Todays’ business world is full of buzzwords and “trends” that often fade as fast as they emerge. Naturally, this makes all of us skeptics when we hear of the newest thing to “take over the business world”. Even so, not all trends are fads, and some have shown they can have some transformational power for organizations across industries.
Although they span a variety of fields – from security to daily operations to managed services – they tend to fall under the umbrella of “enterprise IT”. It sounds like a buzzword, but if you dive a little deeper, many of these technologies, services and trends have already made a major difference, and will likely continue to do so. With that in mind, what will enterprise IT look like in the near future?
Everything-as-a-service, all the time
The selling point of enterprise IT is that it helps companies solve real business problems with software solutions. Companies like Atlassian (project management, ticketing), Google (email, storage, communications), Salesforce (CRM, lead management), and more provide targeted technologies that facilitate work without creating heavy infrastructure overheads and maintenance costs.
All told, organizations are adopting cloud-based everything-as-a-service (XaaS) models at an astounding rate. A 2021 Deloitte survey found that among 600 IT professionals surveyed, 75% stated their organizations had at least 51% of their enterprise IT consumed as-a-service. That number was expected to grow to 87% by 2025.
The question is, what’s driving this rapid adoption? Let’s look at some of the biggest drivers for this XaaS migration. Prior to 2020, the change was largely due to efficiency. Reduced overheads related to setting up on-premise infrastructure – servers, hosts, physical backups, and fallbacks – and the ease of access that cloud-based systems brought were the biggest drivers.
Add to that the fact that for the past two years, most people have been working remotely to some degree, and it’s easy to see why there’s a renewed focus on moving everything to the cloud.
Where is it going?
XaaS is going to be the de-facto way almost every organization runs in the next few years. The same Deloitte survey asked how critical XaaS would become to organizational success, and while 22% thought it was critically important today, 50% believe that will be the case in two years.
Most organizations across sectors are already largely working either entirely or for the most part on cloud-based services. Everything from Microsoft to Google offers full business suites, most security tools are already cloud-optimized, and most day-to-day tasks are found on one as-a-service solution or another.
What will change is how organizations build their multi-platform systems, and why. A study by Productiv found that most organizations have SaaS portfolios that range from 242 apps for small businesses, while enterprise-level organizations usually have over 360. That is a staggering amount, and it has serious implications. For one, this creates thousands of app-to-user touchpoints that IT teams and security products must account for, making security posture management vital. Additionally, the increasing need for regulatory compliance will also make managing the number of apps and their policies significantly more important to organizations.
Edge computing and the need for faster access
One of the side effects of the easy access cloud infrastructure offers is the need to get to data much faster. It might seem like hyperbole, but milliseconds matter when it comes to data access. For proof, simply look at the thousands (or millions) of dollars that can be gained or lost in high frequency trading (as this report by the Bank for International Settlements illustrates).
Even outside of finance, the expansion of IoT devices and the increased use of remote technologies across organizations means that developers, researchers, and more need faster access to critical data and their storage than ever before. For live service games, the ability to keep vital game assets closer to users is the difference between a smooth experience and a session that ends because of lag.
Edge computing – that is, computing that is done at the location closest to the required data or end users – focuses on shortening the distance data must travel and therefore reduce response times and save bandwidth. It focuses more on geography to reduce latency and prioritizes the edge of networks rather than centralized storage to improve communication between users and the data they need. It also reduces the risk of failure by distributing data.
This is why edge computing has become such a major trend recently – finding ways to cut down on how long data must travel is essential to ensuring that data outages in one location won’t cripple an entire service.
Where is it going?
Edge computing emerged as the IoT market really took off, but it’s gone far beyond its initial scope. The amount of data required to run most technologies today means that organizations need to actively consider how they’re distributing their data centers and storage facilities. Having everything in a single cloud location might be cheaper, but it soon might be too inefficient. Indeed, Gartner predicts that by 2025, nearly 75% of enterprise-generated data will be processed outside of centralized data centers.
That means that while large, centralized data will remain important, more organizations are looking for ways to move their critical data into distributed networks that place it closer to them and finding unique ways to build their infrastructure.
However, edge computing still isn’t perfect. One of the defining trends in the sector will be how organizations deal with the security issues that arise from using the model in their own networks. The nature of edge computing – decentralized and distributed – means that attackers have more points of entry to exploit. Even so, edge will continue to dominate, especially as we demand faster access and smoother online experiences.
Increasing regulatory costs and compliance as code
Keeping up with security, privacy, and data regulations has become significantly more important for organizations as these policies raise the costs of breaching them. Finding ways to remain compliant with new policies (both internal and government/industry) raises the costs of business. This means that companies have had to become more efficient and effective in how they tackle the issue.
Compliance as code is an enterprise IT practice of programmatically managing compliance within a company. It automates the process of ensuring that servers, databases, network devices or application configurations are following the compliance standards set in place by the company and by the law. Outside of technology, however, it also ensures that business processes around technology and daily operations also follow compliance rules. It also helps keep client information protected and helps companies avoid penalties or fines for improperly handling personal user data.
Where is it going?
The issue of compliance is compounded when you consider the number of XaaS applications organizations use (see above). One of the biggest downsides of the as-a-service model is that each product and platform has its own built-in policies, and they don’t always match an organization’s specific requirements. The real question is how organizations can standardize them.
One emerging solution is the use of tools like SaaS security posture management (SSPM), which let IT teams – even smaller ones – standardize security and compliance policies across platforms without having to set each individually. It also bakes in compliance into the deployment/implementation process to reduce costs and management overheads. As regulatory environments become stricter, this process of automation is likely to continue to become more central to developers’ and organizations’ processes.
DevSecOps and baked-in security
DevOps has become a go-to model for releasing and managing products across several industries for good reason. It’s much easier to make incremental changes and updates than it is to relaunch entire codebases to fix major patches. However, for a lot of organizations, the process doesn’t account for security. This leaves it as either an afterthought or an additional step to be taken.
DevSecOps has emerged as a new way to combine the two processes and shorten the dev cycle without ignoring security. The “shift-left” mentality with security has sped up dev processes significantly, especially as security vulnerabilities and breaches become more public, damaging, and prolific. Exploits such as Log4Shell, which stem directly from code vulnerabilities (in this case, the immensely popular Log4j API) highlight the importance of considering security during the dev cycle, and not once code has been written.
The increased focus on DevSecOps to improve security throughout the dev process also raises the need to have tools to integrate it into daily operations. It’s one thing to talk about the value of DevSecOps, but organizations must have the right apps in place to actually make the most out of them.
Where is it going?
If there’s one thing the endless parade of data breaches and successful cyber-attacks of the past few years have taught developers and app makers, it’s the need to emphasize security. The most noticeable way this will manifest is in the increase in demand for DevSecOps experts.
As this article highlights, there is a significant gap between the people actually doing DevSecOps, and the available openings for the role. This tells us that automating security processes is a priority for most dev teams, and that it’s one they’re actively seeking to fill. Moreover, there will be a strong focus on strengthening infrastructure as a way to protect code bases and apps from attacks.
The market for DevSecOps tools is slated to expand drastically in the coming years. A report in August 2021 estimated that by 2026 the global DevSecOps market would be worth $17 billion. As demand for safer applications increases, so will the value of the security tools we use to build them. We know the number of attacks isn’t going to decrease soon, so developers will have to keep up with the changing landscape.
Evolving in a cloud-based world
Enterprise IT is a broad term, but the technologies, paradigms, and ideas that it encompasses are very real. The future is increasingly cloud-based, and organizations in every field and industry will have to keep up with the times if they want to succeed. From managing massive SaaS app portfolios to finding ways to secure data and codebases at every step of the dev cycle, companies will have to rethink the way they operate in the coming years (and even as early as, well, this year). As cliche as it sounds, these are strange days we live in, and organizations are quickly coming to the realization that the way things were is not the way they are or will be. Evolving is the only way they’ll stay successful.