IoT, Microservices and Proactive Analytics Could Disrupt IT

As they move into 2016, many enterprise CIOs have strategic issues on their minds. Digital innovation will continue to reshape how organizations compete in their markets and fundamentally alter the relationship between IT and business units.

To stay on top of the leading innovations and revise their IT roadmaps for strategic advantage, many decision-makers will be focusing on these critical trends that could bring great efficiencies to enterprises in the months ahead.

A Growing Ecosystem of Devices

Mobile and other endpoint devices aren’t just used for accessing email or running collaboration apps. The latest generations of smartphones, wearables and industrial sensors are poised to become parts of larger hardware ecosystems that share information with each other to enable end users to analyze diverse data sets and take appropriate action based on the results. Industry observers expect 2016 to be a year of new opportunities for interconnected devices, along with greater interest in managing and securing the hardware more effectively.

“The biggest developments in 2015 has been the addition of devices that were not previously connected — air conditioning and heating systems, lighting units, industrial control systems, but also smaller devices that employees are bringing in, such as wearables,” says Michela Menting, digital security research director with ABI Research. These deployments are now prompting IT managers to add policies and tools to accurately identify device owners and determine what corporate data they’re authorized to access and share using the hardware. “These devices represent new nodes that networks need to make sense of, apply security settings to and be able to authenticate,” Menting says. “The enterprise has to be aware of this additional threat vector, and decide how they want to control that communication channel — if they can.”

Some vendors will support manageability by delivering remote diagnostics or over-the-air programming services along with their devices. Beyond that, enterprises should carefully consider which hardware will need antivirus software, what network traffic should be routed through intrusion-protection/intrusion-detection systems or firewalls, and whether external connectivity should be secured with virtual private networks.

What should IT managers do today to prepare for market changes and innovations that may come in 2016? “Understand that there are risks associated with new types of devices being connected to the enterprise network,” Menting says. “IT managers need to weigh multiple factors: improved efficiency, the cost of a breach, what processes are in place for incident responses, patching and management, and authentication mechanisms. The same considerations now being addressed for PCs and mobile devices will need to be applied to newly connected devices.”

Microservices for Mix-and-Match Applications

Large, monolithic applications, such as traditional enterprise resource planning programs, will continue to serve organizations for the foreseeable future. But an alternative approach to developing and deploying applications using software-defined architectures and microservices will continue to gain steam in the months ahead. Why? This flexible option enables enterprises to mix and match needed components to quickly deliver and scale services for changing requirements. Further, these services run efficiently in on-premises private clouds, public clouds and hybrid-cloud environments, which provides organizations greater choices for successfully meeting their goals.

“Creating microservices based on collections of smaller components increases efficiency, because you can develop various capabilities in parallel to reduce cycle times,” says Stephen Hendrick, principal analyst for application development and deployment research at the Enterprise Strategy Group. “And if you need to fix a bug or make a revision, you’re just changing one component rather than a large enterprise application.”

Many organizations will look closely at using containers to deploy these services, he adds. Containers offer an alternative to virtual machines, which are larger and come with more overhead, including the need to manage guest operating systems. Thus, IT departments can deploy containers more quickly and pack them more densely into physical servers when compared to their VM counterparts.

The tradeoff, however, is the relative immaturity of container technology, including a dearth of controls for managing and securing the resources. “The industry will continue to work hard on these issues in the coming year,” Hendrick predicts.

Application programming interfaces are another important enabler of componentized software and microservices. APIs provide a simple way to invoke services, and API management tools map operations to help IT managers understand how to leverage particular services and interface them with other APIs, he adds.

“Since the most important issues in containers are manageability and security, we expect to see more emphasis in 2016 on developing universal control planes for managing containers,” Hendrick says. “We’ll also see greater efforts by Docker and others in the vendor community to push the bar higher for security.”

His advice for IT decision-makers is to experiment with containers in 2016 to better understand their larger implications. “There are tremendous potential benefits from combining containerization, DevOps and microservices on top of cloud infrastructures,” Hendrick says. “The opportunity for digital transformation is significant.”

Proactive Analytics for Next-Generation Security

Traditional security strategies that centered on keeping hackers outside of enterprise networks and data centers remain essential, but alone, they are not enough to protect organizations in the era of cloud computing and ubiquitous mobility. As a result, security professionals are exploring new ways to quickly identify and stop sophisticated threats, whether they’re targeting internal systems, or specific users or applications. These expanding approaches include innovations such as continuous monitoring and real-time analysis of IT resources.

One way to do this is to use network forensics analysis tools and machine learning capabilities that uncover emerging threats from high volumes of data produced by intrusion detection systems and other alert mechanisms. “Machine learning allows analysts to go from very large data sets to very small ones to more quickly extract value,” says Andre Ludwig, senior technical director at Novetta Cyber Analytics, a security technology company.

For example, with the help of automation enabled by machine learning, security administrators can pinpoint the IP address that triggers an alert, and perhaps see what other servers the malware has been communicating with. “The real payback is not just looking more closely into an IDS alert, but to also analyze all the metadata and raw network traffic associated with the session,” Ludwig says.

“Enterprises can’t replace highly experienced analysts with machine learning,” adds Zach Hanif, Novetta’s director of applied data science. “But it can be an important tool to help network analysts and other security officials do their work more efficiently.”

These developments may also support more proactive steps by enterprises against cybercriminals. For example, Ludwig says the right tools could apply analytics to a piece of malware and reverse-engineer the problem program so that security experts can build a decoder to see everything the malware did, the communications it initiated and whether it was able to transfer any data out of the organization.

Another emerging technique for malware analysis is virtual-machine introspection (VMI), which enables IT professionals to peer more deeply into VMs to spot anomalies. “By looking behind the curtain of virtualized hosts, organizations can monitor how VMs may have changed over time to identify potential problems,” Ludwig says. “Think of VMI as an x-ray for virtual machines.”

To learn more about how innovative defenses can address advanced threats, check out the CDW Technology Insights Guide on “Next-Generation Security.”

For more coverage of data center technology, check out, The New Tools Needed to Defend Next-Generation Data Centers From Cyberattacks, and Automation and Analytics Emerge as Key Internet of Things Use Cases, and Converged Infrastructure Helps Make Sense of the Internet of Things.