Microservices have become a popular software development technique in recent years. Breaking down applications into distinct sets of loosely coupled smaller services helps organizations port workloads from cloud to cloud and get better utilization out of the resources they’re paying for. But there are challenges associated with the practice, starting with security. Microservices can make security much more costly – if you’re not careful.
We discuss why microservices put such a heavy load on verifications of credentials and make it harder to manage access to specific services. We go through some solutions companies can pursue to mitigate the impact of having to verify identities for so many tiny jobs. One way is to shift to security tokens that have fixed or limited lifetimes.
We also talk about tasks organizations continue to struggle with as they ramp up their cloud projects. Some aren’t going “cloud native” enough, sticking with on-premises resources rather than leveraging the cloud services that are available. Others are taking too long to embrace automation.
Finally, our panel shares some thoughts about tech trends people might talk about in the coming year – everything from more strategic use of AI and ML to GDPR enforcements that push enterprises to pay closer attention to privacy rules.
We’ve been through several major technology paradigm shifts – from mainframe to client server to internet to, now, cloud. Cloud has given people the opportunity to refactor applications, which means different things to different people: From a minor change, akin to a chef adjusting ingredients in a seasoning, to a major shift like heart surgery. Refactoring provides the opportunity to think about how to get the most effective operations out of that application in the cloud, whether in terms of cost, disaster recovery, legal, security, or user experience.
We also discuss how with Outpost, Azure Stack and Google Cloud’s new announcement of Anthos, there is a shift from public cloud vendors no longer focusing on moving everything to the public cloud, but rather on figuring out how organizations can most effectively run their business. We explain the three major reasons why organizations might not want to leverage public cloud: Jurisdiction of apps living within certain boundaries; increasing disconnected use models and difficulty with connectivity to public clouds; and, finally, application debt combined with data gravity and latency requirements.
Finally, we offer advice on how to build the best cloud talent, including picking a few areas to maintain expertise in, staying on top of the latest industry developments, and always staying curious.