2010’s Ten Hot Trends

7. Netbooks prove to be a fad. I’m not saying netbooks are a bad idea. To the contrary, they’re a perfect niche device. However, that’s what they are: a niche device, not a PC replacement.

Yankee Group picks netbooks as a loser for 2010. Yankee is big on the “anywhere computing” idea, where everything from mobile handsets to portable gaming devices to photocopiers to, and I am not making this up, toilets are connected to the Internet. Yet, the research firm sees netbooks being left in the cold next year, despite a growth rate of nearly 270% in 2Q09.

According to Yankee, the netbook growth numbers are skewed, ignoring one key element of the buying experience: returns. New internal Yankee Group research shows that many retailers are experiencing netbook return rates as high as 30%. Yankee believes netbooks will be squeezed from above by low-priced laptops. Several laptop vendors have already lowered their prices. Toshiba, for instance, offers 15.6-inch laptop for as low as $350.

Meanwhile, expect to see netbooks squeezed from below by handsets. With smartphones gaining more and more ground each month, where does a netbook fit in the device pantheon? Instead of buying one, why not wait until you’re ready to replace your handset and let a carrier foot the bill for a device that does pretty much anything a netbook can do―all while fitting in your pocket?

8. Cloud security becomes a real, rather than a conceptual, problem. Okay, admittedly this isn’t the first time you’re reading about Cloud security. It is one of Cloud computing’s main bugaboos. However, much of the concern over securing the Cloud has been forward looking, rather than an in-the-trenches IT reality. Expect that to change in 2010.

According to Craig Lund, CEO of MultiFactor Corporation, a provider of identity enforcement solutions, Cloud security will come down to two things: 1) the integrity of the application and its data, wherever that data resides, and 2) the identity of end users.

For item No.1, the Cloud or application providers―Amazon, Google, Microsoft, Salesoforce.com, etc., will eventually tackle the problem. “The cloud provider must find a way to serve up the data, protect it against disaster, secure it from attacks and protect the database storing that data,” Lund said. “The winners of the Cloud game, whoever they are, will either be big companies or become big companies. When large companies put their resources towards solving a problem like this, they have a pretty good success rate.”

Moreover, a large organization will have deep enough pockets to make you whole should something go wrong and cause you direct harm. In other words, if a TJX-style data leak happens because a Cloud database wasn’t properly protected and encrypted, it should be the Cloud provider solving the problem, not you.

Item No.2 is trickier. “What they can’t do is ensure your identity,” Lund said. Most Cloud providers are leaving it to the enterprise to control access―and they really have no choice. It’s the enterprise’s responsibility to tell them whom to let in and what level of access that person should have. That doesn’t mean that enterprises have the proper tools for this, though. “Unless you have the proper processes, policies and technology in place to enforce identity, you’ll be at risk,” Lund added.

Some organizations may decide to outsource access control and identity enforcement, but that’s a big risk. Can you ever trust anyone enough to be in charge of all of your organization’s identities? You would have to have a bank-level of trust in the ID-control agency. (Perhaps that’s a bad analogy. After all, who trusts banks, or at least bankers, these days?)

The point is that enterprises have a pretty sophisticated tool at their disposal for ID enforcement, one that is in-house and under their control: Active Directory or LDAP. What they don’t have is an effective way to bridge those identity servers to cloud applications.

You have two choices, then: you can export your identities to the cloud, which most organizations will balk at for a number of reasons, control being at the top of the list. The second choice is to replicate your identities, keeping one in-house and sending one out to the cloud, which clearly isn’t ideal.

Fortunately, there is an emerging the third choice, which is to find the proper tools to bridge that gap. In 2010, organizations will search for, and eventually find, effective ways to bridge the enterprise and the Cloud, moving from the remote-access model, which relied on VPNs and DUN servers to a remote-data/remote-app access model, where it’s the data that is remote, not necessarily your employees.

Cloud security startups such as MultiFactor with its SecureAuth solution, Ping Identity with its eponymous products, and Symplified with its SinglePoint solution, all tackle the problem.

While the space is new, it is being validated by the rapid adoption of these solutions in heavily regulated sectors, such as health care, finance, and the government.

9. Virtualization and Cloud computing force companies to re-conceptualize the desktop. There’s more to the Cloud and virtualization than figuring out how to secure and manage the applications involved. One of the difficulties is figuring out the end devices. For cash-strapped organizations or those organizations that are finally fed up with the management and security issues (patching, dealing with different software versions, different OS’s, etc.) that come with a slew of discreet PCs, new computing models will be embraced in 2010.

This won’t be a tsunami of change, but change is coming.

Case in point is NComputing. “The old desktop computing model is no longer sustainable,” said Stephen Dukker, CEO of NComputing. “SMBs and enterprises alike will embrace desktop virtualization in 2010 as they reevaluate the outdated one-PC-per-person computing model and realize that they can get more cost-effective and greener technology with desktop virtualization.”

Granted, a desktop virtualization vendor will obviously trumpet desktop virtualization. However, NComputing backs up its claims with a robust client list and some telling real-world examples. For instance, Valley Yellow Pages, the largest independent phone directory publisher in Northern California, considered purchasing PCs for each of their account executives but decided that new PCs would be too expensive. They also realized that their account execs didn’t really need full-blown PCs to do their work.