4 Shifts Taking Place in the IT Framework

Over the past 18 months, digital transformation efforts have started to introduce new qualities to each of the four pillars of IT, including infrastructure, development, security and data. Here's a look at the shifts that are taking place now.
IT Pillars

In 2016, CompTIA published our whitepaper on A Functional IT Framework. This project used interviews of CIOs and other IT leaders to understand the primary ingredients that went into modern IT operations. The paper described the four pillars of IT:

Infrastructure: The most traditional pillar, dealing with the hardware and support that make up the foundation of IT.

Development: Software engineering activity, growing more important as companies move away from packaged software into customized applications.

Security: Originally part of infrastructure work and now becoming a separate discipline thanks to the shift to digital business and the growing complexity of the field.

Data: The newest pillar, focusing on the management, analysis and visualization of corporate data from a variety of sources.

Of course, most companies don’t have distinct departments for each of these areas, but the framework still helps define the unique skill sets and processes that drive digital organizations. Over the past 18 months, digital transformation efforts have started to introduce new qualities to each of the four pillars. This evolution sped up as the pandemic pushed firms to act quickly, and now we can clearly see how each area has changed in preparation for the next decade of tech strategy.


Cloud computing has definitely been a well-accepted component of IT infrastructure for the past several years. At this point, though, there is a clear choice for building architecture—there has to be a cloud-first mentality. This doesn’t mean that 100% of applications and systems should be in the cloud. For several years, CompTIA research has projected that a multi-cloud environment will be the status quo for most businesses, including pieces across multiple cloud vendors and pieces that remain on-prem. But using cloud as a starting point and then shifting to other options as needed is the best option for flexibility and resiliency. For most IT teams, cloud is no longer an option to consider on a case-by-case basis. It’s a way of life.


There were two main reasons that companies started pursuing in-house development instead of just using off-the-shelf applications: customization and automation. Those reasons are more important than ever, and organizations want to spread the development benefit as far as they can. As a result, there is a much wider spectrum of development activity taking place. Just as barriers to entry were lowered with open source and microarchitecture, they are being lowered even more by low-code/no-code practices. Depending on the need, employees with varying degrees of technical skill can easily build databases or automated workflow using tools that look more like flowcharts than command lines. Pulling all this activity into a cohesive structure will be a big challenge in the future.


For years, we’ve been defining the characteristics of modern security. One of the biggest changes for companies has been the breakdown of the secure perimeter, and as a result they have expanded their technology toolbox, built processes to define secure operations, and educated their entire workforce on security issues. Many of these actions have been piecemeal, with businesses figuring out which investments to make and how to measure success. Recently, a new framework has emerged that provides a foundational approach for all new security activities. The zero trust model of security completely upends any lingering “set it and forget it” mentality. Every activity must now be verified, and that mindset is the driver for new technology, process, and education. CompTIA’s upcoming State of Cybersecurity study will look at this shift in more detail.


The most subtle shift across the four pillars has taken place in the field of data. Companies are still building more discipline around the way they handle data, whether that means dedicated personnel or more structured conversation throughout the organization. Most of this activity is currently directed at improving the data in order to improve decision making. But data is slowly getting baked into actual business output.
The best place to see this is the wide array of products that fall under the broad “internet of things” umbrella. These products collect data not only for the vendor to learn more about the customer and plan for the future, but to actually change the function of the product in real time. Moving forward, companies will transition from data-driven decisions to data-enhanced offerings.

These shifts taking place at the most foundational level of IT are setting the stage for the future, and the way that companies build on this foundation is a major focus for the research team. In our recent Volley series on the trajectory of technology and our upcoming IT Industry Outlook report, we are exploring the trends driving businesses forward and the best practices guiding their activities. From budgets to skills to partnering, the shifts in the framework will have a massive impact in the years to come.

Newsletter Sign Up

Get CompTIA news and updates in your inbox.


Leave a Comment