For the past several years, RightScale has been surveying hundreds of organizations across industries and sizes to learn about their adoption of cloud computing. The RightScale State of the Cloud Report (now owned and published by Flexera) has become a valuable annual benchmark for reviewing enterprise and SMB cloud adoption trends and challenges.

This year’s report highlighted multi-cloud adoption, top challenges, and the advantages of a centralized cloud management approach. Here, we take a look at five of our top takeaways. Read on and consider how your organization compares.

1. Organizations are Struggling to Manage Growing Cloud Spend

According to the report, organizations are over budget for cloud spend by an average of 23 percent and expect cloud spend to increase by 47 percent next year. Respondents estimate they are wasting 30 percent of cloud spend. While public clouds provide agility and easy access to powerful solutions, it’s a double-edged sword. As effortless as it is to spin up new instances, it’s just as easy to lose track of unused resources – trading server sprawl for cloud sprawl. With an explosion of new services and intricate billing models, IT teams face climbing, unpredictable costs and vendor lock-in.

Takeaway: Reviewing cloud bills is often complicated, akin to reviewing an intricate telephone bill. It can be difficult to determine which application, department, or resource is the source of a cost overrun. Some options to consider:

• Identifying a cost management tracker or portal, whether from your cloud provider or a third party, is essential.

• Most organizations aren’t taking advantage of all cloud provider discounting options. Public cloud providers like Google Cloud often provide discounted or free credits, depending on your monthly spend capacity.

• Set up automated policies to shut down and rightsize workloads when you aren’t using them. For example, DevOps architects deploy infrastructure as code solutions to automate sizing.

2. Enterprises are Embracing Multi-Cloud

Enterprises are almost universally taking a multi-cloud approach to cloud adoption. 93 percent of enterprises have a multi-cloud strategy. 87 percent are taking a hybrid approach, combining the use of both public and private clouds. However: this doesn’t necessarily mean individual applications are spanning multiple clouds. The most common approach is siloed applications on different cloud. Yet surprisingly, more than one-third of respondents are using more advanced architectures, such as workload mobility between clouds.

To effectively plan for multi-cloud, even if your team is starting with one cloud, we recommend developing an overall governance model with defined policies and a suite of tools for how you will support new cloud account creation.

Takeaway: To effectively plan for multi-cloud, even if your team is starting with one cloud, we recommend developing an overall governance model with defined policies and a suite of tools for how you will support new cloud account creation. The governance model should include a standardized framework across multiple clouds, security, data access governance, and architectural standards.

3. Security Remains a Top Challenge

Enterprises are gaining extensive experience with cloud, which has led to a perceived decrease in many cloud challenges like resources and migration. However, this does not apply to security. Enterprises report security and governance as their top cloud challenges.

Takeaway: Maturity doesn’t mitigate all cloud challenges. One possible reason for the persistence of security issues is the very nature of the problem. Security is a moving target. Hackers become more sophisticated, legislation changes, and technology needs to keep up. Security is the issue that will never subside.

Identity management, access control, and data security are of utmost importance in the cloud, so developers should be equipped with robust security training. If you have moved to continuous integration and deployment, consider automating code and integrating a vulnerability review into the deployment process. Automated policy checking is also critical to ensure that identity management groups are set up correctly, SSH keys are secured, and storage buckets have appropriate access. Many cloud providers are building these policy-checking capabilities natively into their platforms.

4. Organizations are Centralizing Their Cloud Approach

As organizations adopt cloud-first strategies, many are creating a central cloud team or a cloud center of excellence (CoE) tasked with providing centralized controls, tools and best practices. The purpose of these teams is to accelerate cloud adoption by centralizing expertise while reducing costs and risk. Nearly 70 percent of organizations have a central cloud team or cloud CoE.

It’s notable that this trend is stronger with large enterprises. Many SMBs still have a de-centralized approach to cloud, with no plans for a centralized team.

Takeaway: A central cloud team can lift management burdens off the shoulders of individual departmental stakeholders and leaders. Typically this central team is responsible for overall cloud governance, spend, and migration planning. They also serve as advisors to individual stakeholders who want to leverage the cloud. If this sounds like it could solve pain points within your organization, creating a central team is something to consider in your strategic planning.

Another option is leaning on a third party, such as a cloud MSP, to provide this type of advisory oversight and cost management for your team. This may be a more reasonable approach for SMBs with fewer internal resources.

5. Containers Are Now Mainstream

As the adoption of DevOps practices grows within enterprises, so does the prevalence of container and configuration tools. 65 percent of organizations are using Docker for containers, and 58 percent use Kubernetes. AWS, Azure and Google container-as-a-service offerings are experiencing notable growth.

Takeaway: With the vast array of DevOps tooling, running the gamut from automated infrastructure provisioning and configuration, to testing and compliance, and software and infrastructure release management, many enterprises are finding that shadow IT isn’t just limited to multiple cloud providers but also lacks standardization of the tooling that’s used to manage this new world of public cloud, Infrastructure as Code, and DevOps. Traditionally thought of as a space exclusive for application developers, Enterprise IT is now able to leverage the same methodologies and technologies for managing cloud infrastructure, reaping the benefits of automation, standardization, and version control.

One area in particular where the two worlds of development and IT operations come together is Containers and Container Services, including those available from cloud providers. Containers provide enterprises with greater control, reliability, and scalability of their applications, through the use of development and deployment pipelines, which automate compliance, testing and deployment, and ensure consistency between environments.

2020 State of the Cloud: Mature, Yet Evolving

From increased agility to enhanced security capabilities, the benefits of a cloud-first, multi-cloud strategy are evident. This year’s report proves that cloud continues to become the primary, mainstream IT infrastructure priority. But what may be less obvious is how to tap into those cloud advantages in the best way possible. There are still many vendor choices and strategic decisions to be made that depend on your specific business needs and cloud expectations.

Download the full Flexera State of the Cloud Report here.