Within the government sector, Bitglass reported a spike of more than 300 percent in the proportion of agencies that have moved to the cloud.
Rich Campagna, vice president of products at Bitglass, says the study seems to confirm what industry observers have seen anecdotally, quantifying "the sheer rate at which cloud adoption has taken off in the last year-and-a-half."
Importantly, Bitglass' analysis was not looking at all facets of the cloud. The firm evaluated only the use of public cloud applications, and, of that large subset, confined its analysis to the popular productivity suites Google Apps and Microsoft Office 365. Those applications, Campagna explained, are generally deployed on an enterprise-wide scale and are "key indicators" that an organization has committed to a "cloud-first strategy."
"The decision is made at the CIO level to move to Office 365 or to Google," he says. "What we wanted to find is what is the best indicator of an organization-wide adoption of cloud-based applications."
So that approach weeds out firms where a small pocket of employees might have incorporated some niche application into their workflow, but where the enterprise writ large continues to run processes like email and collaboration applications through a traditional, locally housed data center.
Among U.S. government agencies, 47 percent have adopted either Google Apps or Office 365, according to Bitglass' findings. A slightly larger proportion of agencies with more than 1,000 employees have made the move, but Bitglass is still seeing much of the cloud activity happening at the state and local level.
[ Related: Google, Microsoft in '2-Horse Race' for Government Cloud Contracts ]
"They have a thin IT shop and this allows them to focus on value-added parts of their business, rather than on having to spend on a headcount on managing and maintaining applications that are not part of their core [mission]," Campagna says.
The most dramatic increase has come in the education sector, where, by Bitglass' estimate, 83 percent of organizations have adopted one of the cloud apps that it evaluated, up from 23 percent a year-and-a-half ago.
"That's easily explained by the incredibly compelling licensing that Microsoft and Google offer," Campagna says, referring to the free distribution those companies have been offering to education customers.
But less dramatic gains can still be observed in other regulated industries, such as healthcare, where 36 percent of the organizations Bitglass reviewed have moved toward an enterprise deployment of a cloud app, up from 8 percent last year.
[ Related: Government CIOs fret over apps reliability in the cloud ]
In the financial sector, adoption increased to 37.5 percent from 9.5 last year, and would likely be higher still with more permissive industry regulations governing the use of IT.
Campagna sees a variety of factors at work in the rise in cloud adoption, and credits Microsoft with a successful sales strategy that has aggressively promoted Office 365 while also offering more flexibility in the licensing and renewal terms of its contracts. Google, too, has recently been stepping up its efforts to push its Apps suite in the enterprise, Campagna says.
[ Related: Microsoft's Unified Government Cloud Targets Public Sector ]
But there is also a larger shift underway that has seen the security concerns about the cloud at least partially abate. Young companies like Bitglass, which describes itself as a "cloud access security broker," have been popping up with the express purpose of helping enterprises lock down their data in a public-cloud environment. And within IT circles, where CISOs might not have even considered going to a public cloud a few years ago, many have lately been softening their stance on the issue as they aim to reposition security as a driver of the organization's mission.
"Within that risk-averse subset of the IT department, I've seen the attitudes just shift quite a bit over the last couple years," Campagna says. "The mindset of security practitioners in general -- and there are still some holdouts -- has shifted from one of control to one of enablement over the last couple of years."