The Five Personas of Cloud Adoption

The Five Personas of Cloud Adoption
The Five Personas of Cloud Adoption

The research was undertaken by Vanson Bourne and involved 700 interviews with employees from companies with 500 or more staff across a wide range of industry and public sectors. Particular emphasis was placed on the financial services, retail, pharmaceuticals, telecommunications, utilities, petrochemicals and healthcare sectors.

The purpose of the research was to try to understand why similar companies adopt different cloud strategies: "it is entirely likely that similar organisations will adopt different cloud implementations in different ways and to different extents," notes the report. So, "Does an organisation’s level of cloud adoption - its cloud persona - result in them being more likely to use a public, private, or hybrid cloud solution in various circumstances?" The report then goes on to examine the different personas' differing attitude towards security.

The five different personas revealed by the research, from least to most in favor, are controllers, accepters, experimenters, believers and embracers. Controllers are least likely to have adopted the cloud (although only 29% say they have no intention of ever doing so). The basic premise here is a belief that the best way to ensure both security and compliance is to retain control of company data within company data centers.

The second category, accepters, have largely already adopted cloud technologies, but to a limited extent. It is on a case-by-case basis where security and compliance is not an issue. Like controllers, they tend to believe that cloud cannot guarantee security and compliance, but they accept that it is the best solution in some areas.

"The third persona group," says the report, "being the mid-point, is representative of the average organisation at present." Only 13% of experimenters have so far migrated the majority of their data into the cloud, but most intend to do so within the next year. The overriding characteristic here is that these companies "either experiment with new technologies when brought to their attention (30%) or they actively seek out and experiment with new technologies (33%)." They have moved on from fear of the cloud "to the extent that they not only think that cloud could help them in instances when security and regulations are paramount, but that cloud is best placed to do so." They tend, however, to prefer private cloud to public or hybrid cloud.

Believers are similar to experimenters, but have more mature implementations and have been using cloud services for longer. "As a result," says the report, "they are likely to have explored hybrid and public solutions in more detail," and their cloud implementations have evolved into something more than just an emulation of the traditional data center.

Needless to say, the embracers are the most enthusiastic of all. "They have invested in cloud, understood the implications of delivery through such means, and are confident in its security and legal compliance."

One thing that is very clear from this research is that cloud adoption is heavily tied to the adopters' perception of security and compliance risks. However, the report suggests that organisations are not bound to their current persona. "Instead," it says, "they are five steps on a scale of adoption." As security and compliance capabilities in the cloud improve, and as adopters become more accustomed to the cloud, so they will likely progress from controllers to embracers.

In this sense, the Integralis research suggests that the original categories (those that have and those that will adopt cloud) remains valid – it's just that there are additional steps between the two largely governed by security and compliance perceptions.

What’s Hot on Infosecurity Magazine?