Insights Employee Experience Workspace Security

VMware’s EUC CTO Office makes 11 predictions for EUC in 2022

Since it’s early January, it’s the season where everyone makes predictions about the upcoming year. At VMware EUC, we decided to share some of our predictions too, but not in a “pie in the sky” non-relevant way. More like, “If you’re an EUC professional, here are 11 trends we think are going to increase in relevance in 2022, and things you should think about if you want to stay on top of your EUC game.” For example, AR/VR is not on our list, because while we’re doing some cool things like XR Hub, AR/VR still won’t be a significant part of the job of most EUC pros out there in 2022.

By the way, I’m Brian Madden, the guy actually typing this blog post into my laptop, but these 11 predictions are based on collaborative thoughts from Shawn Bass (VMware’s EUC CTO) and the entire Office of the CTO team.

Here’s what we’re thinking is going to be big in EUC in 2022, in random order:

1. Mobile Threat Defense (MTD)

MTD is something a lot of us have been talking about for years. In simple terms, it’s security software that runs on mobile devices like phones and tablets to protect them from threats. Think of it like the 2020s version of “antivirus for mobile devices”, but of course it’s much more than antivirus, typically including protections against phishing, malware, software that hijacks contacts and text messages, etc.

Most of us are well aware of the need to run various security and threat protection services on our laptops and desktops. For the first decade or so of mobile devices, the app store limitations and sandboxed app architectures meant that most people didn’t think mobile devices needed additional security protection. But the sophisticated threats of today mean that we can no longer take mobile security for granted.

The good news is that most of the MTD products on the market work with managed and unmanaged devices, so even BYOD or frontline workers can benefit from the protection the enterprise needs without the enterprise having to manage the entire device.

2. Passwordless

My colleague Peter Björk wrote simply, “Let’s make 2022 the year we kill passwords!”

This doesn’t mean that we don’t have security. Rather, it means that we stop relying on passwords (at least on their own) as a method of securing a resource. For details of how something like this might work, you may want to read my November 2021 blog post, “Zero Trust avoids the traditional ‘security versus convenience’ tradeoffs”, as I outlined how client-side certificates (something a user possesses) unlocked via biometrics or a PIN (a user’s physical trait) can be combined to authenticate a user in ways that are more secure than typing a password.

In addition to being more secure than passwords, users love passwordless! VMware’s internal IT implemented this for us at some point last year. I actually have no idea what my domain password is, and I cannot even remember the last time I was asked for it. Very cool! (And very secure!)

3. Zero Trust

Obviously, the pandemic accelerated the adoption of many IT and EUC trends, but the one that’s the most meaningful and impactful to us has been the adoption of zero trust. (Again, if you need a primer on what zero trust is, check out that post I linked to in the prior section.) The pandemic moved zero trust from something that was “nice to have” to something that “we need to implement immediately. Like, yesterday!” The old perimeter-based security model is finally starting to die, and we see the transition almost becoming complete in 2022.

Yes, zero trust is trendy. And yes, lots of vendors have hopped on the zero trust bandwagon and relabeled their existing security products as being “zero trust.” So you’ll need to wade through some marketing hype, but I can assure you, in 2022, zero trust is both real and achievable, and we believe this is the year it will take off.

4. Continuous Policy Enforcement (CPE)

CPE is another trend that’s been talked about for years but is just now starting to become real and something that mere mortals can implement. As its name implies, continuous policy enforcement means that compliance to security policies is checked continuously, often in real time, and if anything changes, access to a resource is limited or terminated.

This contrasts with the old days, where, for example, connecting to a VPN would run a scan on a client to ensure that antivirus software was running. But once that check was made and the VPN connection was established, if the user disabled their antivirus software the VPN connection would stay open. That same scenario within a CPE environment would mean the security tool would notice that the antivirus software was disabled, and so it would immediately disconnect the VPN tunnel.

CPE is not a single product, rather it’s a mode of operation that could apply to devices, app sessions, network sessions, or even the ability to use a client device. (Maybe a device is only allowed to be used in one specific location, so if the user disables that device’s location services, the device immediately locks itself.) Many of today’s leading security solutions include some form of CPE, and it’s absolutely something you should be thinking about for 2022.

5. VPNs are dying

Paging Captain Obvious, right?

The reality is that during the pandemic, people realized that their VPNs were one of their most vulnerable areas and that they can no longer just provide broad access back to the entire corporate network to their remote users. Micro-perimeters, continuous policy enforcement, and the wide availability of SASE offerings are moving everyone past VPNs nowadays.

6. Multi-Cloud

Moving out of security realm, another area we believe will be important in 2022 will be the wide acknowledgement that all of us are going to live in a multi-cloud world; that is, a world where we will purposefully and actively maintain resources in multiple clouds. You might think of this mainly in terms of the hyperscaler clouds: AWS, Azure, GCP, etc., though as our CEO Raghu Raghuram likes to point out, there are over 4,000 clouds in the world! Many of these are so-called “industry clouds” (clouds that serve the needs of a specific vertical) or “sovereign clouds” (clouds that physically run in specific jurisdictions for regulatory and compliance reasons).

Back in the day, the thought exercise was around figuring out what was going to run in “the cloud” and what was going to stay “on premises”. But in 2022, we realize that “the cloud” means, “many, many clouds” and “on premises” means “just another local node which plugs into the vast web of many, many clouds.”

7. ARM

One prediction I’m 100% confident in is that 2022 is going to be the year that I no longer own or use a device with an Intel x86 processor in it, and everything will be replaced with ARM-based processors in my world. Obviously, Apple made waves with the M1, and Microsoft is big on ARM too with Windows 11. But one of the things the pandemic surfaced was that people are finally realizing that battery life is more critical than performance. And for those last few remaining Win32 apps, we have VDI and remoting.

So, finally, ARM devices are elevated to equal status with Intel ones, a trend that will accelerate in 2022.

8. EUC experience

Another trend that emerged from the pandemic is that people are finally starting to look at the broad, end-to-end, true EUC “experience.” It’s no longer good enough to just tell users, “Get your own home broadband, here’s the URL for the apps, good luck!” With so many workers scattered out of the office, and with so many variables, including device specs, what else is running on the devices, home Wi-Fi contention, local ISP congestion, the tubes, VPN saturation, etc., IT departments have realized that they need to get a better picture of what the experience is actually like from the end user’s perspective.

Luckily there are plenty of tools to help with this, from SaaS performance management tools to the DEX (Digital Employee Experience) capabilities in Workspace ONE, and we see 2022 as the year that these capabilities go mainstream and IT departments get serious about managing “the last mile.”

9. Out with mindlessly following “tradition”

A lot has changed in IT over the past decade as the cloud and SaaS have upended decades of precedent, and then the pandemic pushed that even further. One thing that we’ve seen a lot in the past few years, and something that will absolutely continue in 2022, is that people are finally starting to wake up and divorce themselves from the deep-rooted tradition of their existing IT dogmas. We’re seeing things like people finally moving off of SCCM after it being the way they managed endpoints for two decades, accepting the value of mobility for “real” work, people questioning their blind renewal of their Citrix agreements, etc.

In 2022, people will continue to care more about real business value rather than the way they happened to be doing things for the past twenty years. They’re understanding they can’t be the dinosaur who only knows one way of doing things and refuses to change.

10. Remote Onboarding

One of the trends that emerged during the pandemic was EUC and HR coming closer together as they partnered to deliver all the HR capabilities remotely. That’s worked as well as could be expected, but it also exposed that the labor and hiring laws in many places are old and weird. (True story: I have a friend who had to fly from SF to LA just so she could show a company HR representative her physical passport and prove her ID before she could start her “remote only” job from SF!)

Luckily, we’re starting to see these regulations get updated, with various digital and remote methods being implemented to streamline the onboarding and employment verification process. However just because the laws are changing doesn’t mean that all the companies are implementing these new technologies. So, moving forward in 2022, be sure to keep one eye on the evolving regulations, or find a friend in HR to partner with, as you don’t want to be that company during this Great Resignation that requires a new remote hire to fly to you for a day while your competitor can do it all remotely.

11. Buyers are evolving

The final prediction we’ll make for 2022 is that IT buyers are changing and evolving. Millennials are in their 40s now and the past 3-5 years of college grads entering the workforce are Generation Z. We’re starting to see these cohorts’ personal preferences and characteristics creep into the way they buy software. They want things that are easy to buy, quick to implement and get ROI, and they don’t want to let good be the enemy of great. We’re seeing less appetite for these massive, multi-million dollar, multi-year platform replacements, with focus shifting to quick, service-based, discrete, and best-of-breed deployments which they can take and integrate and customize for their specific needs on their own.

In summary

Many people have written that the pandemic took 10-15 years of progress (in everything, not just IT) and condensed it down into 1-2 years. We absolutely agree. You probably noticed that nothing on our list of predictions for 2022 was “new” per se. Rather, it’s more about things that have been things for a while that we’ll see becoming more mainstream in 2022.

Good luck this year!