The cloud has come a long way over the past five years. The technology has undergone a succession of radical upgrades and transformations that have surprised even many of the technology’s strongest advocates.
As cloud service providers and adopters move into the next half-decade, here’s a look at five important ways that the cloud has advanced since 2020.
1. Zero-trust architecture emerges
As organizations move more workloads to the cloud, often in response to the existential demands of a high-velocity digital economy, traditional perimeter-based security models have failed to keep pace with the dynamic, distributed nature of traditional digital architectures, says Nigel Gibbons, a director and senior advisor at cybersecurity services firm NCC Group, in an email interview. “Amid these challenges, the concept of zero trust emerged alongside the secure by design cornerstone principle, fundamentally reappraising identity, access and trust within cloud environments.”
Previously, security strategies relied on guarding a static network perimeter. Once inside the corporate network, users, devices, and services were often trusted by default. Zero trust, by contrast, assumes no inherent trust and evaluates each request as if it comes from an untrusted network. “In cloud settings, where applications, data, and users reside across numerous remote endpoints, zero trust ensures that each interaction is strictly verified, regardless of location or prior access,” states Gibbons.
Gibbons observes that zero trust has also accelerated improvements in identity and access management solutions, such as multifactor authentication, single sign-on, and just-in-time access, with adaptive access policies built on continuous adaptive risk and trust assessment principles becoming standard practice.
2. FinOps standardizes cloud spending
The FinOps organization and the implementation of FinOps standards across cloud providers has been the most impactful development over the last five years, states Allen Brokken, head of customer engineering at Google, in an online interview. This has fundamentally transformed how organizations understand the business value of their cloud deployments, he states. “Standardization has enabled better comparisons between cloud providers and created a common language for technical teams, business unit owners, and CFOs to discuss cloud operations.”
The FinOps framework helps organizations understand exactly what they’re spending, how they’re spending it, and where they’re spending it. “This enables better demand shaping, whether through moving workloads to spot instances or improving committed use management,” Brokken says.
3. Public cloud adoption democratizes access
Widespread adoption of public cloud architecture has been one of the most important developments of the past five years, says Lloyd Adams, president of enterprise application software firm SAP North America.
The public cloud has democratized access to technology and increased accessibility for organizations across industries that have faced intense volatility and change in the past five years, Adams observes via email. “This innovation has facilitated a new level of co-innovation and enabled new business models that allow companies to realize future opportunities with ease.”
Public cloud platforms offer adopters immense benefits, Adams says. “With the public cloud, businesses can scale IT infrastructure on-demand without significant upfront investment.” This flexibility comes with a reduced total cost of ownership, since public cloud solutions often lead to lower costs for hardware, software and maintenance.
Public cloud adopters also reap the benefit of immediate access to cutting-edge technologies, such as artificial intelligence, machine learning, and analytics. “The cloud’s flexibility and speed have enhanced agility and innovation, enabling companies to experiment with new ideas and bring products to market faster,” Adams says.
4. Security as code arrives
Security as code, in the form of DevSecOps, leverages a collection of cloud native technologies and methods. “This has not only shifted security into the delivery team, it allowed security to scale as an embedded consideration, rather than an external force that development and infrastructure teams feel like they need to resist or operate around/within,” says Travis Runty, CTO of public cloud at Rackspace Technology, in an online interview.
Security as code is an example of hyper-converging skillsets and teams, further enabling natural awareness and ownership, Runty states. “It’s a great example of a technology creating velocity, changing the way teams are structured, and ultimately reducing overall business risk”.
Having the ability to incorporate security into core and real-time infrastructure deployments has allowed teams to leverage security as a strength, and enforce it without fail, Runty says. “This enforcement can include general security best practices, compliance considerations, protecting credentials, or other sensitive information — even managing internal design and architectural standards.”
5. Serverless computing arrives
Serverless computing has emerged as a key cloud innovation, helping organizations become more agile while accelerating time-to-market, minimizing infrastructure overhead, and optimizing cloud costs, says Farid Roshan, global head of AI at data and digital engineering solutions firm Altimetrik.
In response to specific events, serverless platforms work to execute small, stateless code segments known as functions. “These functions simplify scaling and reduce the complexity of computing resources, which are allocated only for the function’s execution duration, eliminating the need for pre-provisioned infrastructure,” Roshan says in an email interview.
With serverless computing, engineering teams are freed from managing servers, operating environments, and scaling mechanisms. “This allows engineers to focus on innovation, building scalable, cost-efficient applications by shifting operational overhead to cloud providers,” Roshan concludes.