Welcome to the new year and what looks to be one with exciting developments in the ICT, managed hosting and cloud world.
Whilst we’re still in January, we thought to share a round-up of what we believe will be the most important trends and developments to be mindful if you work in these sectors.
If you thought the year 2019 was the year of cybersecurity, think again. This year will see a surge in the trend of organised crime driving cybersecurity exploitation. Ransomware and ransom attacks will be professionalised at an unprecedented scale. With that comes a change of ‘economics’ in this arena.
Where attacks used to be laborious and therefore primarily launched on economically viable targets (organisations with considerable cash assets resources but small enough to be unable to respond and counter the attacks appropriately) the automation, sophistication and impact now allow attackers to operate almost on ‘utility’ level meaning large scale attacks on small organisations become viable. Flying under the radar as being ‘too small to be of interest’ is no longer the case. Believe it can’t happen to you – then look at the most recent attack on Travelex which took down their IT infrastructure to the point clerks are now handwriting receipts and invoices – speaks volumes. And even two weeks later, Travelex is still experiencing issues and their systems are not yet fully up.
Top actions you need to take now:
- Relentless hardening and patching of your public-facing infrastructure
- Partition your infrastructure with well-defined access and communication paths
- Monitor your infrastructure for unusual behavioural patterns in user activity, network communications, resource utilisation
- Closely monitor all security advisory communications relevant to the software packages and solutions you are operating
2) Consolidation in the hosting market
Starting a few years ago, the managed hosting market saw first signs of consolidation, fuelled by the continuing success and popularity of the hyper-converged cloud providers (a.k.a. The Big Three: Amazon, Azure and Google Cloud Platform).
The impact on the Managed Hosting market is profound. A continuous stream of mergers and acquisitions pose considerable business risks to customers across a wide range of issues such as continuity and contingency, but also often touches upon security and privacy concerns regarding data protection and cybersecurity. After all, what were previously separate processes and infrastructures now need to become an integrated and unified service. No matter the best intentions and planning, there are likely hiccups to be expected when your current provider is undergoing consolidation.
Digital Craftsmen is proud to be independent and continues to serve as a trusted provider to our customers in delivering a first-class service for their managed cloud requirements.
3) Feature deluge from The Big Three
At re:Invent 2019, AWS made no less than 75 product and feature announcements across the full six days – that’s more than ten announcements per day. Google, went even further and made a hundred announcements during their three-day Google I/O conference in Spring 2019.
The speed of pace is staggering, and this rate of innovation is here to stay. For those who have committed to either of these platforms, this is good news even though they might not benefit from all the innovation, only to some related to the services they are consuming. The problem with this is, however, that of vendor lock-in. Any good continuity, contingency and disaster planning must include the possibility of switching from one cloud provider to another. And the more features and unique approaches you use from your current provider, the harder it will be to switch should you ever need to. Fine if you are happy with staying with them forever however if you prefer choice, then you should probably look to re-evaluate your strategy.
4) Multi-cloud management tools
Despite the continuing success and ever-growing catalogue of the big cloud providers, there is scope, opportunity and a market for cross-cloud IT architecture and management and multi-cloud is gaining traction. Because whilst workloads typically stay within one cloud (provider), it is the pairing and usage of multiple cloud providers across your entire IT landscape which needs management and governance. Enter RightScale, Scalr, VMWare CloudHealth and other tools.
Since most things are rarely simple and sit in isolation, so it is the case here: Given the rate of innovation across cloud and cloud providers, multi-cloud management tools simply cannot keep up. So, there are two antagonists of relentless innovation and cross-cloud IT operations with unified management and governance. As is usual, you’ll need to find your own trade-off point.
5) Micro-region deployment (reverse cloud)
Since the beginning of cloud computing, it was essentially a business centralising IT resources into a set of a well-defined set of integrated massive-scale data centres. The architecture reflects the challenges of IT techniques and technologies at the time.
For example, Amazon calls an integrated group of data centres an Availability Zone, and multiple Availability Zones are then integrated into a Region. This hierarchical model reflects the aim to achieve high availability and resilience through the prominent use of redundancy and automatic fail-over.
Cynics call this ‘glorified outsourcing’, and they have a point.
Another more recent approach is called ‘computing’. All major cloud providers have incorporated this concept to some extent although not fully to its true meaning. To bring the results of your workloads closer to your customers, AWS lets you configure so-called ‘edge locations’ (of course at a price) where these results are cached. True edge computing, however, goes further than that by allowing and even promoting full cloud capabilities at the edge of the providers (global) network.
But what is the edge? Reversing the viewpoint, while there is a technical edge (or perimeter) to a cloud providers infrastructure, that edge is not the edge of its customers. In fact, each customer has their own individual IT edges – and with so many different edges, what is the point of trying to define it? That is the true direction of where edge computing is heading. The dissolution of the boundaries between data centre aggregation into availability zones and regions (whatever the names given by cloud providers).
6) More big cloud players entering the market
The usual triumvirate of ‘The Big Three’ (sometimes also including IBM as the fourth) is about to become a larger group of cloud providers. Despite recent strategic realignments and discontinuing cloud service rollout (HPE comes to mind) several new challengers are entering the cloudscape to carve their share out of the market.
Interestingly, the most noteworthy have long been in the cloud business without putting out their neck very publicly. These three most noteworthy challengers are (in no particular order):
There are more to arrive, but these are standing out as deploying general-purpose cloud services similar to AWS, Microsoft, and Google. We’ll be tracking to see how these different cloud offerings perform in the UK market and the extra value they bring to businesses.
7) Specialised hosting (PaaS)
Which brings us to the next major development we expect in the next few years: specialised PaaS hosting offers. For some time, the cloud market was growing and maturing simultaneously, from bespoke custom solutions through a stable yet growing product/service-driven market where solutions are packaged into configurable generic services that scale well. This has pushed stock IaaS services to the brink of being entirely commoditised into a utility not dissimilar to gas, water, electricity.
With the recent (re-)focus of customer-driven experience (also known as Customer 4.0) along with innovation in domain-specific software with cloud deployment in mind, the market begins to become more and more attractive to economic sectors traditionally not very cloud or bleeding edge IT-oriented.
This is the perfect mix of conditions to spark the acceleration of differentiation and specialisation of cloud service. The more diverse use cases a generic cloud service needs to support, the more generic it becomes to the point of being abstract – leaving more and more configuration, integration and management work to the client, which in turn is watering down the traditional value proposition of the cloud. The answer is specialised PaaS service offers to combine the characteristics and benefits of cloud computing with specialised configuration and support for the idiosyncrasies of the target domain market.
Yes, Brexit. The recent GE and the result of it mean the now certain departure of the UK from the European Union on 31 January 2020 and it is just the start, marking ‘only’ the formal legal departure. The next phase no matter what it is called (implementation or transition period) is set to last until 31 December 2020 by when an agreement between the UK and the EU is due to be struck, ratified and enforced.
This has profound implications on businesses not only in trade, manufacturing, industry and commerce, finance, but also in the services sector – and many commentators agree there is not enough time to cover the services sector in a trade agreement, which is by and large the biggest sector in the UK. Regulations regarding the (Digital) Single Market (DSM), most prominently the most recent one, GDPR, will still affect businesses that trade and operate across borders.
It is a little known fact, regulations also apply to providers that do not operate within the DSM are still required to abide by its laws and regulations for as long as they are providing products and services to members from within the DSM, be it legal or natural persons.
If your business is UK focused (or UK only), staying with or switching to a UK provider is probably your best bet.
9) Regulatory frameworks
Somewhat related to Brexit, two new regulatory frameworks are in the pipeline or shortly about to break the surface of market enforcement.
The EU Cybersecurity Act directly stipulates an EU cybersecurity certification framework aiming at levelling the playing field for IT service providers. It does so by establishing a compatibility and equivalence matrix among existing cybersecurity certification programmes on a national and international scale. The immediate effect is that in order to operate and apply for tenders in the DSM, an equivalent national certification will satisfy regulatory requirements of another national tender (e.g. a Polish provider responding to a tender launched by the Spanish public service).
The second important regulatory innovation is the Regulation on Free Flow of Data in the European Union (FFOD, or FFD) which stipulates (cloud) service providers must, over reasonable and usable means, support their customers in switching and porting of applications between cloud service providers. The response is the industry’s SWIPO initiative (Switching and Porting between cloud providers). As a self-regulatory initiative, the industry SWIPO Working Group is about to launch a legal entity designed to enforce and govern the relevant codes of conduct developed in the WG. Funded entirely by member cloud service providers, the legal entity is specifically designed to be co-governed and managed by service providers and consumers alike.
Again, Brexit may change the way how this all works in the UK in detail. However, it is likely this will have a profound impact on your underpinning IT infrastructure providers. Whether they operate in the UK only or are international providers, if your business is interacting and providing services to individuals and organisations in the EU, then your services have to comply with EU law and regulations. Even if this is not directly applicable to your business, but the larger impact will no doubt punch through to your underpinning providers – for your benefit.
We post updates on these trends in the forthcoming months to see how they evolve and will call out issues to take note of and give advice on how to plan around them. If you want an in-depth discussion today on how to prepare and safeguard your business for the year ahead, then contact the Digital Craftsmen team and speak to one of our craftsmen who can help secure your business no matter the challenges of the year.
Email the team on – [email protected] or call us on +44 (0)20 3745 7706