EMEA region leads the way for multi-cloud adoptions finds F5

New research from F5 reveals that the EMEA region leads the way for multi-cloud adoption, although security and skill gap challenges remain.

Brett Ley, Senior EMEA Cloud Director, F5.

According to the sixth annual State of Application Services (SOAS) report, 88% of surveyed EMEA organizations are now leveraging multi-cloud environments, compared to 87% in the Americas and 86% in the APCJ region.

27% of EMEA respondents also claimed they will have more than half of their applications in the cloud by the end of 2020. Meanwhile, 54% agree that cloud in all its forms is the top strategic trend for the next two to five years

The SOAS report goes on to note that EMEA organizations are now more likely than any other region to choose cloud platforms that support applications on a case-by-case basis, with 43% opting for the increasingly popular approach (compared to 42% worldwide). This chimes with the fact that 70% state that it is “very important” to be able to deploy and enforce the same security policies on-premises and in the cloud. In the Americas, 69% of respondents concurred, with APCJ slightly behind on 65%.

“Inflexible, one-size-fits-all solutions won’t work anymore in the cloud, so it is encouraging to see that per-application strategies are becoming more widespread in EMEA,” said Brett Ley, Senior EMEA Cloud Director, F5.

“Every application is unique and serves a specific function, such as finance, sales, or production. Each will have end users that scale from less than a hundred to into the millions. And each has a different risk exposure that can span from a breach being simply embarrassing to costing the business billions of dollars’ worth of damage.”

Enduring challenges and security concerns
33% of EMEA organizations cite regulatory compliance as the biggest challenge when managing applications in multi-cloud environments, which is once again higher than any other region, and partly due to complexities stemming from the EU General Data Protection Regulation (GDPR).

Other pressing concerns include applying consistent security policies across all applications (30%), safeguarding against emerging threats (28%), and migrating applications between clouds and data centres (28%).

When it comes to security postures, respondents reported lower confidence levels in their ability to withstand an application-layer attack in the public cloud (only 15% were “very confident” they could do so), versus in an on-premises data center (30%) or via colocation deployments (20%).

The cloud security challenge is further exacerbated by a growing industry skill gap: as many as 66% of EMEA organizations believe they lack necessary security talent going forward. America is closely behind with 65% claiming the same. The problem was most pronounced in the APJC region where it was an issue for 76%.

Despite EMEA‘s proactive embrace of per-app cloud strategies, the SOAS report found that many still struggle to provide security parity across all application environments.

It is an ongoing issue across the world and is complicated by the sheer diversity of the average application portfolio. No generation of technology is currently leading the way. According to SOAS respondents from all surveyed regions, client-server architecture remains the most prominent and accommodates around a third (34%) of applications, with three-tier web applications coming in second at 26%. Newer mobile (14%) and microservices/cloud-native (15%) architectures are on the rise, but old school mainframe/monoliths still account for 11%.

“A heterogeneous mix of application architectures is currently the norm and highlights the fact that multi-cloud deployments are very much here to stay,” added Ley.

“It is important to realize that the notion of achieving a single application architecture or uniform infrastructure environment is a pipedream for most organizations of scale. As such, it is imperative to have application services that span multiple architectures and multiple infrastructures. This will ensure consistent – and cost-effective – performance, security, and operability across the entire application portfolio.”