Decoding vendor conferences

“Developer Conference,” two words that should alarm all enterprises as they begin looking for solutions to manage their growing digital transformation investments. Having been around the high-tech industry for many years, this is vendor code for: “We have built a product that is so complicated that we need to teach you how to use it before you to get any value out of it.”   There is also the slightly less daunting “Users Conference” – just a notch below the Developer Conference – where it’s unlikely you’ll be writing any custom software to effectively use a vendor’s product, here you should expect to spend a lot of time learning to configure said product correctly.

The team here at Trapize is dedicated to solving the hard problems facing businesses undergoing their digital transformation. So, if you’re looking to get a free conference vacation in a balmy location this year to learn our product, you should stop reading now. If your enterprise has $100K+ in budget surplus to get some developers working on securing each digital service you need for your digital transformation, look somewhere else. If your IT department loves the intellectual challenge of spending weeks tweaking complicated configuration, we here at Trapize do not have the product you are looking for. But, if your enterprise is looking to add compliance, governance and monitoring of the digital services you are using with a single click of the mouse, then we should definitely talk.

As we enter our public beta in the early fall, the Trapize API proxy currently supports over 2,000 of the most popular digital services in use by businesses today. We have profiled thousands of digital services and provided a powerful set of one-click controls for an enterprise to quickly control and monitor digital services crossing their perimeter.

If you would like to see a demo, reach out and let us know. It’s really, really brief – unlike those Conferences – so you can get back to enjoying your busy afternoon (golf, baseball, kid’s soccer, we won’t tell).

Cold War ethics: ‘trust but verify’ for microservices oversight of critical data flows

End-to-end encryption is becoming a popular industry trend while at the same time causing nightmares for the IT department. With the emergence of SD-WAN technology and other private routing strategies, it is getting easier for enterprises to fully direct and encrypt traffic flow between application servers within the enterprise and between an enterprise and its business partners.

While there is no argument over the need to keep private data private, the question becomes who are you keeping it private from?

Increasingly applications are being built using a distributed set of microservices. These services fall into three broad categories:

  1. microservices the enterprise built for themselves,
  2. microservices built by third party contractors hired by the enterprise, and
  3. microservices the enterprise consumes from the public cloud.

This collection of disparate microservices is making it difficult for enterprises to know what information is being exchanged as the application fragments collaborate to build a cohesive solution.

As we were beginning to form Trapize, I had a conversation with a CIO who stated their data center was built out of microservices that they mostly subcontracted out to third parties. Yet given the level of encryption between services, the CIO/IT team/enterprise had no real way of knowing or understanding the data that was flowing across – or out of – their network. While the applications worked, this enterprise had managed to create a data super-highway that was private…even to themselves.

At Trapize, we think the cold-war mantra of ‘trust but verify’ still applies. It is critical for an enterprise to understand the underlying data that is moving in and out of their network. Very few enterprises would bypass email or message scanning but many today have no visibility into the critical data flows from systems they know have access to private or sensitive data. We have built a security proxy designed to specifically address this new threat surface.  Check us out.

Overcoming ‘analysis paralysis’ to achieve digital transformation of your business

Time is the true enemy of most businesses.  This has never been more apparent than when a business begins the transformation to becoming a digital enterprise.

Cloud-based services allow businesses to pick best-in-class APIs and components for building out their digital enterprise.  However, as the shift of services transitions from being hosted within the enterprise to the cloud, legal requirements like the compliance and governance of data must still be met regardless of the location of the enterprise’s perimeter.  Unfortunately many businesses have become paralyzed as they struggle to understand the implications of bringing a digital service into the enterprise. This paralysis then amplifies the time it takes to safely on-board any digital service and results in added cost for this transformation while potentially losing opportunities to their more nimble competitors.

The Trapize Digital Services Broker (DSB) enables businesses of all sizes to quickly and safely make this transition.  The Trapize DSB includes pre-built service profiles for the most popular digital services used by businesses today.  Each profile is available for download and installation for a low annual subscription fee.  The service profiles allow businesses to transparently add compliance, governance, and performance controls in minutes.  The DSB is designed to support thousands of digital service profiles in a single distributed proxy ensuring common compliance and governance controls across the enterprise.

While we don’t have a flux capacitor – or a custom built DeLorean – to go back in time, we can help businesses catch up to their competitors by beginning their digital transformation today rather than in a distant future.

Sizzle versus simple: what’s your approach to digital transformation?

We here at Trapize spend a lot of time talking to businesses that are beginning to transform themselves into modern digital enterprises.  Most of what we talk about revolves around the sizzle topics: compliance, governance, and data loss prevention (DLP).  While those are great topics to address, it is important to remember that the simple things matter too.

When an enterprise is choosing to consume a digital service, an implicit contract is made with the service provider that the particular service remains both available and reliable.   More and more we hear of enterprises requiring service level agreements (SLAs) for services that are now crucial in the day to day operation of their business.   A complete service outage – or even a consistent delay in processing requests – can have a disastrous, sometimes cascading effect on internal business systems.  Even if a service is moving data packets in and out, it is crucial to have a view that shows the service is actually performing the task the business is paying for.

The modern digital enterprise needs a way to effectively monitor, ensure availability, and measure the performance and functionality of the services it has built the business around.

The Trapize Digital Services Broker (DSB) monitors the performance of all the digital services within an enterprise.   Built-in support for secure socket layer inspection (SSLi) allows the DSB to not just ensure that encrypted data packets are flowing in the network but to also inspect the flow for service functionality.  The DSB monitors and understands the service response time and actual responses to ensure the service is positively performing as expected and not just passing packets around.  Reports summarize the use of a service by requests and responses and monitor the service on a packet-by-packet basis for latency, delays, and service faults in the encrypted tunnels.  Alerts and alarms can be tied to these metrics allowing the business to quickly identify service issues and quickly rectify them before critical services fail.