Continued Kubernetes adoption, unified authorization, DevSecOps redefined, open source dominance and more key changes for the enterprise
Amid a year of unprecedented global change, it may seem incautious at best to make confident predictions about the future of cloud-native business. However, there are strong indications of the trends that 2021 will hold — precisely because they are predicated on significant enterprise change.
The pandemic has disrupted and re-defined what “business-as-usual” means; today, business-as-usual — or the table stakes for success — means an ability to adapt rapidly to changing market conditions and drive new value by shipping digital services faster than ever before. This has led, naturally, to the pervasive and increasing adoption of containerized applications and platforms like Kubernetes, which together allow for lightning-fast development at unprecedented efficiency and scale. These trends have come in tandem with others, like advancements in cloud-native ecosystem technologies and the widespread adoption of open-source tools, that are seeing enterprises shift wholesale to cloud-native strategies of app development, particularly for new applications, of which 95 percent are cloud-native. Moreover, with the power and flexibility of platforms like Kubernetes, enterprises are also facing the challenge of securing them — along with an ecosystem of open-source and commercial tools.
These trends portend broad-scale changes in the enterprise in 2021 — changes that are not limited to technology, but every facet of enterprise business, from company culture, to sales, to talent organization, to the rest of the organization. With these enterprise shifts, inevitably, will come the need for unified authorization across every layer of the cloud-native stack.
Here are our top five 2021 enterprise predictions:
- Kubernetes in production will continue to skyrocket, creating new challenges for security and compliance: A full 91 percent of enterprises were using Kubernetes in 2020, and 83 percent were using it in production, according to the 2020 CNCF survey. By the end of 2021, those same enterprises will move even more cloud-native apps into production, meaning exponentially more Kubernetes clusters. With the power, dynamism and flexibility of these cloud-native environments, organizations will also face new authorization challenges related to security, compliance and operations. As a result, enterprises in 2021 will be looking to standardize security policy wherever possible, to meet ever-more-stringent compliance regulations in a new and increasingly complex environment.
- We will see significant open source consolidation: Community-driven open source projects have led to faster innovation cycles leading to better performance, security and features — and enterprises are increasingly leveraging open-source tools in production environments. Indeed, 95 percent of IT leaders say open source is strategically important and 77 percent plan to ramp up their use of open source over the next 12 months, per Red Hat’s 2020 State of Enterprise Open Source Report. However, the sprawl of available cloud-native projects, tools and technologies are too much for DevOps teams to be expected to master. We will see unification of management, standardization of programming languages, and consolidation of projects themselves, all in order to ease the ongoing maintenance of cloud platforms and applications.
- Service mesh will become critical as enterprises scale microservices: According to the same 2020 CNCF survey, 27 percent of companies are using service mesh in production — a 50 percent increase from 2019 — and 23 percent are currently evaluating service mesh technology. Those numbers will rise substantially, as popular service mesh offerings such as Istio and Envoy are now considered core building blocks for cloud-native applications. Indeed, as microservices proliferate, service mesh-like solutions become critical for efficient management and comprehensive security. In 2021, enterprises will look to do more with service mesh offerings, leading to new integrations and partnerships beyond pure container management capabilities. We may also begin to see consolidation within the service mesh ecosystem, as enterprises will need unified ways of managing fleets of not only containers, but also tools.
- Security and DevSecOps will see expanded responsibilities as new attack vectors arise: With the proliferation of new cloud-native application architectures moving into production, attackers will start finding new ways to compromise app data. This will result in security taking a front-and-center role in cloud-native operations in the 2021 enterprise. Increasingly, security policy will be integrated across the entire application development lifecycle, which means that security and DevSecOps will be directly involved in the development process. Indeed, in 2021, security will increasingly shift left, to limit risk and stop mistakes as early as possible. Security practices and regulations will move from PDFs, processes and guidelines, to software and policy-as-code — building security directly into software-defined platforms and CI/CD pipelines. Given that two of the top three container challenges in 2020 were complexity and security, the role of DevSecOps is only going to grow, as security redefines its fundamental relationship to development.
- There will be a complete transformation of the IT core: In a similar vein, software-defined infrastructure will move further beyond the development team. In 2021, traditional IT organizations will continue to wrap their arms around cloud-native computing. In this shift, all roles related to the traditional IT core will change, including security and platform architects, as well as general infrastructure and operations, as the enterprise redefines its approach to software. Indeed, as consumer/end-user privacy regulations grow more prevalent, the voice of the platform architect will have to grow louder in the organization. Architects will have a much stronger, if not direct influence, on the application building process and environment, and will push for common approaches and decouple policy architecture to ease compliance and increase privacy controls. These shifts will impact hiring practices, as enterprises come to favor IT employees who have experience with open source tools, software-defined infrastructure, and the policy-as-code that make these DevOps-centric changes possible.
Styra DAS is the fastest and easiest way to operationalize Open Policy Agent across Kubernetes, microservices or custom APIs. Start Styra DAS Free today or request a demo to learn more.