For those of us in the tech sector, jet travel is part of the deal. It can be time consuming and mind numbing. Everybody seems to have a few tricks up their sleeves to make their own trips more manageable. Some share tips with their friends. CTP’s own Robert Christiansen, a Doppler podcast co-host, goes a step farther: He’s interviewed dozens of travelers and packed years’ worth of insights into a book he’s calling “The Zen of High-Performance Travel.”
Our panelists chat about some of Robert’s travel do’s and don’ts, as well as our own. Like this one: Do you know which cluster of seats is the most likely to have an empty seat next to them? Answer: The aisle and window seats in the exit row in the middle of the plane. (The row’s middle seat doesn’t recline, and who wants to sit there?)
We talk about things like storing an extra flight bag in your vehicle, keeping your cool during delays, getting dropped off at “Arrivals” when you’re leaving during busy times, and always making sure to pack those food supplements. Things to consider when you’re spending time in the puffy kind of clouds.
DevOps has come a long way in the past decade. In a report released more than a year ago, Forrester declared that the practice had reached “escape velocity,” with more than half of all enterprises implementing and expanding DevOps processes.
But, according to some in the field, gaps still exist between the dev and the ops sides of most organizations. We talk with Brad about why the two sides remain at odds and how companies are struggling to create a delivery infrastructure that balances agility and control.
We discuss how people – not tools – remain the biggest obstacles to companies’ drives to achieve DevOps “nirvana.” We also cover a wide range of other topics – including IT teams’ propensity to force tools to perform tasks they’re not cut out for and young professionals from outside of computer science spending more time learning to code.
Over the past 10 years, the power structure has shifted inside IT organizations. Maintaining the infrastructure used to be the top priority, so infrastructure teams tended to control more resources and command more respect than their counterparts overseeing applications. Today, that equation has flipped. Businesses need to move faster, so they’ve elevated application teams to star status.
We discuss the implications of this power shift. Instead of reacting, app teams now are dictating the requirements of organizational initiatives – choosing resources, deciding which platforms they want to use. This has forced organizations to approach security differently and get used to technologies like containers.
We also talk about mistakes organizations make when it comes to cloud security – including relying too much on the cloud vendor and forcing an on-premise security tool do the same thing in the cloud.
Finally, we explore some guiding principles organizations use to help development and security teams work better together – to show how security isn’t the enemy of progress.
Software developers are a prideful group. They like to create things, figure out their own short cuts and come up with new ways to innovate on the fly. But sometimes, developers’ inner creativity can be the biggest thing holding them back. There are still times when relying on tried and tested tools can help get a project done more quickly and more efficiently.
We discuss how developers can optimize their own work by identifying a few key value-adds and admitting that, for many other tasks like observability and log-ins, outside vendors have better tools to get the job done. Shawn sums it up by saying we need to admit that “we’re entering the golden age of the SaaS product.”
We also talk about microservices – how The New York Times has committed to the practice in a big way, and how many in the organization are confused about how they work.
Finally, we explore the challenges of having to comply with a long list of regulations in a multi-cloud environment and Shawn’s observation that, after the introduction of containers, we’re “still waiting for the next game changer.”
Microservices have become a popular software development technique in recent years. Breaking down applications into distinct sets of loosely coupled smaller services helps organizations port workloads from cloud to cloud and get better utilization out of the resources they’re paying for. But there are challenges associated with the practice, starting with security. Microservices can make security much more costly – if you’re not careful.
We discuss why microservices put such a heavy load on verifications of credentials and make it harder to manage access to specific services. We go through some solutions companies can pursue to mitigate the impact of having to verify identities for so many tiny jobs. One way is to shift to security tokens that have fixed or limited lifetimes.
We also talk about tasks organizations continue to struggle with as they ramp up their cloud projects. Some aren’t going “cloud native” enough, sticking with on-premises resources rather than leveraging the cloud services that are available. Others are taking too long to embrace automation.
Finally, our panel shares some thoughts about tech trends people might talk about in the coming year – everything from more strategic use of AI and ML to GDPR enforcements that push enterprises to pay closer attention to privacy rules.
We’ve been through several major technology paradigm shifts – from mainframe to client server to internet to, now, cloud. Cloud has given people the opportunity to refactor applications, which means different things to different people: From a minor change, akin to a chef adjusting ingredients in a seasoning, to a major shift like heart surgery. Refactoring provides the opportunity to think about how to get the most effective operations out of that application in the cloud, whether in terms of cost, disaster recovery, legal, security, or user experience.
We also discuss how with Outpost, Azure Stack and Google Cloud’s new announcement of Anthos, there is a shift from public cloud vendors no longer focusing on moving everything to the public cloud, but rather on figuring out how organizations can most effectively run their business. We explain the three major reasons why organizations might not want to leverage public cloud: Jurisdiction of apps living within certain boundaries; increasing disconnected use models and difficulty with connectivity to public clouds; and, finally, application debt combined with data gravity and latency requirements.
Finally, we offer advice on how to build the best cloud talent, including picking a few areas to maintain expertise in, staying on top of the latest industry developments, and always staying curious.
It’s a brave new world when it comes to data privacy and security, as companies work to comply with regulations such as the California Consumer Privacy Act and GDPR. No matter the size of the company or where they fall on the compliance spectrum, technology and culture change are both critical drivers of success.
We discuss how to overcome “anti-patterns”: the often-repeated mistakes that stand in the way of cloud migration. For example, rather than an app-centric approach, data-centric security is key to being able to leverage the benefits of the cloud. This provides your data scientists with unprecedented access to your data, and ensures consistent security and privacy policies across all data no matter where it lives with a central understanding of policy enforcement.
Finally, we discuss the changing landscape of privacy regulations. We offer helpful resources and tips for those who are just starting out with learning about privacy and compliance.
Securing applications in a hybrid world can be a challenge. Companies that try to control threat vectors across cloud platforms and infrastructure environments with the same set of tools often run into trouble.
We discuss how containers and serverless platforms are starting to solve some of these security challenges – how their shared responsibility models work and how they interact with technologies like artificial intelligence and machine learning.
We touch on the prospects for – and challenges facing – Oracle, IBM and Alibaba cloud platforms. We also talk about issues companies face rewriting entrenched legacy applications, migrating large applications and applying the right skillsets to projects requiring intelligent orchestration.
How do you get the most out of your cloud investment? We discuss how Densify uses machine learning analytics to help customers optimize utilization and cloud billing.
One direct path to optimization is to “practice basic hygiene.” Andrew discusses how developers’ concerns about resource constrictions leads them to over-order and purchase mismatched solutions. Understanding usage patterns, linkages between services and organizations’ evolving needs can help developers buy more strategically and keep bills under control.
We also talked with Andrew about his journey to cloud consulting, lessons he learns from customers and his tips for working with the two principal wardrobe personas in tech – the “suits” and the “skinny jeans.”
What does “cloud native” really mean? Ask different organizations, or even different business units, and you’ll get hugely disparate answers. The fact is, there is no one answer and there’s no manual for cloud computing, which can make it difficult for seasoned executive to grasp the new technology ecosystem that has evolved in recent years.
We discuss how edge computing is evolving as organizations become more decentralized, and talk about best practices for how organizations can remain effective – for example, by adding redundancy, sharing knowledge with peers, and remembering security principles even when working quickly. We explain that the concept of Zero Trust is critical to managing threats.
Finally, we offer tips for how to stay current in this evolving landscape, by staying up to speed on the industry, seeking insights from industry peers and customers, and paying it forward to others.
This week we’re switching things up and digging into a topic we know even better than cloud: What it’s like working at CTP.
While there is no shortage in the number of organizations that need help migrating, modernizing and building applications in the cloud, there is a shortage in the amount of talent filling those roles. Attain a new AWS, Azure or GCP certification, and a handful of recruiters will rush to get you on the phone. The job market has never been as bountiful as it is now, and for the skills you have! So, how do you decide where to take your career next?
We think CTP is that landing zone.
In this episode, we get honest and talk about the reality of working at CTP, including:
Zero Trust Networks, a concept which assumes the perimeter defenses guarding your network aren’t as secure as you might think, has been around since Forrester coined the phrase almost a decade ago. We discuss how Google, an early adopter of the Zero Trust Network concept, is able to secure 1.5 billion Gmail accounts globally and manage hundreds of thousands of applications, while enforcing perimeter-based trust.
We also look at app specific networking (ASN) and the associated security requirements as more people, databases and “things” require access to applications. This massive growth of devices and applications requires a software model that allows for a more dynamic network.
Finally, we discuss the hybrid cloud models that have emerged over the past two years from the hyperscalers and what this means for edge computing, tightly connected systems and software defined networks.
As consultants, we work with organizations facing conflicts or blockers slowing down their cloud programs. Often times, these conflicts are the results of siloed groups not communicating at the right time, or place. We discuss the importance of breaking down these silos to gather organizational requirements early, and often. When we think about “shifting-left” in a security context, this means embedding the requirements into the design process of the deployment pipeline, rather than at later stages.
We also look at how to educate organizations on the value that evolving technologies bring to the business, especially when it can be so easy to get stuck in a “this is how we’ve always done it ” mindset.
Finally, we discuss how Sean stays current in the rapidly changing cloud industry, including: looking at the macro trends that will eventually influence technology, learning from the friction and challenges existing in client organizations, and tuning into cloud podcasts during his commute.
Over the past few years, most organizations are asking not whether they will move to the cloud, but when and what they will move to the cloud. Over the past 13 years, cloud computing was just one of the trends Box placed their bets on. The content management organization also invested heavily in on-the-go mobile access for their customers, and, more recently, artificial intelligence and machine learning to fundamentally change they way consumers interact on, and with, their platform.
We also discuss the increasing levels of regulation around data privacy and how the majority of the world’s organization will be, or has already been, impacted by GDPR regulations.
Finally, we look at the rise of intelligent metadata and how automation can play an integral part in bringing hundreds of new use cases to fruition.
Operating in the cloud is different. Your old tools won’t work here. We discuss the leading indicators of cloudwashing you should be looking for when selecting tools for the cloud.
We also discuss “dark data” and how organizations can overcome platform scalability challenges. Ben shares how Sumo Logic is helping their own customers ingest data in real time, react quickly and make more informed decisions.
Finally, we discuss application portability, the effects of data gravity and how this affects the way we should be utilizing container-based technologies, such as Kubernetes.
From what organizations should do with their existing data center estates after they complete their cloud transformation, to the facepalm mistakes enterprises make when it comes to owning and operating their own IT infrastructure, we discuss data center best practices on the podcast this week.
Cloud initiatives clearly do not come in “one size fits all” packages. They vary widely in focus and complexity, from basic migration projects to extreme cases involving the strictest security and performance requirements of a global financial services giant.
Dana Gardner sat down with Mastercard’s Paolo Pelizzoli and CTP’s Robert Christiansen to learn about their hybrid cloud adoption.