Real-time Data Governance, Risks and Security Challenges – Part 5: Impact of major shifts in business application environments

Real-time Data Governance, Risks and Security Challenges – Part 5

Real-time Data Governance, Risks and Security Challenges – Part 5: Impact of major shifts in business application environments

Given the emerging applications landscape it is clear that digital transformation demands continuous modernization with agility and velocity at its core. However, the existing application inventory raises some key issues for organizations. For example, many legacy applications are business critical. Such applications contain vast repositories of valuable data and functions that are not built for digital business demand, need integration with other platforms and are possibly better suited to other platforms. Such aging systems need to be modernized to better support changing requirements and higher pace of change. Organizations increasingly want to get past the technical debt, aging technology, time required to respond business needs, costs and risks associated with change. Additionally, reduced or no support for the platforms and skills shortage make such systems ripe targets for application modernization

Application modernization needs to translate into a continuous and well-planned set of projects. Typically, ripping and replacing whole systems is too costly, risky, time-consuming and have a high impact to the business. Also, we cannot wait for everything to be transformed or modernized. It is hard to predict and design services upfront – a continuous business-driven modernization to design, develop, and deploy such services is required.  Enterprises are implementing continuous modernization with a dedicated modernization team working alongside product and platform teams. The modernization approach for applications are determined on a case-by-case basis to select the optimal modernization approach, i.e., encapsulate, re-host, re-platform, refactor, extend, rebuild, replace, etc.

Application environments are evolving to include support for agile innovation. For example, enterprises are keen to combine Design Thinking, Lean Startup and Agile processes to enable such environments. As design thinking focuses on the development of design, lean methods are startup-oriented, and agile focuses on an iterative approach to software development, organizations want to combine the three based on the strengths of each.

Furthermore, design thinking is becoming very popular as it provides the primary foundation for human-centered design process that is based on observations (view users and their behavior in the context of their lives), engagement (interact with and interview users), and immersion (experience what the user experiences). Enterprises want to maximize innovation by moving to a more product-centric organization (than being projects-centric) as product teams typically have greater customer and business domain knowledge, better understanding of the business model and shorter lead times from idea to release.

Enterprises are evolving environments for continuous innovation by combining hypothesis-driven development and agile delivery. Traditional agile approach captures user requirements and feedback as user stories that are then implemented for achieving a specific goal. In contrast, hypothesis-driven development pairs a statement that asserts or predicts the value with a testable condition that can be measured.


Innovation should feel like Tetris – continuous, challenging and fun.


Architectures and development processes are also evolving in enterprises to include a mix of in-premise and cloud infrastructure, internal and external data sources, big data storage and application frameworks, and legacy and new-age applications such as streaming analytics, machine learning applications, neural networks, big data visualization tools, and agile process-driven environments. In this scenario, implementing security and governance measures becomes a much more challenging and complex task. Organizations are augmenting traditional IT and applications teams with new cloud management teams.

Enterprise cloud strategy needs to address several key questions: Where and how should the organization consume cloud computing services? Where and how should the organization implement private cloud environments? How will we secure, manage and govern across hybrid environments (internal / external, multiple providers, etc.)? How does cloud computing factor into your application strategy and architecture?

The enterprise cloud strategy is evolving to enjoy the benefits of both cost reduction (via efficient and low cost commodity infrastructure) and developer productivity (via infrastructure as code). The shift to cloud is enabling digital businesses by supporting dynamic web scale applications, and efficient and highly automated DevOps through increasing adoption of cloud-native tools.

Most large-scale enterprise environments will use mixed cloud models. For example, using PaaS for innovation, public PaaS for agility, hosted or dedicated PaaS to address privacy concerns, and private PaaS to fully control the outcomes.

The traditional strategies for moving applications to the cloud such as re-hosting, rebuilding, or replacing, are now augmented with emerging strategies like reimagining (as multi-enterprise, multi-tenant, SaaS applications) that leverage the cloud as a vehicle for next big things such as supporting AI, Blockchain, digital and algorithmic business applications.

Organizations are building up on cloud platform services, skills and best practices. They are balancing technology-first and business-first priorities in digital business initiatives, balancing event-driven and request-driven architecture in application design, resisting lock-in with a single mega-PaaS provider, maintaining relationships with multiple vendors and focusing on integration.

In this blog, we explored some of the emerging trends in operating environments for business applications that need to be understood now for developing strategies for addressing the associated governance, risks and security requirements, comprehensively.

In next and final blog in this series we will explore the impact of shifts towards improving trust and security in the use of business applications.



  1. David Norton, To the point: Innovating with Agile and DevOps – Taking it to next level, Gartner Application Strategies & Solutions Summit, 2017

  2. Yefim V. Natis, Tutorial: Serverless platforms, PaaS and other key trends in platforms for digital business, Gartner Application Strategies & Solutions Summit, 2017.

  3. Anne Thomas, Cloud boot camp – choose PaaS wisely, Gartner Application Strategies & Solutions Summit.

  4. David Mitchell Smith, Boot camp – Applications on the cloud and for the cloud, Gartner Application Strategies & Solutions Summit, 2017

  5. David Mitchell Smith, Boot camp – Getting started with cloud, Gartner Application Strategies & Solutions Summit, 2017