Welcome!

Microservices Expo Authors: Derek Weeks, Cloud Best Practices Network, Elizabeth White, Liz McMillan, Pat Romanski

Related Topics: Microservices Expo, Mobile IoT, Containers Expo Blog, @CloudExpo

Microservices Expo: Blog Feed Post

Why MDM May Save IT from Consumerization

Mobile convergence may drive demand for #VDI and other less invasive technologies

When you’re traveling you carry devices. I’ve got my smart phone, of course, to keep connected via e-mail and text and, if need be, voice. But I also carry my tablet and the old stand-by, my laptop. Because writing a blog post on my tablet or smart phone just isn’t my thing. While status updates and tweets are easy enough to compose on such constrained-size keyboards, I (and many others) need a full keyboard to really crank out the copy.

But when I’m wandering around a conference it’d be nice to be able to focus on just one, which is where convergence comes in. My phone is a corporate resource, completely managed by our more than able IT department but the tablet? That’s mine (well, and the Little Man who’s in charge of our household at the moment).

delete tablet

So while traveling out to Cloud Connect I tried to set up access to my corporate e-mail account on my tablet. It’s a Samsung Galaxy Tab 10.1 and it’s an Android device. It supports standard e-mail access via POP3 and IMAP – I already have my Gmail and personal accounts connected – but it also, apparently, supports Microsoft Exchange ActiveSync which supports hundreds of devices. It’s through ActiveSync that our growing iPhone using population accesses e-mail when they’re on the road. So I thought I’d give it a try.

It worked like a charm, until I got to the warning part.

HYPER-STRICT SECURITY

SC20120212-142429

That was the part that gave over complete – and I do mean complete – control to the fine IT folks at headquarters.

The list of actions required to be allowed would not be surprising (and indeed are not) when applied to a corporate managed resources, like my Blackberry. But when I read through what I had to allow administrators to potentially perform on my device, I had second thoughts.

It all makes perfect sense. If I’m going to have corporate e-mail messages, which in addition to their sensitive nature often times include attachments that have even more confidential data – product roadmaps, marketing strategies, detailed internal discussions on functionality and features – then it would be necessary to follow best practices like locking the screen with a password and requiring stored data to be encrypted.

I stopped right there. Not because I didn’t think it was good practice and a requirement, but because my four year old routinely uses my device. He’s quite adept at getting around on an Android device (I’ve finally managed to teach him to ask before installing or buying new games) and while he occasionally deletes items – permanently and purposefully – generally he’s a good steward of the technology while he’s using it.

But can he learn to enter a password that may be required (and forced on the device) by IT administrators? And even if he could, is that even acceptable? The rule is never share your password, and perhaps in today’s increasingly consumerized IT that should be amended to “especially not with your four year old.”

And what if I allowed the administrator to do these things – require a password with a complex rule – and then the young man tried to access it without my presence? Sure, he always asks before he uses it today, but tomorrow? This is a child, we’re talking about. What if he grabs it and tries to unlock it – and fails? Would IT automatically delete everything on the device, as I’ve granted them permission to do?

And would IT be willing to talk him down from the hysteria when he realizes every one of his games has been deleted remotely?

I’m guessing not.

AT an IMPASSE

And so I hit “cancel”, because ultimately I wasn’t willing give over that much control and suffer the potential “damage” just for the convenience of converged e-mail. Then I considered what that meant. I am perfectly fine with the same control over my corporate owned and issued resources – my laptop, my Blackberry – but not my own, personal mobile device.

The hyper-security policy scared me away from using a personal, consumer grade device because they wanted to turn it into an enterprise-grade device.

I spent much of the rest of the flight wondering if VDI was the solution to this problem. It effectively sandboxes corporate resources within an enterprise-grade container and they can do whatever they want to it without any impact on my device. But not all VDI solutions are equal – and most assume connectedness, which is not entirely compatible with the on-again off-again nature of roaming, mobile devices when on the road. yooninja

Certainly a less invasive MDM policy would also suffice (I’m sure administrators can pick and choose which actions they want to be allowed) but that would defeat the purpose of managing the device in the first place. If they can’t secure the corporate data that might be on my device, in a way that’s compliant with corporate (and potentially industry and government) policies, then there’s no point in offering the option.

We’re at an impasse, it seems.

And maybe that’s not necessarily a bad thing. If overly strict security policies are required in order to access something as simple as e-mail and users are scared away by the potential wiping of their device, maybe that’s a good thing. Corporate resources are kept secure and one less headache (managing yet another device) is averted until we can come up with a solution that balances the need for security with the need for me to ensure games like Yoo Ninja and Tank Hero don’t inadvertently end up in the trash bin.

Ultimately there will be a solution that does just that – a combination of a secure storage vault on the device, managed exclusively by IT, in which e-mail – and other resources retrieved via secure remote access solutions – can be encrypted and managed as per their specific security needs. And that area can be protected by specific passwords and strength policies and wiped at a moment’s notice – without disturbing the all important Reading Monster or Captain America.

But that technology doesn’t yet exist, though the need certainly does. Trusting that the old adage1 continues to be right – that necessity is indeed the mother of invention – I’ve no doubt someone will come up with that technology in the near future.

1 The source of this idiom is apparently hotly contested – Plato, Whistler, and Victor Hugo are all cited as being the source.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

@MicroservicesExpo Stories
When building DevOps or continuous delivery practices you can learn a great deal from others. What choices did they make, what practices did they put in place, and how did they connect the dots? At Sonatype, we pulled together a set of 21 reference architectures for folks building continuous delivery and DevOps practices using Docker. Why? After 3,000 DevOps professionals attended our webinar on "Continuous Integration using Docker" discussing just one reference architecture example, we recogn...
An overall theme of Cloud computing and the specific practices within it is fundamentally one of automation. The core value of technology is to continually automate low level procedures to free up people to work on more value add activities, ultimately leading to the utopian goal of full Autonomic Computing. For example a great way to define your plan for DevOps tool chain adoption is through this lens. In this TechTarget article they outline a simple maturity model for planning this.
The proper isolation of resources is essential for multi-tenant environments. The traditional approach to isolate resources is, however, rather heavyweight. In his session at 18th Cloud Expo, Igor Drobiazko, co-founder of elastic.io, drew upon his own experience with operating a Docker container-based infrastructure on a large scale and present a lightweight solution for resource isolation using microservices. He also discussed the implementation of microservices in data and application integrat...
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at Logz.io, will explore the value of Kibana 4 for log analysis and will give a real live, hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He will examine three use cases: IT operations, business intelligence, and security and compliance. This is a hands-on session that will require participants to bring their own laptops, and we will provide the rest.
Here’s a novel, but controversial statement, “it’s time for the CEO, COO, CIO to start to take joint responsibility for application platform decisions.” For too many years now technical meritocracy has led the decision-making for the business with regard to platform selection. This includes, but is not limited to, servers, operating systems, virtualization, cloud and application platforms. In many of these cases the decision has not worked in favor of the business with regard to agility and cost...
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
As the race for the presidency heats up, IT leaders would do well to recall the famous catchphrase from Bill Clinton’s successful 1992 campaign against George H. W. Bush: “It’s the economy, stupid.” That catchphrase is important, because IT economics are important. Especially when it comes to cloud. Application performance management (APM) for the cloud may turn out to be as much about those economics as it is about customer experience.
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
Internet of @ThingsExpo, taking place June 6-8, 2017 at the Javits Center in New York City, New York, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo New York Call for Papers is now open.
SYS-CON Events announced today that Dataloop.IO, an innovator in cloud IT-monitoring whose products help organizations save time and money, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Dataloop.IO is an emerging software company on the cutting edge of major IT-infrastructure trends including cloud computing and microservices. The company, founded in the UK but now based in San Fran...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Thanks to Docker, it becomes very easy to leverage containers to build, ship, and run any Linux application on any kind of infrastructure. Docker is particularly helpful for microservice architectures because their successful implementation relies on a fast, efficient deployment mechanism – which is precisely one of the features of Docker. Microservice architectures are therefore becoming more popular, and are increasingly seen as an interesting option even for smaller projects, instead of being...
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed ...
2016 has been an amazing year for Docker and the container industry. We had 3 major releases of Docker engine this year , and tremendous increase in usage. The community has been following along and contributing amazing Docker resources to help you learn and get hands-on experience. Here’s some of the top read and viewed content for the year. Of course releases are always really popular, particularly when they fit requests we had from the community.
You often hear the two titles of "DevOps" and "Immutable Infrastructure" used independently. In his session at DevOps Summit, John Willis, Technical Evangelist for Docker, covered the union between the two topics and why this is important. He provided an overview of Immutable Infrastructure then showed how an Immutable Continuous Delivery pipeline can be applied as a best practice for "DevOps." He ended the session with some interesting case study examples.
Buzzword alert: Microservices and IoT at a DevOps conference? What could possibly go wrong? In this Power Panel at DevOps Summit, moderated by Jason Bloomberg, the leading expert on architecting agility for the enterprise and president of Intellyx, panelists peeled away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud enviro...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.