Insight by Red Hat

Top predictions for 2018 point towards security and innovation

This content is provided by Red Hat.

When thinking about future trends, it’s important to have a strong understanding of the important innovations impacting most sectors, and pair that understanding with an intuition around what impacts those innovations will have to most organizations in 2018.

Innovation is crucial to federal agencies, but is muted when security becomes a factor. When it comes to impactful trends in the new year, it’s all about three things: security, security, security. Despite the fact that a Ponemon Institute study recently showed that the global average cost of a data breach is down 10 percent over previous years to $3.62 million, according CSO, the average size of a data breach increased nearly two percent. This stat signifies that security will continue to be a top concern for 2018, just as it was in 2017, and will be in 2019.

At Red Hat, we see open source as the best source for collaboration and security. Rather than relying on one company or one agency, or a single development team to instill security within a solution, open source expands the identification, fixing and testing of security vulnerabilities to a larger network of users. Red Hat believes that this open technology helps the public sector and private sector work better together, and in a manner that improves collaboration in a secure environment. Red Hat takes a proactive role with regards to security to ensure that fixes to vulnerabilities are not only effective but also do not inadvertently and negatively impact the workloads that run on top. With open source, the code is out in the public. So, unlike proprietary software, Red Hat has a vested interest to fix a vulnerability, or exploit, as fast as possible.

Red Hat also sees compliance as taking a more prominent role in the government in 2018, specifically as it relates to the tension compliance has with security. Agencies need to be compliant with security mandates, but sometimes compliance is perceived as a time-consuming “check-the-box exercise” as opposed to an important part of a sound, security policy.

Compliance is, or at least should be, the codification of common-sense, security best practices used by IT professionals, who may not be full-time security experts. If the best practices in question are no longer valid, agencies and industry should work together to improve them. This not only entails the need for security professionals to work together, but also includes representatives from developers to operations, which often provide real-world input from their vantage points.

The OpenControl project accelerates the speed of compliance by standardizing the documentation of security controls. OpenControl is a product that automates compliance by taking an open source approach, and stems from contributions with organizations across government and industry, including Red Hat and 18F at the General Services Administration (GSA). Instead of every team working on compliance paperwork redundantly and independently, OpenControl lets them work together using an open catalog of controls, which helps accelerate the Authority To Operate (ATO) process.

 

The Year of Open Source Innovations

With the backdrop of security and compliance, Red Hat sees the proliferation of two main innovations in 2018 that share open source roots.

Containers made a splash in 2017 and promise to gain more ground in 2018. Containers represent the next evolution of Virtual Machines (VM) by compartmentalizing the application, dependencies, program libraries and configuration files into a portable medium that does not requires the containers to include a complete operating system. This approach shrinks application sizes, with most containers building out at only a few megabytes in size. This is in comparison with virtual machines that often balloon to gigabytes in size.

In 2018 containerization orchestration by open source projects like Kubernetes may advance the use of containerization within agencies throughout the federal government. Kubernetes facilitates the use of containers in large enterprises and empowers IT organizations with automating, deploying, scaling and managing  containerized applications. Red Hat® OpenShift Container Platform leverages Kubernetes as a core capability. Red Hat actively engaged the Kubernetes community from the beginning to make sure that Kubernetes is enterprise-ready for production and use. OpenShift even goes further than the Kubernetes project by providing additional container features.
Red Hat OpenShift provides agencies with  the ability to easily and quickly build, develop and deploy in nearly any public or private infrastructure. Whether it’s on-premise, in a public cloud, or hosted, OpenShift enables  agencies to lay the foundation for the effective use of containers within their IT organizations. Previously, Red Hat has leveraged OpenControl content for OpenShift on Azure to provide ATO acceleration.

Blockchain will be another technology to make a splash in 2018. Made popular by the cryptocurrency world, and then in the financial services community, blockchain shows the promise of delivering solutions to federal, state, and local governments. Red Hat is excited to play a role in this community by being an active contributor to the Hyperledger, and other blockchain projects.
Red Hat wants to make sure that blockchain technologies not only perform optimally, scale, and containerize on Linux, but also run on a secure foundation like OpenShift Container Platform, which is built on the FIPS and Common Criteria-certified foundation of Red Hat Enterprise Linux. These certifications are essential for mission-critical workloads in regulated and government environments.

 

Final Thoughts on 2018

We’ve touched upon security and compliance, as well as two of the most promising innovations we will see in 2018. This next prediction for 2018 is more about process and collaboration than anything else. Agile and DevOps have strongly impacted the federal government in 2017. As they continue to permeate the federal landscape, Red Hat predicts more agencies to fire-on-all-cylinders with these methodologies, while a few get started.

Those agencies that do go “all-in” on Agile and DevOps will be faced with the need to scale these solutions to other parts of their environments, and the Red Hat Open Innovation Labs help accelerate this agency adoption into Agile and DevOps- the open source way. Red Hat believes that instead of modernizing all apps, agencies should place workloads into buckets under three categories: Lift and Shift, Augment with New Layers, Rewrite.

By taking this approach, agencies can modernize a portfolio of applications in a way that yields value quicker and at lower cost. This approach also makes it easier and less expensive to stay current as products and technologies continue to evolve.

Vendors that always push towards complete rewrites should raise a red flag. It’s often an indication that this is the only capability those vendors have. Red Hat believes in a partnership, instead, that provides agencies all three capabilities, and that can help you from lighting-up the hardware to running the target applications.

 

Lastly, but certainly not least, we believe that multi-cloud will become the new hybrid-cloud in 2018. Several years ago, agencies dipped their toes in the public cloud and quickly started seeing results. Over the last several years, agencies have realized that there is no single, public cloud but rather a large number of cloud providers that provide great service, and with FedRAMP authorizations, make it easier for agencies to adopt.

As such, cloud adoption strategies have gone from picking a single cloud provider to ensuring that workloads can run on multiple cloud providers. This acceleration towards using multiple clouds not only improves vendor choice and bargaining power, but it also improves security by making the attack surface amorphous and resilient.

Successfully foretelling the future of technology may be part science and part art. But by partnering with a company like Red Hat, agencies in the new year can benefit from a strong understanding of the important innovations impacting most sectors, and an intuition around what trends will impact those and other technologies.