Agencies want to double their cloud use for infrastructure (from 23% to 43%), platform/middleware (from 19% to 41%) and software/apps (from 27% to 49%), but 89% of IT respondents feel apprehensive about migrating to the cloud.
Only 44% of IT respondents said their agencies have “mature” data governance practices in the cloud; 56% said their agencies are in the process of implementing data stewardship or a more formal data governance program for their cloud services and vendors.
When it comes to data governance policies, 61% of IT respondents said they do not have quality documented metadata, 52% do not have well-understood data integration processes, 50% have not defined/identified data owners and 49% do not have known systems of record.
IT respondents said they do not feel they are successfully managing data governance with their cloud services in several areas, including remediation for data exceptions (44%), data integration (41%), collaboration/interoperability (40%) and data profiling (39%).
Agencies manage 71% of data stewardship themselves while cloud vendors manage 29%.
89% of agencies have taken steps to manage trust with their cloud vendors. Steps include keeping security functions on-premises (42%) and requiring certification of security measures taken by cloud vendors (41%).
Only one in five IT professionals is completely confident in their cloud vendors’ security. Although 54% said security is their top concern, only 20% said security provided by cloud vendors is completely sufficient. Cloud gateways may bridge the gap: 31% of respondents said they have deployed or plan to deploy them.
Some agencies are working with cloud vendors to share security responsibilities, including encrypting data in transit (33%), managing access to cloud-based apps (31%), supporting intrusion detection (31%) and forcing regular password changes (27%).
Agencies are comfortable with sharing and delegating responsibilities to cloud providers for processes, including 24-hour monitoring (60%), intrusion detection (55%), cloud access management (52%), daily hardware/software patch release monitoring (51%) and encrypting data in transit (51%).
26% of agencies currently use or plan to use a cloud brokerage service, while 28% currently use or plan to use an on-premises data broker, and 9% use both.
62% of agencies that are using or planning to use a cloud brokerage service are more comfortable handing their agencies’ IT services and apps to cloud providers than those who do not (34%).