March 23, 2021 By Jo Peterson 2 min read

With all the talk about cloud solution adoption, it’d be easy to assume that on-premises IT infrastructure is fading in popularity. However, the recent IBM and Forrester Consulting study “The Key to Enterprise Hybrid Cloud Strategy[i],” found that on-premises infrastructure still has a strong presence for many enterprises. The study found that “firms are planning to increase investments toward on-premises infrastructure, and 85% of IT decision-makers (ITDMs) in our survey agree that on-premises infrastructure is critical to their hybrid cloud strategies.” In fact, 75%[ii] of IT decision makers plan to increase their infrastructure investment in the next two years.

Unfortunately, plans aren’t always followed through. On-premises infrastructure updates are often one of the first things to get pushed based on budget needs, project priority or unexpected disruptive events (such as COVID-19). The Forrester study found that 70% of responding organizations have delayed infrastructure refreshes at least a few times in the last five years or more (up from 61% in 2019).

When looking at IT projects and priorities, refreshing on-premises infrastructure is an easy candidate for delay. It’s not a flashy new project and it may be difficult to justify the cost to the C-suite. When juggling multiple projects or the need to slash the budget, IT teams may look at risk/reward equation for not refreshing existing on-premises infrastructure. A decision is arrived that everything is working well enough for now. What is often not taken into account is that there are security risks associated with this gear. In fact, the Forrester study found that half of IT decision-makers found infrastructure-based security issues and vulnerabilities following a delayed refresh.

Changing nature of cyber risk

Security isn’t getting any easier. While the overall number of reported data breaches decreased in 2020, RiskBased Security’s 2020 Year End Report[iii] found that more than 37 million records were breached last year, up 141% over 2019 and reportedly the highest number of breached records since RiskBased Security began its annual report.

While security risk is increasing, organizational commitment to updated hardware is diminishing. The Uptime Institute[iv] found that the average timeframe for a hardware refresh is now every five years (compared to an average of every three years in 2015). Think about how much has changed in the cyber security landscape over the past five years. In many cases, five-year-old infrastructure was never designed to handle the high-risk workloads and security challenges we now task it with.

With the increasing adoption of artificial intelligence (AI) and machine learning (ML) in business and technology applications, the need to support data-sensitive workloads is far greater than it was five years ago and will only increase. Forrester Consulting found that 84% of ITDMs anticipate greater data-sensitive workloads going forward. Couple all that with rigorous compliance standards that are closely tied to infrastructure security and it’s easy to see how not regularly refreshing infrastructure can create a dire security risk and impact an organization’s overall security posture.

<< Explore on-premises IT infrastructure for secure and resilient hybrid cloud >>

Adopting a holistic security posture

Security isn’t a single headed monster, and the enterprise approach to strong, holistic security needs to remain equally multi-faceted. That includes not forgetting or dismissing the importance of regularly refreshing on-premises infrastructure, even as enterprises build out increasingly complex hybrid cloud solutions.

When was the last time you refreshed your on-premises infrastructure? How does that play into your cloud and hybrid cloud plans?

Was this article helpful?

More from Cloud

IBM Tech Now: April 8, 2024

< 1 min read - ​Welcome IBM Tech Now, our video web series featuring the latest and greatest news and announcements in the world of technology. Make sure you subscribe to our YouTube channel to be notified every time a new IBM Tech Now video is published. IBM Tech Now: Episode 96 On this episode, we're covering the following topics: IBM Cloud Logs A collaboration with IBM and Anaconda IBM offerings in the G2 Spring Reports Stay plugged in You can check out the…

The advantages and disadvantages of private cloud 

6 min read - The popularity of private cloud is growing, primarily driven by the need for greater data security. Across industries like education, retail and government, organizations are choosing private cloud settings to conduct business use cases involving workloads with sensitive information and to comply with data privacy and compliance needs. In a report from Technavio (link resides outside, the private cloud services market size is estimated to grow at a CAGR of 26.71% between 2023 and 2028, and it is forecast to increase by…

Optimize observability with IBM Cloud Logs to help improve infrastructure and app performance

5 min read - There is a dilemma facing infrastructure and app performance—as workloads generate an expanding amount of observability data, it puts increased pressure on collection tool abilities to process it all. The resulting data stress becomes expensive to manage and makes it harder to obtain actionable insights from the data itself, making it harder to have fast, effective, and cost-efficient performance management. A recent IDC study found that 57% of large enterprises are either collecting too much or too little observability data.…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters