With the initial launch of the public cloud around 20 years ago, the industry ushered in a new era of scalable, on-demand ‘as-a-service’ models. Fast forward to 2025, and the public cloud is far from retreating – it is now playing a central role in more complex, resilient IT strategies. But how companies are using the cloud is evolving. New survey data from Parallels reveals that IT professionals at midsize companies are not abandoning their cloud strategies, they’re further optimizing them – embracing hybrid and multi-cloud models that examine flexibility, performance and security. They are reexamining the cost and benefits of SaaS, VDI, DaaS and other cloud solutions.
For midsize companies, this shift reflects a more strategic, value-conscious approach to the cloud. They often lack the expansive budgets or large IT teams of enterprise organizations, so their cloud decisions are being made with tighter cost controls, simplified management and stronger ROI in mind. Cloud choices are more intentional – and often more innovative – as these businesses try to balance agility and security with operational efficiency.
This mindset is fueling a growing interest in hybrid and multi-cloud environments, in fact, 47% of the respondents are now operating in multi-cloud environments, while 35% are currently using hybrid cloud setups – with another 25% planning to adopt a hybrid cloud model soon – clear signs that midsize companies are diversifying their cloud strategies and getting smarter about how and where they deploy workloads, public cloud included.
Drivers of Change: Cost, Security and Complexity
Several powerful forces are shaping this shift, including cost efficiency, close examination of current SaaS, DaaS and VDI engagements, and heightened awareness of cyberattacks and vulnerabilities. For mid-market companies, in particular, budget management and risk mitigation are priorities. That’s why many are combining public cloud with on-premises infrastructure to extend its benefits while controlling costs and exposure.
Larger enterprises have similar drivers but have the advantage of more resources to devote to cyber defense and the increasing complexity of application workloads. These organizations are investing further in public cloud scalability while augmenting it with hybrid options for data control, compliance, or latency-sensitive workloads.
DaaS and VDI: Under Review, Not Rejected
Remote work has exponentially driven up the use of the cloud, and use of VDI and workload delivery systems like DaaS. However, IT leaders are now taking a hard look at how they deliver virtual desktops, not whether they belong in the cloud. According to survey data, IT flags “too many resources,” “lack of centralized control,” and “too expensive” as the top DaaS/VDI issues. Not far behind are concerns with performance and reliability.
These findings signal the need for better DaaS/VDI implementations and more flexible vendor agreements. Companies, particularly those in the budget-conscious mid-market, are looking for shorter-term agreements, scalable pricing, and improved service levels to make DaaS and VDI work within their broader cloud strategy.
Securing the Hybrid Remote Environment
Security remains top of mind, with 35% of respondents from midsize companies reporting their company had experienced a security breach in the last year. Fear of malware and ransomware attacks and cloud vulnerabilities are the top two concerns. Midsize companies are willing to invest more in security: 90% are planning to significantly or moderately increase the budget this year. But this investment isn’t a signal that hybrid environments are inherently insecure, it’s a recognition that endpoint and browser-based threats are the new battlegrounds, especially as remote workers desire fast, no-fuss access to whatever data they need, on any device.
SaaS has been the go-to-choice for application delivery to remote workers. Since so many workers use SaaS applications, it is fertile ground for a security breach. IT professionals, as a result, are starting to look at browser isolation solutions to basically separate and lock down a worker’s browser session in the cloud. It prevents a cybercriminal from accessing the data, thereby containing any threat. If the web content a worker is viewing might be destructive, an isolation tool will also stop any possible threat to the larger network. Currently 40% of respondents at midsize companies have web browser isolation, still relying predominantly on traditional tools with firewalls, VPNs and anti-virus software, the top deployed threat defense solutions. Cloud-based isolation solutions themselves reinforce the continued relevance of the public cloud as a defense layer, not just a workload host.
Besides web browser isolation, which is definitely gaining traction, companies recognize the need for improved monitoring of device and application use that can signal a threat before it becomes a breach event. Mindful of budget and staff limitations, companies can look for remote application delivery solutions that support multiple cloud providers and can also integrate with monitoring and remediation tools.
Looking Ahead: Public Cloud at the Core of Hybrid Success
What the survey data ultimately show is that the public cloud is actually maturing. Companies, notably the mid-market, are embracing hybrid and multi-cloud setups. Public cloud remains at the heart of scalable IT strategy.
What’s changing is how it is combined with on-premises infrastructure, edge computing, and private cloud services to meet the unique needs of different workloads, users and security profiles.
With ease of platform integration, flexibility in workload placement, and improved security tooling, hybrid cloud strategies are enabling companies to get the best of both worlds, while keeping the public cloud as a vital, growing piece of their puzzle.
Kamal Srinivasan is SVP of product and program management at Parallels, a part of the Alludo portfolio. With more than two decades of experience in the field, Srinivasan is known for building robust enterprise technology platforms. He previously served as the head of product at Blink Health, contributed to Microsoft’s Azure team and led incubator efforts to build drones and develop machine learning on satellite imagery for its infrastructure security business and was a cloud product lead at Oracle. He holds a Ph.D. in computer engineering from the University of Wisconsin-Madison.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply