Guide

IBM AIX Community Survey Findings

Introduction

In 1986, IBM launched AIX®, its open standards-based UNIX operating system. Now, more than 30 years later, this popular platform runs on IBM POWER® servers and supports critical applications for organizations around the world.  With such a strong presence in IT environments, AIX and its specific usage is of great interest to IT experts as they evaluate their own technology ecosystems in light of changing security, regulatory, and efficiency requirements.

This survey was conducted in Q4 2017 to gauge how AIX is being used and the role it will play for IT leaders in the coming years. 935 IT professionals from various industries around the world participated.

Executive Summary

IT pros report high satisfaction with AIX and rely on it to run critical business solutions. Although some plan to move to Linux and Windows, many will broaden their AIX footprint indicating the platform delivers the performance, reliability, and security core business processes demand.

  • 89.5 percent report AIX provides a higher ROI than other servers.
  • 81.6 percent use AIX to run at least 25 percent of their core business processes.
  • 54.1 percent expect to increase their AIX footprint, while 18.2 percent will migrate some of their applications from AIX to a new platform.
  • 5.7 percent plan to move all of their applications from AIX to a new platform, and 4.8 percent will do so in the next five years with Linux and Windows being the preferred options.

Maintaining cybersecurity and high availability/disaster recovery capabilities are top of mind. While many organizations are proactively putting security solutions in place for their AIX servers, others state having no plans for such measures despite the prevalence of cybersecurity threats and regulatory requirements.

  • Almost all respondents (94.8 percent) reported their organizations must adhere to regulatory compliance requirements including Sarbanes-Oxley (SOX), PCI DSS, HIPAA, and GDPR. Interestingly, many noted a lack of technology proven to protect against common threats. In fact, more than half of respondents said their companies lacked virus protection, network firewalls, two-factor authentication, or database encryption. This is despite the fact that industry regulations require or strongly suggest these types of capabilities.
  • 28.6 percent have two or fewer IT staff members focused solely on cybersecurity, while 71.4 percent have three or more.
    • 64.8 percent of those with 10 or more security staff members ranked high availability/disaster recovery as a top challenge, with 35.2 percent noting cybersecurity as a concern. By contrast, those with a security staff of two or fewer ranked cybersecurity as a lower priority.
  • Almost half of respondents (46.5 percent) named high availability/disaster recovery as a top IT concern for their AIX environment over the next 12 months, likely stemming from the dependence on AIX for core business processes. Companies cannot afford downtime in this environment.

Detailed Findings

AIX is a mainstay for IT experts, who trust it to support critical business applications

With 54.1 percent of respondents noting they plan to increase their AIX footprint, this operating system is clearly an important part of the technology strategy at many organizations. This is underscored by the fact that 89.5 percent believe AIX yields a higher ROI than other platforms, and 81.6 percent run at least a quarter of their core applications such as ERP, CRM, and financial systems on this platform.

Results indicate the AIX platform is delivering the performance, reliability, and security core business processes demand. Additionally, IBM Power Systems technology provides flexibility to run AIX or Linux on their partitions allowing users to quickly adapt to changing business requirements.

Organizations with larger security teams are more likely to increase their AIX presence despite a lack of related skills

  • 31 percent of respondents working in teams with six to 10 security professionals said AIX skills were a challenge, yet 57.6 percent plan to increase their AIX usage. 40 percent of those with security teams of more than 10 people also noted AIX skills were a challenge, but 60 percent will increase their AIX footprint. This indicates IT professionals believe AIX to be the preferred platform for running critical apps. They will likely lean on vendors and contractors with the necessary security expertise to fill these skill gaps.

Few organizations plan to move away from AIX completely

  • Only 5.7 percent expect to move all applications to a different platform, with Linux and Windows being the preferred options
  • Those moving to Linux plan to use the following servers: x86 (59.2 percent), public cloud (52.1 percent), IBM Power Systems™ (40.1 percent), and mainframe (12 percent). IBM has a notable opportunity with such a large percentage looking at the IBM® Power Systems™ series. The industry buzz around the forthcoming POWER9™ may even be what’s behind the favorability of the AIX operating system. Both POWER8® and POWER9™ servers are optimized and priced to meet Linux market needs. The challenge for IBM here will be to prove that the scalability and performance of these servers is a better choice than an Intel® box.

Top IT concerns for AIX environments vary by industry, with high availability/disaster recovery, data growth, and cybersecurity cited most frequently

Among respondents in the top eight industries, which represented 94 percent of total respondents, there was some commonality in top challenges selected. There are also notable plans for implementing security and compliance and reporting solutions across industries, perhaps to address compliance gaps for industry regulations.

High availability/disaster recovery, security, and modernizing applications

There are numerous IT initiatives afoot for the organizations surveyed, but ensuring environments offer high availability and disaster recovery options, as well as security, led the list.

IBM offers several options for high availability, including its PowerHA® technology for hardware-based replication. Other alternatives include EMC® and Oracle Exadata®—also hardware-based replication approaches. In addition, there are many software-based replication offerings, including Oracle. Cloudbursting capabilities can give IT teams the option to move non-critical applications from a private cloud server to a preconfigured public cloud location when demand spikes threaten performance.

Cost control is always key for IT professionals. According to the survey, 55.8 percent of respondents currently use POWER8® servers, 58.8 percent use POWER7®, and 24.4 percent use POWER6®. For those on older hardware, POWER8® and the forthcoming POWER9™ servers present good options for IT teams. Particularly for POWER8®, the performance and scalability can reduce costs associated with server leasing and software licensing due to the lower numbers of processors required to manage workload. Given that modernizing applications is typically a big driver for new hardware, the 35.6 percent of respondents who noted this challenge may want to investigate the newer IBM server options on the market.

Pre-POWER7 users should also plan to to upgrade to POWER8 and POWER9 to protect against Spectre and Meltdown. IBM will not be releasing patches for these older systems and recommends migrating to a more current generation of POWER technology.
 

The latest on cybersecurity: mandates, challenges, and plans

Keeping sensitive information from falling into the wrong hands is top of mind for IT professionals. It seems like every week a new story comes out about a large data breach or an emerging threat. In this survey, 94.8 percent of respondents said their organizations are subject to regulatory compliance including Sarbanes-Oxley (SOX), PCI DSS, HIPAA, and GDPR.  This means leaders in almost every industry are responsible for understanding evolving risks and putting the right technology in place as a preventative measure.

Cybersecurity is a top challenge for 44.8 percent of survey participants, and they highlighted numerous concerns that fall into this category. These include the feeling that management underestimates security risks (59.3 percent), the complexity of government and industry regulations (54.7 percent), and an overall lack of knowledge and skills (47.5 percent).

The good news is there is an array of powerful security solutions available, and IT professionals are either using or planning to implement many of these technologies in their AIX environments. When looking at solutions currently deployed, 66.1 percent have adopted anti-virus protection, 55.7 percent use network firewalls, and 50.2 percent use compliance and audit reporting tools. Many respondents noted plans to implement security solutions, with multi-factor authentication leading the pack at 44.8 percent followed by SIEM/SYSLOG solutions at 42.5 percent, and encrypted and secure managed file transfer at 42.1 percent.

Interestingly, there is a notable relationship between the number of IT security staff and plans to adopt new security applications. Organizations with two or fewer resources devoted to security are much more likely to forego technology in this area. For example, more than 27 percent have no plans to implement anti-virus protection, privileged user management, or multi-factor authentication. By comparison, companies with more than 10 security personnel reported 90.2 percent have or plan to implement anti-virus protection, 99.1 percent have or plan to add privileged user management, and 95.2 percent have or plan to use multi-factor authentication.

Staying Current

AIX users are staying reasonably current with their hardware and software. Nearly 87 percent of those surveyed are either on AIX 7.1 or 7.2. Only 24.4 percent are using POWER6® technology, although some respondents that use this older version also have POWER8® and POWER7® servers. Almost 90 percent of AIX users have 11 or more partitions of AIX in their environments. As IBM lowers the cost of hardware while increasing the power of the server, we will see more and more partitions in this operating system.  

It is also interesting to see that 66.7 percent of survey respondents run Linux or IBM i operating systems on the same servers they use to run AIX. The adoption rate for this is much higher than expected but shows consolidation has occurred even across the various OS offerings. When an organization hasn’t updated to a new OS level, it is generally a reflection of budget, the applications that need to run on the server, or a lack of necessity for adding an OS level or hardware. 

Summary

AIX continues to be a highly valued operating system for IT professionals across many industries with more than half of those surveyed planning to increase or maintain their AIX footprint. Pressure on IT teams also continues to mount regarding challenges such as high availability/disaster recovery, cybersecurity, and data management. Regulatory requirements are driving adoption of new security technologies, although companies with smaller cybersecurity teams are less likely to implement common solutions such as anti-virus and multi-factor authentication. Keeping ahead of changing cybersecurity threats means IT experts need to stay abreast of the most cost-effective method of protecting sensitive data and what makes the most sense in their environments. 

Survey Methodology and Participant Demographics

In Q4 2017, HelpSystems launched a global online survey of AIX IT professionals to get their feedback on usage of the AIX operating system, the challenges they face, and the security solutions they plan to implement. Respondents included 935 individuals across varying roles, experience, industries, and geographies.