Though they recognize a broader pullback in enterprise IT rollouts and are wary of any upcoming recession, this director has yet to throttle back IT spend. They see IT as a competitive advantage. “We're doing some very unique things in terms of providing IT services to other companies in our industry, so our executive team certainly sees it as a strategic differentiator and not a cost to be minimized.” They also see this year’s industry pullback as relative to heavy investments already made during the pandemic to enable remote work and modernize tools. This organization is not reducing staff or delaying projects; rather, they are focusing on optimizing licensing and reducing hardware spend, recycling savings to maintain staffing levels and project plans.
The traditional perimeter is gone; zero trust network access and EDR will be key going forward. “Like a lot of companies, we suddenly had to enable thousands of remote workers almost overnight, and it really led us to think about what to do with our legacy VPN solution.” Our guest is surprised that other organizations are not as far along with SSO. “This is nothing new. Serious data breaches were happening in the decade running up to the pandemic.” Vulnerability and patch management remain a high priority for many companies, particularly those dealing with legacy systems acquired through mergers or acquisitions; for this organization, this may include not just laptops and desktops, but also controllers on manufacturing equipment and other complex hardware.
Cloudflare v. Zscaler. On security, and specifically ZTNA, our guest calls out Cloudflare but is also evaluating the raft of startups founded during the pandemic. “I think that shift to remote work around the world has led to an absolute explosion in new market entrants.” This guest is impressed by Cloudflare's ability to leverage their existing global infrastructure to create a novel ZTNA service, unlike more mature competitors like Palo Alto, Cisco, and others who he feels are cobbling together their pre-existing components. He also adds that although Zscaler has a first-mover advantage and a strong product offering, the marketplace is becoming more competitive. “I think [Zscaler’s] price reflects that they've had this really strong market position, and I think they're in for some serious competition now." As seen below, ETR data indicates stable spending intentions for Zscaler versus a slightly declining trend emerging in spending intentions for Cloudflare, suggesting that competitors like Cloudflare may be catching up.
Additional Vendor Commentary
F5 Networks. This director of IT sees F5 as a legacy load-balancing player, likely to be displaced. “I think organizations like us that maybe don't have ZTNA are looking to come and displace some of those legacy vendors, and for that spend to be redeployed. The money that you're spending on load balancers, firewalls, and VPN appliances is being reduced and redeployed to things like ZTNA.”
Identity access. Okta, Ping, and Microsoft are the most cited in this category of security. Okta and Auth0 are developer-friendly and offer numerous out-of-the-box integrations with other platforms, making them an attractive choice for companies requiring seamless connections with services like ServiceNow and Workday. Our guest has been using Microsoft Azure Active Directory for a long time and finds it adequate for their requirements, but integration with other systems is not as straightforward as with Okta or Auth0. In addition, the costs to license Active Directory may escalate for firms that employ a large number of subcontractors. “You quickly get into the realms of Microsoft's more expensive licenses and being more cumbersome compared to some of these others.”
Observability. Datadog, Elastic, and New Relic are emerging as strong contenders, while Splunk and Dynatrace seem to be losing market share. That said, our guest feels “observability” is overhyped, and is unsure of the term's precise meaning, and is therefore underwhelmed by claims of amazing actionable insights and self-healing infrastructure. “I just don't think that we're really in a position to do a lot with these things at the moment.” The true value of observability tools may not be realized until businesses have fully adopted software-defined networking, containers, and app services. “Our current SIEM is just used for auditing purposes. It's there as almost a security check box, to be able to say we have records about what's going on. I'm not convinced that my infrastructure team could really do an awful lot with any of these tools beyond what we do today.” Meanwhile, our guest is unsure about Datadog, and Dynatrace’s focus on Web applications being able to adequately address the needs of companies like his own with core applications in Win32 and engineering.
If you would like to see the full interview summary or replay, check out the ETR Insights library, and while you're there, peruse hundreds more ITDM interviews and panels. You can also gain access to the entire research platform, including the industry's leading technology spending data, analysis, and ITDM commentary, with your own free trial.
Enterprise Technology Research (ETR) is a technology market research firm that leverages proprietary data from our targeted IT decision maker (ITDM) community to provide actionable insights about spending intentions and industry trends. Since 2010, we have worked diligently at achieving one goal: eliminating the need for opinions in enterprise research, which are often formed from incomplete, biased, and statistically insignificant data. Our community of ITDMs represents $1+ trillion in annual IT spend and is positioned to provide best-in-class customer/evaluator perspectives. ETR’s proprietary data and insights from this community empower institutional investors, technology companies, and ITDMs to navigate the complex enterprise technology landscape amid an expanding marketplace. Discover what ETR can do for you at www.etr.ai