Using virtualization to isolate risky applications and other endpoint threats

More and more security professionals are realizing that it’s impossible to fully secure a Windows machine – with all its legacy components and millions of potentially vulnerable lines of code – from within the OS. With attacks becoming more sophisticated than ever, hypervisor-based security, from below the OS, becomes a necessity.

Unlike modern OS kernels, hypervisors are designed for a very specific task. Their code is usually very small, well-reviewed and tested, making them very hard to exploit. Because of that, the world trusts modern hypervisors to run servers, containers, and other workloads in the cloud, which sometimes run side-by-side on the same physical server with complete separation and isolation. Because of that, companies are leveraging the same trusted technology to bring hardware-enforced isolation to the endpoint.

Microsoft Defender Application Guard

Microsoft Defender Application Guard (previously known as Windows Defender Application Guard, or just WDAG), brings hypervisor-based isolation to Microsoft Edge and Microsoft Office applications.

It allows administrators to apply policies that force untrusted web sites and documents to be opened in isolated Hyper-V containers, completely separating potential malware from the host OS. Malware running in such containers won’t be able to access and exfiltrate sensitive files such as corporate documents or the users’ corporate credentials, cookies, or tokens.

With Application Guard for Edge, when a user opens a web site that was not added to the allow-list, he is automatically redirected to a new isolated instance of Edge, continuing the session there. This isolated instance of Edge provides another, much stronger, sandboxing layer to cope with web threats. If allowed by the administrator, files downloaded during that session can be accessed later from the host OS.

isolate risky applications

With Application Guard for Office, when a user opens an unknown document, maybe downloaded from the internet or opened as an email attachment, the document is automatically opened in an isolated instance of Office.

Until now, such documents would be opened in “protected view”, a special mode that eliminates the threat from scripts and macros by disabling embedded code execution. Unfortunately, this mode sometimes breaks legit files, such as spreadsheets that contain harmless macros. It also prevents users from editing documents.

Many users blindly disable the “protected view” mode to enable editing, thereby allowing malware to execute on the device. With Application Guard for Office, users don’t compromise security (the malware is trapped inside the isolated container) nor productivity )the document is fully functional and editable inside the container).

In both cases, the container is spawned instantly, with minimal CPU, memory, and disk footprints. Unlike traditional virtual machines, IT administrators don’t need to manage the underlying OS inside the container. Instead, it’s built out of existing Windows system binaries that remain patched as long as the host OS is up to date. Microsoft has also introduced new virtual GPU capabilities, allowing software running inside the container to be hardware-GPU accelerated. With all these optimizations, Edge and Office running inside the container feel fast and responsive, almost as if they were running without an additional virtualization layer.

The missing compatibility

While Application Guard works well with Edge and Office, it doesn’t support other applications. Edge will always be the browser running inside the container. That means, for example, no Google accounts synchronization, something that many users probably want.

What about downloaded applications? Applications are not allowed to run inside the container. (The container hardening contains some WDAC policies that allow only specific apps to execute.) That means that users can execute those potentially malicious applications on the host OS only.

Administrators who don’t allow unknown apps on the host OS might reduce users’ productivity and increase frustration. This is probably more prominent today, with so many people working from home and using a new wave of modern collaboration tools and video conferencing applications.

Users who are invited to external meetings sometimes need to download and run a client that may be blocked by the organization on the host OS. Unfortunately, it’s not possible to run the client inside the container either, and the users need to look for other solutions.

And what about non-Office documents? Though Office documents are protected, non-Office documents aren’t. Users sometimes use various other applications to create and edit documents, such as Adobe Acrobat and Photoshop, Autodesk AutoCAD, and many others. Application Guard won’t help to protect the host OS from such documents that are received over email or downloaded from the internet.

Even with Office alone, there might be problems. Many organizations use Office add-ons to customize and streamline the end-user experience. These add-ons may integrate with other local or online applications to provide additional functionality. As Application Guard runs a vanilla Office without any customizations, these add-ons won’t be able to run inside the container.

The missing manageability

Configuring Application Guard is not easy. First, while Application Guard for Edge technically works on both Windows Pro and Windows Enterprise, only on Windows Enterprise is it possible to configure it to kick-in automatically for untrusted websites. For non-technical users, that makes Application Guard almost useless in the eyes of their IT administrators, as those users have to launch it manually every time they consider a website to be untrusted. That’s a lot of room for human error. Even if all the devices are running Windows Enterprise, it’s not a walk in the park for administrators.

For the networking isolation configuration, administrators have to provide a manual list of comma-separated IPs and domain names. It’s not possible to integrate with your already fully configured web-proxy. It’s also not possible to integrate with category-based filtering systems that you might also have. Aside from the additional system to manage, there is no convenient UI or advanced capabilities (such as automatic filtering based on categories) to use. To make it work with Chrome or Firefox, administrators also need to perform additional configurations, such as delivering browser extensions.

This is not a turnkey solution for administrators and it requires messing with multiple configurations and GPOs until it works.
In addition, other management capabilities are very limited. For example, while admins can define whether clipboard operations (copy+paste) are allowed between the host and the container, it’s not possible to allow these operations only one way and not the other. It’s also not possible to allow certain content types such as text and images, while blocking others, such as binary files.
OS customizations and additional software bundlings such as Edge extensions and Office add-ins are not available either.

While Office files are opened automatically in Application Guard, other file types aren’t. Administrators that would like to use Edge as a secure and isolated PDF viewer, for example, can’t configure that.

The missing security

As stated before, Application Guard doesn’t protect against malicious files that were mistakenly categorized to be safe by the user. The user might securely download a malicious file on his isolated Edge but then choose to execute it on the host OS. He might also mistakenly categorize an untrusted document as a corporate one, to have it opened on the host OS. Malware could easily infect the host due to user errors.

Another potential threat comes from the networking side. While malware getting into the container is isolated in some aspects such as memory (it can’t inject itself into processes running on the host) and filesystem (it can’t replace files on the host with infected copies), it’s not fully isolated on the networking side.

Application Guard containers leverage the Windows Internet Connection Sharing (ICS) feature, to fully share networking with the host. That means that malware running inside the container might be able to attack some sensitive corporate resources that are accessible by the host (e.g., databases and data centers) by exploiting network vulnerabilities.

While Application Guard tries to isolate web and document threats, it doesn’t provide isolation in other areas. As mentioned before, Application Guard can’t isolate non-Microsoft applications that the organization chooses to use but not trust. Video conferencing applications, for example, have been exploited in the past and usually don’t require access to corporate data – it’s much safer to execute these in an isolated container.

External device handling is another risky area. Think of CVE-2016-0133, which allowed attackers to execute malicious code in the Windows kernel simply by plugging a USB thumb drive into the victim’s laptop. Isolating unknown USB devices can stop such attacks.

The missing holistic solution

Wouldn’t it be great if users could easily open any risky document in an isolated environment, e.g., through a context menu? Or if administrators could configure any risky website, document, or application to be automatically transferred and opened in an isolated environment? And maybe also to have corporate websites to be automatically opened back on the host OS, to avoid mixing sensitive information and corporate credentials with non-corporate work?

How about automatically attaching risky USB devices to the container, e.g., personal thumb drives, to reduce chances of infecting the host OS? And what if all that could be easy for administrators to deploy and manage, as a turn-key solution in the cloud?

Shipments of next-gen smart IoT gateways to reach 21.4 million by 2025

IoT gateways are becoming an increasingly important link in the IoT security and device authentication value chain and emerging as a crucial conduit for intelligent operations across the entire IoT.

next-gen smart IoT gateways

The new wave of next-generation smart IoT gateways has arrived at an opportune time, enabling a breadth of novel security, intelligence, and authentication operations at the edge, causing IoT vendors to revisit their deployment and management strategies.

According to ABI Research, there will be 21.4 million next-gen smart IoT gateways shipped in 2025.

“Smart IoT gateways are currently caught amid a greater transformative evolution, further enhancing capabilities for gateways, shifting focus toward the edge, and reversing the cloud-centric investment priorities of the past decade,” states Dimitrios Pavlakis, Digital Security analyst at ABI Research.

The characteristics of next-gen smart IoT gateways

The primary characteristics of next-gen IoT gateways include enhanced cybersecurity options, extended connectivity support, edge processing and filtering, authentication and management, cloud services, analytics, and intelligence operations.

These highly demanding technological characteristics have been steadily reaching the core of the implementation lists of IoT implementers, shifting the dynamics of IoT security and pulling focus ever closer to the edge.

“This is not to say that edge-focused IoT gateways will completely replace data servers and cloud computing – far from it. Rather they are set to create a more symbiotic relationship between them while increasing the amount of responsibility towards edge computing and intelligence-gathering operations,” Pavlakis explains.

Turning challenges into well-honed value propositions

The current market demands brought forth by the intense increase of IoT technologies allow gateway vendors to turn challenges into well-honed value propositions. This can include tackling the secure transition of legacy equipment into larger IoT fleets, enable increased visibility, monitoring, and management of IoT devices, aid in the clash between IT and OT in industrial and healthcare systems, and streamline digital security and device management.

The surge of IoT gateways shipments is expected to create a variable penetration rate across different IoT end markets led by innovative gateway vendors like Advantech, Cisco, Kerlink, MultiTech, and Sierra Wireless.

“The data suggest that video surveillance, heavy transport vehicles and equipment, intelligent transportation, and fleet management depict the highest penetration rate for the next-level security and intelligence components for smart IoT gateways, with a clear focus revolving around automotive verticals and data-heavy applications,” Pavlakis concludes.

Are today’s organizations ready for the data age?

67% of business and IT managers expect the sheer quantity of data to grow nearly five times by 2025, a Splunk survey reveals.

data age

The research shows that leaders see the significant opportunity in this explosion of data and believe data is extremely or very valuable to their organization in terms of: overall success (81%), innovation (75%) and cybersecurity (78%).

81% of survey respondents believe data to be very or highly valuable yet 57% fear that the volume of data is growing faster than their organizations’ ability to keep up.

“The aata age is here. We can now quantify how data is taking center stage in industries around the world. As this new research demonstrates, organizations understand the value of data, but are overwhelmed by the task of adjusting to the many opportunities and threats this new reality presents,” said Doug Merritt, President and CEO, Splunk.

“There are boundless opportunities for organizations willing to quickly learn and adapt, embrace new technologies and harness the power of data.”

The data age has been accelerated by emerging technologies powered by, and contributing to, exponential data growth. Chief among these emerging technologies are Edge Computing, 5G networking, IoT, AI/ML, AR/VR and Blockchain.

It’s these very same technologies 49% of those surveyed expect to use to harness the power of data, but across technologies, on average, just 42% feel they have high levels of understanding of all six.

Data is valuable, and data anxiety is real

To thrive in this new age, every organization needs a complete view of its data — real-time insight, with the ability to take real-time action. But many organizations feel overwhelmed and unprepared. The study quantifies the emergence of a data age as well as the recognition that organizations have some work to do in order to use data effectively and be successful.

  • Data is extremely or very valuable to organizations in terms of: overall success (81%), innovation (75%) and cybersecurity (78%).
  • And yet, 66% of IT and business managers report that half or more of their organizations’ data is dark (untapped, unknown, unused) — a 10% increase over the previous year.
  • 57% say the volume of data is growing faster than their organizations’ ability to keep up.
  • 47% acknowledge their organizations will fall behind when faced with rapid data volume growth.

Some industries are more prepared than others

The study quantifies the emergence of a data age and the adoption of emerging technologies across industries, including:

  • Across industries, IoT has the most current users (but only 28%). 5G has the fewest and has the shortest implementation timeline at 2.6 years.
  • Confidence in understanding of 5G’s potential varies: 59% in France, 62% in China and only 24% in Japan.
  • For five of the six technologies, financial services leads in terms of current development of use cases. Retail comes second in most cases, though retailers lag notably in adoption of AI.
  • 62% of healthcare organizations say that half or more of their data is dark and that they struggle to manage and leverage data.
  • The public sector lags commercial organizations in adoption of emerging technologies.
  • Manufacturing leaders predict growth in data volume (78%) than in any other industry; 76% expect the value of data to continue to rise.

Some countries are more prepared than others

The study also found that countries seen as technology leaders, like the U.S. and China, are more likely to be optimistic about their ability to harness the opportunities of the data age.

  • 90% of business leaders from China expect the value of data to grow. They are by far the most optimistic about the impact of emerging technologies, and they are getting ready. 83% of Chinese organizations are prepared, or are preparing, for rapid data growth compared to just 47% across all regions.
  • U.S. leaders are the second most confident in their ability to prepare for rapid data growth, with 59% indicating that they are at least somewhat confident.
  • In France, 59% of respondents say that no one in their organization is having conversations about the impact of the data age. Meanwhile, in Japan 67% say their organization is struggling to stay up to date, compared to the global average of 58%.
  • U.K. managers report relatively low current usage of emerging technologies but are optimistic about plans to use them in the future. For example, just 19% of U.K. respondents say they are currently using AI/ML technologies, but 58% say they will use them in the near future.

Multi-access edge computing market to reach $7.23 billion by 2024

Edge computing is a foundational technology for industrial enterprises as it offers shorter latencies, robust security, responsive data collection, and lower costs, Frost & Sullivan finds.

multi-access edge computing market

In this hyper-connected industrial environment, edge computing, with its solution-agnostic attribute, can be used across various applications, such as autonomous assets, remote asset monitoring, data extraction from stranded assets, autonomous robotics, autonomous vehicles, and smart factories.

Multi-access edge computing market growth rate and revenue

Despite being in a nascent stage, the multi-access edge computing (MEC) market – an edge computing commercial offering from operators in wireless networks – is estimated to grow at an astounding compound annual growth rate of 157.4%, garnering a revenue of $7.23 billion by 2024 from $64.1 million in 2019.

“The recent launch of the 5G technology coupled with MEC brings computing power close to customers and also allows the emergence of new applications and experiences for them,” said Renato Pasquini, Information & Communication Technologies Research Director at Frost & Sullivan.

“Going forward, 5G and MEC are an opportunity for telecom operators to launch innovative offerings and also enable an ecosystem to flourish in the business-to-business (B2B) segment of telecom service providers using the platform.”

Pasquini added: “From the perspective of the MEC ecosystem, software—edge application and solutions—promises the highest CAGR followed by services—telecom operators’ services, cloud providers’ infrastructure-as-a-service, and edge data center colocation services.”

Growth prospects for MEC market participants

It is predicted that approximately 90% of industrial enterprises will utilize edge computing by 2022, presenting immense growth prospects for MEC market participants, including:

  • Telecom operators should work on solutions and services to meet the requirements for connected and autonomous cars.
  • System integrators should provide end-to-end solutions, which would be a significant value addition for enterprises because 5G requires specific skillsets.
  • The combination of 5G and the new specialized hardware-based mobile edge compute technologies can meet the market’s streaming media needs now and in the future.
  • Telecom operators must partner with cloud providers and companies with abilities related to artificial intelligence, machine learning, and computer vision to design solutions for autonomous cars, drone delivery, and others.
  • Companies in the MEC space must capitalize on the opportunity for innovation and new developments that utilize 5G and MEC, such as augmented reality (AR) and virtual reality (VR), which can also be applied to games.

How secure is your web browser?

NSS Labs released the results of its web browser security test after testing Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera, for phishing protection and malware protection.

web browser security

Key takeaways

  • Phishing protection rates ranged from 79.2% to 95.5%
  • For malware, the highest block rate was 98.5% and the lowest block rate was 5.6%
  • Protection improved over time; the most consistent products provided the best protection against phishing and malware.

Email, instant messages, SMS messages and links on social networking sites are used by criminals to lure victims to download and install malware disguised as legitimate software (a.k.a. socially engineered malware). Once the malware is installed, victims are subjected to identity theft, bank account compromise, and other devastating consequences.

Those same techniques are also used for phishing attacks, where victims are lured to websites impersonating banking, social media, charity, payroll, and other legitimate websites; victims are then tricked into providing passwords, credit card and bank account numbers, and other private information.

In addition, landing pages (URLs) from phishing websites are another way attackers exploit victim’s computers and silently install malicious software.

Protecting against malware and phishing

The ability to warn potential victims that they are about to stray onto a malicious website puts web browsers in a unique position to combat phishing, malware, and other criminal attacks.

To protect against malware and phishing attacks, browsers use cloud-based reputation systems that scour the internet for malicious websites and then categorize content accordingly, either by adding it to blocklists or whitelists, or by assigning it a score.

“As a result of the COVID-19 pandemic, employees have been forced to work from home and now have unprecedented remote access to corporate resources. Threat actors are shifting tactics to target these remote employees who may not benefit from corporate protection. This makes the protection offered by web browsers more important than ever,” said Vikram Phatak, founder of NSS Labs.

Tested browsers

  • Google Chrome – version 81.0.4044.113 – 81.0.4044.138
  • Microsoft Edge – version 83.0.478.10 – 84.0.516.1
  • Mozilla Firefox – version 75.0 – 76.0.1
  • Opera – version 67.0.3575.137 – 68.0.3618.125

In an increasingly 5G and edge world, DNS matters

Infoblox identified the challenges Communication Service Providers (CSPs) face in transitioning to distributed cloud models, as well as the use cases for multi-access edge computing (MEC), 5G New Radio (NR), and 5G Next Generation Core (NGC) networks.

distributed dns

“Distributed cloud models such as 5G and multi-access edge computing networks have the potential to drastically change the CSP industry, delivering high-bandwidth, low latency services to network customers,” said Dilip Pillaipakam, Vice President and GM of Service Provider Business at Infoblox.

“Yet to fully take advantage of the benefits of these new technologies, DNS will have to evolve to address the challenges that come from delivering these high-value services at the network edge.”

DNS will need to be increasingly automated

DNS is a critical element to these new network architectures and technologies, enabling devices to access the network securely and reliably. And as 5G NR, NGC, and MEC technologies enable faster, more distributed networks with significantly more connected devices, DNS will need to be increasingly automated and operate at greater scale and with greater flexibility.

Yet, despite the importance of DNS to the reliable functioning of these networks, the survey found that few CSPs believe that their DNS is currently capable of supporting MEC or 5G NEC.

To meet this need, networks will need to leverage the benefits of distributed DNS technology that can enable network managers to meet users where they are—at the network edge.

Other key findings

  • CSPs consider DNS to be critical to the adoption of next-generation network technologies like 5G (71%), cloud-based managed security services (66%) and MEC (63%).
  • More than one third of CSPs surveyed plan to implement MEC (36%), 5G (35%), and NEC (35%) in the next 12-18 months.
  • Despite this, the lack of a mature vendor solution ranks as the largest obstacle these providers face in MEC (36%), 5G NR (46%) and 5G NEC (39%) deployments.

The CSPs surveyed included companies that represent all aspects of the industry; the largest groups were converged operators (46% of respondents), mobile operators (26%), and fixed-line and cable operators (10% each). The survey asked about their plans for implementing MEC, 5G NGC, and 5G NR technologies, business use cases, as well as concerns and obstacles to implementation.

distributed dns

The survey’s findings indicate that the future of DNS will hinge on the delivery of a fully distributed and fully capable edge-based DNS.

“CSPs seeking to advantage of the benefits of cloud-based and distributed technologies like MEC, 5G NR, and 5G NGC, will need DNS services that can keep up with the challenge of edge-centric network models,” continued Pillaipakam.

“DNS providers will need to adapt and evolve to ensure that customers in this industry are provided with the features, flexibility, and security that these new architectures demand.”

Application performance becoming a key concern, influenced by increasing SD-WAN complexity

Application performance, impacted by network complexity at the edge and in the cloud, is the key enterprise concern this year for organizations implementing SD-WAN, according to Aryaka.

SD-WAN complexity

The study surveyed over one thousand global IT and network practitioners at companies across all verticals, headquartered in NA, APAC and EMEA. The survey asked respondents about their networking and performance challenges, priorities and their plans for 2020 and beyond.

“Modern applications are being distributed across on premises data centers, multiple public clouds (IaaS & SaaS) and edge locations. This is creating more complexity and greater dependency on the network to ensure optimal application performance as confirmed by the Aryaka report,” said Bob Laliberte, Sr. Analyst and Practice Director at ESG.

“Organizations need WAN solutions that deliver performance, flexibility and simplicity to overcome that complexity. This is driving interest in managed SD-WAN offerings that combine application optimization and secure connectivity, to any location, from any location, including access and support for remote workers.”

SD-WAN complexity

Enterprise complexity at the edge and within the cloud are creating a challenging environment for IT organizations. IT managers identify complexity and slow performance of both on-prem and cloud-based applications as their biggest concerns.

Complexity (37 percent) replaces cost as the number one concern, followed by slow on-prem performance (32 percent) and slow access to cloud and SaaS apps (32 percent). Security (31 percent) and long deployment times (30 percent) are also in the top four.

With so many applications in use, many of which are cloud-based, IT is consumed by managing application performance and access to the cloud. And it’s only getting more complex, highlighting the need for a managed service for many organizations.

The biggest IT time consuming issues identified by respondents were remote and mobile (47 percent), application performance at the branch (43 percent) and accessing the cloud, which doubled from 20 percent in 2019 to 42 percent in 2020.

Challenges surrounding UCaaS

The survey showed that while network managers have high expectations as performance, UCaaS is still challenging to deploy globally, and, once again, complexity is the culprit.

Respondents identified set-up and management as the number one challenge for voice and video (48 percent in 2020; 27 percent in 2019), highlighting the need for managed solutions that hide the complexity. Lag/delay was a close second (43 percent in 2020; 30 percent in 2019), which illustrates network performance issues. This was followed by dropped calls (39 percent).

It’s all about the apps and where they’re connecting from

Most of the enterprises surveyed are leveraging over 10 SaaS applications (51 percent in 2020 versus 23 percent in 2019), which speaks to the criticality of cloud performance. In terms of where these SaaS apps are hosted, it’s a multi-cloud world, with AWS, Azure, Google, IBM, Oracle, and Alibaba Cloud all well represented.

What’s more, enterprises are continuing to increase the number of applications deployed. A growing number of companies are deploying 100+ applications: 59 percent in 2020 compared to 43 percent in 2019. Please refer to the report for more detailed, per-vertical data and year-on-year comparisons.

What’s being done to reduce complexity

To address increased complexity and the time spent managing the WAN, enterprises regardless of size are undergoing major initiatives that include automation, the cloud and newer areas of interest such as IoT, AI/ML and blockchain.

For broad IT initiatives, automation grew substantially to 41 percent of respondents in 2020 from only 31 percent in 2019, as did IoT (29 percent in 2020 from 18 percent in 2019), AI/ML (27 percent in 2020 from 12 percent in 2019), and blockchain (21 percent in 2020 from only five percent in 2019).

On the cloud front, regardless of company size, upgrades and management are important as well as a keen interest in 5G. This last initiative reflects the interest in 5G as a future primary connectivity option for SD-WAN.

Respondents identified cloud upgrades (37 percent) and management (38 percent) as top networking initiatives. A whopping 42 percent of respondents also named 5G as a top initiative for this year.

Barriers and expectations for today’s SD-WANs

Buyers are at various stages of their SD-WAN evaluation, but most are still gathering information or evaluating vendors. Forty-four percent of respondents are gathering information, 23 percent are evaluating SD-WAN vendors, 11 percent are building a business case, 13 percent are in the middle of deploying, six percent have deployed and assumed to be happy while only two percent are deployed, but not happy.

When evaluating SD-WAN, the top three potential barriers include application performance, knowledge gaps and complexity. Overall, cost seems less a consideration this year versus performance and complexity, with SD-WAN ROI better understood and valued than in previous years.

Beyond the barriers mentioned above, SD-WAN planners have certain expectations they’d like met. Respondents said, the cloud and WAN optimization are still key requirements to a successful SD-WAN solution, but NFV, support for remote workers and the desire for a managed service have grown substantially. Add in security, and all of these features illustrate the many moving parts critical to a successful SD-WAN deployment.

Their top SD-WAN features wish lists included expected responses such as security, cloud and WAN optimization, but also network functions virtualization (NFV), which more than doubled from 2019 (35 percent in 2020 from 13 percent in 2019) and support for remote employees, which also grew by over 50 percent (33 percent in 2020 from 21 percent in 2019). Organizations are increasingly expecting the mobile workforce to be included as part of the total SD-WAN solution.

The desire for a fully managed SD-WAN also increased to 37 percent in 2020 from 28 percent in 2019. This aligns with a growing acceptance for managed offerings, likely in response to the increasing complexities and challenges detailed earlier, with 87 percent of respondents saying they would consider a managed SD-WAN as compared to 59 percent in 2019.

“We are living in a complex multi-cloud and multi-SaaS application world. As global enterprises continue to innovate by embracing new technologies and migrating to the cloud, they also face new challenges, and the network is increasingly a strategic asset” said Shashi Kiran, CMO of Aryaka.

“Whether it’s an increasing number of global sites through expansion, poor performing cloud-based applications, increasing costs or the time it takes to manage multiple vendors, many organizations are at an inflection point: transform the WAN now or risk falling behind and losing out to competitors.”

Trends that will shape the 2020 technology market

In 2020, there will be greater adoption of Continuous Intelligence (CI) technologies, which will elevate IoT data analytics way beyond traditional operational levels and have a greater impact on strategic planning and organizational change, states ABI Research.

2020 technology market

Looking at the 2020 technology market

Analysts have identified 35 trends that will shape the technology market and 19 others that, although attracting huge amounts of speculation and commentary, look less likely to move the needle over the next twelve months.

“After a tumultuous 2019 that was beset by many challenges, both integral to technology markets and derived from global market dynamics, 2020 looks set to be equally challenging,” says Stuart Carlaw, Chief Research Officer at ABI Research.

Continuous Intelligence

“CI will be consolidating in the IoT analytics market, enabling more advanced analytics in near-real time,” says Kateryna Dubrova, M2M, IoT & IoE Analyst at ABI Research.

Since the emergence and expansion of streaming analytics and streaming technologies, the ability to continuously analyze and extract value from the IoT data is growing. The CI application will be possible because the cloud vendors and vendors are offering E2E platforms, expanding their capabilities through digital twinning, big data technologies, and ML algorithms.

“Hence, in 2020, ABI Research predicts greater adoption of CI technologies, which will elevate IoT data analytics beyond traditional operational level (maintenance and control), but we will also observe a greater impact on strategic planning and organizational change.”

mMTC will sustain only a handful of chipset manufacturers

mMTC begun under 4G, with LTE-M and Narrowband-IoT (NB-IoT) being “forward-compatible” with the forthcoming 5G New Radio (NR) standard. Chipset vendors saw a greenfield opportunity to go from zero to hero with massive IoT, with some being established from scratch for the sake of developing a single NB-IoT baseband chip.

“This resulting race saw 17 baseband vendors emerge, but only four different ones currently supply most of the hundreds of LTE-M and NB-IoT products now available. HiSilicon, MediaTek, Qualcomm, and RDA (UNISOC) dominate. And this situation will only compound as we move toward Release 16 and the full coexistence of LTE-M and NB-IoT with 5G NR, i.e., the “official” start of the mMTC market,” says Jamie Moss, M2M, IoT & IoE Research Director at ABI Research.

“Nothing succeeds like success and only those with strong early adoption, regardless of slow initial sales, will be there to enjoy the boom years to come.”

China will drive the sharing economy 2.0

Uber and Airbnb could be considered the Sharing Economy 1.0. “But China is showing the world what the next phase of the sharing economy will look like: shared powerbanks,” says Dan Shey, Vice President of Enabling Platforms at ABI Research. Shared powerbanks have been a major driver of cellular connections in China today.

“The newer applications in the more “connected” version of the sharing economy will continue to grow across the world, albeit at a more measured pace than seen in China.”

2020 technology market: The IoT platform market will not consolidate

“For many years, there have been predictions that the IoT platform supplier market will begin to consolidate, and it just won’t happen,” says Dan Shey, Vice President of Enabling Platforms at ABI Research.

“The simple reason is that there are more than 100 companies that offer device-to-cloud IoT platform services and for every one that is acquired, there are always new ones that come to market.”

Unlicensed proprietary LPWA will not merge with licensed open standards

“The two cannot be reconciled at the standards level, for the premium that cellular commands stems from the cost of its license, and the control that its owners have over their blocks of spectrum, providing a secure, managed, quality of service-based guarantee to IoT customers,” says Adarsh Krishnan, M2M, IoT & IoE Principal Analyst at ABI Research.

Edge will not overtake cloud

“The accelerated growth of the edge technology and intelligent device paradigm created one of the largest industry misconceptions: edge technology will cannibalize cloud technology,” says M2M, IoT & IoE Analyst Kateryna Dubrova.

“In fact, in the future we will see a rapid development of edge-cloud-fog continuum, where technology will complement each other, rather than cross-cannibalize.”