Research reportThe state of cloud computing in 2025 and beyond

Introduction

The world of cloud computing is in a constant state of change.

In 2025, more businesses than ever are adopting cloud solutions, whether they opt for private, public, or multi-cloud solutions.

We wanted to learn more about why organizations and leading IT professionals choose to use the cloud (or not, depending on the needs).

That's why we conducted a survey in in the final quarter of 2024—to hear from more than 600 IT experts and leaders at their organizations.

Understanding how IT leaders at the world’s largest organizations are responding to changes is invaluable.

With cloud migration comes challenges and new concerns, particularly around security. See how IT professionals across industries and verticals are tackling obstacles today—and how they are planning ahead for future challenges.

With Parallels RAS, the path to app and desktop delivery starts here, no matter where your workloads live. Sign up for a free 30-day trial of Parallels RAS to begin your cloud migration journey!

Executive summary: Key insights on cloud strategy

Our survey of 600 IT leaders and experts uncovered some remarkable insights. Here are some of the more interesting findings:

• Almost 9 out of 10 or 88% of respondents said their organization was planning to increase their security budget in the coming year, and nearly half or 45% are planning to significantly increase it.
• Moving workloads away from the public cloud at their organization is a significant trend, with a remarkable 86% of respondents reporting they’re either considering or actively planning on it.
• Another 27% planned to adopt a hybrid cloud model, and 14% planned to move workloads fully on-premises as opposed to the cloud.
• Where are workloads being run now? 50% of those surveyed ran workloads in the multi-cloud (or multiple clouds), while 32% used a hybrid or a combination of cloud and on-premises resources.
• Not surprisingly, the demand for remote work isn’t going anywhere, with 85% of organizations allowing for some type of remote work.

Read on for all our discoveries and insights in the state of cloud computing in 2025.

Survey methodology

We asked 600 IT professionals across the United States, the United Kingdom, Canada, Japan, and the European Union about their cloud journeys – what's working, what isn’t, and what’s next.

Here’s who we spoke to:

• 38% worked for large organizations (1000-5000 employees)
• 29% worked for mid-size organizations (500 to 1000 team members)
• 17% for smaller companies (300 to 500 employees)
• 17% for major corporations with 5000 or more team members.

Industries varied but included architecture, education, healthcare, financial services, and more. Interestingly, tech professionals dominated our respondents:

• 33% presented Independent Software Vendors (ISVs)
• 30% worked with Managed Service Providers (MSPs)
• 23% were customers of IT services
• 7% were hardware vendors

What we found is that the focus and desire for hybrid or remote work shows no signs of waning, despite calls for a return to the office by various organizations across industries.

This may play a role in the ongoing migration to the cloud and the corresponding rise in the adoption of SaaS applications versus hosted applications.

All the options or initiatives require a certain level and type(s) of security, influencing the solutions chosen by organizations seeking to leverage the cloud in some way, shape, or form.

With hybrid and remote work here to stay, it’s shaping decisions about cloud adoption, security, and infrastructure. Here is the breakdown.

Hybrid working is transforming IT

Many companies are requiring that employees return to the office in 2025; at least, that’s the common refrain in the media.

While some larger companies are calling for a return to the office, our survey reveals that remote work remains a priority for most organizations.

• A whopping 84% of respondents shared that their companies allow remote work when roles permit it.
• Many cited remote work as a driving force behind adopting DaaS (Desktop-as-a-Service) or VDI (Virtual Desktop Infrastructure) solutions.

Of course, remote work has its own set of challenges, particularly in the security realm.

One of the most significant issues was providing and managing access to desktops and apps for remote users, followed by more complex endpoint security management.

This goes hand-in-hand with the need for better security awareness and training for end users.

How has hybrid work changed security posture?

The necessity of remote work has also increased ransomware and phishing, with malicious actors adapting their techniques in response to how remote teams work.

Organizations that rely on remote workforces also need to extend monitoring across more devices and networks, resulting in a larger workload for IT admins and cybersecurity teams.

Incident response planning can also be more complex with a remote workforce.

Adherence to compliance requirements and standards is also a challenge for remote teams.

Key learnings: Remote work and the cloud

The demand for remote work isn’t going anywhere. The need for remote work influences IT decisions, especially around security and infrastructure.

Responding to this demand means that having the right tools or solutions for app and desktop delivery in place is more important than ever.

For example, authentication and access controls can mitigate these attacks. Technologies like multi-factor authentication (MFA) or conditional access policies help control access.

Developing clear guidelines around remote work is also essential, such as hours that team members can engage or should be available, safety and privacy requirements for their work environments, and any other factors that may matter to a given organization.

Just as important, providing cybersecurity training and highlighting risk awareness for all remote team members is essential.

Employees must recognize phishing attempts and understand the importance of securing their devices.

IT teams need to manage access to apps and desktops and monitor more devices and networks.

Making the move to the cloud

The number of businesses moving to the cloud has had its ups and downs over the past several years, but it’s been mainly on a long-term upswing.

Our survey results underscored the cloud’s popularity.

Multi-cloud solutions are leading the charge, with half of all organizations using multiple cloud providers suggesting that organizations value flexibility, redundancy, and vendor diversity.

32% adopted a hybrid model (a mix of cloud and on-premises resources) indicating that companies still rely on on-premises infrastructure while leveraging the benefits of the cloud.

Only 2% kept their resources purely on on-premises, possibly due to compliance requirements or the sensitive nature of their data.

But public cloud reliance appears to be under review.

• 86% of respondents said they’re either considering or actively planning on moving workloads away from the public cloud, pointing towards a shift towards gaining more control.
• Of this group, 27% planned to adopt a hybrid cloud model, and 14% planned to move workloads fully on-premises.

Cost concerns, performance issues, and the need for centralized control drive this shift.

The highest number of respondents currently using the cloud reported that the amount of IT resources required by their current virtualized IT environment was a primary challenge.

Lack of centralized control, high costs, an overabundance of complexity, and performance issues or reliability are the common issues with their DaaS solutions running in the cloud.

What are the most common issues you experience with your current DaaS/VDI solution?

Of those surveyed, 50% ran workloads in the multi-cloud (or multiple clouds), while 32% used a hybrid or a combination of cloud and on-premises.

Another 15% used a single cloud solution; the rest reported keeping their workloads on-premises or using other options.

Are you running workloads in the cloud?

When asked about using the public cloud specifically, 45% of respondents used the public cloud but were considering a move back to on-premises (from the public cloud) in the future.

Another 27% stated that they would consider a hybrid model, followed by 14% who would prefer to be fully on-premises.

The other 14% reported they were planning to keep workloads in the public cloud—a relatively small number, reinforcing the evidence that most businesses see value in multi-cloud or hybrid strategies.

Do you anticipate migrating workloads from the public cloud back to on-premises infrastructure, currently or in the future?

When asked if they anticipate a move from the public cloud back to on-premises? Nearly half or 45% suggested considering moving some workloads back on-premises.

This response may indicate dissatisfaction with the cloud due to typical frustrations like cost, lack of control, or performance.

Another 27% expect a hybrid approach, meaning they’re opting for a cloud and on-premises infrastructure mix.

14% plan to move entirely back on-premises, which suggests concerns over security, compliance, or cost management.

Finally, 14% remain entirely in the cloud, a relatively small number which reinforces how most businesses see value in cloud strategies.

What’s next? Change.

With significant disruption in the EUC virtualization market, what leading reasons can influence change in your company's IT strategy?

Cost concerns are the primary driver of market changes according to 42%, highlighting a need for more cost-effective solutions.

A lack of future support (as cited by 26% of respondents) signals uncertainty around software vendor commitments to their customers—which could be due to these announcements heard from leading EUC vendors like Citrix or Omnissa.

17% of the participants suggested that compatibility with existing IT environments is a challenge, highlighting the benefits of open integration and flexibility in solutions chosen by vendors.

Concerns about product roadmaps were also cited by 14% of those surveyed, but this issue could be more of a long-term concern as opposed to other more immediate shifts in priorities.

With significant disruption in the VDI/DaaS market, what leading reasons can influence change in your company's IT strategy?

Knowing this, it’s unsurprising that 58% of respondents reported that they were seeking a new VDI or DaaS solution, with a further 14% stating they were unsure — so perhaps they could be open to a change in certain circumstances.

After all, today’s EUC market is very much in flux with high interest in alternative virtualization solutions.

Is your organization seeking a new DaaS/VDI solution right now?

Half of those surveyed aim to move within the next four to six months, with 20% planning to make a move sooner or within the next three months.

Only 8% of respondents plan to stick with their current VDI or DaaS solution for the next year or more.

What is your timeframe for implementation?

Key learnings: Infrastructure choices in 2025

Businesses are becoming more cautious about their public cloud reliance in 2025.

They are exploring alternative solutions for their IT strategy with the goal of optimizing costs and supporting working practices.

Multi-cloud adoption is still the most popular infrastructure strategy, but some businesses are considering a move back to on-premises.

There is an increasing demand for new, cost-effective, and reliable solutions, with many organizations planning to make changes soon.

Cost is a major driver for change, as well as the need to retain control over IT environments,

Opting for a flexible solution that integrates with key technology partners like AWS, Azure or Nutanix — such as Parallels RAS — helps to ensure your organization’s shift in infrastructure strategy goes as smoothly as possible. Note that Parallels RAS integrates with ControlUp for optimal tracking.

Other factors to consider when making decisions around your organization’s VDI or DaaS choices include data security and compliance with any necessary industry or government regulations.

Every organization or IT leader has reasons to support cloud infrastructure set-up since the cloud presents many tangible benefits.

However, on-premises infrastructure often remains essential for providing security and cost predictability to businesses.

By embracing a hybrid and/or multi-cloud approach, companies can leverage the strengths of both the cloud and on-premises environments.

Parallels RAS and Parallels DaaS both allow for this flexibility, empowering organizations to seamlessly manage virtual desktop deployments across on-premises, public cloud, or hybrid environments. This highly customizable approach ensures a gradual transition to the cloud while preserving stability, security, and control over IT operations.

SaaS vs installed or applications hosted on-premises: The key trends

The popularity of SaaS applications is on the rise. It’s not surprising—SaaS solutions offer plenty of great benefits.

However, in many instances, hosted apps are still vital in the modern IT environment, with many line-of-business applications or legacy applications unable to be moved to the cloud.

Our survey included questions about cloud-based SaaS versus hosted apps.

What % of applications are installed on-premises or in a cloud environment versus delivered as a service (SaaS)?

This data shows an incredible adoption of cloud-based applications, with 85% of all respondents reported having some level of SaaS.

Breaking this down, generally there is a healthy mix of both cloud-based and installed applications, with the slight majority, or 34%, having 75% installed applications versus 25% cloud-based.

What % of applications are installed on-premises or in a cloud environment versus delivered as a service (SaaS)?

This is nearly as many (33%) reporting a 50/50 mix of installed and cloud-based apps, followed by 16% with 75% of their apps in the cloud and 25% installed.

15% used installed apps only, and 2% said they rely solely on cloud-based applications.

SaaS has significantly impacted organizations, with 34% citing its scalability as the most significant factor, followed by how SaaS applications are easier to manage.

Other key positives that our respondents reported include accessibility from anywhere or any device (13%), enhanced security (12%), and lower up-front costs (11%).

It has been suggested by BetterCloud that average companies use 112 SaaS applications.

Most of these SaaS apps, if not all of them, are generally accessed through a web browser.

With so many applications being used via the web browser, organizations have new concerns—ensuring secure access control and protecting against bad agents and malware.

What security technology are currently deployed (firewall, VPN, Browser Isolation, etc.)?

What’s alleviating those concerns?

For 91.5% of respondents, it starts with a firewall.

Another 70% also had antivirus solutions; 66% stated they had VPNs for their users, while 42% had browser isolations.

Enterprise browsers are used by 39% of respondents. Note for this question, users were allowed to select more than one option.

Key learnings: SaaS vs hosted on-premises

SaaS is popular for its scalability, accessibility, flexibility, lower up-front costs, and unparalleled convenience.

However, installed or hosted on-premises is a preferred option for customized or legacy applications, with respondents citing challenges such as rising costs, lack of integration, and security when applications are accessed in a hybrid or remote work environment and/or through a web browser.

Many are looking for ways to integrate both SaaS and hosted applications into a unified solution using VDI or DaaS, offering the best of both worlds.

Modern security adoption remains a challenge

Security is often the biggest challenge and source of stress for the modern IT professional.

That’s because the impact that a major—or even minor—cyberattack on an organization can be devastating.

Remote work and/or using DaaS or VDI setups have unique considerations and challenges, making today’s security environment more complex.

More than half of our survey respondents reported they rely on firewall and network security solutions, followed by 19% that utilize antivirus and anti-malware software.

However, these solutions alone won’t keep hybrid work environments secure.

Accordingly, another 11% offered security training for users, 10% reported having manual oversight and policy enforcement, and only 6% said they had browser isolation technology. Other measures mentioned include advanced threat detection and Zero Trust architecture

The ability to provide secure access no matter where your organization’s users are located is an essential problem to solve for today’s IT teams, with work from home (or “work from wherever”) more in demand than ever.

Respondents reported that this was one of their primary challenges related to their organization’s security posture.

The increasingly complex endpoint management was ranked as the second biggest challenge by those surveyed.

Then comes the need for stronger employee security awareness and training, which goes together with the increase in ransomware and the rise of new phishing techniques.

The requirement for extended monitoring across devices and networks, a growing focus on incident response planning, and difficulty meeting compliance requirements were also noted as security challenges, in that order.

What are your biggest security concerns?

Ransomware and malware attacks were reported as the biggest security concern by 39% of those surveyed, followed by 37% citing cloud vulnerabilities.

Another 18% said human error (like weak passwords or employee negligence) was their largest struggle, and 9% said that social engineering kept them up at night.

Has your organization experienced a security breach in the past year?

Given all these security measures, one should expect a few surveyed to be successfully protected from security breaches.

It follows that 55.8% of respondents said they had not experienced a security breach in the previous year; however, 41.8 said they had, with 2% choosing to say they were unsure.

What is the organization’s current methodology for identifying potential risks and vulnerabilities (Pen tests, Vulnerability Assessment programs, bug bounties, etc.)

So, how do organizations identify potential security risks or threats in 2025?

Vulnerability assessment programs are used by 49.1% of those surveyed, and another 27.3% use pen tests or penetration testing, followed by 19.1% who have Attack Surface Management Programs.

Only 3.1% use bug bounties and less than 2% of respondents stated "other" or "not sure" and declined to clarify.

How often are risk assessments conducted?

According to those surveyed, risk assessments are conducted monthly at 48% of organizations, quarterly at 45%, and annually at 6%.

What is your organization's budget outlook for cybersecurity next year?

Security policies that were ranked as extremely important by survey respondents include multi-factor authentication, data encryption policies, and data loss prevention tools.

Organizations also rely on Zero Trust architecture, Cloud Security Posture Management (CSPM), access control policies, and secure file sharing protocols, in that order of importance.

Naturally, all these measures and tools are a major line item in many organization’s IT and technology budgets.

A healthy percentage—45%—reported that their company was planning to significantly increase their security budget in the next year, with another 43% planning on a moderate uptick in security costs.

A smaller group, at 11.3%, stated it was staying the same, and less than 1% said their security budget was decreasing in 2025.

Key learnings: Security and the cloud

Implementing Zero Trust policies and offering more intensive and robust security and cyber safety training for employees (remote employees in particular) are key to protecting your organization in 2025, according to the mood and mentality of the IT professionals surveyed.

Firewalls, VPNs, and antivirus software are common foundational tools.

Organizations are significantly increasing their cybersecurity budgets, reflecting the growing priority placed on safeguarding digital infrastructures against ever-evolving threats.

One way to do so is to adopt advanced security technologies like Parallels Browser Isolation and/or choose a VDI or DaaS solution that enables more robust security posture. A solution like Parallels RAS or Parallels DaaS provides a solid foundation for a more secure 2025 —and beyond.

Implications of cloud adoption in 2025 and beyond

The results are clear. Cloud adoption isn’t slowing down, but its shape is evolving.

IT leaders are looking are looking for balance—securing the control and performance of on-premises systems while still enjoying the flexibility of the cloud.

Here’s what your business can do:

1. Develop a cloud strategy: Define clear priorities tailored to your team’s needs through cloud-native or hybrid solutions.
2. Take it step-by-step: Explore hybrid models before fully migrating to the private, public, or multi-cloud.
3. Choose flexible tools: Find solutions that integrate easily with platforms like AWS and Azure to reduce complexity and boost reliability.

Why adopting the right cloud strategy is critical for IT leaders

While the cloud remains a fundamental part of many organizations' IT infrastructures, organizations across the globe are moving towards more complex, hybrid infrastructure models rather than pure cloud solutions.

Many organizations intend to maintain a significant on-premises footprint, despite the advantages of SaaS applications.

The DaaS and VDI markets are in flux.

Organizations looking to change providers for more cost-efficient solutions with comprehensive support and better integration options.

Security also remains a crucial concern, with 88% of those surveyed planning on increasing their cybersecurity budgets.

All these learnings underscore how remote work has become the standard. Teams with the ability to work remotely is a must for any organization that wishes to remain competitive.

While the challenges are real—with security, cost, and flexibility at the forefront—so are the opportunities.

It has driven many of the infrastructure and security changes covered in this document and will no doubt continue to do so in the future.

Whether you’re planning your first step toward the cloud or reviewing your organization’s existing setup, the right approach sets the stage for success.

With Parallels RAS, the path to app and desktop delivery starts here, no matter where your workloads live. Sign up for a free 30-day trial of Parallels RAS to begin your cloud migration journey!

Appendix

View survey data