I invite you to imagine how things were ten years ago when we were all younger and probably happier; IT models were clearly defined and all was logical and gradual, just an exercise of scalability.
You started with a few PCs, you were connecting them into a network, eventually adding one file server, then a mail server, and starting to think about security. But also security was easier ten years ago. Viruses, worms, and occasionally some successful attack from curious persons that were called crackers, and was pretty much all. We were adding something like 5 to 10 virus signatures per day, and that was enough.
Then everything started to get complicated with: a lot of specialized software appearing, with the challenges of making them fit in small networks; then outsourcing services; then XaaS (everything as a service) and virtualization; BYOD; and so on. It’s no wonder that many people trying to keep the pace with all this evolution feel overwhelmed.
History, future predictions, and reality
The recent IT history is full of lateral roads and high expectations; to the point where Gartner has set-up and practically made famous a model; what they call the Hype Cycle. People started using it as a tool to assess the technology maturity stage, their clients’ expectations, and to predict the future.
During all these years we have seen many hype cycles for various technologies, more or less likely to dramatically impact SMEs. Distributed computing, SOA, Tablet PCs, Social Networks, SSDs, Green IT, and Virtualization to name a few. Many of these have passed-over the entire cycle and have now become mature technological options for businesses around the world.
But how many of them were adopted in SME-s?
How much was/is hype and how much has become/will be a valuable option for SME-s?
An evolution of security challenges for SMEs
A first line of challenges for the traditional SME infrastructure has been represented by the increase of computing power at the level of the devices that were affordable for SME.
First we were talking about servers and blades and domes that could deliver to the business a lot of CPU, RAM and storage. A consequence has been the need for security and this is when perimeter security and all-purpose security appliances came at hand.
The second line of evolution was when humans started to physically move, generating the need for remote access to the resources inside the network and to applications. A lot of agents, software clients, connectors, etc. have been developed as supplements of the classic client-server applications. And the need to secure them, of course, generating the rise of VPN technologies and authentication & access solutions.
Once mobile, these people desired the same computing power but in lighter handheld devices, which have reached the power of traditional computers but at a fraction of their weight. And their evolution hasn’t stopped. We are talking about a new wave that is in full movement and we are expecting a lot from wearable devices as well as other smart objects.
As a consequence for the SME infrastructures, we have seen a serious tendency to accommodate the BYOD work style with the subsequent security concerns and policies.
Up till now we were talking about computing devices, CPU, RAM and storage in SME possession – “IT to own”. These technologies have evolved but the analysts consider that they have already started to go on a steady and less explosive path: Gartner’s Hype Cycle Report for 2013.
But there is a lot more to this system of devices that you own and touch. Once considered a promise and declared hype by many, the road to virtualization and cloud computing has become a fulfilled prophecy.
We are facing a paradigm-shift moment from “IT to own” to a “pay per use” model that is very applicable to SMEs and it has the potential to change the entire SME work style and work environment, for the better.
Reasons for this to happen:
Reason #1: Capacity - the “IT to own” model is reaching its limits. Even though we could stuff more computing power in a traditional on-premise network, there are limits of space and electric power, facilities etc. The mobile style of doing the day-by-day work has been changing their IT resources usage model.
Reason #2: Economics - SMEs were forced by the economic crisis to realize that it’s more convenient to rent the applications they are using, to store data in the cloud and eventually also lease CPU, RAM and storage.
Reason #3: Lack of competencies – the shortage of competent IT resources and their cost has been forcing SMEs to think twice before hiring, even part-time, such personnel. But to benefit from their skills and knowledge and paying a fraction of the cost might be attractive.
Reason #4: Security – choosing to keep the valuable data and the business applications in the cloud, maintaining secure images of the computing devices in a secure data center, with all security patches applied and the risks transferred to the provider and covered by a strong SLA is a dream come true.
Reason #5: Business Continuity & Recovery + Ubiquity – virtualization and XaaS are an SMEs best allies when dealing with Business Continuity constraints. Anything may happen, all the valuable assets are in a secure place, always available. Damages may be covered anytime by just restoring the last secure version/configuration/data.
Some SMEs appreciate the power of cloud and virtualization technologies and they are using these innovations to improve internal business practices or actually build the business around the new datacenter. And with these technological advancements, security needs to be in lockstep – innovative platforms need innovative protection.
There will be more about this in the next post in what is promising to become a series. Stay tuned and if you’re interested in learning more about how SMEs could react to new evolutions.
In the meantime, I invite you to read this: