Fairly sure I’ve already written about the second coming that is 5G. But various recent incidents have caused me to think about this technology again and, especially, the claims being made for it. A break in Corfu was a timely reminder that there are many places in the world where technology has yet to establish a firm foothold. The friends who were with us were horrified at the absence of Uber (!) and it was clear from the local shopping experience that Amazon and its cohorts have much to do before they establish world domination.

A visit to a London sports stadium, where, presumably, there wasn’t enough 4G bandwidth available to the 30,000+ crowd, meant that checking up on websites and various other applications before, at half-time and after the game, was a frustrating experience.

And, of course, the return to the west country, where 4G gives way to 3G and, not infrequently GPRS, is a timely reminder that to the many have/have not divides which threaten to cause long and lasting damage to the UK, can be added the technology split. Live in a large town or city and chances are connectivity and a digital lifestyle are very much achievable (desirable – who knows?!); live in a rural area and we are apparently expected to exist not quite on candlelight and parchment, but a long way away from digital transformation.

In such a world, are autonomous vehicles a serious proposition? Are zillions and zillions to be spent on ensuring that every road up and down the land is autonomous-vehicle ready, in the belief that accidents and deaths will be eliminated? Or will there be the eventual realisation that, after a detailed cost/risk analysis, spending these zillions will not be worthwhile, as there will still be the odd technology glitch which will cause accidents and deaths – so better still to spend the money elsewhere where it will do more for human safety/happiness, and allow us to keep driving, albeit with seriously smart cars that do improve road safety dramatically?

Similar decisions will be made across every aspect of the worlds of work and leisure. What is possible, and what is sensible, when it comes to technology deployment, are often two quite separate things.

For example, watching a recent video all about smart cities, it started out with someone waking up and being advised of their best route to work, taking into account the traffic, transport reliability and cost, and being asked if they wanted their regular coffee order to be ready for them at the usual café, just around the corner from work. This set me thinking.

Allowing for the possibility that even the recommended journey to work might encounter unforeseen delays, would the coffee shop receive a constant update as to the arrival of this individual, hence make the coffee just in time, or would they make the coffee for the estimated time of arrival – risking it being ready too early or, god forbid, too late.

Additionally, did this worker really value his/her time so much that they could not afford to wait for a few minutes to go into the coffee shop, order their drink, chat to the staff and, maybe even other waiting customers, and maybe even be tempted by a pastry or two?

So, the simple purchase of a cup of coffee becomes an incredibly (unnecessarily?) complicated process. On the one hand, the customer is always right; on the other, the customer risks becoming anti-social and unable to indulge in an impulse purchase. What’s best for the customer may well not be the best outcome for the coffee shop and, on a rather metaphysical level, has implications for the society in which we wish (or not) to live.

Cynics will say that whatever suits big business will end up happening. Optimists will say that,  and/or because of technology, individual businesses will still be able to make a real difference when it comes to customer service.

Morality and philosophy are not frequent topics within the pages of Digitalisation World, but consumers, corporations and governments all need to have a long, hard think about the world in which they, and their descendants, wish to live, unless they wake up one day and discover that Orwell’s 1984 is no longer a work of fiction.

Flexera has published the findings of the Flexera 2020 State of Tech Spend Report. The first annual Flexera 2020 State of Tech Spend Report provides insight into current and future technology spend from the perspective of enterprise CIOs and IT executives. The report highlights how companies are shifting spending to support their critical IT initiatives, how they’re tracking and managing IT spend, and the challenges they face in optimising spend.

Survey respondents are IT executives working in large enterprises with 2,000 or more employees, headquartered in North America and Europe, encompassing industries such as financial services, retail, e-commerce and industrial products. More than half are C-level executives.

“With this survey, we wanted to gain more insight into how enterprise organisations are embracing digital transformation, cybersecurity, cloud computing and other initiatives,” said Jim Ryan, President and CEO of Flexera. “By doing so, we can then see if/how these initiatives are providing a competitive advantage for their particular industries, as they require sizeable investments in technology.

“The survey found that 8.2 percent of respondent revenue is being spend on IT,” Ryan continued, “but the return is dubious at best. It’s likely that many of these investments aren’t attaining maximum ROI, and we identified that 30 percent or more of technology spend is actually being wasted. With the increasing uncertainty of U.S. and global economies, enterprises need to be prepared to manage their operations and finances when—not if—the next downturn kicks in. Proactively being able to dial IT spend up or down is a tremendous opportunity, and there is never a better time to address a potential problem than right now.”

According to survey respondents, increasing spend efficiency and cutting waste are challenging with respect to gaining visibility into costs and managing IT spend effectively. The biggest obstacle to visibility, cited by 61 percent of respondents, is reporting on IT spend by business service. The top challenge to managing spend effectively, cited by 86 percent of respondents, is the large number of manual processes. Considering the magnitude of potential savings, tackling these challenges can have a major impact on the bottom line.

A few key highlights from the Flexera 2020 State of Tech Spend Report:

• Overall, survey respondents’ average IT spend was 8.2 percent of revenue, with organisations in technology, financial services, retail, consumer products, transportation and healthcare industries all reporting IT spend considerably higher than the benchmark of four percent
• While respondents estimate that 12 percent of IT spend is wasted, industry experts put the number at 30 percent or higher
• The top challenges in gaining visibility of IT spend are:
  - Reporting on spend by business service (61 percent)
  - Collecting IT spend data (43 percent)
  - Reporting on IT spend by application (38 percent)
• Top challenges in managing IT spend are:
  - Too many manual processes (86 percent)
  - Ensuring spend efficiency/eliminating waste (89 percent)
• Top IT initiatives are digital transformation, cybersecurity and the shift to cloud
• Cloud spend has now surpassed on-premises software spend, with 22 percent going for on-premises software and 25 percent for cloud, including software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS)
• As they migrate to cloud, 65 percent of respondents plan to reduce the number of data centers next year
• With the shift to cloud, AWS was cited as the largest vendor of 10 percent of participants – behind only Microsoft and SAP
• Over 80 percent of respondents plan to increase SaaS and IaaS/PaaS spend in the next year
• More respondents expect to increase their use of cloud-focused vendors, with AWS and Microsoft topping the list

AppDynamics has released the latest report in its App Attention Index research series, revealing the emergence of ‘The Era of The Digital Reflex’ - a seismic shift in the way consumers interact and engage with digital services and applications. The global study, which examines consumers’ reliance on applications and digital services, also identified how these digital dependencies impact consumers’ expectations of the businesses and brands they engage with, their increasing intolerance of performance problems and the urgency with which brands must take action in order to remain relevant and competitive in a world where application loyalty is the new brand loyalty.

Growing Reliance on Applications and Digital Services

Modern technology has transformed the way we live, work and play, making digital experiences a fundamental part of everyday life. However, many consumers are unaware of how much their use of digital services has evolved. While the average person estimates that they use seven digital services each day, in fact they are using more than 30 digital services on a daily basis. While 68 percent recognize they use many more digital services than they are consciously aware of, they also acknowledge the positive impact digital services have on many aspects of their daily lives.

●70% say digital services have helped reduce stress.

●68% claim digital services have improved their productivity at home and work, an increase from 43% in 2017.

The Era of The Digital Reflex

The use of digital services has evolved to become an unconscious extension of human behavior - a ‘Digital Reflex.’ While consumers used to make a conscious and deliberate decision to use a digital service to carry out a task or activity, they now happen spontaneously, with the majority (71%) of consumers admitting that digital services are so intrinsic to their daily lives that they don’t realize how much they now rely on them. As these digital reflexes become habitual, consumers are becoming increasingly dependent on devices and digital services, relying on them to complete many of their daily tasks.

●55% can only go without a mobile device for up to 4 hours before they find it difficult to manage tasks in their everyday life.

●61% admit they reach for their mobile phone before talking to anyone else when they wake up.

Poor Digital Performance Impacts Daily Life and Buying Decisions

The Era of the Digital Reflex sees more than three quarters of consumers (76%) reporting that their expectations of how well digital services should perform are increasing, compared to only 62 percent in 2017. This marked increase in consumer expectations is further evidenced with the majority (70%) of respondents claiming to be less tolerant of problems with digital services than they were two years ago. This increasing intolerance for problems is prompting consumers to demand a better and higher performing digital customer experience from the brands they engage with:

●50% would be willing to pay more for an organization’s product or service if its digital services were better than a competitor’s.

●Over the next three years, 85% of consumers expect to select brands on the variety of digital services (web, mobile, connected device, etc.) they provide.

●More than half of consumers (54%) now place a higher value on their digital interactions with brands over the physical ones.

Application Loyalty is the New Brand Loyalty

Businesses need to pay attention because consumers now have a zero-tolerance policy for anything other than an easy, fast and exceptional digital experience. The research shows that in the event of performance issues, consumers will take decisive action such as turning to the competition (49%) and actively discouraging others from using a service or brand (63%) without notifying the brand and giving them a chance to make improvements.

“In The Era of the Digital Reflex, consumers will no longer forgive or forget poor experiences. A great digital performance is now the baseline for any business, but the real winners will be those that consistently exceed customer expectations by delivering a flawless experience,” said Danny Winokur, General Manager, AppDynamics. “Cisco and AppDynamics help the world’s best companies achieve greatness with their applications by providing critical real-time data on application and business performance to pinpoint bottlenecks and enable immediate action."

How Brands Can Survive in the Era of The Digital Reflex

Many businesses are already investing heavily in digital innovation to drive customer loyalty and revenue, but failure to monitor the performance of those applications and digital services puts brands at significant risk of unhappy customers, or even losing those customers to another brand. However, there are simple steps that brands can take to meet these challenges and in turn, exceed increasing digital customer experience expectations:

●Focus on application performance - implementing a robust application performance management solution enables organizations to safeguard the performance of mission critical applications and user experience in production.

●Align performance to business outcomes - measuring and analyzing the performance of applications and correlating this to business performance ensures that digital services are always aligned to business objectives, such as customer experience and revenue.

●Make decisions and take action based on factual insight - delivering exemplary digital experiences requires real-time monitoring of the full technology stack, from the customer’s device to the back-end application to the underlying network. However, it's critical that enterprises choose solutions that take an AIOps approach, turning the monitoring of data into meaningful insights quickly or automatically using machine learning and AI.

Brands must integrate disparate applications, data sources and devices to deliver connected experiences and earn loyalty.

MuleSoft has released a new global study that reveals four out of five consumers continue to receive disconnected experiences from organisations. As a result of this continued frustration, consumers are more willing than ever to seek out new service providers that can deliver connected, personalised experiences. Based on the findings from the Customer Experience and the Connectivity Chasm report, it is clear that organisations must deliver the connected experiences consumers expect or risk losing their loyalty and business.

“Globally, consumers are feeling the effects of data silos that create disconnected experiences,” said Simon Parmett, CEO, MuleSoft. “To meet consumer expectations, organisations must integrate disparate data sources to better understand their customers and make every touchpoint an opportunity to earn loyalty and add value. With the help of APIs and API-led integration, brands can position for future innovation, create more meaningful relationships and earn customer trust.”

Frustration with disconnected experiences continues

Globally 82% of consumers believe organisations in at least one of the five sectors surveyed – banking, insurance, retail, healthcare and public sector – provide a disconnected experience, failing to recognise preferences across touchpoints and provide relevant information in a timely manner. This figure indicates a lack of improvement in customer experience (81% in 2018) and is pushing consumers to consider new service providers.

• Nearly three-quarters (72%) of global consumers would consider changing service providers in response to receiving a disconnected experience.
• Younger consumers aged 18-34 years old are the least tolerant of disconnected experiences (78%) and are more willing to change providers compared to older consumers aged 35-54 (71%) and 55+ (70%).
• Consumers in Singapore (87%), the U.S. (78%) and Australia (77%) are the most likely to consider changing providers as a result of a disconnected experience.

Consumers are conflicted with sharing data to fuel connected experiences

To receive a more personalised experience, 61% of global consumers would be willing for service providers in at least one of the sectors surveyed – banking, insurance, retail, healthcare and public sector – to share relevant personal information with partners and trusted third parties.

• 79% of 18-34 year olds – millennials and generation Z – indicate they would be willing for providers in at least one of the sectors surveyed to share their relevant personal information with partners and trusted third parties to receive a more personalised experience.
• However, more than half of consumers (53%) say they’ve become more wary about sharing personal data over the last 12 months.
• In fact, only 42% of consumers think data protection legislation has improved how organisations use personal data.
• Consumers in the U.S. (37%), Germany (37%), Australia (33%) and Japan (30%) were the least confident that data protection legislation has improved how organisations use personal data.

Across industries, consumers want organizations to nail the basics

The report shows that across industries, consumers’ expectations continue to evolve, but getting the basics right is vital to maintain customer satisfaction and loyalty.

• 80% of consumers say out-of-date or inaccurate data (e.g., inventory availability, delivery tracking information) would make them more likely to shop with an alternative retailer next time.
• The most important factors in determining retail customer loyalty are cost (63%), the accuracy of inventory availability / real-time delivery information (41%), in-store customer experience (40%), and consistent experiences across in-store, online and mobile (36%).
• More than a quarter (27%) of people have switched or considered switching their bank in the last 12 months in order to receive a better digital experience. This number is even higher (49%) amongst 18-34 years olds.
• Consumers say that filing a claim with insurance providers is the most time-consuming (70%) and the second most complicated (40%) task.
• 61% of consumers think that healthcare providers make effective use of the data made available to them (e.g., personal health data from wearable tech and apps) to deliver a better standard of care. This is a significant increase from 42% in 2018.
• 73% of citizens polled feel public sector organisations lag behind the private sector when it comes to providing connected multi-channel services.

The Coherence Economy takes off among millennials

Consumers are starting to become more familiar with engaging multiple service providers through one application or experience. Common experiences like using a music streaming service via a ride hailing app and integrating multiple financial accounts into a planning app are part of the broader Coherence Economy – a new approach to customer engagement where multiple brands partner to add value through an ecosystem approach.

• More than a quarter (27%) of global consumers say they often engage with multiple service providers through a single app or experience.
• This number climbs to nearly half (49%) for 18-34 year olds, indicating millennials’ desire for these experiences.
• Interestingly, consumers in the U.K. (21%) and U.S. (24%) are less frequently engaged in coherent experiences compared to those in France (36%) and Singapore (47%).

“Organisations must cultivate partnerships to surprise and delight consumers. In the Coherence Economy, organisations need to develop strategies to collaborate with partners in a digital ecosystem and orchestrate personalised experiences for consumers,” said Uri Sarid, CTO, MuleSoft. “In order to innovate at scale and accelerate the delivery of products and experiences to customers, organisations will likely need to leverage a majority of third party services. By leveraging an API-led approach to integration, brands across all industries can easily connect their applications, data and devices to provide a holistic view of the consumer and easily empower new, connected experiences.”

Global research highlights how AI is changing the relationship between people and technology at work.

People have more trust in robots than their managers, according to the second annual AI at Work study conducted by Oracle and Future Workplace, a research firm preparing leaders for disruptions in recruiting, development and employee engagement. The study of 8,370 employees, managers and HR leaders across 10 countries, found that AI has changed the relationship between people and technology at work and is reshaping the role HR teams and managers need to play in attracting, retaining and developing talent.

AI is Changing the Relationship Between People and Technology at Work

Contrary to common fears around how AI will impact jobs, employees, managers and HR leaders across the globe are reporting increased adoption of AI at work and many are welcoming AI with love and optimism.

• AI is becoming more prominent with 50 percent of workers currently using some form of AI at work compared to only 32 percent last year. Workers in China (77 percent) and India (78 percent) have adopted AI over 2X more than those in France (32 percent) and Japan (29 percent).
• The majority (65 percent) of workers are optimistic, excited and grateful about having robot co-workers and nearly a quarter report having a loving and gratifying relationship with AI at work.
• Workers in India (60 percent) and China (56 percent) are the most excited about AI, followed by the UAE (44 percent), Singapore (41 percent), Brazil (32 percent), Australia/New Zealand (26 percent), Japan (25 percent), U.S. (22 percent), UK (20 percent) and France (8 percent).
• Men have a more positive view of AI at work than women with 32 percent of men optimistic vs. 23 percent of women.

Workers Trust Robots More Than Their Managers

The increasing adoption of AI at work is having a significant impact on the way employees interact with their managers. As a result, the traditional role of HR teams and the manager is shifting.

• 64 percent of people would trust a robot more than their manager and half have turned to a robot instead of their manager for advice.
• Workers in India (89 percent) and China (88 percent) are more trusting of robots over their managers, followed by Singapore (83 percent), Brazil (78%), Japan (76 percent), UAE (74 percent), Australia/New Zealand (58 percent), U.S. (57 percent), UK (54 percent) and France (56 percent).
• More men (56 percent) than women (44 percent) have turned to AI over their managers.

• 82% of people think robots can do things better than their managers.
• When asked what robots can do better than their managers, survey respondents saidrobots are better at providing unbiased information (26 percent), maintaining work schedules (34 percent), problem solving (29 percent) and managing a budget (26 percent).
• When asked what managers can do better than robots, workers said the top three tasks were understanding their feelings (45 percent), coaching them (33 percent) and creating a work culture (29 percent).

AI is Here to Stay: Organizations Need to Simplify and Secure AI to Stay Competitive

The impact of AI at work is only just beginning and in order to take advantage of the latest advancements in AI, organizations need to focus on simplifying and securing AI at work or risk being left behind.

• 76 percent of workers (and 81 percent of HR leaders) find it challenging to keep up with the pace of technological changes in the workplace.
• Workers want a simplified experience with AI at work, asking for a better user interface (34 percent), best practice training (30 percent) and an experience that is personalized to their behavior (30 percent).
• Security (31 percent) and privacy (30 percent) are the main concerns preventing workers from using AI at work.
• Digital natives Gen Z (43 percent) and Millennials (45 percent) are more concerned about privacy and security at work than Gen X (29 percent) and Baby Boomers (23 percent).

Majority of organisations neglect due diligence during the artificial intelligence development phase as they struggle with data issues, skill shortages and cultural resistance.

O’Reilly, the premier source for insight-driven learning on technology and business, has revealed the results of its 2019 ‘AI Adoption in the Enterprise’ survey. The report shows that security, privacy and ethics are low-priority issues for developers when modelling their machine learning (ML) solutions.

Security is the most serious blind spot. Nearly three-quarters (73 per cent) of respondents indicated they don’t check for security vulnerabilities during model building. More than half (59 per cent) of organisations also don’t consider fairness, bias or ethical issues during ML development. Privacy is similarly neglected, with only 35 per cent checking for issues during model building and deployment.

Instead, the majority of developmental resources are focused on ensuring artificial intelligence (AI) projects are accurate and successful. The majority (55 per cent) of developers mitigate against unexpected outcomes or predictions, but this still leaves a large number who don’t. Furthermore, 16 per cent of respondents don’t check for any risks at all during development.

This lack of due diligence is likely due to numerous internal challenges and factors, but the greatest roadblock hindering progress is cultural resistance, as indicated by 23 per cent of respondents.

The research also shows 19 per cent of organisations struggle to adopt AI due to a lack of data and data quality issues, as well as the absence of necessary skills for development. The most chronic skills shortages by far were centred around ML modelling and data science (57 per cent). To make progress in the areas of security, privacy and ethics, organisations urgently need to address these talent shortages.

“AI maturity and usage has grown exponentially in the last year. However, considerable hurdles remain that keep it from reaching critical mass,” said Ben Lorica, chief data scientist, O’Reilly.

“As AI and ML become increasingly automated, it’s paramount organisations invest the necessary time and resources to get security and ethics right. To do this, enterprises need the right talent and the best data. Closing the skills gap and taking another look at data quality should be their top priorities in the coming year.”

Other key findings include:

• The overwhelming majority of organisations (81 per cent) have started down the route of AI adoption. Most are in the evaluation or proof of concept stage (54 per cent), while 27 per cent have revenue-bearing AI projects in production.
• A significant minority (19 per cent) of companies have not started any AI projects.
• Machine learning has emerged as the most popular form of AI used by enterprises. Nearly two-thirds (63 per cent) use supervised learning solutions while 55 per cent are using deep learning technology. Model-based methods are used by almost half (48 per cent) of respondents.
• AI is most likely to be used in research and development (R&D) departments (50 per cent), customer service (34 per cent) and IT (33 per cent). Legal functions have seen the least innovation, with only 5 per cent making use of AI technologies.
• TensorFlow (55 per cent) and scikit-learn (48 per cent) are the most popular AI tools in use today. 

Global market study and independent survey shows companies are leveraging interconnection to compete in the digital economy as data explosion gets further distributed at the edge.

The latest Global Interconnection Index (GXI), an annual market study published by Equinix, predicts private connectivity at the edge will grow by 51% compound annual growth rate (CAGR), and exceed a total bandwidth capacity of more than 13,300 Tbps, equivalent to 53 zettabytes of data exchanged annually. This is enough to support every person on earth simultaneously downloading a complete season of Game of Thrones in ultra-high definition resolution in less than a single day.

The GXI market study finds interconnection bandwidth – the capacity for direct and private traffic exchange between key business partners – is an essential component to digital business and validates that to compete in the digital economy, companies must address growing data volumes and increasing data exchange velocity across a rising number of clouds and business ecosystems. In fact, according to a separate independent survey commissioned by Equinix of more than 2,450 global senior IT professionals, almost half (48%) of global IT decision-makers believe interconnection is a key facilitator of digital transformation. 4 in 10 IT decision-makers in EMEA feel the same and, in the UK, over a third (33%) of IT decision-makers cite interconnection as being key to the survival of their business. And companies are continuing to invest in this critical infrastructure, with almost half (49%) of IT decision-makers in the UK stating that any uncertainty around the final Brexit deal has not impacted their company’s decision to invest in IT infrastructure.

“People, software and machines are creating and consuming data faster and in all the places where we work, play, and live,” said Rick Villars, Research Vice President, Datacenter & Cloud, IDC. “The significant increase in data created, aggregated and analysed in these new locations is contributing to a major shift away from deploying IT in traditional corporate data centres. Enterprises need access to robust, modern data centre facilities near the edge locations where businesses want to deploy dedicated infrastructure and interconnect to the increasing number of clouds, customers and partners that are at the core of digital transformation efforts.”

Strong data compliance regulations across Europe are unlocking data exchange and growth of interconnection bandwidth in Healthcare & Life Sciences, Government & Education, and Business & Professional Services. This is leading Europe (51% CAGR) to overtake North America (46% CAGR) in the race to digital growth. Latin America is leading the charge with a 63% CAGR, with Asia-Pacific not far behind (56% CAGR). Expansion plans across the world, according to the survey, tell a slightly different story with 55% of EMEA businesses – and 42% of UK businesses, specifically – planning to expand in to new metros, versus more aggressive expansion plans in other regions (Americas 69%, Asia-Pacific 65%). 6 out of 10 (62%) IT decision-makers globally, and over half (53%) in the UK, are utilising virtual connections to support these growth plans.

Key Findings:

The GXI Vol. 3 delivers insights by tracking, measuring and forecasting growth in interconnection bandwidth—the total capacity provisioned to privately and directly exchange traffic, with a diverse set of partners and providers, at distributed IT exchange points inside carrier-neutral colocation data centers. The GXI finds:

The ability to exchange large volumes of data through interconnection is essential to compete in the digital economy

·In response to rapidly growing volumes of data, enterprise consumption of interconnection bandwidth will grow at a 64% CAGR globally, outpacing other forms of business data exchange. This is due to be even higher for EMEA, with consumption growing at a 67% CAGR, leading enterprises to account for 60% of total interconnection bandwidth in 2022. And, by 2022, London alone will account for over a third (34%) of European traffic, with leading European cities – Frankfurt, London, Amsterdam and Paris – together accounting for almost 78% of European traffic.

·To manage increasing volumes of data, enterprises are on average deploying in nine locations, with a total of 340 interconnections to networks clouds and business partners. The survey shines more light on this – IT decision-makers in the UK are utilising interconnection to connect to other enterprises (20%), network service providers (23%) and cloud service providers (39%).

·The independent survey found that over a third (34%) of IT decision-makers in the UK, believe interconnection can help their business to gain competitive advantage within the marketplace. This assertion was true for almost half (46%) of global IT decision-makers and for 4 out of 10 (39%) IT decision-makers in EMEA.

Distance is the biggest performance killer for digital business

·Deploying direct, private connections at the edge propels both application performance and user experience.

·Today’s latency-sensitive workloads require response times ranging from <60 to <20 milliseconds, forcing IT infrastructure closer to the points of consumption (the edge).

·According to the survey, a quarter (25%) of IT decision-makers in the UK are using interconnection to increase speed of connectivity. This compares to a finding of almost a third (31%) in EMEA and over a third (34%) globally. To add to this, 6 out of 10 (60%) IT decision-makers in the UK are using interconnection to improve security and half (50%) are using it to reduce the cost of connectivity.

Leading businesses are gaining competitive advantage using a combination of key interconnection deployment models

·Interconnecting to multiple network providers across multiple edge locations is the most prominent use case for interconnection bandwidth and is expected to grow 4x by 2022. According to the survey, optimising the performance of networks is a key priority for almost half (46%) of IT decision-makers in the UK.

·Interconnecting to multiple clouds and IT services across multiple edge locations and cloud regions represents the next largest and fastest use of interconnection bandwidth and is predicted to grow 13x by 2022. The move to multi-cloud strategies is cited by respondents to the survey as a priority for over a third (36%) of IT decision-makers in the UK.

·Interconnecting to digital business partners for financial services, content and digital media and supply chain integration makes up the remainder of interconnection bandwidth use cases and is forecasted to grow 5x by 2022.

Ping Identity has released results from its 2019 Consumer Survey: Trust and Accountability in the Era of Breaches and Data Misuse. The results expose how today’s environment—ripe with data misuse and large-scale security breaches—is impacting consumer behavior and relationships with service providers around the world.

Data security is a legitimate worry for today’s consumers around the world. Approximately one half (49%) of respondents report that they are more concerned about protecting their personal information than they were one year ago. This is evident by the lack of confidence consumers around the world have in a brand’s ability to safeguard personal information.

● A data breach could be game over for a brand. A significant number of respondents (81%) would stop engaging with a brand online following a data breach.

● Consumers expect companies to protect them. The expectation from 63% of consumers is that a company is always responsible for protecting data. This includes when users fall victim to phishing scams or use an unencrypted Wi-Fi connection.

● Sharing of personal data is a problem for consumers. More than half of respondents (55%) say a company sharing their personal data without permission is even more likely than a data breach (27%) to deter them from using that brand’s products.

● Social media companies don’t instill trust. Social media companies are the least trusted among sectors, with only 28% of respondents reporting they feel confident in these platforms’ ability to protect their personal information.

● Poor login experiences lead to cancelled service. Almost two-thirds of consumers (65%) are frustrated by login experiences and one-third (33%) have stopped using a device, app or service, or have left a bad review following an inconvenient login experience.

“There’s no question, businesses risk losing customers and damaging their brands if they lack strong, transparent data protection practices,” said Richard Bird, chief customer information officer, Ping Identity. “With a large percentage of consumers holding companies responsible for data protection, there is a competitive advantage for organizations that deliver secure and convenient experiences through identity management—and with that, a danger for those who don’t.”

Younger employees anxious about company’s ability to tackle growing security threats.

According to a new report on behaviour and attitudes to cybersecurity among different age groups, employees over the age of 30 are more likely to adopt cybersecurity best practice than younger colleagues who have grown up around digital technology. The report – ‘Meeting the expectations of a new generation. How the under 30s expect new approaches to cybersecurity’ - also indicates that the younger generation is more anxious about cybersecurity and their company’s ability to tackle the number of security threats.

Launched by the Security division of NTT Ltd., a leading global technology services company, the report reveals that while the over-30s demonstrate better cybersecurity behaviour in the UK, US, Nordics and Hong Kong, it is under-30s who are cybersecurity leaders in France and Brazil.

NTT’s report identified good and bad practice for global organisations researched as part of its Risk:Value 2019 report, scored across 17 key criteria. It reveals that, on average, under-30s score 2.3 in terms of cybersecurity best practice, compared to 3.0 for over-30s. In the UK, under-30s (4.3) and over-30s (5.5) are among the highest scores globally.

The data suggests that just because Millennials and Generation Z workers are born in the digital age, it does not necessarily mean they follow cybersecurity best practice. In fact, employees who have spent longer in the workplace gaining knowledge and skills and have acquired ‘digital DNA’ during that time, sometimes have an advantage over younger workers.

Overall, under-30s expect to be productive, flexible and agile at work using their own tools and devices, but half of respondents think responsibility for security rests solely with the IT department. This is 6% higher than respondents in the older age categories.

Azeem Aleem, VP Consulting (UK&I) Security, NTT, comments: “It’s clear from our research that a multi-generational workforce leads to very different attitudes to cybersecurity. This is a challenge when organisations need to engage across all age groups, from the oldest employee to the youngest. With technology constantly evolving and workers wanting to bring in and use their own devices, apps and tools, business leaders must ensure that security is an enabler and not a barrier to a productive workplace.

“Our advice for managing security within a multi-generational workforce is to set expectations with young people and make security awareness training mandatory. Then execute this training to test your defences with all company employees involved in simulation exercises. Finally, team work is key. The corporate security team is not one person, but the whole company, so cultural change is important to get right.”

Adam Joinson, Professor of Information Systems, University of Bath, an expert on the intersection between technology and behaviour, adds: “There is no ‘one size fits all’ approach to cybersecurity. The insights from the NTT study demonstrate that treating all employees as posing the same risk, or having the same skills, is problematic for organisations. We do need to be careful not to assume that the under-30s simply don’t care so much about cybersecurity. While this may be true in some cases, in others it is more likely that existing security policies and practices don’t meet their expectations about ‘stuff just working’.

“If we want to harness the fantastic creativity and energy of younger workers, we need to think about security as something that enables their work, not something that blocks them from achieving their tasks. This is likely to mean security practitioners having to fundamentally rethink the way security policies operate, and finding ways to improve the fit between security and the tasks employees are required to undertake as part of their core work.”

NTT’s six cybersecurity best practice tips for a multi-generational workforce:

• Security culture must include all generations and be supported by a diverse range of employee champions, which includes age
• Build a panel of younger employees and listen to their views on cybersecurity
• Younger employees can be at their best and most motivated in an agile, productive, flexible workplace environment, where they are most likely to buy into the desired culture and behaviours. Security should be designed to enable the business
• Make cybersecurity everyone’s business. Security leaders should be approachable to employees, through one-to-one interaction and more formal company events
• Where skills shortages are most acute, support learning programmes, mentoring and consider external support.
• Education is vital. Gamify security learning and make it fun for all

The typical enterprise expects the threat to arrive within three years.

A new study from DigiCert reveals that 71 percent of global organizations see the emergence of quantum computers as a large threat to security. Most anticipate tangible quantum computer threats will begin arriving within three years. The survey was conducted by ReRez Research in August 2019, within 400 enterprise organizations in the U.S., Germany and Japan from across critical infrastructure industries.

Quantum Computing Threat is Real and Quickly Approaching

Quantum computing is on the minds of many and is impacting their current and future thinking. Slightly more than half (55 percent) of respondents say quantum computing is a “somewhat” to “extremely” large security threat today, with 71 percent saying it will be a “somewhat” to “extremely” large threat in the future. The median prediction for when PQC would be required to combat the security threat posed by quantum computers was 2022, which means the time needed to prepare for quantum threats is nearer than some analysts have predicted.

Top Challenges

With the threat so clearly felt, 83 percent of respondents say it is important for IT to learn about quantum-safe security practices. Following are the top three worries reported for implementing PQC:

●        High costs to battle and mitigate quantum threats

●        Data stolen today is safe if encrypted, but quantum attacks will make this data vulnerable in the future

●        Encryption on devices and applications embedded in products will be susceptible

95 percent of respondents reported they are discussing at least one tactic to prepare for quantum computing, but two in five see this is as a difficult challenge. The top challenges reported include:

●        Cost

●        Lack of staff knowledge

●        Worries that TLS vendors won’t have upgraded certificates in time

“It is encouraging to see that so many companies understand the risk and challenges that quantum computing poses to enterprise encryption,” said Tim Hollebeek, Industry and Standards Technical Strategist at DigiCert. “With the excitement and potential of quantum technologies to impact our world, it's clear that security professionals are at least somewhat aware of the threats that quantum computers pose to encryption and security in the future. With so many engaged, but lacking good information about what to do and how to prepare, now is the time for companies to invest in strategies and solutions that will help them get ahead of the game and not get caught with their data exposed when the threats emerge."

Preparing for PQC

Enterprises are beginning to prepare for quantum computing, with a third reporting they have a PQC budget and another 56 percent working on establishing a PQC budget. In terms of specific activities, not surprisingly, “monitoring” was the top tactic currently employed by IT. Understanding their organization’s level of crypto-agility came next. This reflects the understanding that when the time comes to make a switch to PQC certificates, enterprises need to be ready to make the switch quickly and efficiently.

Rounding out the top five current IT tactics were understanding the organization’s current level of risk, building knowledge about PQC and developing TLS best practices.

Recommendations

The DigiCert 2019 Post Quantum Crypto Survey points to three best practices for companies ready to start planning their strategies for securing their organizations for the quantum future:

1. Know your risk and establish a quantum crypto maturity model.
2. Understand the importance of crypto-agility in your organization and establish it as a core practice.
3. Work with leading vendors to establish digital certificate best practices and ensure they are tracking PQC industry progress to help you stay ahead of the curve, including with their products and solutions. Change rarely happens quickly, so it’s better not to wait, but to address your crypto-agility now.

More than 300 executives surveyed to determine the frequency and severity of people-centric data breaches.

Proofpoint has announced the availability of a new survey from The Economist Intelligence Unit to help organizations gauge the frequency and severity of people-centric data breaches, and the steps companies are taking to address them. The study, entitled “Cyber Insecurity: Managing Threats From Within,” surveyed more than 300 corporate executives, including CIOs and CISOs, from North America, Europe, and Asia/Pacific. Respondents overwhelmingly identified people-centric threats as the cause for the most detrimental cybersecurity breaches, which include socially-engineered attacks and human errors, rather than failure of technology or process.

“More than 99 percent of targeted cyberattacks depend on human interaction to be successful,” said Ryan Kalember, executive vice president of Cybersecurity Strategy for Proofpoint. “The Economist Intelligence Unit findings reinforce just how important it is for organizations to take a people-centric approach to their security strategy. Security teams need to know exactly who within their organization is being targeted and why—and educate their people on best security practices. Cybersecurity has clearly evolved into a human challenge as much as a technical challenge.”

The Economist Intelligence Unit findings highlight how more than 300 respondents are addressing today’s top threats, the major obstacles that impede implementing best practices, and how organizations are moving forward. Key insights include:

· The majority of executives surveyed (85%) agree that human vulnerabilities cause the most detrimental cybersecurity breaches rather than failure of technology or process.

· Eighty-six percent of executives surveyed have experienced at least one data breach in the past three years, with well over half (60%) having experienced at least four.

· Nearly half (47%) say it’s very or extremely likely that they will face a major data breach in the next three years. Only 56% of healthcare executives are confident their organization can prevent, detect or respond to a data breach.

· The top three ways a data breach disrupted their businesses include: loss of revenue (33%), especially at large companies (38%); loss of clients (30%); and termination of staff involved (30%).

· 91 percent agree that their organization needs to better understand which cybersecurity measures work best—their focus needs to shift from quantity to quality. Almost all respondents (96%) say the board and C-suite strongly support efforts to control cybersecurity risks and 93% say the board and C-suite are regularly updated on cybersecurity risks.

· Addressing data breaches at the organizational level and alternating human behavior within the organization are critical steps to mitigating data breaches. 82% agree that data breach risk is an essential C-suite priority. 

“Technology is changing the notion of what it means to be human,” said Daryl Plummer, distinguished vice president and Gartner Fellow. “As workers and citizens see technology as an enhancement of their abilities, the human condition changes as well. CIOs in end-user organizations must understand the effects of the change and reset expectations for what technology means.”

Augmentations, decisions, emotions and companionship are the four aspects that are forging a new reality for human use of technology. “Beyond offering insights into some of the most critical areas of technology evolution, this year’s predictions help us move beyond thinking about mere notions of technology adoption and draw us more deeply into issues surrounding what it means to be human in the digital world,” said Mr. Plummer.   

By 2023, the number of people with disabilities employed will triple due to AI and emerging technologies, reducing barriers to access.

“People with disabilities constitute an untapped pool of critically skilled talent,” said Mr. Plummer. “Artificial intelligence (AI), augmented reality (AR), virtual reality (VR) and other emerging technologies have made work more accessible for employees with disabilities. For example, select restaurants are starting to pilot AI robotics technology that enables paralyzed employees to control robotic waiters remotely. Organizations that actively employ people with disabilities will not only cultivate goodwill from their communities, but also see 89% higher retention rates, a 72% increase in employee productivity, and a 29% increase in profitability.”

By 2024, AI identification of emotions will influence more than half of the online advertisements you see.

Artificial emotional intelligence (AEI) is the next frontier for AI development, especially for companies hoping to detect emotions in order to influence buying decisions. Twenty-eight percent of marketers ranked AI and machine learning (ML) among the top three technologies that will drive future marketing impact, and 87% of marketing organizations are currently pursuing some level of personalization, according to Gartner. Computer vision, which allows AI to identify and interpret physical environments, is one of the key technologies used for emotion recognition and has been ranked by Gartner as one of the most important technologies in the next three to five years.

“AEI makes it possible for both digital and physical experiences to become hyper personalized, beyond clicks and browsing history but actually on how customers feel in a specific purchasing moment. With the promise to measure and engage consumers based on something once thought to be intangible, this area of ‘empathetic marketing’ holds tremendous value for both brands and consumers when used within the proper privacy boundaries,” said Mr. Plummer.

Through 2023, 30% of IT organizations will extend BYOD policies with “bring your own enhancement” (BYOE) to address augmented humans in the workforce.

The concept of augmented workers has gained traction in social media conversations in 2019 due to advancements in wearable technology. Wearables are driving workplace productivity and safety across most verticals, including automotive, oil and gas, retail and healthcare. Although wearables are only one example of physical augmentations available today, humans will look to additional physical augmentations that will enhance their personal lives and help do their jobs.

“IT leaders certainly see these technologies as impactful, but it is the consumers’ desire to physically enhance themselves that will drive the adoption of these technologies first,” said Mr. Plummer. “Enterprises need to balance the control of these devices in their enterprises while also enabling users to use them for the benefit of the organization. This means embracing and exploiting the benefits of physical human augmentation through the implementation of a BYOE strategy.”

By 2025, 50% of people with a smartphone but without a bank account will use a mobile-accessible cryptocurrency account.

Major online marketplaces and social media platforms will start supporting cryptocurrency payments by the end of next year. At least half the globe’s citizens who do not use a bank account will instead use these new mobile-enabled cryptocurrency account services offered by global digital platforms by 2025. This will open trading opportunities for buyers and sellers in growing economies like sub-Saharan Africa and Asia/Pacific.

By 2023, a self-regulating association for oversight of AI and machine learning designers will be established in at least four of the G7 countries.

“Regulation of products as complex as AI and ML algorithms is no easy task. Consequences of algorithm failures at scale that occur within major societal functions are becoming more visible. For instance, AI-related failures in autonomous vehicles and aircraft have already killed people and attracted widespread attention in recent months,” said Mr. Plummer.

Public demand for protection from the consequences of malfunctioning algorithms will in turn produce pressure to assign legal liability for the harmful consequences of algorithm failure. The immediate impact of regulation of process will be to increase cycle times for AI and ML algorithm development and deployment. Enterprises can also expect to spend more for training and certification for practitioners and documentation of processes, as well as higher salaries for certified personnel. 

By 2023, 40% of professional workers will orchestrate their business application experiences and capabilities like they do their music streaming experience.

The human desire to have a work environment that is similar to their personal environment continues to rise — one where they can assemble their own applications to meet job and personal requirements in a self-service fashion. The consumerization of technology and introduction of new applications have elevated the expectations of employees as to what is possible from their business applications.

“Applications used to define our jobs. Nowadays, we are seeing organizations designing application experiences around the employee. For example, mobile and cloud technologies are freeing many workers from coming into an office and instead supporting a ‘work anywhere’ environment, outpacing traditional application business models,” said Mr. Plummer. “Similar to how humans customize their streaming experience, they can increasingly customize and engage with new application experiences.”

By 2023, up to 30% of world news and video content will be authenticated as real by blockchain countering deep fake technology.

Fake news represents deliberate disinformation, such as propaganda that is presented to viewers as real news. Its rapid proliferation in recent years can be attributed to bot-controlled accounts on social media, attracting more viewers than authentic news and manipulating human intake of information.  

By 2021, at least 10 major news organizations will use blockchain to track and prove the authenticity of their published content to readers and consumers. Likewise, governments, technology giants and other entities are fighting back through industry groups and proposed regulations. “The IT organization must work with content production teams to establish and track the origin of enterprise-generated content using blockchain technology,” said Mr. Plummer.  

Through 2021, digital transformation initiatives will take large traditional enterprises on average twice as long and cost twice as much as anticipated.

Business leaders’ expectations for revenue growth are unlikely to be realized from digital optimization strategies, due to the cost of technology modernization and the unanticipated costs of simplifying operational interdependencies. Such operational complexity also impedes the pace of change along with the degree of innovation and adaptability required to operate as a digital business.

“In most traditional organizations, the gap between digital ambition and reality is large,” said Mr. Plummer. “We expect CIOs’ budget allocation for IT modernization to grow 7% year over year through 2021 to try to close that gap.”

By 2023, individual activities will be tracked digitally by an “Internet of Behavior” to influence benefit and service eligibility for 40% of people worldwide.

Through facial recognition, location tracking and big data, organizations are starting to monitor individual behavior and link that behavior to other digital actions, like buying a train ticket. The Internet of Things (IoT) – where physical things are directed to do a certain thing based on a set of observed operating parameters relative to a desired set of operating parameters — is now being extended to people, known as the Internet of Behavior (IoB).

“With IoB, value judgements are applied to behavioral events to create a desired state of behavior,” said Mr. Plummer. “Within Western countries, the most notable example of a usage-based and behaviorally based business model is in property and casualty insurance. Over the long term, it is likely that almost everyone living in a modern society will be exposed to some form of IoB that melds with cultural and legal norms of our existing predigital societies.”  

By 2024, the World Health Organization will identify online shopping as an addictive disorder, as millions abuse digital commerce and encounter financial stress.

Consumer spending via digital commerce platforms will continue to grow over 10% year over year through 2022. The ease of online shopping will cause financial stress for millions of people, as online retailers increasingly use AI and personalization to effectively target consumers and prompt them to spend discretionary income that they do not have. The resulting debt and personal bankruptcies will cause depression and other health concerns caused by stress, which is capturing the attention of the WHO.

“The side effects of technology that promote addictive behavior are not exclusive to consumers. CIOs must also consider the possibility of lost productivity among employees who put work aside for online shopping and other digital distractions. In addition, regulations in support of responsible online retail practices might force companies to provide warnings to prospective customers who are ready to make online purchases, similar to casinos or cigarette companies,” said Mr. Plummer.

Global IT spending to grow 3.7 percent

Worldwide IT spending is projected to total $3.7 trillion in 2019, an increase of 0.4% from 2018, according to the latest forecast by Gartner, Inc. This is the lowest forecast growth in 2019 so far. Global IT spending is expected to rebound in 2020 with forecast growth of 3.7%, primarily due to enterprise software spending.

“The slowdown in IT spending in 2019 is not expected to stretch as far into 2020 despite concerns over a recession and companies cutting back on discretionary IT spending,” said John-David Lovelock, research vice president at Gartner.    

Today’s complex geopolitical environment has pushed regulatory compliance to the top of organizations’ priority list. Overall spending on security increased 10.5% in 2019, with cloud security projected to grow 41.2% over the next five years. “This is not just about keeping the ‘bad guys’ out,” said Mr. Lovelock. “It is also about the expanding need to be compliant with tariffs and trade policy, intellectual property rights, and even with the multiple and sometimes overlapping privacy laws.”

Despite the ongoing tariff war, U.S. IT spending is forecast to grow 3.5% in 2019, but IT spending in China is expected to grow only 0.1%. “Tariffs do not have a direct effect on IT spending, yet,” said Mr. Lovelock. “Should tariffs extend to devices like PCs and mobile phones, we will likely see manufacturers switch supply routes to minimize costs and have their technology made outside of China.”

The device market will see the sharpest spending decline among all segments in 2019, down 5.3% from $713 billion in 2018 (see Table 1). However, the market is expected to see modest growth of 1.2% in 2020. “Similar to how consumers have reached a threshold for upgrading to new technology and applications, technology general managers and product managers should invest only in the next generation of products that will push them closer to becoming a true technology company,” said Mr.Lovelock.

Table 1. Worldwide IT Spending Forecast (Billions of U.S. Dollars)

	2019 Spending	2019 Growth (%)	2020 Spending	2020 Growth (%)	2021 Spending	2021 Growth (%)
Data Center Systems	205	-2.5	210	2.6	212	1.0
Enterprise Software	457	8.8	507	10.9	560	10.5
Devices	675	-5.3	683	1.2	685	0.4
IT Services	1,031	3.7	1,088	5.5	1,147	5.5
Communications Services	1,364	-1.1	1,384	1.5	1,413	2.1
Overall IT	3,732	0.4	3,872	3.7	4,018	3.8

Source: Gartner (October 2019)

IT spending growth is being driven by the rest of the world catching up on cloud spending. The U.S. is leading cloud adoption and accounts for over half of global spending on cloud. In some cases, countries that Gartner tracks lag one to seven years in cloud adoption rates. “For perspective, the country directly behind the U.S. on cloud spending is the United Kingdom, which only spends 8% on public cloud services. An interesting outlier is China, which has the highest growth of cloud spending out of all countries. While China is closing the spending gap, it still will not reach U.S. levels by 2023,” said Mr. Lovelock.

Gartner predicts that organizations with a high percentage of IT spending dedicated to the cloud will become the recognized digital leaders in the future. “Most companies are caught trying to either cut costs or invest for growth, but the top-performing enterprises are doing both. A core challenge facing the industry is how organizations can operate as both a traditional company and a technology company at the same time,” said Mr. Lovelock. “These ‘and’ dilemmas will drive future IT spending trends.”

Digitalisation anxieties top business leaders’ concerns

Concerns about digitalization misconceptions, as well as the pace of their organizations’ digitalization efforts, topped business leaders’ concerns in Gartner, Inc.’s latest Emerging Risks Monitor Report.

Gartner surveyed 144 senior executives across industries and geographies and the results showed that “digitalization misconceptions” had risen to the top emerging risks in the 3Q19 Emerging Risks Monitor survey. “Lagging digitalization” remains in second position (see Table 1). Last quarter’s top emerging risk, “pace of change,” has now become an established risk after ranking on four previous emerging risk reports.

“While the threat of external macro risks such as the U.S.-China trade war are an increasing source of concern for executives, it’s notable that the top three risks in this quarter’s report are all centered around internal operations,” said Matt Shinkman, vice president with Gartner’s Risk and Audit Practice. “Business leaders are most concerned with their strategies around digital and having the resources in place to execute these plans.”

Table 1. Top Five Risks by Overall Risk Score: 4Q18-3Q19

Rank	4Q18	1Q19	2Q19	3Q19
1	Talent Shortage	Accelerating Privacy Regulation	Pace of Change	Digitalization Misconceptions
2	Accelerating Privacy Regulation	Pace of Change	Lagging Digitalization	Lagging Digitalization
3	Pace of Change	Talent Shortage	Talent Shortage	Strategic Assumptions
4	Lagging Digitalization	Lagging Digitalization	Digitalization Misconceptions	Data Localization
5	Digitalization Misconceptions	Digitalization Misconceptions	Data Localization	U.S.-China Trade Talks

Source: Gartner (October 2019)

Digitalization Anxiety Driven by Business Model Change
Digitalization misconceptions was cited as a top risk by 52% of respondents in the Emerging Risks Monitor Report, with lagging digitalization close behind with a 51% frequency rate. Executives from the IT and telecom sectors were clearly most concerned with digitalization misconceptions, with 75% of executives surveyed indicating this as a risk. The banking and energy industries were most concerned with lagging digitalization, with nearly seven in 10 executives indicating this area as a top risk.

Additional data collected by Gartner from corporate strategists reveals the extent of concerns with organizations’ digital strategies. Slow strategy execution and insufficient digital capabilities were tied among the top concerns of corporate strategists for 2019, with 60% of respondents indicating both areas as top concerns.

Adding to the unease is the large percentage of organizations undergoing some form of digital business change. A large majority of strategists indicated that digitalization was impacting four distinct areas of their business model: business capabilities, profit models, value propositions and customer behavior.

While these changes are underway, uncertainty persists about a clear path from current to future business models. Only 35% of strategists said they felt confident about which investments and initiatives were needed to drive their future business model, while only 20% said they had clarity on how those changes would positively impact their organizations. Just 8% of strategists felt confident that senior leadership agreed with these changes.

“Our data suggests that executives lack confidence in transformational business model changes, even as many are already underway,” said Mr. Shinkman. “To help mitigate the risks of digitalization missteps, organizations should take an incremental approach to business model transformation, with each step in the process building knowledge for future initiatives. Organizing business model transformation into discrete projects lessens the chance of major disruptions.”

Mr. Shinkman also noted that risk executives need to ensure they have a seat at the table during digitalization projects. Gartner research indicates that while two-thirds of risk executives said their organization currently has a digital transformation project underway, only 35% report that enterprise risk management teams are playing a role in the project.

The top 10 strategic technology trends for 2020

Gartner, Inc. has highlighted the top strategic technology trends that organizations need to explore in 2020. Analysts presented their findings during Gartner IT Symposium/Xpo, which is taking place here through Thursday.

Gartner defines a strategic technology trend as one with substantial disruptive potential that is beginning to break out of an emerging state into broader impact and use, or which is rapidly growing with a high degree of volatility reaching tipping points over the next five years.

“People-centric smart spaces are the structure used to organize and evaluate the primary impact of the Gartner top strategic technology trends for 2020,” said David Cearley, vice president and Gartner Fellow. “Putting people at the center of your technology strategy highlights one of the most important aspects of technology — how it impacts customers, employees, business partners, society or other key constituencies. Arguably all actions of the organization can be attributed to how it impacts these individuals and groups either directly or indirectly. This is a people-centric approach.”

“Smart spaces build on the people-centric notion. A smart space is a physical environment in which people and technology-enabled systems interact in increasingly open, connected, coordinated and intelligent ecosystems. Multiple elements — including people, processes, services and things — come together in a smart space to create a more immersive, interactive and automated experience,” said Mr. Cearley.

The top 10 strategic technology trends for 2020 are:

Hyperautomation

Hyperautomation is the combination of multiple machine learning (ML), packaged software and automation tools to deliver work. Hyperautomation refers not only to the breadth of the pallet of tools, but also to all the steps of automation itself (discover, analyze, design, automate, measure, monitor and reassess). Understanding the range of automation mechanisms, how they relate to one another and how they can be combined and coordinated is a major focus for hyperautomation.

This trend was kicked off with robotic process automation (RPA). However, RPA alone is not hyperautomation. Hyperautomation requires a combination of tools to help support replicating pieces of where the human is involved in a task. 

Multiexperience 

Through 2028, the user experience will undergo a significant shift in how users perceive the digital world and how they interact with it. Conversational platforms are changing the way in which people interact with the digital world. Virtual reality (VR), augmented reality (AR) and mixed reality (MR) are changing the way in which people perceive the digital world. This combined shift in both perception and interaction models leads to the future multisensory and multimodal experience.

“The model will shift from one of technology-literate people to one of people-literate technology. The burden of translating intent will move from the user to the computer,” said Brian Burke, research vice president at Gartner. . “This ability to communicate with users across many human senses will provide a richer environment for delivering nuanced information.”

Democratization of Expertise

Democratization is focused on providing people with access to technical expertise (for example, ML, application development) or business domain expertise (for example, sales process, economic analysis) via a radically simplified experience and without requiring extensive and costly training. “Citizen access” (for example, citizen data scientists, citizen integrators), as well as the evolution of citizen development and no-code models, are examples of democratization.  

Through 2023, Gartner expects four key aspects of the democratization trend to accelerate, including democratization of data and analytics (tools targeting data scientists expanding to target the professional developer community), democratization of development (AI tools to leverage in custom-developed applications), democratization of design (expanding on the low-code, no-code phenomena with automation of additional application development functions to empower the citizen-developer) and democratization of knowledge (non-IT professionals gaining access to tools and expert systems that empower them to exploit and apply specialized skills beyond their own expertise and training).

Human Augmentation 

Human augmentation explores how technology can be used to deliver cognitive and physical improvements as an integral part of the human experience. Physical augmentation enhances humans by changing their inherent physical capabilities by implanting or hosting a technology element on their bodies, such as a wearable device. Cognitive augmentation can occur through accessing information and exploiting applications on traditional computer systems and the emerging multiexperience interface in smart spaces. Over the next 10 years increasing levels of physical and cognitive human augmentation will become prevalent as individuals seek personal enhancements. This will create a new “consumerization” effect where employees seek to exploit their personal enhancements — and even extend them — to improve their office environment.

Transparency and Traceability

Consumers are increasingly aware that their personal information is valuable and are demanding control. Organizations recognize the increasing risk of securing and managing personal data, and governments are implementing strict legislation to ensure they do. Transparency and traceability are critical elements to support these digital ethics and privacy needs.

Transparency and traceability refer to a range of attitudes, actions and supporting technologies and practices designed to address regulatory requirements, preserve an ethical approach to use of artificial intelligence (AI) and other advanced technologies, and repair the growing lack of trust in companies. As organizations build out transparency and trust practices, they must focus on three areas: (1) AI and ML; (2) personal data privacy, ownership and control; and (3) ethically aligned design.

The Empowered Edge 

Edge computing is a computing topology in which information processing and content collection and delivery are placed closer to the sources, repositories and consumers of this information. It tries to keep the traffic and processing local to reduce latency, exploit the capabilities of the edge and enable greater autonomy at the edge.

“Much of the current focus on edge computing comes from the need for IoT systems to deliver disconnected or distributed capabilities into the embedded IoT world for specific industries such as manufacturing or retail,” said Mr. Burke. “However, edge computing will become a dominant factor across virtually all industries and use cases as the edge is empowered with increasingly more sophisticated and specialized compute resources and more data storage. Complex edge devices, including robots, drones, autonomous vehicles and operational systems will accelerate this shift.”  

Distributed Cloud

A distributed cloud is the distribution of public cloud services to different locations while the originating public cloud provider assumes responsibility for the operation, governance, updates to and evolution of the services. This represents a significant shift from the centralized model of most public cloud services and will lead to a new era in  cloud computing. 

Autonomous Things

Autonomous things are physical devices that use AI to automate functions previously performed by humans. The most recognizable forms of autonomous things are robots, drones, autonomous vehicles/ships and appliances. Their automation goes beyond the automation provided by rigid programing models, and they exploit AI to deliver advanced behaviors that interact more naturally with their surroundings and with people. As the technology capability improves, regulation permits and social acceptance grows, autonomous things will increasingly be deployed in uncontrolled public spaces.

“As autonomous things proliferate, we expect a shift from stand-alone intelligent things to a swarm of collaborative intelligent things where multiple devices will work together, either independently of people or with human input,” said Mr. Burke. “For example, heterogeneous robots can operate in a coordinated assembly process. In the delivery market, the most effective solution may be to use an autonomous vehicle to move packages to the target area. Robots and drones aboard the vehicle could then affect final delivery of the package.”

Practical Blockchain

Blockchain has the potential to reshape industries by enabling trust, providing transparency and enabling value exchange across business ecosystems, potentially lowering costs, reducing transaction settlement times and improving cash flow. Assets can be traced to their origin, significantly reducing the opportunities for substitutions with counterfeit goods. Asset tracking also has value in other areas, such as tracing food across a supply chain to more easily identify the origin of contamination or track individual parts to assist in product recalls. Another area in which blockchain has potential is identity management. Smart contracts can be programmed into the blockchain where events can trigger actions; for example, payment is released when goods are received.

“Blockchain remains immature for enterprise deployments due to a range of technical issues including poor scalability and interoperability. Despite these challenges, the significant potential for disruption and revenue generation means organizations should begin evaluating blockchain, even if they don’t anticipate aggressive adoption of the technologies in the near term,” said Mr. Burke.

AI Security

AI and ML will continue to be applied to augment human decision making across a broad set of use cases. While this creates great opportunities to enable hyperautomation and leverage autonomous things to deliver business transformation, it creates significant new challenges for the security team and risk leaders with a massive increase in potential points of attack with IoT, cloud computing, microservices and highly connected systems in smart spaces. Security and risk leaders should focus on three key areas — protecting AI-powered systems, leveraging AI to enhance security defense, and anticipating nefarious use of AI by attackers.  

 

 

The four phases of the Blockchain spectrum

Blockchain is forecast to generate $3.1 trillion in new business value worldwide by 2030, half of it by 2025 with applications designed for operational improvement, according to Gartner, Inc. However, enterprises can make missteps that will leave them out of position to capitalize fully on blockchain, under competitive threat by using the wrong strategy and being lulled into a false sense of progress and capability.

“Beyond operational improvements and increased efficiency, fully mature blockchain complete solutions will allow organizations to re-engineer business relationships, monetize illiquid assets and redistribute data and value flows to more successfully engage with the digital world. That is the real business of blockchain,” said David Furlonger, distinguished research vice-president and Gartner Fellow. “To unlock this potential, CIOs should use a framework to help their organizations better understand the timing of investments and the value proposition for blockchain usage based on different solution archetypes.”

Gartner created the Blockchain Spectrum to examine the phased evolution of blockchain solutions and how this path aligns to the anticipated value businesses can derive. In the book “The Real Business of Blockchain: How Leaders Can Create Value in a New Digital Age,” launched this month, Mr. Furlonger and co-author Christophe Uzureau, research vice president at Gartner, use the spectrum as one of several analytics models to reveal how blockchain will evolve from what it is today to what it will be by 2030.

The Blockchain Spectrum is made up of four evolutionary phases that segment solution offerings and characteristics, some of which won’t fully develop for years, but will have critical implications for the future of business and society. Each of these phases offers opportunities and risks, but CIOs should begin experimenting at some level based on a clear understanding that the choices they make will have significant consequences for their enterprise competitiveness and respective industries.

Blockchain-Enabling Technologies

These technologies provide the foundation upon which existing future blockchain solutions can be created and business modeled. This foundation can also be used as part of nonblockchain solutions; for example, to improve the operational efficiency. The foundational technology includes cryptography, distributed computing, peer-to-peer networking and messaging.

Blockchain-Inspired

In 2012, business leaders, primarily in financial services, started exploring blockchain through proofs of concepts and pilots. This phase will last through the early 2020s. Blockchain-inspired solutions leverage the foundational technologies but use only three of the five elements of blockchain — distribution, encryption and immutability. While some of these solutions make use of tokenization, they are not sufficiently decentralized to use such tokens to create new value exchange systems as part of the internet of value. As a result, these solutions often aim to reengineer existing processes specific to an individual organization or industry while maintaining centralized controls.

Blockchain-Complete

Blockchain-complete solutions deliver the full value proposition of blockchain using all five elements — distribution, encryption, immutability, tokenization and decentralization. Blockchain-complete solutions will feature tokenization enabled by smart contracts and decentralization, two components blockchain-inspired solutions lack. These solutions enable trade in new forms of value (such as new asset types) and unlock monopolies on existing forms of value ad processes (such as digital commerce or digital advertising).

“Few mainstream organizations are building blockchain-complete solutions yet. However, many startups providing blockchain-native solutions are doing so, and some will gain market momentum by the early 2020s, with more scale apparent after 2025,” said Mr. Uzureau. “Though not immediate, the proliferation of blockchain-complete solutions will push organizations to explore new ways of operating with greater degrees of decentralization than they have now.”

Enhanced Blockchain

After 2025, complementary technologies such as the Internet of Things (IoT), artificial intelligence (AI) and decentralized self-sovereign identity (SSI) solutions will converge and become more integrated with blockchain networks. The resulting enhanced blockchain solutions will expand the types of customer and the value that can be tokenized and exchanged and will enable a large number of smaller transactions to occur that would not be possible with traditional mechanisms.

“The evolution of blockchain cannot be ignored,” said Mr. Furlonger. “Blockchain-complete solutions will begin to gain traction in about three years. Only slightly further out lies a future business and societal environment that includes IoT and AI in which autonomous and intelligent things own assets and trade value. Business leaders who fail to do scenario planning or experiment with the technology, and delay consideration of the two fundamental blockchain components, decentralization and tokenization, risk being unable to adapt when blockchain matures.

CIO agenda 2020 predictions

Time for action is growing short for CIOs in the digital era. Many continue to struggle with siloed digital transformation initiatives, leaving them adrift and buffeted by competition and market forces. To support CIOs with guidance on complex, fast-moving environments and prescriptive, actionable recommendations, IDC has published IDC FutureScape: Worldwide CIO Agenda 2020 Predictions (IDC #US45578619). The predictions provide a strategic context that will enable CIOs to lead their organizations through a period of hyperscale, hyperspeed, and hyperconnectedness over the next five years. They also lay out IDC's vision for the ten most important shifts that will happen in IT organizations over the next 60 months and will help senior IT executives form their strategic IT plans.

"While there has been no single 'year of reckoning' for CIOs in the digital era, time for action is growing short, as competitors are accelerating their digital efforts. The ten predictions in this study define the concrete actions that CIOs can and must take to create digital-native 'future enterprises,'" said Serge Findling, vice president of Research for IDC's IT Executive Programs (IEP). "In this hyperspeed, hyperscale, and hyperconnected phase of digital transformation, CIOs must rapidly transform their organizations to become the Future IT."

The predictions from the IDC FutureScape for Worldwide CIO Agenda are:

Prediction 1: By 2024 the IT strategy for 80% of digitally advanced organizations will evolve to a broad, flexible, self-service mashup of digital tools to replace the "walled-garden" IT-as-an-Enabler model.

Prediction 2: By 2023, 65% of CIOs will be entrepreneurial leaders who evolve their organizations into centers of excellence that engineer enterprise-wide collaboration and innovation.

Prediction 3: Driven both by escalating cyber threats and needed new functionality, 65% of enterprises will aggressively modernize legacy systems with extensive new technology platform investments through 2023.

Prediction 4: By 2023, as a pillar of their IT multicloud approach, 70% of IT organizations will implement a strategic container/abstraction/API playbook to enhance application portability and hosting flexibility.

Prediction 5: By 2022, 70% of IT organizations will have transitioned from builders and operators to designer and integrators of digital solutions that come to define every product, service, or process.

Prediction 6: Through 2023, 80% of IT organizations will accelerate software development to enable them to deploy at least weekly code updates/revisions and business value delivery.

Prediction 7: By 2022, as innovation becomes synonymous with disruption, 40% of CIOs will co-lead innovation, articulating digital visions and infusing intelligence enterprise-wide.

Prediction 8: Through 2022, deployment of artificial intelligence to augment, streamline, and accelerate IT operations will be a principal IT transformation (ITX) initiative for 60% of enterprise IT organizations.

Prediction 9: Through 2024, 75% of CIOs will reshape all IT resources, including budgets, assets, and talent, to support real-time resource allocation and enterprise agility, dramatically reducing fixed costs.

Prediction 10: By 2023, driven by the mandate to deliver engaging, agile, continuous learning fueled workspaces, 60% of CIOs will implement formal employee experience programs. 

Last year IDC predicted 70% of CIOs would apply a mix of data and artificial intelligence (AI) to tools, processes and IT operations by 2021. It shouldn’t be assumed that a few algorithms are a quick fix to an organisations’ worldwide IT operations, however, if these innovative technologies are implemented with a strategic course of action, they can help the business thrive.

The ‘what’ & ‘how’

AIOps is now a market category which has gained serious momentum in the last few years. The concept brings together machine learning (ML) and data analytics in several different contexts. The technology empowers quicker, simpler, and more efficient IT operations management by enhancing some processes such as application performance monitoring, behavioral learning (dynamic baselining) as well as predictive event management, probable cause analysis and log analytics. As more and more businesses are going digital, requirements and infrastructures are becoming more complex. IT needs in turn must respond at the most optimal level possible and AIOps can enable this.

IT operation teams are able to move from rule-based, manual analysis to machine-assisted analysis and machine learning systems when AIOps is implemented. Human agents are only capable of completing a certain amount of analysis in a given time frame, dependent on the amount and complexity of the task. AIOps enables a level of change with the help of AI.

AIOps in action

One example of AIOps at work is the use case of Park Place Technologies (PPT). They are the world’s largest post-warranty data center maintenance organisation, helping thousands of customers manage their data centres globally. When customers have performance issues, costs escalate for Park Place if manual triage is required. To improve customer satisfaction and drive uptime, Park Place decided that an AIOps platform was the right solution for automating the support process, and began their implementation with 500 customers, with plans to support more.

“Using AIOps helps us move from a reactive service model to proactive, and ultimately to predictive. We’re able to see signs that there’s an impending failure and remediate it before it happens, really saving our customers a lot of downtime,” said Paul Mercina, Director of Product Management, Park Place Technologies.

Since applying its AIOps solution, Park Place has reduced the number of times a ticket is touched by a human by 80 percent. Not only that, the AIOps solution also allowed them to automate the triage process and optimize the customer experience – in fact they’ve experienced a 10 percent faster time to resolve incidents by leveraging advanced anomaly detection. These figures exemplify the reality of AIOps coming into works at an organisation and the wide variety of benefits it brings.

Holistic monitoring

For all organisations, IT services can use AIOps to produce holistic monitoring strategies. These allow the IT team to see patterns across various channels and make predictions based on the combined data, events, logs, and metrics. There is also a behavioral learning capacity gained from AIOps which uses the identified patterns to suppress any unusual events which fall outside of the recognised patterns of operational normalcy.

Lastly, AIOps can centralise the way organisations address and respond to IT incidents at different locations around the world. It can produce insights to identify problems affecting operations between services and send automated notifications when a problem has been identified. This helps to not only increase incident response times, but better resolve issues when they take place.

These are just some of the many ways enterprises are using AIOps today to cut costs, improve customer experience, avert problems, and free IT staff to focus their time on innovations their organisations need. It might not work miracles, but AIOps elevates the strategic importance and visibility of IT to the business by delivering the performance and availability needed no matter how complex environments become.

Within the last couple of decades, the digital world has changed beyond belief due to digital disruptors like Amazon, Netflix and Uber, raising the expectations for today’s connected and smartphone-wielding consumers. Once upon a time, these consumers waited for ‘dial-in’ internet to load and now the rules of engagement have changed, with ease and convenience becoming a ‘must have’ whenever they enter a store, head online, or both.

It’s no surprise then that organisations of all sizes in various sectors have put digital transformation at the top of the agenda – in order to support their operations and stop them falling behind trend. For small businesses and franchise owners, this is a crucial aspect that could make or break their business.

From a commercial aspect for them, adapting to digital trends is vital. Failure to keep up with digital trends risks could mean missing out on important opportunities or getting left by the kerbside in an era that’s characterised by fast-paced disruption.

Here are some of the top digital transformation challenges they face.

1.     Transferring data to the cloud

The widespread presence of digital real-time interactions means modern businesses are moving to digital-first strategies to support them with innovation, drive growth, and improve efficiency.

In bid to connect people, things and locations, they’re turning to the cloud to access a rich choice of applications that reduce operational expenditure, while enabling new and agile ways of working.

Cloud computing delivers numerous benefits – especially for small business and franchise owners. It provides a low-cost way to access the infrastructure and IT resources needed to drive digital business advantage. British SMBs have been quick to seize the opportunity. According to the British Chamber of Commerce, 69 percent of SMBs now harness some form of cloud computing service.

As the cloud becomes the gateway to utilising cutting edge technologies such as analytics, AI and automation, small businesses are set to benefit as these capabilities become democratised and productised. Able to compete on a level playing field with much larger enterprises, they’ll leverage these advanced technologies to develop new improved products and elevate how they engage with customers.

But all this adds up to a growing volume of business-critical network workloads that will need to be protected from any potential failure in network availability, performance or reliability.

2.     Bringing digitalisation to every channel

Nowadays with consumers expecting convenience at their fingertips – businesses are expected to comply by providing an integrated omnichannel experience, whether it’s through an online website or through an app on their phone. Moving seamlessly between the physical and digital worlds, they expect services like click and collect, reserve in-store, and more.

It’s not just the retail sector that’s been impacted by this trend. Just about every consumer-facing business or brand needs to connect, serve, support and deliver services in the channels their customers are using.

Enabling consistent and personalised interactions across every channel and touchpoint will prove critical for small businesses and franchise owners looking to gain a competitive edge.

That can prove particularly challenging for those based in remote or geographically dispersed locations looking to deliver the same level of digital sophistication as larger, metropolitan based commercial entities. To enable exceptional web and mobile experiences, they’ll need a high-performance network that ensures the internet doesn’t slow down their business.

3.     Staying secure and compliant

With ‘data leaks’ constantly hitting the headlines, it’s more imperative than ever to gain and maintain customer trust. Small businesses and franchises must balance these seamless digital experiences with the provision of fail-safe security that keeps customer personal and payment data safe and protected.

Today’s small business owners have to comply with a slew of regulations that extend from GDPR to PCI security standards. The proliferation of the Internet of Things (IoT) means the amount of contextual customer data is set to explode, compounding the cybersecurity and compliance challenge.

Add a rapidly changing cyber-threat landscape into the mix and digital transformation can seem like an uphill task for the smaller enterprise.

Fortunately, cybersecurity technology for the digital age is rapidly becoming available for small businesses. Featuring security measures such as multi-factor authentication, multi-layer security and advanced encryption, enabling differentiated and secure digital experiences is at last within the grasp of any scale of business.

These new adaptive approaches and cyber technologies make it possible to easily separate traffic into separate networks, so that each application and its associated data has its own space and doesn’t infringe on other applications in the system.

All of which makes it easier to keep attackers away from valuable customer data, stay compliant, and protect vital business infrastructure and assets.

4.     Managing the customer experience

Managing a small business in the age of technology isn’t a walk in the park. It is increasingly harder to please consumers as they expect a superior experience that’s connected, intelligent and personalised.

To stay relevant in a modern marketplace, small businesses need to listen and respond to customer needs. That means using digital tools to gain a clear picture of who their customers are, what turns them on and off, and engage in personalised relationship marketing that resonates with existing and new customers.

For example, loyalty programmes can be integrated with a customer’s mobile device and point-of-sale systems, including mobile point-of-sale. It’s an approach that makes it possible to track customer preferences, monitor which discounts and offers incentivise purchases, and can even be integrated with a customer’s preferred digital wallet app.

For local businesses that want to create an affinity with their brand and extend their awareness and reach, taking advantage of such tools produces a sense of trust and connection that goes beyond the physical location alone.

Next steps

For small businesses and franchise owners, digitising their businesses is a turning point. By uniting their existing strengths and local market knowledge with digital tools such as taking it online across channels, they will be well placed to challenge their competitors, win and retain consumers.

What’s next for the data centre? – five key trends

Enterprise IT looks with envy at the “hyperscale” data centers powering Internet giants like Amazon Web Services, Facebook, Microsoft and Alibaba. These contain hundreds of thousands of powerful computers (servers) connected by thousands of miles of network cable through tens of thousands of networking devices such as switches and routers. Google is estimated to have 900,000 servers across its 13 data centers worldwide, using enough electricity to power 200,000 homes. Have more modest size companies any chance to compete in such a world?

Trend 1 – a smarter network there are many elements to building a smart network but the focus here is on NICs

In a traditional data center the servers centralize the intelligence, one trend today to make the network itself more intelligent, by installing “smart” network cards called SmartNICs. According to Michael Kagan, CTO Mellanox Technologies: “It's not just about how fast you move the data along the wires. The secret is to process the data while it moves… in our most advanced network products we have computational units within every switch, so we can do data aggregation on the fly”. In his keynote address at NetEvents 2019 EMEA IT Spotlight he compared this to the distributed intelligence of an ant termite colony. Although individual termites may be programmed to specific roles like foraging, building or defence – they can rapidly regroup to repair, say, a collapsed mound. This is self-healing group behaviour – not driven by instructions from the centralised intelligence of the colony queen – and that puts it way ahead of traditional data center architecture.

Trend 2 – faster storage

The revolution is storage capability is well advanced, with Flash Solid State Storage revenue exceeding sales in traditional disk hard drives, and the arrival of integrated single chip storage controllers.

While massive archives will remain on traditional lower cost media for many years, as solid state storage becomes cheaper it is increasingly first choice for high speed access. Again, intelligent networks have a role to play, as Michael Kagan explains: “SmartNIC Virtualization presents anything on your cloud as a true local device… On your machine with its legacy operating system, you see a local device that can touch everything… we can allocate resources from different machines on the network and make them available as local storage devices, or local storage services on the local machine.”

Faster storage also needs faster networks…

Trend 3 – faster networks

High speed Ethernet (25G and faster) went mainstream last year. It is no longer just the privilege of hyperscale giants as more medium size enterprises are upgrading from 10G to 40G Ethernet and finding up to 50-fold performance gains from more efficient use of resources.

The hyperscalers are still leading the trend, however. One giant social media company, upgrading to cutting-edge Rome generation servers, found that their 25Gb/s networks were no longer sufficient and jumped to 100Gb/s Ethernet to get the full performance benefits. According to Kevin Deierling from Mellanox: “This is the perpetual game of technology leap-frog…  Whenever there is a leap forward in one element of the processing-storage-network triad, another element falls behind. With the newest CPUs making big performance leaps, it’s now the networks turn to leap”.

Trend 4 – Intent-Based Networking (IBN)

IT historically developed up from the bottom: from lengthy, unintelligible machine code, through a hierarchy of ever higher level languages, to today: when a single screen swipe conveys our “intent” to erase a file.

IBN takes networking that way. In the case of an enterprise network, the business intent might be to accelerate the system’s response to customers. Ongoing benefits of the agile IBN include reducing network outages and grey failures as well as reducing operating costs. According to Apstra CEO, Mansour Karam: “With Intent Based Analytics network operators can quickly detect and prevent a wide range of service level violations – including security breaches, performance degradations, and traffic imbalances – bringing the industry closer to the vision of a Self-Operating Network”.

Trend 5 – Application Specific Networking (ASN)

ASN extends the software-defined networking principle to build virtualized network layers on top of a physical network for specific application needs and turns the ordinary public internet into a secure and performant enterprise-class network by enhancing it with next-generation zero-trust cybersecurity, while at the same time boosting "best effort" Internet resilience & performance. As it is abstracted and virtualised, it is completely vendor, (in the Wide Area Network) service-provider and internet agnostic.

According to Philip Griffiths, NetFoundry’s Head of EMEA Partnerships: “By extending permission-less innovation to networking, we are putting programmable app connections in the hands of the practitioners. We're partnering with ISVs and developers so that they can use API's and SDKs connect their applications in minutes regardless of where they are hosted, accessed and consumed from – essentially they get private network benefits without private network hardware, wires, complexity and costs.” He compares this agility to the days when developing from scratch and rolling out a new application– since advent of cloud organisations deployment has gone from nine months to nine minutes and ASN does the same for networks and security.

Conclusion

We’ve focused on “What’s next” – ie new and upcoming trends in the data center. But don’t forget that there are many equally significant trends already well established: “Software defined everything” according to IDC analyst Ksenia Efimova; “If you're not looking at hyper-converged, then you're building yourself into a problem for the future” says Joe Baguley from VMware. And, of course, there will be ever more automation.

2019 will be remembered as the year of uncertainty as businesses prepared for not one but two Brexit deadlines. However, 2020 will be the year that organisations will need to adapt their businesses to deal with the long-term effects of Brexit - whatever happens - and other uncertainties, including ourselves. But adapt we must and in doing so, the technology that the organisation sits on must be able to provide the agility and flex that they need to adapt to whatever the business landscape may throw at them. We believe the answer to this will lie in the cloud; and specifically, hybrid cloud due to the flexibility and efficiency benefits this offers.  While this need for flexibility will impact businesses of all shapes and sizes across the whole of the UK, Scotland will define its own path with regard to technology which will see its use of cloud computing continue to increase exponentially into 2020 and beyond.

This shift towards hybrid cloud will also impact economic growth as a whole. As a home to start-ups, scale-ups and global organisations, Scotland is in a unique position to drive economic growth. With a legacy for innovation and entrepreneurship, there is a fire in the belly of businesses based here with a significant desire to grow. However, while budgets might prove restrictive, organisations should look within to drive this growth. We believe that this will be done in two ways – firstly through people, and encouraging talent within the organisation to innovate and secondly; through smart use of technology. For these organisations, adopting the right cloud strategy will ultimately support and enable this environment of growth.

Forrester has produced a major report on the future of technology. Here we highlight some of the major talking points:

Forrester’s 2020 Cybersecurity predictions specifically include:

• M&A activity will radically change to circumvent regulation and weaponise data 
• Mass data collection will drive 15 percent growth in anti-surveillance technology 
• Deepfakes will cost businesses over a quarter of a billion dollars 

Forrester’s 2020 Privacy and Data Ethics predictions specifically include: 

• The ICO’s real-time bidding rules will upend digital advertising 
• Privacy class action lawsuits will see a 300 percent increase 
• Privacy dark patterns will earn several brands fines, remediation and bad press. For example, Facebook requires just four clicks to accept its lax default settings, compared to 13 clicks to enable privacy-protecting settings. Regulators will take action against these practices in 2020

Forrester’s 2020 Automation predictions specifically include: 

• Automation, the future of work, and global economies will be discussed in the UN 
• The market for RPA services will reach $7.7b 
• As islands of automation become insurmountable, strike teams will emerge – a new organisational approach that sits between traditional IT and domain experts 

Forrester’s 2020 AI predictions specifically include: 

• Twenty five percent of the Fortune 500 will ramp up hundreds of intelligent process automation (IPA) use cases 
• Three high-profile PR disasters will rattle reputations, but will not wreck trust in AI 
• The tech elite – Adobe and Google, for example – will ramp AI plus design skills, while others will fumble 

Edge data centres are decentralised IT systems that deliver computing power directly to the location where the data is generated. They are situated in the immediate vicinity of the data sources – which helps ensure exceptionally fast initial data processing – and are also linked to cloud data centres for downstream processing.

Software applications in connected data centres ultimately use this up-to-the-minute data to perform analyses that require high levels of computing power.

Data is becoming increasingly important in physical retail spaces

Additional computing power enables companies to evaluate data relating to customer behaviour and enterprise resource planning more quickly and precisely. For example, a retailer can compare the sales in its nationwide branches using surveys from social media platforms in order to identify new trends. Alternatively, on entering a shop, customers – provided they have consented beforehand – can be identified via their smartphone and greeted with offers that are tailored specifically to them. This, too, requires an IT system that responds in real time and can access large volumes of data.

In general terms, edge data centres help companies to evaluate all customer data and thus optimise sales. They intelligently network branches that are spread out geographically with regional warehouses and a central data centre so as to optimise product availability at the point of sale (POS). Retailers can thus harness networked edge computing to increase the availability of products, optimise logistics and use customer preferences to regularly improve product displays at the POS, for example. The continuous and rapid availability of data gathered via edge computing makes it possible to manage customer behaviour more effectively. If necessary, this can be done as often as every day based on up-to-date data.

Retailers can also use the additional computing power and real-time stock tracking to optimise their supply chain management. In this case, long-term analyses help identify patterns in sales and thus provide plenty of notice regarding when specific products may be affected by bottlenecks. Without predictive analyses of this kind, there is the risk of losing customers, who switch to the competition because they can’t get what they want.

Networked IT infrastructure at the POS

To track goods and customers, retailers are installing networked sensors or using cameras to analyse patterns of movement. This is creating an Internet of Things that utilises a large number of sensors and data sources to generate a continuous data stream. Retail chains use sensors, for example, to identify the positions on the shelf where each product sells best. This also involves developing the supply chain to the extent that a shop reorders new products in an automated process. In the future, a growing number of companies will be using edge data centres to expand the requisite IT infrastructure at the POS. According to market analysts from IDC, edge IT systems could be processing and analysing 40 per cent of data from the Internet of Things throughout industry by 2019.

What types of edge data centres are available?

An edge data centre is designed so that companies can adapt it to the required performance level using preconfigured, standardised modules. Climate control and power supply modules, stable IT racks and robust security components are already aligned with each other – this is particularly important for sites that do not have a specific security concept at building level – i.e. access controls or airlocks, for example.

If factors such as dust, humidity or dirt also pose problems at the site – because industrial production is carried out there, for instance – then the IT racks should have a high protection category, such as IP 55.

Edge systems come in a wide range of output classes depending on the requirements and area of application. Edge gateway systems, for example, consolidate data directly on site and then initiate its transfer to downstream cloud data centres.

However, initial evaluations can also be carried out close to the data source. For instance, smaller systems for retail can perform tasks such as the initial aggregation of sensor data in a department store, supermarket or shopping centre, while powerful edge data centres can also be utilised that significantly increase the computing power at the relevant location. The latter may be necessary if retailers want to offer their customers elaborate product presentations based on virtual and augmented reality.

The technology used in these edge designs can vary greatly – from a basic service rack to a specially secured IT rack with an additional protective cover. If more power is required, a high-performance edge data centre based on a modular data centre container with weather-resistant and fire-resistant covering is the answer. The solution is then installed in the immediate vicinity of the location where the data is generated, either inside or outside buildings. With appropriate cooling technology, it will support an output of up to 35 kW per IT rack.

Thanks to their steel walls, IT containers are both stable and secure. Their excellent mobility also makes them highly flexible and means powerful data centres can be installed anywhere on company grounds or inside warehouses.

Requirements determine the configuration

If edge systems are being used to boost on-site computing power, the first step is to specify the associated business objectives. Technical and IT experts use this information to define the necessary software applications and it’s then possible to determine the configuration of an edge data centre based on this list of requirements. A number of criteria need to be taken into account during this process, for example, edge systems must be quick and easy to use in order to meet technical requirements promptly. The ideal scenario is for the manufacturer to supply a turnkey, ready-assembled system, complete with cooling technology, for plug-and-play connection to the power supply and network technology.

Edge system operation should also be automated and largely maintenance-free to minimise running costs. This requires comprehensive monitoring that covers the power supply, cooling, fire detection and extinguishing. The necessary protection category is determined by factors such as location and how fail-safe the system needs to be. It is also important to use a monitoring system that covers enclosure/rack doors as well as side panels; electronic door locks have the added benefit of making it easier to ascertain which staff had access to the IT and when.

During remote maintenance or emergencies, it may be necessary to completely power down the system, which means having to interrupt the power supply. Switchable PDUs (power distribution units) are required for this purpose.

Enhanced security with edge

Edge data centres can be installed in a room-in-room environment for the toughest security demands and a security room of this kind offers maximum protection in the event of fires or highly contaminated surroundings. Outdoors, it should also be ensured that the protection category supports reliable IT operation across a wide range of temperatures, for example from -20 °C to +45 °C.

Suppliers such as Rittal have developed a modular concept for these varying requirements and companies can use a modular system to create the ideal solution for their needs.

Rittal adopts a holistic approach when seeking a solution, working with partners such as ABB, HPE, IBM and the German cloud provider iNNOVO so that customers get all the services they need from a single source. The resulting pre-defined, standardised all-in-one edge system can be augmented with active IT components and “as-a-Service” options in a turnkey solution. The retail sector is therefore able to use continuously updated data to optimise the customer journey, and thus secure customer loyalty on a long-term basis.

We want issues to be resolved right away, our goods to arrive the next day and we are accustomed to communicating with anyone, anywhere, at any time. For enterprises, this “always on” mindset is mirrored in the increasing demand for real-time data processing. While cloud computing continues to play a central role in the modern network architecture, the potential of IoT and other emerging technologies is forcing companies to rethink their approach to IT infrastructure.

This is where Multi-access Edge Computing (MEC) plays a critical role. Edge computing is a form of network architecture that brings cloud computing closer to the end user. By moving to the edge of the operator network MEC creates faster, more efficient and intelligent networks. Both AI and IoT require the processing of vast amounts of data, most of which is not generated in the cloud but at the edge. Therefore, edge computing capabilities will catalyse the innovation of these next-generation technologies by streamlining the way they handle data.

However, the potential of edge remains mainly untapped. Many businesses are still behind on adopting this technology, choosing to stick with cloud applications that offer a mixed user experience. But businesses need to understand that MEC is an essential component for unlocking the benefits and potential of 5G, IoT, SDN and other emerging technologies. Ultimately, MEC is key to creating truly intelligent communications solutions that drive tangible business outcomes.

Improving digital services

There are a growing number of sensors and devices that send more and more data – and the introduction of 5G will only see this rise further. 5G will transform the way enterprises manage their networks and will make automation a critical component of any network management strategy. Real-time monitoring of networks and datacentres will become imperative. The sheer number of computations and connections will demand automated traffic management that considers conditions beyond geography; such as real-time datacentre performance, traffic volume and speed. These considerations will be key to optimising application performance.

The physical constraints of today’s cloud and network infrastructure mean that there are latencies that can range from 50ms to more than 200ms. There are many use cases that require less than 50ms of latencies to be viable which will be unlocked with the advent of edge computing in the network.

Through edge computing data can be streamed quickly to the cloud in batches when bandwidth needs aren’t as high. This improves performance and saves money. For different industries, this technology can be utilised to transform the products and services they offer consumers and partners. For instance, autonomous vehicles can use the abilities of edge to automatically decelerate when they sense a human within a set distance to improve the safety of our roads.

MEC also provides more flexibility for data privacy and local hosting of data. With local decisions made at the edge, the cloud may not need all the data generated immediately – or even at all.

Unpicking the potential of edge

For keeping pace in today’s digital age, edge computing gives businesses and developers more choice of where to run their workloads, depending on their specific latency, bandwidth and data sovereignty requirements. Certain applications, such as gaming, augmented reality (AR), virtual reality (VR) and video analytics, perform much better when processing and rendering are performed immediately. In fact, a joint neuroscience study by Vodafone and Ericsson uncovered that even relatively quick round-trips over the internet from a device to the public cloud can present enough latency to make an AR user feel motion sick.

Another benefit of MEC is that it will enable lighter and more cost efficient devices in the future. Today to render AR services on a mobile device the processing must be done on the device to prevent the motion sickness effect. This limits the potential of the AR experience to processing capability on the device. Furthermore, the more processing is on the device, the higher the device cost, lower battery life, and clunkier form factor. By sending the processing to the edge of the network, we can have better experience on lighter, more affordable devices.

MEC’s low latency could optimise production in an IoT-enabled smart factory and improve safety and efficiencies. By using data analysis and machine learning at the edge engineers will also be able to pinpoint and resolve faults on equipment in minutes, rather than hours, improving productivity and efficiency in the production line.

Despite this, it’s important to remember that edge will never completely replace the public cloud or even on device computers. To take full advantage of the technology, businesses should consider how to orchestrate and distribute workloads, ensuring that the right data is always in the right place at the right time to meet specific requirements. 

Edging ahead

Edge computing is becoming an increasingly popular and faster option for businesses needing to keep pace with the changing demands of customers and consumers. As the world of technology continues to expand, and the reach of IoT grows, businesses need to be able to manage devices and optimise them to provide the best services and solutions to customers.

Edge computing is more than a technology, it is a design framework that will redefine the way IoT systems are built and the way they function. Although the combination of other solutions will still be needed to expedite the widespread adoption of IoT, edge computing will prove to be the key mechanism to bring digital services to the next frontier.

While widescale adoption may be a way off, developers will soon start to embrace and create new use cases for distributed low latency applications. Ultimately, MEC helps businesses to place their intelligence where it’s needed, to drive better business outcomes. In fact, this technology marks a step forward for businesses looking to streamline processes for efficiency and effectiveness. 

1. Assuming an attack won’t happen

Any business could be attacked. It’s important for businesses to prepare their IT estate for compromise, so in the event of an attack, they’re able to limit the damage that can be done to their operations, finances and reputation. There’s an assumption that cyber security is a problem to be dealt with by the IT department but in reality, every user is responsible. The more aware users are of the risks, the more resilient a business can become.

2. Poor password management

Passwords aren’t going away any time soon, but there are additional measures that can be taken to avoid them being compromised. Use strong, unique passwords and ensure all users do the same – the NCSC’s guidance encourages using three random words. Additionally, implement two-factor authentication (2FA) on internet-facing systems and all remote access solutions, and for privileged users and requests to sensitive data repositories. For both professional and personal life, making use of a password manager requires remembering only one strong, unique password instead of lots of them.

3. Inadequate backup

If the IT estate is compromised and data lost, can it be retrieved? Implement a rigorous backup regime to ensure business-critical data can be recovered if the business is attacked. Store this backed up data in multiple secure locations, including an ‘offline’ location where infected systems can’t access it. Regularly test that backups are being done correctly and that data restoration procedures work as intended.

4. Reactive rather than proactive strategies

Some attacks bypass firewalls and anti-virus programmes, so businesses need to proactively hunt their systems for signs of compromise that haven’t been picked up by these traditional methods. The longer an adversary sits on a network undetected, the more damage they can do. Email is the single biggest attack vector, so implement the same level of proactive security for the email client too. Firewalls and email security solutions can block known malicious senders and strip certain types of file attachments that are known to be malicious before they have the chance to reach a user's inbox.  

5. Generic user privileges

Users should only be permitted access to the information they need to do their job. Limit the number of privileged user and admin accounts. For IT admins, adopt a least-privilege approach and consider using a privileged access management solution to restrict access throughout the network. The more users who have access to privileged information, the more targets there are for cyber criminals, and the more likely they are to succeed as a result.

Additionally, all accounts should be monitored for unusual activity. If a user is accessing files or drives they have no reason to be interacting with or have never interacted with before, such activity should prompt a review. Keep a record of all accounts each user has access to, and remove their permissions as soon as they leave the company.

6. Poorly configured, out of date systems

Environments that are not configured securely can enable malicious users to obtain unauthorised access. It’s therefore imperative to ensure the secure configuration of all systems at all times. Regular vulnerability assessments should be scheduled to identify weaknesses in the IT infrastructure that would leave an organisation open to exploitation. The results should be used to define detection and response capabilities and ascertain if an outsourced managed security provider is needed. To avoid allowing malicious access through unpatched vulnerabilities, apply security patches regularly and keep all systems and applications up-to-date.

7. No remote working policy

If users in the business work on the move or from home, it's important to have policies in place that will protect any sensitive corporate or personal data in the event of a mobile device being lost, stolen or compromised. Many corporate mobile devices – laptops, phones and tablets – not only contain locally saved sensitive data but are also connected to the company's internal network through VPNs and workspace browsers, giving attackers a direct route to the heart of a business. To enforce secure remote working practices, employ a suitable and robust enterprise mobile management solution and policy, applying your secure baseline and build to all devices.

8. Inconsistent monitoring

By not monitoring their systems, businesses could be overlooking opportunities that attackers won’t miss. Continuously monitor all systems and networks to detect changes or activities that could lead to vulnerabilities. Consider setting up a security operations centre (SOC) to monitor and analyse events on computer systems and networks.

9. Creating an incident response when it’s too late

There is a simple answer for businesses that don’t have an incident response plan: write one! Make it specific and ensure it accurately reflects the company’s risk appetite, capabilities and business objectives. Being adequately prepared for a security breach will go a long way towards minimising the business impact. This incident response plan should be tested on a regular basis, using a variety of different scenarios, to identify where improvements can be made.

10. Putting users as the first line of defence

Humans make mistakes, and no amount of training will negate that. Most users can’t be trained in complex IT processes, simply because they’re not IT experts. It’s unrealistic and unfair to expect otherwise. Invest in cyber security solutions that remove the burden of being on the frontline of email security defence, allowing users to get on with their day jobs.

Conclusion

These ten cyber security mistakes might be common, but they don’t have to be accepted as the norm. By taking the first step of assuming that all organisations are vulnerable to an attack, businesses can consequently focus on putting cyber security strategies in place that are proactive and consistent and that use technology to keep the business resilient against a backdrop of a constantly evolving cyber landscape.

“There is an ever-increasing demand for data storage, but it is becoming an increasingly crowded market where data centres will have to start to differentiate themselves from the competition. Operators will have to start offering additional services that make them stand out from the crowd, like Traceable Time as a Service (TTaaS®). Precision timing is a very attractive service to data centre customers – it offers the opportunity to verify their data in place and time as well as being compliant with regulations affecting industries such as the financial services. These add-ons will help improve the data centre’s stickiness and customer retention, a looming problem in the rapidly expanding marketplace for data storage.

I would predict that traceability will come of age, enabled by distributed ledgers and traceable timing.  Regulations such as GDPR and PECR are being flouted in industries such as real-time buying in advertising, and regulatory authorities are going to clamp down.  Anyone who handles personal data will have to prove when consent was given, who they shared it with, and when it was deleted. All of this can be enabled by an accurate, traceable, verifiable time feed. The growth of smart cities will also necessitate the adoption of synchronised timing to ensure automation runs smoothly and safely, integrated services can be relied upon and monitoring, such as CCTV or traffic cameras, can be verified.

Standards for storage and security will have to rise to accommodate for our increasing reliance on integrated technology as a society, and to minimise our vulnerability to hacking or abuses of data privacy.

Expectations for the management of data – from sharing permissions to storage to blockchain – are being levied from all directions. Regulators expect more transparency from companies and customers expect more integrity from those trusted with their sensitive personal data. Digitalisation and the expansion of IoT, edge, and the cloud is a runaway train of technological progress. However, there must be ethical and security considerations that come along with rapid advancement. While the growth of the digital world will likely make our lives easier, more efficient and more convenient it will also bring the possibility the manipulation and mishandling of our data.”

With containers’ newfound popularity, some companies are struggling to establish an efficient traffic flow and effectively implement security policies within Kubernetes, one of the most popular container-orchestration platforms.

As a container orchestrator and cluster manager, Kubernetes focuses on providing fantastic infrastructure, and has been adopted by countless companies as a result. Companies that use a microservices architecture (MSA) for developing applications, tend to find that Kubernetes offers a number of advantages when it comes time to deploy those applications.

For all those reasons, it’s essential that organisations understand the unique traffic flow and security requirements that Kubernetes entails.

What Is Kubernetes?

Kubernetes is an open-source container-orchestration system. It’s a portable and extensible program for managing containerised workloads and services and provides a container-centric management environment.

Kubernetes has one master node and two worker nodes. The master node functions by telling the worker nodes what to do, and the worker nodes function to carry out the instructions provided to them. Additional Kubernetes worker nodes can be added to scale out the infrastructure.

Another primary function of Kubernetes is to package up information into what are known as “pods,” multiples of which can run inside the same node. This way, if an application consists of several containers, those containers can be grouped into one pod that starts and stops as one.

Challenges in Kubernetes Environment

Like all other container-orchestration systems, Kubernetes comes with its own set of obstacles.

The networking of Kubernetes is unconventional in that, despite the use of an overlay network, the internal and external networks are distinct from one another.

Plus, Kubernetes intentionally isolates malfunctioning or failing nodes or pods in order to keep them from bringing down the entire application. This can result in frequently changing IP addresses between nodes. Services that rely on knowing a pod or container’s IP address then have to figure out what the new IP addresses are.

When it comes to access control between microservices, it’s important for companies to realise that traffic flowing between Kubernetes nodes are also capable of flowing to an external physical box or VM. This can both eat up resources and weaken security.

Kubernetes and Cloud Security Requirements

There are many requirements of Kubernetes and cloud security:

1. Advanced Application Delivery Controller

Companies already use advanced Application Delivery Controller for other areas of their infrastructure, it’s necessary to deploy one for Kubernetes as well. This allows administrators to do more advanced load balancing than what’s available with Kubernetes by default.

Kubernetes is equipped with a network proxy called kube-proxy. It’s designed to provide simple usage and works by adjusting iptables rules in Layer Three. However, it’s very basic and is different than what most enterprises are used to.

Many people will place an ADC or load balancer above their cloud. This provides the ability to create a virtual IP that’s static and available to everyone and configure everything dynamically.

As pods and containers start up, the ADCs can be dynamically configured to provide access to the new application, while implementing network security policies and, enforcing business data rules. This is usually accomplished through the use of an “Ingress controller” that sees the new pods and containers start up, and either configures an ADC to provide access to the new application or informs another “Kubernetes controller” node about the change.

2. Keep the Load Balancer Configuration in Sync With the Infrastructure

Since everything can be constantly shifting within the Kubernetes cloud, there is no practical way for the box that’s sitting above it to keep track of everything. Unless, however, you have something like the purple box, generally referred to as an Ingress controller. When a container starts or stops, that creates an event within Kubernetes. The Ingress controller identifies that event and responds to it accordingly.

This takes a great burden off of administrators and is significantly more efficient than manual management.

3. Security for North-South Traffic

North-south and east-west are both general terms to describe the direction of traffic flow. In the case of north-south traffic, traffic is flowing in and out of the Kubernetes cloud.

As mentioned before, companies need traffic management above the Kubernetes cloud to watch and catch malicious traffic.

If there’s traffic that needs to go to specific places, this is the ideal place to do that. If enterprises can automate this kind of functionality with a unified solution, they can achieve simplified operations, better application performance, point-of-control, back-end changes without front-end disruption and automated security policies.

4. Central Controller for Large Deployments

Scaling out is something else that enterprises need to take into account, especially in terms of security.

The Ingress controller is still there, but this time it’s handling multiple Kubernetes nodes and is observing the entire Kubernetes cluster. Above the Ingress controller would be the A10 Networks Harmony Controller. Such a controller allows for efficient load distribution and can quickly send information to the appropriate location.

With a central controller like this, it’s imperative to choose one that can handle scaling in and scaling out with little to no additional configuration on existing solutions.

5. Access Control Between Microservices

East-west traffic flows between Kubernetes nodes. When traffic flows between Kubernetes nodes, this traffic can be sent over physical networks, virtual or overlay networks, or both. Keeping tabs on how traffic flows from one pod or container to another can become quite complex without some way of monitoring those east-west traffic flows.

Plus, it can also present a serious security risk: attackers who gain access to one container can gain access to the entire internal network.

Luckily, companies can implement something called a “service mesh” like the A10 Secure Service Mesh. This can secure east-west traffic by acting as a proxy between containers to implement security rules, and is also able to help with scaling, load balancing and service monitoring.

With this type of solution, companies like financial institutions can easily keep information where it should be without compromising security.

6. Encryption for East-West Traffic

Without proper encryption, unencrypted information can flow from one physical Kubernetes node to another. This presents a serious problem, especially for enterprises that handle particularly sensitive information.

When evaluating a cloud security product, it’s important for enterprises to select one that encrypts traffic when it leaves a node and unencrypts it when it enters.

7. Application Traffic Analytics

Lastly, it’s of vital importance that enterprises understand the details of traffic at the application layer.

With controllers in place to monitor both directions of traffic, there are already two ideal points to collect traffic information.

Doing so can aid in both application optimisation and security and allows for several different functions. Organised from the simplest to the most advanced, those functions can allow for:

• Performance monitoring via descriptive analytics. Most vendors provide this.
• Faster troubleshooting via diagnostic analytics. A smaller number of vendors provide this.
• Insights via predictive analytics generated by machine learning systems. Even fewer vendors provide this.
• Adaptive controls via prescriptive analytics generated by truly intuitive AI. Only the best and most advanced vendors provide this.

So, when companies are talking to vendors, it’s essential that they determine which of those benefits their products can offer.

Additional Considerations for Dev and Ops Simplicity

Companies should be looking for a simple architecture with a unified solution, central management and control for easy analytics and troubleshooting, common configuration formats, no change in application code or configuration to implement security and gather analytic information and automated application of security policies. If companies prioritise those items, enterprises can enjoy streamlined, automated and secure traffic flow within Kubernetes. 

In this quest for constant improvement, organisations are set to spend $1.2 trillion this year. However, despite the goal to provide customers and business users with better, more seamless experiences, rarely does a week go by without performance problems causing disruption. In today’s always on, always connected digital world, mere milliseconds of downtime can cost millions in lost revenue and, as we become ever more reliant on software, there’s increasingly less margin for error.

To protect their organisation against the chaos that performance problems can cause, the root cause must be found quickly, so IT teams can get to work resolving it before users are impacted. However, as the software landscape evolves to drive faster innovation, enterprise applications, and the hybrid cloud environments they run in, are becoming increasingly dynamic and complex. Organisations are now reliant on thousands of intricately connected services, running on millions of lines of code and trillions of dependencies. A single point of failure in this complex delivery chain can be incredibly difficult to pinpoint accurately. If this complexity goes unchecked, digital performance problems will increase in frequency and severity, creating an unacceptable risk for the business.

The flip side to agility

This escalating complexity is largely being driven by the accelerating shift towards the cloud. In modern, cloud native IT stacks, everything is defined by software. Applications are built as microservices running in containers, networks and infrastructure are virtualised, and all resources are shared among applications. This has been a key part of many businesses’ digital transformation strategy, enabling them to drive greater agility and faster innovation. However, the downside to all this is that complexity is off the charts. To understand their apps, IT teams now need to understand the full stack, with visibility into every tier, not just the application layer. This has made it impossible for humans to quickly identify where problems originate, leaving IT teams desperately trying to put out a growing number of fires, with little to no visibility into where and why they’re occurring.

As digital services and technology environments become increasingly defined by software, being unable to quickly detect and resolve performance problems will have wider ramifications for businesses and their revenues. While currently it’s frustrating when, say, an online banking website is down, glitches in the code of the driverless cars or drones that will dominate our roads and skies in the future could have catastrophic consequences. Businesses must act now if they are to relegate performance problems to the past before they have a devastating impact on our future.

Anyone call for some AI assistance?

It should come as a comfort that there is hope on the horizon for IT teams, in the form of a new breed of AI that has emerged over the past few years; AIOps. AIOps tools can automatically identify and triage problems to prevent IT teams drowning in the deluge of alerts from their monitoring solutions. The global AIOps market is expected to grow to reach $11bn by 2023, which demonstrates a real appetite for these capabilities. However, these solutions have their limitations, which is why we’re now seeing the emergence of more holistic, next-generation approaches to monitoring that combine AIOps capabilities with deterministic AI. This provides access to software intelligence based on performance data that’s analysed in real-time, with full-stack context that provides IT teams with instant answers, so they can fix performance issues before users feel any impact. This type of 20:20 vision will help teams combat modern software complexity and gain clearer insight into their hazy cloud environments.

Taking it one step further, AI will eventually be capable of stopping performance degradations in their tracks, before they begin to develop into a real problem. For this to become reality, AI-powered monitoring solutions will need to be fully integrated with the enterprise cloud ecosystem, with access to metrics and events from other tools in the CI/CD pipeline, such as ServiceNow and Jenkins. AI capabilities will then be able to pull all monitoring data into a single platform, analyse it in real-time and deliver instant and precise answers that trigger autonomous problem remediation without the need for human intervention– something often referred to as application self-healing.

Smooth sailing into the future

It’s no secret that user experience is absolutely crucial for all companies operating today. While it may sound like a pipedream, AI is fast becoming the key to helping businesses ensure these experiences remain seamless, by relegating performance problems to the history books. Whether you look at it in the long or short term, AI capabilities will ultimately give companies total peace of mind that performance problems will be dealt with quickly and efficiently – minimising impact on user experience and protecting revenues and reputations against the devastation they can cause.

Although your systems may meet your business needs now, any future growth or success could be hindered by the inability to adopt new technologies. Replacing your current systems when they grow tired or break may seem like an easy short term resolve, but in the long run businesses will only suffer as a result of their avoidance to adopt a digital transformation plan.

The right digital transformation plan can provide a host of benefits, from reducing costs and time, to improving efficiencies across the business. However, digital transformation is not a single ‘out of the box’ solution and takes time, careful planning, and the right resources. There are plenty of mistakes that can be made when embarking on a transformation journey- here are 5 steps to consider;

1. A lack of clear strategic direction will not only make the whole process longer but could also result in spiralling costs. A transformation plan requires strong collaboration and should consider all business needs, with a clear set of goals as the aim. Breaking every process and task into manageable steps will make the overall implementation much simpler.

2. Whilst the technology plays a vital part, it is important that everyone is involved in the process, not just the IT department. When it comes to the day-to-day usability, the technology must work across all departments and at all levels. If the technology is starting to become too complex for the business, be prepared to pause or roll back on steps where serious issues occur.

3. For most businesses who are performing successfully, digital transformation may not seem like a necessity. However a digital transformation should be used to make existing functions and processes more efficient and effective, this enables the business to enhance current systems, add new features and over time change the business step-by-step.

4. Having the right level of knowledge is imperative to the success of your digital transformation project. Identify any missing skills and address them accordingly, investing in the right skills early in the process will ensure your strategy and plans stay on target. If the right skills aren’t available, you could look to outsource select resources.

5. When planning, it is important to identify what needs to be upgraded, replaced or reconstructed- once you’re into your transformation any ‘unexpected surprises’ could be both costly and disruptive. Simplifying your infrastructure could be as simple as removing multiple redundant or duplicative services and systems, or moving to cloud based solutions.

Digital transformation is not a journey that takes place alone. For those with limited resources Managed Service Providers (MSP’s) can help make the process easier and provide valuable insights into your project. With the help from MSP’s like EBC Group, businesses can be assured that they are getting the best technical services and support.

Linux containers (LXC) are an operating system (OS) level virtualization method that allows for multiple isolated Linux systems to run on the single Linux kernel of a control host. Meaning that these programs are isolated in individual user-spaces and operate at the OS level. These containers are self-contained and lightweight, holding very few components, making them a powerful tool for adding applications to a system without worrying about dependency errors.

Developers can use containers to package an application with the libraries, dependencies and other files it needs to run, without the host needing to install extra assets. In this way, containers can be installed and work on any Linux system that supports container functionality regardless of configuration.

For example, if a developer is working on a program on their laptop while travelling, they may encounter issues if their office computers have a different configuration, such as a missing library. Applications in development rely on the system configuration and are dependent on specific libraries, dependencies and files being available to work.

Containers provide a way of bypassing these issues. Because the programs are self-contained, they can be ported to different Linux environments regardless of configuration. Allowing developers to continue working anyplace and anytime.

On the other hand, in the example of a Linux system that has been stripped back and hardened to create a secure OS for a narrow use-case, containers can add in extra functionality. At INSYS this is a key feature for our industrial routers that run our Linux based icom OS, designed specifically for this purpose.

Plant managers can use the icom Smartbox, which comes preinstalled on any INSYS industrial router, to enable LXCs and develop their own application or choose from an array of off-the-shelf applications. These containers can be used to connect legacy machinery, including legacy software designed to run on Raspberry Pi’s.

Some of our customers have already used these devices to add edge computing to their network, as well as benefit from data analysis and reporting functions that send messages regarding anomalies immediately to users. Showing that containers are a great way to bring machinery into the present and push it into the future.

Containers greatly increase the value that end-users can extract from industrial hardware. LXCs have the potential to achieve this with a wide range of products. In some cases, the LXCs can completely redefine the function of a piece of hardware, giving it a new lease of life for use on the network.

Another benefit of containers is that they increase the security of the system. Because they’re isolated, if one is compromised by a malicious attack, the others can maintain their integrity. Their isolation also means that even if one of the containers is compromised, the others and the host are still secure.

All these benefits are leading to continuous developments in the realm of containers. In fact, some developers are beginning to create new programs by stitching together containers. This method allows the programs to become more flexible as individual containers can be swapped in and out easily allowing programs to be updated in line with user requirements.

Containers such as LXCs are proving to be an incredibly strong and versatile tool for developers and end-users. They have the potential to extend the life of hardware by redefining functions and giving old pieces of technology new functions. Their use is a gateway to continuous development.

The rise of AI and machine learning has opened up a whole new world of possibilities for dealing with this level of complexity. The global data centre automation software market is predicted to reach a value of $9.42 billion between 2019 and 2023, with a CAGR of 22%*. Data centres of the future will continue to augment the management by humans; the industry is on a path towards more automation of these environments. And the journey between the status quo and that automated future is being fast tracked by the application of artificial intelligence for IT operations: “AIOps”, of which there has lately been much hype.

What is AIOps?

Gartner’s definition** for AIOps is:

“Platforms that utilise big data, modern machine learning and other advanced analytics technologies to directly and indirectly enhance IT operations (monitoring, automation and service desk) functions with proactive, personal and dynamic insight. AIOps platforms enable the concurrent use of multiple data sources, data collection methods, analytical (real-time and deep) technologies, and presentation technologies.”

The drivers for AIOps

The future of IT operations is autonomous: enterprises need IT operations that never fail to deliver mission-critical services, that adapt to business innovation, and consume resources ever more efficiently.

Achieving this is difficult because the enterprise data centre today is made up of multiple infrastructure silos with disparate element managers that cannot adequately correlate or communicate with each other. The amount of complexity and moving parts in today’s data centre is staggering and IT operations and infrastructure teams simply do not have the visibility, capability or tooling to orchestrate across silos and private/public clouds.

As newer technology is deployed, the need for visibility across the entire environment becomes ever greater. The ability to have cross silo transparency and automation coupled with unifying and streamlining this mass of data, starts to tackle the numerous challenges that have arisen as a result of this limited silo structure.

Why AIOPs is different

If we compare running a data centre to driving a car, most monitoring tools provide a post-process analysis of why a problem occurred across a certain layer of infrastructure, or to use the car analogy, why your car crashed! The insight that AIOps provides ensures alerts are delivered in advance of the impending accident so that incidents can be anticipated, and through machine learning and algorithmic learning, intelligent action can be taken and the course corrected ahead of an accident ever taking place. The massive expense, disruption to customers and damage to an enterprise’s reputation should an outage occur, make AIOps capabilities in today’s hybrid data centre essential.

For a data centre to be truly autonomous, a massive amount of information must be collected about its operations and infrastructure. This is where the years of machine learning underpinning AIOps comes to the fore. It enables AIOps to discern and prioritise from thousands of alerts, essentially cutting out the noise. AIOps intelligence as a result of machine learning is also relevant in the context of providing a performance baseline, as well as delivering vital analytics for both applications and delivering business SLAs.

AIOps benefits and use cases

AIOps significantly reduces or removes mean time to resolution, preventing outages and enabling massive cost savings for the business due to increased uptime.

For operations teams, AIOps provides visibility and insight across silos and allows IT to become more business focussed, allowing them to innovate rather than simply operate, as has previously been the case.

True AIOps can enable an end-to-end real-time visibility, allowing for utilisation and capacity planning, which entirely mitigates infrastructure overprovisioning, delivering massive CAPEX and OPEX savings.

Moreover, the detailed insights enabled by AIOps can help increase the profiles and credibility of IT teams and application owners, shifting from a situation of finger pointing and “war room” scenarios, to providing valuable intelligence and reporting on the capacity, health and utilisation of the hybrid infrastructure.

AIOps’ ability to simplify data centre operations is vital; with cloud migration, there is a perceived risk in placing infrastructure in the hands of public cloud vendors. With AIOps, cloud vendor choice becomes less of an issue, as the entire heterogeneous infrastructure is controlled by the owners of IT, rather than a faceless public cloud vendor.

Barriers to AIOps adoption

AIOps enables strategic monitoring and control, ensuring application and infrastructure SLAs are met. One of the major barriers to its adoption is lack of trust and resistance to change. Organisations do not like moving away from the technology and tools they are familiar with. But simply put, without automation, managing the complexity and multiple moving parts of the hybrid data centre is becoming overwhelming for operations and infrastructure teams.

One of the core propositions of AIOps is “handing the keys” (and the control) of the infrastructure back to operations teams. Much as with a commercial aircraft, the flight controls can be set to automatic, but the pilot is free to take over at any time. It is ultimately up to the operation teams as to how much they wish to automate.

AIOps is more than an insurance policy against risk, it is a pivotal enabler of digital transformation, allowing companies to powerfully shift from reactive trouble shooting to proactive optimisation, streamlining operations to better serve their business and deliver organisational agility.

*Global Data Centre Automation Software Market – Technavio, June 2019

**Gartner definition of AIOps

“Cyber-attacks on 2020 candidates will become more brazen. While attacks on campaign websites have already occurred in past election cycles, targeted attacks on a candidate’s digital identity and personal devices will mount. 

With digital assistants operating in an “always listening” mode, an embarrassing “live mic” recording of a public figure will emerge. This recording may not be associated directly with a device owned by the public figure, but rather with them being a third party to the device. For example, the conversation being captured as “background noise”.

With the high value of healthcare data to cybercriminals and a need for accurate healthcare data for patient care, a blockchain-based health management system will emerge in the US. Such a system could offer the dual value of protecting patient data from tampering while reducing the potential for fraudulent claims being submitted to insurance providers.”

Ransomware isn’t the most pervasive or common threat, it’s simply the noisiest. In 2020 attacks will become more targeted and sophisticated. Hackers will pivot from spray-and-pray tactics. They will instead linger on networks and hone in on the most valuable data to encrypt. Imagine an attacker that encrypts investor information before a publicly traded bank announces earnings. This is the type of ransomware attack I expect we’ll see more of in the coming year, and organizations that can’t keep up will continue to get hit.

Fake News Will Become Fake Facetime

Forget fake news: 2020 will be the year of the deepfake and at least one major figure will pay the price. Thanks to leaky apps and loose data protection practices, our data and photos are everywhere. It will be game-on for anyone with a grudge or a sick sense of humour. It raises the ultimate question: What is real and what is fake?

A Political Party Will Cry Wolf

In 2020, one or both of our political parties will claim a hack influenced the elections to delegitimize the results. Foreign influence has been an ongoing theme, and few prospects are more enticing than affecting the outcome of a U.S. presidential election. With so much at stake, a nation state attack is practically inevitable. The federal government has failed to pass meaningful election security reform. Even if an attack doesn’t influence the results, it’s likely that those who don’t like the outcome will claim interference, and this scenario will discredit our democracy and erode trust in the electoral process. If we want to maintain the integrity of our elections and avoid political upheaval, real change needs to happen in how we store and protect our data.

CCPA...Cha-Ching!

Once January hits, the fines will roll in. A recent report released by California’s Department of Finance revealed that CCPA compliance could cost companies a total of $55 billion - and this isn’t even taking into consideration the firms that fail to comply. In 2019, we saw GDPR’s bite finally match its bark, with more than 25 fines issued to offenders, totalling more than $400M, and the same is likely to happen in the U.S. under CCPA. In 2020, at least 5 major fines will be issued under CCPA, racking up upwards of $200M in fines. While a federal regulation is still a ways off, at least 3 other states will begin to adopt legislation similar to California, though none will be as strict.”

The limits of AI and potential pitfalls

The use of microservices has its own limitations and challenges—scale, complexity, and constant change are the new realities of the modern enterprise when it comes to deploying microservices. Microservices architecture introduces complexity with respect to network latency, network communication, load balancing, fault tolerance, and message formats. But with the greater flexibility also comes a higher risk of something slipping through the cracks. Managing many services requires understanding deep structures, dependency graphs, and complex systems.

Process scalability is another significant challenge. An enterprise can run one cloud-based service with relative ease, but simultaneously running dozens of services across multiple clouds quickly becomes a complicated juggling act. In fact, with all the moving parts that come with microservices, it is becoming increasingly difficult to manage these processes manually.

No wonder that, along with the rise of microservices, we have seen the emergence of auto-remediation/self-healing capabilities. To the untrained eye, the terms auto-remediation and self-healing would seem to be the answer, but don’t be fooled. Many of these features, although making the management of microservices easier, use static thresholds for data points such as waiting time, throughput, message queue size, and more. When the thresholds are passed, the system will correct or self-heal as necessary. Although helpful, they’re not necessarily smart or intelligent enough to get by without a person behind the scenes—that’s where AI can help.

Problem-solving using AI

AI can help solve some of the hardest problems facing microservices today. Below are a few achievements we’re already seeing AI accomplish:

• Resource and load prediction: Understanding the load on the system and acting on it before it happens will allow systems to provision more resources before they’re needed. Provision of resources is not just limited to the network and number of tasks running; AI can trigger customer support representatives to be on hand when—and only when—needed.
• Detecting decay using AI: Anomaly detection is built into a lot of monitoring services and is efficient at detecting spikes, loads, and abnormal behaviors; however, detecting a service decay, no matter how gradual or subtle, is difficult. AI can help systems recognize whether services are reacting differently over time and what the reasons are for this decay. It also has the potential to be more effective in identifying bugs by studying clusters of microservices that have continuous issues.
• Resource management: As the scale and complexity of microservices grows, so does the use of the cloud. The ability to plan ahead using smart resource management could save significant costs while maintaining a stable, robust service.
• Security and attack patterns: Security is already leveraging AI in many places by discovering attack patterns based on known behaviors. Leveraging these capabilities at the network and database level can improve security for actions done by an authorized person. If you can understand the usage patterns and act on them, you can define a more secure system for all users.

Benefits aside, using AI is not without some pitfalls. For example, despite all its potential, the so-called state-of-the-art AI models are still quite primitive when compared to what they have the potential to achieve. Another issue is how to manage the possibility of bias creeping into AI models to avoid unintended consequences. Technology professionals are already working on ways to solve these complications, but it will take time to develop the right models, data sets, and algorithms to create the perfect solution.

The reality is that microservices are simply becoming far too complex for humans to effectively manage on their own. Because of the dynamic nature of their structure, their complex dependencies, and their sheer scale, machine learning must be applied to assist with monitoring and management tasks. 

In order to provide an optimum digital experience for your internal and external users, it’s vital to gain visibility into this data so you can track the performance of your technology, to identify and resolve issues before they negatively impact users. This is referred to as application performance monitoring (APM). The following top learnings will help you create an effective APM strategy to deliver the high-quality digital experiences that will set you apart from competitors.

1. Despite reliance on digital applications, few are monitored

Concerns around cost, scale and integration with legacy architecture have all impeded traditional APM adoption. However, in today’s end-user orientated climate, businesses cannot afford to allow this visibility gap – the space between what your tools are telling you and what your users are actually experiencing – to persist. Doing so could decrease organisational productivity, negatively affect customer satisfaction, and ultimately damage revenue.

Relying on employees to close this gap, by flagging poor system performance, is untenable. Instead, companies need to monitor end-user experience from the device to the application, through to the infrastructure and into the network. This approach provides IT teams with direct visibility into performance so they can find and fix issues as they occur, in some cases even before users become aware of them.

2. Monitor everything, including services out of your control

Your business relies on the end-to-end experience of all your applications, regardless of whether you or a third-party are delivering the service. Given the explosion of cloud adoption – 80 per cent of organisations will have migrated to the cloud and colocation by 2025, according to Gartner – it’s more important than ever that companies ensure they have visibility into these solutions. This visibility will empower businesses to hold vendors accountable and keep an eye on service-level agreements.

3. Application technologies are multiplying, increasing the need for APM

Cloud-native application development was designed with modern hyperscale infrastructure in mind. This approach sees traditional monolithic application infrastructure broken up into microservices – smaller, functional components – that can be scaled individually to deliver large-scale efficiencies. Particularly for the enterprise-scale businesses that are therefore driving their adoption.

The typical cloud-native technology stack is made up of a wide variety of commercial and open-source platforms. As the number of vendors and technologies grows, so too does the complexity and need for a strategy that delivers simplified visibility – APM.

4. APM’s big data challenge

Businesses create a significant volume of varied data on a daily basis. For instance, a credit card processing company will create petabytes of data every day by executing millions of application transactions. To make matters more challenging, the transactions will have been processed by tens of thousands of distributed application components in the cloud, making them subject to state changes. All of this data will need to be processed and stored and as a consequence, whilst the complexity is great, so is the need for high definition data.

5. Detailed data is key to troubleshooting

Detailed, second-by-second visibility into the systems your applications run on is crucial in today’s high-paced business environment. Checking the health of your systems at one-minute intervals is acceptable for infrastructure monitoring, but to troubleshoot business transactions it must be done in a matter of seconds. After all, five seconds is considered critical for revenue-impacting transactions, so application performance monitoring data must be equally high definition.

6. It’s time to implement big data for application monitoring

In an attempt to consistently monitor device, application, infrastructure and network performance, many companies fall into the trap of only sampling a small fraction of executed transactions. This leaves sizeable blind spots, creating the possibility for critical information to easily go unanalysed. In turn, this can compromise the overall quality of the data set.

However, it can be avoided with big data technology, which has already been proven to be capable of handling large-scale data collection and analysis. This allows businesses to deliver the lightning fast responses consumers expect from their applications and, in doing so, maintain brand credibility.

7. APM will quantifiably improve your bottom line

The driving force behind the majority of digital transformation projects is a company’s desire to improve their bottom line. The value of transformations can only be quantified, and their positive impacts amplified, through monitoring the end-user experience new technology is delivering. As such, a systematic approach to APM is crucial to delivering tangible financial results.

Take Riverbed as an example, its APM technology monitors the digital experience of every kind of application in an enterprise’s portfolio from the point of consumption – the user’s device – and upgrades the approach to a big data practice by delivering high definition data quality at scale. As a result, customers enjoy five times the return on investment over three years for large-scale APM deployments.  

APM has a proven ability to deliver optimum digital experiences that translate into business results, so what’s stopping you embracing it?

As security is becoming an ever-more pressing challenge for businesses, ensuring that software is secure enough to prevent a cyber-criminal taking advantage of any weaknesses should be a priority. IT teams may primarily focus on making sure that their application is flawless and runs smoothly for users, but now the threat of data breaches is causing developers to reconsider how they introduce security features into software at every stage of the delivery pipeline. Finding issues at the end of this process is better than the bug going out to users, but the ideal solution is to find problems earlier so that developers can reduce the amount of backtracking through the code that is required.

DevSecOps is a philosophy that streamlines these processes by incorporating them alongside the development process to help ensure that breaches are prevented. It improves the collaboration between development and operations teams by placing security at the heart of the process and creating faster, more efficient ways to safely deliver code in an agile architecture. Essentially, DevSecOps involves adding security to the existing DevOps process, whereby automated tests, non-functional requirements and compliance gating are incorporated into the standard DevOps cycle.

So how can organisations put a fully-functional DevSecOps philosophy into practice?

Share the load across every team

Shifting the focus of security to the left in the development cycle essentially means that identifying vulnerabilities should be an integral part of the development process from the beginning. To do so, security cannot be the responsibility of a single team or person, but rather a shared initiative across IT operations, security and development teams. By making this shift in the software development lifecycle, the process will run both more quickly and more securely.

If it’s a shared responsibility, then it requires a shared knowledge of what and how to watch and implement. To be able to move left in the cycle with this shared knowledge, pipeline phases and gates need to be incorporated. By breaking down delivery into phases and gates, teams can include threat analysis as an iteration to make sure it happens, and they can incorporate non-functional requirements into the product features.

By adopting this “shifting left” philosophy, development will not only be accelerated, but it will also limit potential security threats in the future while addressing existing threats at the least cost with minimal damage to the platform.

Weave automation in from the start

Applying continuous and focused automation such as linting is essential to the success of the DevSecOps environment. Automation, when woven into the software development lifecycle from the start, can reduce the friction that occurs between security and development teams by quickly addressing existing and potential concerns at the lowest cost.

Adding automated security checks earlier in the process enables developers to work on code that is current, rather than doing a final threat push on three-sprints of code where the developers are looking back on code that was written more than six weeks ago, which can be a difficult switch of context. By eliminating this challenge, both quality and hardening are built into the code far more effectively than adding these in at the end of the process.

Get your governance in gear

Governance and DevOps are often at odds over how they make sure that there are no security issues before they go to release. Release orchestration tools can be introduced to solve this conflict, and criteria gates can be added to make sure that governance and DevOps work together.

When security testing is conducted in the development process is an important consideration in terms of lessening impact as well. Addressing security issues in completed code is much more cumbersome and expensive than addressing them while still coding. To combat this, governance also needs to be added into the beginning of processes so that it can be tracked throughout the entire lifecycle. Security teams can audit, monitor and coach the progress throughout the lifecycle as well.

Monitor your microservices for better security

In the world of legacy software, the number of interactions with other sources is not very high. In microservices, it is the complete opposite, and there is an added need to make sure all of these interactions are communicating with each other in a secure way.

Single-function modules that contain well-defined operations and interfaces are essential for successfully implementing a comprehensive DevSecOps approach. By constantly monitoring, upgrading and tweaking the microservice-based infrastructure, organisations will be better equipped for new developments.

There needs to be a concerted effort to stop leaving technical debt in the form of insecure computing. If you don’t have time to do it securely now, when will you? By going down the road of fully implementing DevSecOps philosophies, organisations will be armed with massive economic and technical advantages over less secure organisations.

Adopting a DevSecOps approach is beneficial for all parties involved, from the CEO to the end-user, as everyone can be sure that the security of the software is as tight as it can be. By integrating security much earlier in the pipeline and checking for issues throughout the process, developers can prevent vulnerabilities from ever going out to market – and in today’s competitive age, that could be the difference that makes your business come out on top.

Maintaining your DC should take a "minimize, regulate and maintain" approach to contamination control and cleaning but how do you find a cleaning schedule and program that is in line with your operational goals?

Hardware manufacturers such as IBM, EMC and Dell recommend you maintain your environment to ISO14644-1:2015 Class 8 utilizing professional data centre cleaners. In fact, failing to do so may void your warranty in instances where preventable airborne contamination was found to be a cause of the device failure. ASHRAE recommends having an annual sub-floor clean and quarterly floor and equipment surface cleaning. Many of the ‘standards’ and ‘recommendations’ seemingly contradict one another.

Nevertheless, a clean data centre is essential… and here’s why! Airborne contaminants are the unnoticed threat. The trouble with airborne contaminants is that the source (or sources) isn’t always easy to identify and harmful buildup can occur over the course of days, months, or even years.

You might not see the source, but airborne and contact-based contaminants build up on equipment. Even solid-state storage mediums can be compromised by buildup on heat sinks, bearings and vents. There’s no such thing as an airproof data centre. Therefore, contamination from airborne sources is — for all intents and purposes — unavoidable. Electrostatic dust, corrosive oxides, volatile organic compounds, solvents and other contaminants put equipment at risk. Even seemingly mundane, everyday sources of contamination such as pollen, dust, hair and carpeting fibers can prove to be problematic.

Periodic indoor air quality testing, otherwise known as air particle testing, has long been the best and only, method for ascertaining and confirming compliance to the ISO standard for machine room and data centre air cleanliness. The faults with this method are twofold; firstly, it’s a snapshot in time and; secondly, it only measures  contaminates that are airborne and not those that have already settled.  

There have been significant new advancements in the equipment and methods used to test the air quality and the volume of particulate in the air. At Critical Facilities Solutions we are introducing new methods of testing. While we still use hand-held, snapshot, air particle testing  where necessary and relevant we are also installing robust, cost effective alternatives that measure the air quality on a constant or predetermined basis. We’ve coined the phrase Constant Air Monitoring. The product and system we supply and install can operate as a standalone system or be integrated into any BMS system.

While Continuous Particulate Air Monitors (CPAMs) have been used for years in nuclear facilities to assess airborne particulate radioactivity (APR) and pharmaceutical cleanrooms to measure air particulate (AP) the CPAMs have typically been extremely costly to install in other environments especially when taking the test parameters of the ISO standard and integration into data centre systems into account.

Settled contaminants cause decreased performance and thermal clogging. When airborne or touch contaminants buildup on the surface of equipment, this is known as "settled contamination." These tiny particles make their way onto (and into) delicate equipment, resulting in thermal clogging, data loss and performance bottlenecks due to thermal throttling. Contamination-related failures can even occur with solid-state drives (SSDs).

Densely packed racks are more susceptible to contamination. Servers and drives continue to shrink and become even more compact. This is great for reducing floorspace, but it also means equipment is packed in tightly, creating opportunities for settle contaminants to go unnoticed. It’s important to note that the more contamination accumulates on equipment and in air filters, the less efficient equipment becomes, leading to performance bottlenecks and wasted energy mostly down to the additional cooling requirements which then lead to further environmental impact. 

On to lesser known risks, but for those that have experienced it firsthand, the threat of zinc whiskers — and how they cripple essential equipment — is very real. But, there are several factors that are making this once-rare phenomenon all the more common.

So, what are zinc whiskers and how do you know if your server room or data center is at risk?

Zinc whiskers are microscopic, crystalline slivers of zinc that form through corrosion. Whiskering can originate from any number of sources; flooring panels, ductwork, ceiling hangers, server racks, electrical components and virtually any source galvanised with this brittle metal — even bolts, nuts and washers may exhibit signs of whiskering.

While it is now fairly well understood how whiskering occurs, tracing the source isn’t always so easy. For one, these "whiskers" are incredibly light, which means they can easily travel through HVAC systems and subfloor voids.

These metallic, fiber-like "whiskers" are highly conductive and can cross circuit board traces, corrupt data, compromise hardware and cause extensive downtime. PCB boards and other pieces of electronic equipment (servers, SSDs, PCB boards, etc.) are all at risk of being affected by zinc whiskers.

To neutralise the risks associated with zinc whiskers, Critical Facilities Solutions offers a complete solution that includes:

• Sample collection and analysis
• Laboratory testing
• Remediation
• Specialist cleaning
• Testing and consultancy

Getting started with professional cleaning doesn’t have to be difficult, if you’re new to the concept of hiring specialists to clean your critical facility, a professional data centre cleaner can walk you through the entire process, explaining each step and making recommendations along the way. Since no two facilities are alike, its highly recommended that a thorough inspection and survey be commissioned before you set out to create a service profile and schedule.

Following a consultation, its highly likely that a full deep clean will be recommend as the starting point for any on-going maintenance cleaning (especially if your facility has never received a professional service, or if there has been a lapse in cleaning). A deep clean may include cleaning every square inch of the data hall, equipment surfaces, as well as flooring, stringers, pedestals and the sub-floor voids. These aren’t "precautionary steps," but essential parts of preventing recontamination and ensuring your facility is as dust- and contamination-free as possible.

Selecting the best ‘starting point’ for your Data Centre’s maintenance regime can prove challenging. The Data Centre Alliance (DCA), the Data Centre Trade Association has, in consultation with the leading UK Data Centre cleaning authorities and companies, produced and distributed an Anti-Contamination Guide which looks to focus on overall best practice and should be considered a great resource in determining your starting point for any maintenance schedule. 

Data is an inescapable factor of modern life. With our phones smart, our homes becoming increasingly automated and every type of business relying on computing and the internet in one way or another, we need more data than ever before. Disconnection simply won’t be tolerated.

The next big thing set to further improve our connectivity is 5G, which will rely on a larger fleet of smaller data centres to deliver on its promise of ultra-low latency and high levels of interconnection, pushing the move towards Edge computing which is seeing data centres pop up round towns and cities throughout the UK.

While essential, the downside of data centres is the amount of energy they consume. The carbon footprint of this industry will soon overtake that of aviation, with much of this energy used for cooling – 38% of a data centres running costs go towards this task. A constant temperature of around 20 to 24 degrees is needed to prevent equipment from overheating and if it is not, servers will start to perform inefficiently and unreliably. Eventually, if temperatures are not maintained at safe levels, services will shut down completely.

Cooling, therefore, is one of the most significant challenges facing the data centre sector, and in most instances this cooling uses water, with hundreds of thousands of gallons of water used by the UK’s bigger centres in a single day.

Water worries

For data centre owners and the teams looking after their safe operation, there are two main issues with water that need to be addressed. In closed-circuit HVAC systems, such as those usually found in support of air cooled data centres, it is essential that corrosion is kept at bay; pipe fouling can lead to reduced efficiencies, as a system has to work harder to do its job. If left unchecked for too long, breakdown and downtime may follow, leading to great expense, disruption and reputation damage.

Secondly, there is the issue of water wastage. As mentioned at the start of this article, data centres use a lot of water, particularly the large ones which tend to rely on cooling towers. With sustainability in mind, reducing water consumption should be a priority, one which will save money long term. 

Out with the old…

Closed-circuit water systems, commonly found in smaller data centres relying on air cooling – a popular choice in Edge computing - have historically relied on decidedly old fashioned methods when it comes to checking water condition and preventing corrosion.

Despite the high tech nature of the data centre, the industry in charge of water management and treatment has remained unchanged for many years. Sampling, where a small amount of water is sent to a lab for testing, has been the main way of checking whether water is likely to cause corrosion. This method has a number of issues: results take days, if not weeks to come back, by which time conditions may have changed, sampling focuses on bacteria, which if present may be a case of too little too late and the results themselves only represent a snap shot of the past.

Relying on something which is not instantaneous and open to flaws is at odds with the fast-paced and technology driven world of the data centre. If a system is left to foul due to corrosion, energy efficiency will be compromised, increasing carbon footprints and exacerbating the risk of expensive repairs and downtime. In Guardian’s opinion, sampling alone just isn’t fit for purpose in this environment.

...And in with the new

So, what is the answer? We believe that real-time, 24/7 water monitoring is the way forward, a method being adopted by many of our data centre clients. By taking live readings on a wide range of parameters, including temperature, pressure, pH and inhibitor levels, building owners and maintenance teams can have a true picture of what’s actually going on, allowing them to act quickly when conditions change, preventing expensive repairs and breakdown.

Importantly, by using Hevasure’s real-time monitoring system, dissolved oxygen is checked for – something that sampling fails to identify. Oxygen is the key indicator when it comes to corrosion potential, either directly or by creating the conditions for bacteria to thrive, which can lead to Microbial Induced Corrosion (MIC). By detecting oxygen levels as soon as they rise, problems can be nipped in the bud before they even start.

Equally, this approach can actually lead to reduced maintenance requirements, less call outs and a reduction in flushing and chemical dosing. When changes in a system occur, following routine maintenance for example, disruption in water condition, such as an oxygen spike, is normal. 24/7 monitoring can track how quickly conditions return to base levels, meaning intervention can be avoided if this happens within a reasonable time frame. A sample taken following disruption would most likely show issues that lead to flushing and dosing.

For responsible parties, such as the Facilities Management team, this ability to pin point and track disruption and resolution provides peace of mind, avoiding misplaced blame. In one example, we prevented an FM team from being charged £300,000 for an issue that was believed to have happened following handover. By using Hevasure, we could see that the problem was in fact caused by another party who came in to do some works that caused major oxygen ingress. We could identify exactly when the issue occurred, easily tracking back to the situation that caused it. Historically, the FM team would’ve had to fit the bill.

Reuse and recycle

Another potential benefit of real-time monitoring is that water can be saved by avoiding unnecessary flushing – a process which uses gallons of water and chemicals. In larger-scale data centres reliant on cooling towers there are even greater savings to be made by recycling process water and utilising rainwater.

Water recycling systems can recover around 60 -70% of bleed water, as well as collecting rainwater. If 65% of the cooling tower bleed off can be recovered using a 8m3/hr recycling system, up to £120,000 can be saved every year, quickly recouping the £70,00 installation costs.

To ensure purity, a combination of media filtration, ion exchange and membrane filtration means that a high percentage of solids are removed, as well as bacteria, algae and viruses. The result is water that is often purer than when it originally entered the cooling system.

The ‘scale’ of the problem

Another major issues in cooling towers is scale. Just 1.6mm of scale can reduce thermal transfer by up to 12%, if left unchecked it can block heat exchanges, increasing pumping costs, leading to corrosion and Legionella risk. As cooling towers are open to the elements, bacteria becomes an issue for humans as well as the plant itself, so preventing its proliferation is doubly important. An outbreak of Legionnaires disease could lead to data centre closure, hefty fines and crucially, risk to human life.

A simple fix is to install water softening plant, which can reduce the labour costs associated with de-scaling by around £20,000 per month. ROI can be recouped in less than a year.

Sympathetic growth

We need more data, it’s an unavoidable fact of the modern world. We also need to make the way we live more sustainable so all industries must improve their carbon footprints and prevent wastage. In the data centre sector, water monitoring and recycling is a key part of this process, activities which will ultimately improve reliability and efficiency, while reducing the need for expensive repairs. With more data centres popping up throughout the UK there is a huge opportunity to change the status quo and move away from practices which are at odds with a modern and technology driven world.

www.gwtltd.com