The world’s citizens are learning, shopping, working, entertaining and/or connecting almost exclusively online.
For governments, businesses and non-profits everywhere—big and small—this means:
- Network traffic mounting.
- Compute resources humming.
- The cloud scaling.
- Cyberattacks rising.
- And apps at the core of customer experience—and business revenue.
In other words: Your IT team is front and center. And your future-gazing roadmap is now an urgent reality.
To help us explore today’s major IT trends, I sat down with Michael Kollar, SVP, chief digital officer and global head of cloud engineering for Atos.
I read on Atos’ blog that hybrid cloud and app modernization are the new normal. What does that mean for businesses?
Kollar: It became the new normal because time-to-value, innovation and R&D funds are scarce. There became a view within IT of: “How do I stop trying to get all these dollars myself?” Instead, we should innovate with partner ecosystems and unleash their power internally. That led internal IT departments and service providers to figure out how to partner more effectively. That means cloud, hybrid cloud, multi-cloud. And even the use of containers changes the way we think about application packaging, distribution, development and support.
Containers are great because it’s become the new norm. It’s a way to package up legacy applications, and there’s a variety of different approaches on how to use containers. Containers have eclipsed most of the legacy ways that we wanted to build, package, deploy and support code. It’s a common building block to utilize and consume services.
Is there a gap between what could be and what is feasible for businesses?
Kollar: We have a short and long-term strategy that aligns our business and technology roadmap. It drives how we make decisions and what we do based on two thought processes.
First, it should be use-case driven. What are we trying to solve, and how do we want to solve it? Then, we look at the appropriate way to do that.
The other is this concept that I call the impact horizon. When do I want that change to happen? Then, we plan for it and drive the change.
If you look at it that way, you’re able to consume and deploy changes and drive value inside of an enterprise service provider—or wherever you may be in the ecosystem of consuming these products and services.
That’s a shift, as well, right?
Kollar: That’s how we look at it. Based on the application use case, we have to put the right workload on the right endpoint with the right set of services. That also allows us to manage costs more effectively.
In the past, when we built these giant landscapes for SAP or custom applications, we built with the peak in mind versus common utilization. Now, with applications driving this type of behavior, we build for the common need, and we’re able to load balance those services more cost-effectively. We’re no longer building for that peak need.
That’s especially important in the current climate, with people working from home globally and consuming services in a new way, correct?
Kollar: We’ve had a 180-degree shift in the way people are accessing the infrastructure. They’ve moved out of corporate facilities and into their homes. The VPNs, the traffic, how they get to applications and the routes the applications took internally all had to change dynamically.
In the past, we would have hundreds of people going in, changing firewall rules and setting up VPNs. Today—and this is a great benefit of what we get with VMware and some of the tooling that we’ve deployed—we’re able to change the deployment model.
The rules that we put in place are automatically changed to support the way we want to run that business. We can support and change the workload from being on a set of load balancers or web servers in a data center and push them into a different one to support the VPN traffic that wasn’t there before.
Do any of your customers’ app modernization journeys stand out as particularly transformative?
Kollar: About four years ago, we started with one of the biggest health device manufacturers in the world. There have been two main threads to their application modernization and transformation. The first was around infrastructure.
We were able to reduce their data centers, on-prem footprint and roughly 40-50 percent of their global infrastructure. From a data perspective, we were also able to eliminate roughly 65 percent of the redundant datasets in their environment as we worked through their transformation.
Another key area is that we moved them from a traditional (or on-prem) model to a full hybrid model. The hybrid model allowed us to take them from 100 percent on-prem, disparate platforms to a modern private cloud based on a joint Atos and VMware offering that we call our digital private cloud (DPC).
That was phase one, and it made a huge impact on the customer. We’ve just started phase two and are in the process of migrating close to 3,000 applications. When they’re done, they’ll have a fully interconnected end-to-end consumer experience and data platform that allows them to deliver modern, predictive healthcare.
And finally, let’s talk about security. How do all these app modernization and cloud trends impact how businesses approach enterprise security?
Kollar: In the past, security was always treated as a bolt-on or something we did afterward. For example, if we hardened the infrastructure, we hardened the app. We had a set of standards that we followed. And as long as we checked off the list, we were good.
Now, we’ve moved toward a model where security is fully baked in, from the way that we build the applications and infrastructure to how we support it. There’s no longer the concept of a user ID. We have roles. Those roles as defined by the CISO, allow certain individuals abilities within the infrastructure and application.
The traditional approach of thinking about security was similar to building a moat. We kept everybody out. Now, we let people in and give them access to the services they need based on the role and what they’re trying to do. It forces us to think about security from the inside-out versus the outside-in and how we work through that paradigm.
The implementation of a security operations center (SOC) looks at the events that are happening in an enterprise, and then starts to correlate them and take action. It’s been a big change in the way that we look at it because it’s a holistic view versus a silo application or a piece-of-hardware view.
This forces people to think about the context of how an application will interact with an end-user, an API or another device to determine what the protocol is or how to authenticate a person, device or service in the architecture. With this move toward microservices, it’s no longer about securing a piece of hardware or a router. It’s securing a service or an API.
This interview was edited for conciseness and clarity.