SolarWinds recently published their newest public sector survey. This one focused on the complexities IT is facing as new technologies are brought into agencies.
We spent some time with Chris LaPoint, SolarWind’s VP of Product Management, to discuss topics including BYOx, cloud, and security. The full findings are embedded below.
DLT: It’s interesting that bring BYOx (a term referring to employees bringing their personal web-enabled things, such as phones and watches, with them to work) is seen as such a disruptive technology compared to something like cloud. Why do you think that is?
Chris: BYOx is largely just happening to IT departments. It’s like trying to tread water while having somebody throwing you weights every minute. Agency IT departments have to deal with other infrastructure technology shifts like virtualization, but that’s something they own and can control the pace of adoption. However, BYOx adoption, depending on the agency of course, tends to be driven by leadership and employees.
Cloud is a reoccurring technology found throughout respondent’s answers. What is your takeaway about cloud and where it’s going based on the survey?
31.5% responded that their organization does not currently use cloud. Personally, it seems unlikely that’s the case. I think it’s perhaps that IT just doesn’t have visibility into the shift and are not always aware of what the agency is buying. Our belief is that over time, more and more IT spending will shift from traditional IT on-premise infrastructure apps/servers/etc. to more Software-as-a-Service (SaaS) based investments – and that larger investments will be made in the data center around private cloud.
IT not always having insight into what an agency is purchasing, even when it’s IT-related, is an interesting observation. Building on that, what are your thoughts on shadow IT?
Shadow IT is interesting. Though IT might not be aware of everything being brought into their agency, ultimately, it will go back to them for solving problems like single sign-on. Now that there are 20 logins for all these applications, how do you manage them without knowing they’re there? This is where inventory is important. IT will be looked at as the owner of those problems so they need to start thinking about them now.
It’s interesting to note that all the most disruptive technologies are predicted by respondents to be automated in the next 3-5 years. Why do you think that is, especially when considering that most respondents turned around and said that those same skills that will be automated will have a higher demand during that same period?
Automation does not mean no IT interaction. A lot of it depends on what’s actually being automated. For example, just because SaaS app provisioning is automated doesn’t mean that there isn’t a need to monitor the end-user experience through the network. I think the responsibilities don’t go away, they shift to analysis and troubleshooting, and that still requires expertise and monitoring tools.
Information security stood out as lower on the list to be automated, but was number one in demand for skillset. That’s a frightening thought. We’ve had past discussions around the need for automation of InfoSec disciplines via continuous monitoring and I think this underscores that need. Why isn’t security at the top of the list for automation?
35.9% of respondents said that information security is the number one technology that IT will have to adapt to in the next 3-5 years. Other answers involved networks, systems, data center, and firewalls. Security is involved with all of these. Do you believe separating security from the very technologies they’re protecting is a wrong approach for the government to take?
I think that’s a rhetorical question and it’s a great one to spur the right type of thinking given the problems we’re talking about here. And we’ve talked about this before. As an increasing number of services become shared due to IT infrastructure convergence, the resulting abstraction makes it increasingly more difficult to monitor and manage from a security perspective. For example, with network virtualization, we’re talking about the new capability to create virtual instances of firewalls, load balancers, routers, etc. on demand. How will information security deal with that challenge? We need to look at the environment holistically. Not to beat that continuous monitoring horse again, but to adapt, agencies must start thinking about the problem holistically if they’re going to adapt to these changes in IT. Think about the “collect once, report to many” partnership between InfoSec and IT Ops – that would allow for a singular set of IT management tools. Otherwise, InfoSec won’t have the tools necessary to do their job as IT evolves.
What do you think we can learn from this survey moving forward in government IT?
I think the two takeaways are that training on new technologies is mandatory and that agency IT organizations must start adapting to new ways of doing IT (like continuous monitoring and end-to-end experience monitoring) now. The fact that only 28.3% of respondents said they’re “completely confident” that they can provide the guidance and expertise necessary to help their agencies make informed, strategic business decisions with regard to emerging technologies underscores the need for IT to adapt now because the next five years will come faster than we think.
You asked respondents what are the IT skills that will be automated in the next 3-5 years, what IT skills will be in higher demand in the next 3-5 years, and what role will evolve in the next 3-5 years. How would you answer these three?
I think that information security will be the most automated. That may be optimistic, but I feel like that’s going to be the most impacted by the abstraction.
The implication of virtualization is something that most organizations have to get a handle on as more things move that way; what does it mean for networks, administration, security, performance, and troubleshooting? That’s going to be a growing discipline. IT organizations will need automation tools because they won’t have the expertise to see things from all sides. Finally, I think network engineering will be more automated because engineers can’t keep up so they’ll need tools to make them more efficient.
What skills will be in higher demand? Security, network, and systems.
What roles will evolve? IT security has to adapt to a more agile way of managing risk due to the proliferation of cyber attacks. They have to be more proactive and learn continuous monitoring. Network roles will have to adapt as well, because the move to software-defined networking and virtualized networks will create a lot of turn within the network administration and engineering practice. They’ll have to think about things from a completely different way. They’ll also have to think not only about the physical, but this new layer that’s the virtual environment. It becomes a hybrid environment. That will drive the evolution of the network role. I believe systems are going to evolve to the point where the notion of traditional system admins will go away and the focus will be on different facets of virtualization.
via Business 2 Community http://ift.tt/1k39eTM
Aucun commentaire:
Enregistrer un commentaire