|By Rajiv Gupta||
|January 13, 2014 08:45 AM EST||
Enterprise IT organizations today often are bypassed as employees and LoBs use cloud services; in fact cloud computing is considered the revenge of the business unit. 2014 will be year that the Enterprise IT organizations move from role of helpless bystander to role of strategic partner to the business unit. It will be the year that the CIO carves out a new role of strategic importance, namely the enabler of cloud apps that drive agility, productivity and competitive advantage for their business units. In 2014, CIOs and IT departments will use rapidly emerging cloud security solutions to accelerate the adoption of SMAC (social, mobile, analytics and cloud) within the enterprise and will embark on security transformation.
1. Rush to adopt cloud services will drown out security fears
Cloud security risks will never be completely eliminated, obviously, but security won't be a cloud adoption obstacle in 2014. Cloud security is already on par, if not better than, traditional digital security, and 2014 will mark the cloud security tipping point, the beginning of real security transformation.
The major tech giants (Microsoft, Apple, Facebook, Google, Amazon, etc.) have all placed major bets on the cloud, and the rest of the economy, regardless of industry, will follow their lead. In fact, a recent study found that cloud adoption is already high in industries as varied as manufacturing, health care, media and financial services - and that's just reported adoption.Shadow IT would push those numbers higher.
2. IT stops blocking cloud services over outdated risks
There will be big change in 2014 on how IT copes with cloud risks. The status quo is based on outdated arguments and limited visibility. Today, IT generally blocks what it knows (Facebook, YouTube, ESPN.com). Many of these sites are blocked in order to prioritize productivity (and often to conserve bandwidth). And what IT does not know today generally gets through, which is often risky.
This approach is pointless at best, since it's so easy to find workarounds, and counterproductive at worst, since IT often blocks services that will boost productivity. According to our 2013 Cloud Adoption & Risk Report, which compiled data from more than 3 million users across more than 100 companies in various industries, IT still blocks what it knows, not necessarily what puts organizations at risk.
In 2014, IT will get the visibility needed to feel comfortable loosening the reigns, helping employees evaluate and understand the risk of these services, rather than simply blocking them.
3. IT gains more organizational power due to the rise of SMAC
Not that long ago, the IT world fretted about whether or not IT was becoming irrelevant in this service-driven world. Now, with social, mobile, analytics, and cloud trends all converging in chaotic ways and the number of service providers increasing at dizzying rates, IT will start to get over their self-image as operators and providers of all IT infrastructure, applications, devices, and services and will start to see themselves more as the strategic enabler of services
According to Computerworld, the hottest IT job right now is IT business analyst. Not long ago, only the CIO worried about aligning technology with business goals. In 2014, it will be the entire IT department.
4. Revenge of the CIO - CIOs will transition from CI-No's to business enablers
As IT departments become more strategic, the CIO's role will change drastically too. CIOs are tired of being "CI-No's." It's not a fun job. Fortunately, they no longer have to fill that role. As IT pros evolve into internal tech consultants who identify, evaluate, and oversee technologies (and not necessarily the ones who have to develop, deliver, or operate these technologies), CIOs will be tasked with figuring out how new technologies deliver competitive advantages.
CIOs will look at cloud, mobile, social media, and whatever other new technology comes along to discern how these cloud services will benefit the business, operationally and strategically. This means the background of CIOs will change as well. Organizations will value pure IT backgrounds less and less, instead prioritizing business and operational experience.
5. CIOs who aren't comfortable with SMAC will be challenged
By the end of 2014, CIOs who don't understand the strategic importance of social, mobile, analytics and cloud will be considered old school and less relevant to the organization. CIOs who "just say no" and fail to adapt will face criticism from everyone from board members who can't live without access to corporate data on their personal tablets to developers who demand access to services like AWS.
Moreover, in 2014 CMOs will continue to infringe on areas of responsibility that used to belong solely to the CIO. Those CIOs who continue to block cloud services that deliver business value will place their organizations at a competitive disadvantage, and once the rest of the C-suite wakes up to that fact, it will be the CMO, not the CIO, driving the future of technology within those slow-to-adapt organizations.
6. Unencrypted data will start to disappear
Ask any digital security professional for tips on how to better secure anything from the cloud to mobile end points to social media, and every single one will mention encryption at some point. In 2014, data will be encrypted everywhere - in motion, at rest, on corporate-owned smartphones, on employee-owned mobile device, etc.
As more applications and services reside in the cloud, the focus on how best to encrypt data will shift away from endpoints to cloud services and networks. The weak link in data encryption is the endpoint, but in 2014 that weak link will start to be eliminated, with important data never stored on end devices.
In 2014, enterprises will also demand encryption services that encrypt data no matter where it resides. Soon, there will be no such thing as unencrypted data.
7. Cloud adoption will force the enterprise to regain control of encryption keys
As unencrypted data disappears, so too will encryption keys that the enterprise does not own or control. New key escrow mechanisms will emerge allowing cloud service providers to have access to the customer data in the clear, but only for controlled, narrow windows of time. There will also be massive interest in encryption algorithms that allow enterprise ownership of encryption keys and do not break cloud service provider functionality.
8. VPNs and agents begin to disappear
Mobile devices access more enterprise services each and every day, and the way most enterprises protect data as it travels from applications to mobile devices is through a VPN. However, even simple to use VPN clients have their issues, such as reduced battery life and misconfigurations and connectivity issues.
As everything from tire pressure gauges to soil sensors to fitness monitors connects to the Internet, new ways to encrypt wireless data traffic will emerge. The agent-based approach will start to be phased out in 2014.
9. Data security re-emerges, this time to stay
Even as encryption becomes standard, it won't be enough. Encrypting data is indeed a best practice, but it's one tool in the tool chest. Just because your data is encrypted doesn't mean you know where it's been, where it's going, or whether or not it was accessed inappropriately. As a result, data access analytics and cloud-based data loss prevention (DLP) tools will start to become as common in the next few years as firewalls were in the past.
Data tracking tools will grow more powerful over time, meaning that even if you store data in a third-party cloud that you have no visibility into now, you'll need to start gaining visibility in 2014.
10. A virtual security perimeter begins to take shape
Traditional perimeter security is on life support. Traditional Firewalls, IPSes, and VPNs do a poor job of protecting against emerging cloud, mobile, and social threats. However, there is now a virtual cloud edge developing, one that enforces policies spanning authentication, identity management, access control, encryption, data movement, and more. This virtual cloud edge will enable organizations to securely stitch together their various clouds (private, public, hybrid), while even protecting traditional behind-the-firewall applications.
In 2014, the virtual security edge will begin to take shape in response to BYOD and cloud risks, but its benefits will be much further reaching.
11. The SMACS famous five (Social, Mobile, Analytics, Cloud, Security) will be the rage in 2014
Cloud is the main driver of social and mobile today. Cloud-delivered analytics will become more widely used. In 2014 cloud and analytics will form another alliance, namely, "Analytics for the Cloud." This will help the industry gain better, more actionable insights into cloud usage and behavior. The analogous alignment between Cloud and Security will emerge: cloud-delivered security will become more widely used and will be joined by security tools purpose-built for the cloud.
Meanwhile, those organizations blocking services will be at a major disadvantage in 2014, since their ability to compete will be seriously hindered.
Learn how to solve the problem of keeping files in sync between multiple Docker containers. In his session at 16th Cloud Expo, Aaron Brongersma, Senior Infrastructure Engineer at Modulus, discussed using rsync, GlusterFS, EBS and Bit Torrent Sync. He broke down the tools that are needed to help create a seamless user experience. In the end, can we have an environment where we can easily move Docker containers, servers, and volumes without impacting our applications? He shared his results so you can decide for yourself.
Jul. 31, 2015 11:45 PM EDT Reads: 780
Palerra, the cloud security automation company, announced enhanced support for Amazon AWS, allowing IT security and DevOps teams to automate activity and configuration monitoring, anomaly detection, and orchestrated remediation, thereby meeting compliance mandates within complex infrastructure deployments. "Monitoring and threat detection for AWS is a non-trivial task. While Amazon's flexible environment facilitates successful DevOps implementations, it adds another layer, which can become a target for potential threats. What's more, securing infrastructure and meeting compliance mandates i...
Jul. 31, 2015 10:15 PM EDT Reads: 305
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
Jul. 31, 2015 01:45 PM EDT Reads: 103
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
Jul. 31, 2015 11:45 AM EDT Reads: 123
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for visualizing infrastructure code, a new unified agent and broader infrastructure support.
Jul. 31, 2015 10:00 AM EDT Reads: 146
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usage of their services for licensing and billing purposes? In his session at 16th Cloud Expo, Delano ...
Jul. 31, 2015 08:00 AM EDT Reads: 164
Providing the needed data for application development and testing is a huge headache for most organizations. The problems are often the same across companies - speed, quality, cost, and control. Provisioning data can take days or weeks, every time a refresh is required. Using dummy data leads to quality problems. Creating physical copies of large data sets and sending them to distributed teams of developers eats up expensive storage and bandwidth resources. And, all of these copies proliferating the organization can lead to inconsistent masking and exposure of sensitive data. But some organ...
Jul. 30, 2015 06:30 PM EDT Reads: 895
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Jul. 30, 2015 03:45 PM EDT Reads: 458
Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly. The DevOps approach is a way to increase business agility through collaboration, communication, and integration across different teams in the IT organization. In his session at DevOps Summit, Chris Van Tuin, Chief Technologist for the Western US at Red Hat, will discuss: The acceleration of application delivery for the business with DevOps
Jul. 30, 2015 12:45 PM EDT Reads: 1,121
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, explained the best practices of continuous testing at high scale, which is relevant to small scale DevOps, and if there is an expectation of growth as the number of build targets,...
Jul. 30, 2015 12:00 PM EDT Reads: 1,398
"ProfitBricks was founded in 2010 and we are the painless cloud - and we are also the Infrastructure as a Service 2.0 company," noted Achim Weiss, Chief Executive Officer and Co-Founder of ProfitBricks, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 30, 2015 11:15 AM EDT Reads: 1,133
"Alert Logic is a managed security service provider that basically deploys technologies, but we support those technologies with the people and process behind it," stated Stephen Coty, Chief Security Evangelist at Alert Logic, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 30, 2015 11:15 AM EDT Reads: 359
"We specialize in testing. DevOps is all about continuous delivery and accelerating the delivery pipeline and there is no continuous delivery without testing," noted Marc Hornbeek, Sr. Solutions Architect at Spirent Communications, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 30, 2015 11:00 AM EDT Reads: 394
"We got started as search consultants. On the services side of the business we have help organizations save time and save money when they hit issues that everyone more or less hits when their data grows," noted Otis Gospodnetić, Founder of Sematext, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 11:45 PM EDT Reads: 1,040
How do you securely enable access to your applications in AWS without exposing any attack surfaces? The answer is usually very complicated because application environments morph over time in response to growing requirements from your employee base, your partners and your customers. In his session at @DevOpsSummit, Haseeb Budhani, CEO and Co-founder of Soha, shared five common approaches that DevOps teams follow to secure access to applications deployed in AWS, Azure, etc., and the friction and risks they impose on the business.
Jul. 29, 2015 04:30 PM EDT Reads: 523
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at DevOps Summit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Jul. 29, 2015 01:00 PM EDT Reads: 1,084
Delphix, the market leader in Data as a Service (DaaS), has been announced winner of the DevOps Solution Award at the prestigious Computing Vendor Excellence Awards in London. The awards celebrate the achievements of the technology vendors and service providers that are leading the field of enterprise IT. Delphix was recognised as the vendor demonstrating the most effective support of DevOps culture for its ability to improve time to market and collaboration between teams.
Jul. 27, 2015 08:00 PM EDT Reads: 275
Sysdig has announced two significant milestones in its mission to bring infrastructure and application monitoring to the world of containers and microservices: a $10.7 million Series A funding led by Accel and Bain Capital Ventures (BCV); and the general availability of Sysdig Cloud, the first monitoring, alerting, and troubleshooting platform specializing in container visibility, which is already used by more than 30 enterprise customers. The funding will be used to drive adoption of Sysdig Cloud in the container market.
Jul. 27, 2015 05:00 PM EDT Reads: 470
SYS-CON Events announced today that JFrog, maker of Artifactory, the popular Binary Repository Manager, will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based in California, Israel and France, founded by longtime field-experts, JFrog, creator of Artifactory and Bintray, has provided the market with the first Binary Repository solution and a software distribution social platform.
Jul. 27, 2015 11:00 AM EDT Reads: 1,088
"The new SDKs for Go and Java are yet another addition to our growing support for our DevOps community," said Achim Weiss, Co-founder and CEO of ProfitBricks. "Since the launch of ProfitBricks' DevOps Central, the productivity of the DevOps community remains a top priority for our development team. We've built a strong foundation for our DevOps Central users, and intend on continuing this momentum as the year progresses."
Jul. 26, 2015 10:30 AM EDT Reads: 316
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction. The problem is there are a lot of moving parts in these designs; this makes assuring performance compl...
Jul. 26, 2015 10:00 AM EDT Reads: 1,026
Sumo Logic has announced comprehensive analytics capabilities for organizations embracing DevOps practices, microservices architectures and containers to build applications. As application architectures evolve toward microservices, containers continue to gain traction for providing the ideal environment to build, deploy and operate these applications across distributed systems. The volume and complexity of data generated by these environments make monitoring and troubleshooting an enormous challenge for development and operations teams. The Sumo Logic Collector and Application for Docker now a...
Jul. 26, 2015 08:00 AM EDT Reads: 1,316
Shipping daily, injecting faults, and keeping an extremely high availability "without Ops"? Understand why NoOps does not mean no operations. Agile development methodologies require evolved operations to be successful. In his keynote at DevOps Summit, David Tesar, Microsoft Technical Evangelist on Microsoft Azure and DevOps, will discuss how Microsoft teams who have made huge progress with a DevOps transformation effectively utilize operations staff and how challenges were overcome. Regardless of whether you are a startup or a mature enterprise, whether you are using PaaS, Micro Services, or ...
Jul. 25, 2015 03:00 PM EDT Reads: 2,223
SYS-CON Events announced today that CommVault has been named “Bronze Sponsor” of SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. A singular vision – a belief in a better way to address current and future data management needs – guides CommVault in the development of Singular Information Management® solutions for high-performance data protection, universal availability and simplified management of data on complex storage networks. CommVault's exclusive single-platform architecture gives companies unp...
Jul. 25, 2015 01:00 PM EDT Reads: 1,959
Electric Cloud and Arynga have announced a product integration partnership that will bring Continuous Delivery solutions to the automotive Internet-of-Things (IoT) market. The joint solution will help automotive manufacturers, OEMs and system integrators adopt DevOps automation and Continuous Delivery practices that reduce software build and release cycle times within the complex and specific parameters of embedded and IoT software systems.
Jul. 25, 2015 12:15 PM EDT Reads: 462