No organization today, even the most conservative and secretive ones, can pretend that they are 100% cloud-free. The range of cloud-based solutions, from virtual machines hosting backend IT systems to Software as a Service, from IT-sanctioned platforms to user-provisioned consumer services, is simply too great for an organization to completely avoid.
I recall a senior IT executive from a global bank telling me they didn't use the cloud (for security reasons), "except for Salesforce.com." I guess customer data did not qualify as a security risk. Or maybe "that" cloud was deemed secure.
The only way to completely prevent cloud usage is to shut down internet access to users. Essentially, the modern equivalent of what you only see in spy movies: a sealed network, custom-made computers with no USB port, no external hard drive, and employees are searched on their way in and out of the office. Except that "no-internet" is not really practical in the twenty-first century.
Barring a sealed network, users will bypass rules and use cloud services! It can be as simple as using a file sharing system such as Dropbox to send files to colleagues. Or signing up for cloud-based analytics services in which they will upload company data to get nice reports. It can also go all the way to provisioning a mission-critical business application (CRM for example) or a data backend for a mobile app, without having to go through IT.
For IT, the challenge is therefore shifting. Since they can't fight cloud, they have to embrace it, to make it part of the company's culture. Instead of blocking access, they need to educate users on how to properly use cloud services and secure company data.
Analyst firm Gartner concurs. By 2020, recent research shows, a corporate "no-cloud" policy will be as rare as a "no-internet" policy is today. Jeffrey Mann, research vice president at Gartner, confirms that many organizations with a "no-cloud" policy actually have some under-the-radar or unavoidable cloud usage.
But the inapplicability of the policy is not the biggest challenge facing IT. The real issue at hand is that software is now cloud-first. Most vendors build software for the cloud before building it for on-premises deployment, and some vendors actually don't even develop installable software. Salesforce.com is probably the most blatant example, having always flatly refused to deploy dedicated versions even for very large deals.
This is confirmed by Yefim V. Natis, research vice president at Gartner, who said that most leading-edge IT capabilities will be available only in the cloud. This will force reluctant organizations closer to cloud adoption. Gartner actually predicts that by 2019, more than 30% of the 100 largest vendors' new software investments will have shifted from cloud-first to cloud-only.
IT organizations that deny the reality of cloud are slowly but surely sliding into oblivion. If they don't, it is likely that the company they support will be the one sliding into oblivion.