March 23, 2021 By Jo Peterson 2 min read

With all the talk about cloud solution adoption, it’d be easy to assume that on-premises IT infrastructure is fading in popularity. However, the recent IBM and Forrester Consulting study “The Key to Enterprise Hybrid Cloud Strategy[i],” found that on-premises infrastructure still has a strong presence for many enterprises. The study found that “firms are planning to increase investments toward on-premises infrastructure, and 85% of IT decision-makers (ITDMs) in our survey agree that on-premises infrastructure is critical to their hybrid cloud strategies.” In fact, 75%[ii] of IT decision makers plan to increase their infrastructure investment in the next two years.

Unfortunately, plans aren’t always followed through. On-premises infrastructure updates are often one of the first things to get pushed based on budget needs, project priority or unexpected disruptive events (such as COVID-19). The Forrester study found that 70% of responding organizations have delayed infrastructure refreshes at least a few times in the last five years or more (up from 61% in 2019).

When looking at IT projects and priorities, refreshing on-premises infrastructure is an easy candidate for delay. It’s not a flashy new project and it may be difficult to justify the cost to the C-suite. When juggling multiple projects or the need to slash the budget, IT teams may look at risk/reward equation for not refreshing existing on-premises infrastructure. A decision is arrived that everything is working well enough for now. What is often not taken into account is that there are security risks associated with this gear. In fact, the Forrester study found that half of IT decision-makers found infrastructure-based security issues and vulnerabilities following a delayed refresh.

Changing nature of cyber risk

Security isn’t getting any easier. While the overall number of reported data breaches decreased in 2020, RiskBased Security’s 2020 Year End Report[iii] found that more than 37 million records were breached last year, up 141% over 2019 and reportedly the highest number of breached records since RiskBased Security began its annual report.

While security risk is increasing, organizational commitment to updated hardware is diminishing. The Uptime Institute[iv] found that the average timeframe for a hardware refresh is now every five years (compared to an average of every three years in 2015). Think about how much has changed in the cyber security landscape over the past five years. In many cases, five-year-old infrastructure was never designed to handle the high-risk workloads and security challenges we now task it with.

With the increasing adoption of artificial intelligence (AI) and machine learning (ML) in business and technology applications, the need to support data-sensitive workloads is far greater than it was five years ago and will only increase. Forrester Consulting found that 84% of ITDMs anticipate greater data-sensitive workloads going forward. Couple all that with rigorous compliance standards that are closely tied to infrastructure security and it’s easy to see how not regularly refreshing infrastructure can create a dire security risk and impact an organization’s overall security posture.

<< Explore on-premises IT infrastructure for secure and resilient hybrid cloud >>

Adopting a holistic security posture

Security isn’t a single headed monster, and the enterprise approach to strong, holistic security needs to remain equally multi-faceted. That includes not forgetting or dismissing the importance of regularly refreshing on-premises infrastructure, even as enterprises build out increasingly complex hybrid cloud solutions.

When was the last time you refreshed your on-premises infrastructure? How does that play into your cloud and hybrid cloud plans?

More from Cloud

Sensors, signals and synergy: Enhancing Downer’s data exploration with IBM

3 min read - In the realm of urban transportation, precision is pivotal. Downer, a leading provider of integrated services in Australia and New Zealand, considers itself a guardian of the elaborate transportation matrix, and it continually seeks to enhance its operational efficiency. With over 200 trains and a multitude of sensors, Downer has accumulated a vast amount of data. While Downer regularly uncovers actionable insights from their data, their partnership with IBM® Client Engineering aimed to explore the additional potential of this vast dataset,…

Best practices for hybrid cloud banking applications secure and compliant deployment across IBM Cloud and Satellite

10 min read - Financial Services clients are increasingly looking to modernize their applications. This includes modernization of code development and maintenance (helping with scarce skills and allowing innovation and new technologies required by end users) as well as improvement of deployment and operations, using agile techniques and DevSecOps. As part of their modernization journey, clients want to have flexibility to determine what is the best “fit for purpose” deployment location for their applications. This may be in any of the environments that Hybrid…

Level up your Kafka applications with schemas

4 min read - Apache Kafka is a well-known open-source event store and stream processing platform and has grown to become the de facto standard for data streaming. In this article, developer Michael Burgess provides an insight into the concept of schemas and schema management as a way to add value to your event-driven applications on the fully managed Kafka service, IBM Event Streams on IBM Cloud®. What is a schema? A schema describes the structure of data. For example: A simple Java class…

SSD vs. NVMe: What’s the difference?

7 min read - Recent technological advancements in data storage have prompted businesses and consumers to move away from traditional hard disk drives (HDDs) towards faster, lower-latency solid-state drive (SSD) technology. In this post, we’re going to look at this new technology, as well as the fastest and most popular protocol available to connect it to a computer’s motherboard—non-volatile memory express (NVMe). While the terms SSD and NVMe are often used to describe two different types of drives, they are actually different data storage…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters