By David Bosworth

What are the top-three can’t-miss IT innovations that every mid- to enterpriselevel company must consider implementing over the next one to two years?

Great question. Unfortunately, there’s no easy answer.

Opinions on this naturally stem from each company’s business priorities, but there are some important trends emerging and we’ve come up with three particularly intriguing technologies that should be on everyone’s radar. These can all be strategically and profitably tied to the overarching business priorities of the organization in which they reside.

Let’s jump in.

1 . WEB SERVICES
The next big thing on the one- to twoyear horizon is Web services, according to Nick Gall, senior vice-president and principal analyst with the META Group in Stamford, Conn. Web services basically take the Internet to the next level by allowing software applications to talk to one another over the Web.

For programmers, this gives the ability to quickly grab existing modular applications or services off the Web to add power and functionality to programs

developed in a Service-Oriented Architecture ( SOA) environment. From a business perspective, this means organizations can save significant money by avoiding the need to develop software applications and automated business processes from scratch.

A few examples of Web services available as modular components that can be built into other programs include currency conversion, language translation, shipping and claims processing applications.

The key to Web services is the advent of Extensible Markup Language ( XML) as a means of allowing diverse software applications to work together over theWeb, regardless of the computing environment in which they reside.

“Web services are quickly becoming absolutely essential technology,” Gall said.

Referring to the adoption of Web services by his own clients, he said: “They’re doing the same old kinds of integration work, but with technology that is tremendously less expensive and simpler to apply.

“It’s really the power of the network [extending] its effect across IT technologies, as well as business economies.”

No one company can be said to be taking the global lead in implementing Web services. However, an array of technology vendors — from HP, IBM andMicrosoft to BEA, SAP and Computer Associates — has introduced related offerings in the past 18 months.

Gall said it will still be a few years before Web services supplant traditional client/server application environments, but that is ultimately where the business world is headed. First, though, there are still significant technological and human barriers to overcome.

Because the “key promise of Web services and SOAs is the ability to change more rapidly and cost-effectively,” Gall said organizations need to cometo grips with their overall approach to change management, both from a human resources and an IT perspective.

“Those two forms of change management can limit the rate of transformation at which businesses can go,” he said.

“And, the larger the company, the much more difficult this can be.”

That said, Gall, who describes Web services as simply “the next phase of the Web,” said he expects Web services to eventually have “just as broad an adoption as the Web itself.”

2. VIRTUAL PRIVATE NETWORKS
With the ongoing trend toward mobile business computing, companies are finding an ever-increasing need to provide their mobile workforces with reliable, secure and userfriendly access to files and applications. To do this, many are implementing IP Security Protocol ( IPsec) systems to build IPsecbased
Virtual Private Networks ( VPNs).

However, as effective as IPsec is at supporting encryption and authentication tools for ensuring the privacy, integrity and authenticity of data in a VPN, it has its detractors. The primary complaint is that IPsec is cumbersome to manage, as strict security protocols must be installed and configured on each individual enduser device. Without those safeguards in place, IPsec remote access traffic can pose a nerve-rattling challenge to network administrators who haven’t plugged all the potential security holes that IPsec is capable of penetrating.

A simpler and less expensive — VPN option that is rapidly growing in popularity among network administrators is Secure Socket Layer ( SSL) VPNs, which provide all the remote access functionality that corporate users usually need without the accompanying hassle of having to establish secure firewall links between client PCs and the base network.

SSL VPNs operate in a standard Web browser environment that doesn’t eat the administrative resources IPsec does.

According to Jason Wright, security technologies program leader with Houston-based Frost & Sullivan, “ SSL VPN has a lot of implications in regardto the level of control you can enforce on the user compared to IPsec. When you connect with an IPsec tunnel, you’re connecting at the network layer.

It’s very difficult to limit the access a user has to certain files, folders or applications. It’s even more difficult to understand what a user did or didn’t do with those files, folders or applications.”

SSL VPNs still pose their own set of security challenges, but they are relatively minor compared to IPsec. Users simply have to log in to their corporate VPN from any Internet connection, at which point he SSL hardware authenticates their ID and launches their session.

“All this is stuff that is easily controlled, audited, reported on and modified by an S SL VPN solution,” Wright said, “because it works at theapplication layer. You have the ability to limit a user’s access to certain parts of the network, applications or even areas within an application.”
Although SSL VPNs only make up about 10 per cent of the market held by IPsec today, Frost & Sullivan expects SSL to represent about 25 per cent by 2008. “I haven’t seen a market grow this fast from inception in my career in security technologies,” Wright said.

3 . MIDDLE WARE SOFTWARE
Although it’s the least sexy of the emerging tech developments, middleware application management software is undeniably steaming things up in IT departments.

This is because middleware lets IT managers map business processes back to IT resources and monitor the relationship between the two on an ongoing basis.

Driving the move toward more middleware solutions is a growing awareness among IT managers of the need to become more closely aligned with the business priorities of the organizations they support. The key for many is being able to match IT resources with business processes in a single, comprehensive software program.

According to Warren Shiau, manager of software research at IDC Canada, “We’re looking at tying IT infrastructure efficiencies to business process efficiencies.

What you need is a middleware solution that encompasses application development, application deployment, user access, presentation workflow anddata management.

“There seems to be a very big convergence around that middle tier functionality,” Shiau said. “From there, you can tell where you’re getting bottlenecks in your business process. By addressing those bottlenecks, you can make your business processes more efficient.”

If there’s one problem with most middleware today it’s that it often isn’t standardized enough to cut across multivendor infrastructures and/or operatingsystems. However, the growth of Linux is putting pressure on traditional vendors to develop open solutions in the middle-tier management realm.

“Once we have a middle-tier application solution that ties infrastructure up to the business process level that works with everything,” Shiau said, “then we’re going somewhere.”