As a seasoned engineer, you've seen your fair share of industry changes. Over the past forty years, developers have witnessed the emergence of new coding paradigms and approaches that have had a seismic change to how they work. Examples include the mainstreaming of object-oriented programming in the early 1990s and the emergence of multi-core programming in the late 2000s.
More recently, Covid-19 has turned the development world on its head, forcing teams to adapt to a brave new distributed world. As we enter the second year of the pandemic, it is increasingly clear that these changes aren't a temporary blip but rather a long-term reality.
So, what can we expect from 2022? We spoke to four development, product, and privacy experts at Auth0 to hear their predictions for the year ahead.
Remote Working Drives Tooling
It's been almost two years since the world was tipped on its head. Tech roles, from software development to system administration, moved from the cubicle farm to the home office. Slack DMs replaced the usual water cooler conversations. Although some firms have fully embraced these seismic shifts, notably Twitter and Pinterest, others are less keen.
Several Silicon Valley giants — most notably Google and Apple — set deadlines for a return to in-person working, although these have been pushed back again and again, following the emergence of the Delta and Omicron variants. Like it or not, remote working is here to stay for the foreseeable future. As Adam Housman, Group Product Manager at Auth0, explains, this will influence how developer tools are made, configured, and used.
"I'm excited about how the shift towards remote work is impacting the choices in tooling that design and development teams make. We see a lot more globally distributed teams, and that is directly influencing which SaaS products are gaining traction in modern software companies," said Housman.
"Products that take the friction out of async collaboration are experiencing a massive amount of growth, but we've reached the point that even companies which may have been late to react to the initial shift with COVID are now catching up," he added.
What does this mean in practice? Housman expects developer-facing SaaS products to compete for less on functionality but more on flexibility, interoperability, and ease of adoption. Scalability will be another key factor, Housman adds, and the most successful tools will be those that can work equally well across whole companies as with small teams.
"Companies of all sizes are using way more SaaS products today than they did just a year ago, and we're seeing a distinct shift from top-down purchasing to autonomous teams championing the tools that they need to be effective. I am very bullish about it because that autonomy directly translates to being happier and more productive at work," he said.
"We're experiencing a bit of a renaissance in SaaS right now; products that solve problems well, are delightful to use, and reduce friction in collaboration among distributed teams have an advantage over more traditional players that rely on top-down adoption. Those that can do all of that and also nail the land-and-expand motion – by fulfilling all of the "enterprise" requirements around single sign-on, security, compliance, and auditing – will be the clear winners."
Privacy, Engineering, and Security Teams to Work Closer Together
For the longest time, engineering operated as its own private silo, detached from the other tech-facing sides of the business: including security, operations, privacy, and governance. Over time, that began to change.
The real catalyst was GDPR. With a maximum possible fine of €20m or 4 percent of total global revenue, organizations were incentivized to take data privacy and security seriously. Subsequent legislation, including the California Consumer Privacy Act (CCPA), as well as the upcoming California Privacy Rights Act (CPRA), only reinforced that.
Rachel Taylor, Compliance Manager at Auth0, believes this will transform the organizational landscape, with engineering, security, and privacy teams working as a single coherent unit. These "shift left" principles are already being adopted in some workplaces, including at Auth0.
"As privacy laws continue to expand and as the regulatory bodies that govern them continue to hold organizations accountable, companies will not just be challenged with privacy by design, but by the concept of data protection as a service," said Taylor.
Much like secure-by-design, Privacy by Design sees engineering and design teams consider privacy and compliance requirements at the start of the development process rather than as an afterthought. Data Protection as a Service (DPaaS), meanwhile, allows organizations to rapidly harden their privacy posture through the provisioning of discrete, cloud-based services.
"I am excited for this challenge, as I believe it offers a unique opportunity to bring teams such as privacy, security, and engineering closer together. Data privacy and data security roles will merge, as the responsibilities between them are further blurred, and the need for a cohesive unit will start to take shape," she added.
DevSecOps Becomes More Widespread
David Telehowski, Director of Security Engineering at Auth0, echoed these sentiments, adding that he expected DevSecOps roles and approaches to become more common within organizations of a certain size.
The National Institute of Standards and Technology defines a DevSecOps platform as where security is ingrained during the design, building, deployment, and runtime phases. "Integrating Security into DevOps practices and workflows enables vulnerabilities to be detected and quickly remediated in every phase of the DevOps lifecycle," said Telehowski.
This doesn't just bring security and privacy benefits but is liable to accelerate the development process, as a 2020 study from GitLab found. A majority of organizations surveyed integrated DevSecOps into their workflows, and 83% reported faster code releases, with 60% able to achieve multiple daily releases.
Hybrid Events are Here to Stay
The COVID-19 pandemic added dozens of new terms into our collective lexicons, including social distancing, spike protein, and viral load. But let's not forget "Zoom fatigue," referring to the widespread disaffection with virtual meetings.
"It's fashionable to complain about how hard and alienating virtual events are and to celebrate on social media the first in-person events we are able to attend," said Vittorio Bertocci, Principal Architect at Auth0. In practice, however, virtual events are here to stay, at least as a hybrid model.
"Conference organizers got a taste of the incredible reach they can achieve when offering an experience that doesn't require the money, time, and complexity traditionally demanded when attending an in-person event. Many conferences achieved record (paying) attendee numbers, reaching audiences traditionally off-limits. They won't give that up," said Bertocci.
"I expect a sharp increase in hybrid events, aimed both at developers and other interest groups, in 2022. Last year was the testbed for this model, but this will be the year when the industry irons out the wrinkles and brings hybrid events into the mainstream," he added.
This increased reach has an unavoidable cost. Large sectors of the economy support in-person events, from airlines and hotels to catering firms. These sectors will be the biggest losers from this shift. Bertocci also notes that organizers will have to create the technological underpinnings to support these hybrid events, from conference apps supporting both in-person and online attendees to virtual expo booths and lead generation tools.
The software development sector exists in a perpetual state of change. New frameworks and technologies emerge. Coders wrestle with new paradigms. Culture continues to evolve. This has always been the case but has only felt more true over the past two years.
The emergence of the Omicron variant offers more uncertainty, with organizations pushing back their office re-opening dates and international travel feeling riskier than ever. For the time being, remote working and socially-distanced webinars are here to stay.
Looking ahead to 2023, it's possible that things might remain in flux. However, devs are comfortable with responding to change, and I'm personally curious to see how working models continue to evolve.