Is Cloud ready for the mainstream?

I wrote about the Cloud approach to IT four years ago in this blog. At the time, I wanted to urge caution, particularly in relation to Production implementation. 

Four years on, how have things changed?

I think the Cloud has finally Grown Up. Always popular with development teams and leading-edge (or should that be bleeding-edge?) deployments, is it now time to see Cloud provisioning as the de-facto approach to Infrastructure requirements?

It could be argued that, for commercial organisations, Cloud really started with Software-as-a-Service (SaaS). Companies such as Salesforce.Com established the concept of outsourcing non-core business processes. (Although I suspect my sales & marketing colleagues would take exception to being categorised as "non-core"!) Within IT itself, cloud-based Service Desks such as Service-Now began to eat into traditional service desk markets. 

Subsequently, the concept of Platform-as-a-Service (PaaS) began to be exploited by Development teams who wanted to spin up "Build" and "Test" environments quickly. 

Compute environments were (and still are) another valuable use-case; make use of massive cpu capacity to do data analytics or asset pricing, saving having to purchase on-premise processing. This, plus the idea of just provisioning Storage (Infrastructure-as-a-Service, or IaaS), is where the questions of security and reliability came in. 

Put simply; why should a company trust a third part supplier to look after its confidential data? To answer that question is to address the heart of Cloud, be it IaaS, PaaS, or SaaS. 

In my view, the questions of Security are now being addressed. Many companies now conform to rigorous security rules regarding data isolation, "Chinese walls" and other practices so that even some Banks are now prepared to trust their secure data to a Cloud service. 

Reliability and Availability are also being addressed. However, this does require a different philosophy to infrastructure. The approach is to view servers not as "pets" (having individual attributes, and to be nursed back to health if they get sick) but rather to treat them as "cattle" - herds of identical attributes. If one gets sick, you just kill it and use another one. But this does mean that Applications need a totally different approach. 

If you want your application to be able to run on a Cloud solution, you need to recognise that whilst the environment itself may be stable, individual components themselves might fail. This is much more of an "organic" approach to resilience, compared with the older "technocratic" approach of ensuring resiliency by ensuring availability of each and every component. 

So the new approach involves:

- overall infrastructure is "stateless", and runs very small "micro" ACID (Atomic, Consistent, Idolated,Durable) transactions. 

- each transaction takes minimal elapsed time and can run on any host. 

- very simple persistent storage mechanisms are used to store user "state" where necessary. 

- failure of infrastructure does not lead to failure of applications. 

Of course, all the good things we have always demanded from infrastructure (security, availability,reliability, supportability, etc. ) must still apply. 

But, in the Cloud world, we deliver them in a different way - using micro-services hosted on anonymous farms of infrastructure. 

Under this new philosophical approach, the focus moves to Supplier Management. Chose you Cloud Supplier with great care - your business data is in their hands. 

Six Essentials for Effective IT Strategy

IT Strategy initiatives frequently fail to deliver tangible benefits; organisations remain unchanged, costs continue to rise, value-add is diminished, and morale falls. 

Despite this, it is possible to create a genuinely  effective IT Strategy; one that will result in pragmatic actionable recommendations to transform your organisation from “chaotic” to “managed”.

Developing an effective IT Strategy can be fraught with difficulties; it is not uncommon to meet organisations having the results of a Strategic Review, embellished by charts, graphs and well-meaning policies, who then struggle to convert these good ideas into practical action. And without practical action, the company sees no tangible benefits.

The temptation is to abandon the Strategy entirely, and revert to tried-and-trusted behaviour. After a short interval, the organisation falls back into “making it up as we go along”, or “Just do it” methodology. Neither of these extremes are optimal for an IT organisation. Neither are they inevitable.

Our experience shows that there are practical ways to transition an IT organisation from “chaotic, ad-hoc, individual heroics” to “managed” or even “optimising” ( i ), by addressing six major areas.  Some of these are familiar to IT Service Management professionals, others are taken from the wider world of Management Consultancy. All of them are fundamental, focused, and clear to implement.

1. Control what you Measure

It is ironic that the IT industry, guardian of most things numeric, can ignore collecting and publishing numbers about it’s own activity. Yet statistical data is an essential pre-requisite for modern management. 

As an IT Manager do you (and your business) know the numbers of servers you are managing, what they are used for, how much storage they use, how many support issues are being resolved etc.? 

More importantly, do you know how these figures are changing? Are you currently managing twice as many virtual machines as two years ago? With more or less staff? And what projects and initiatives are your team working on?

Capturing Key Performance Indicators or Metrics enables us to:

• explain to the Business (our paymasters) what the IT Team is actually doing
• justify existing and future IT expenditure
• engage with Business sponsors to address issues with “problem applications”. 
• improve internal planning and control resource allocation.

Metrics help us ensure that we are “doing things right” in terms of allocation of effort, and to demonstrate to business stakeholders that we are “doing the right things”.

2. Deploy appropriate Software Tools

Most software vendors accept that the sheer complexity of Managing IT requires a variety of different management tools. So we need a clearly defined strategy for choosing, implementing and integrating them.

Consider the following typical concerns; do you have multiple software tools that do the same thing? Do you have different software products using different naming conventions for the same thing? Can you extract holistic reports across different software tools? 

It is essential that we focus on the two primary reasons for using Software Tools: (1) to capture metrics on the status of IT, it’s assets, costs and activity, and (2) to automate the actual IT support function itself. 

A Software Tools approach incorporates the following:

• “golden references” that hold master data which is replicated to other tools.
• clear ownership of tools and skills to run them.
• maximum utilisation and maximum return on software investment.

Without this, we risk purchasing duplicated products, creating “shelfware”, or adding to the complexity of the environment we are trying to manage.

An integrated Software tools approach enables us to maximise the return on our investment in Management software, and to scale our capability to handle future growth of IT and the business.

3. Establish and Improve Processes

The majority of IT Managers are aware of the necessity of proper Processes, regulatory requirements such “SOX” and best practices such as ITIL and ISO-20000. Unfortunately, poorly designed processes can hinder, rather than help. Processes can become a bottleneck, rather than an enabler. Alternatively, a poorly implemented “Agile” approach to organisational behaviour can lead to quality issues, particularly in the long term.

Our experience in this area suggests IT Managers can address this dilemma by formulating a Strategy which focuses on:

• Building on existing behaviours rather than enforcing textbook patterns,
• Improvement techniques such as LEAN and Six-Sigma,
• Processes that deliver measurable “outputs” to the business,

A pragmatic Process Improvement strategy enables us to introduce an integrated set of processes, resulting in (a) Reduction in costs and increased efficiency, (b)Predictability, better resource planning and estimating, and (c) Repeatability, Audibility, and Verifiability.

Such a process improvement strategy enables us work “smarter”, and to deliver IT services faster, more responsively, and at a more predictable cost. 

4. Standardise Technology Choices

Many IT organisations exist without an Infrastructure “road map” for the technologies which they will operate in the future. This can result in:

• Legacy applications with high maintenance costs
• Heterogeneous data centre technologies, 
• Scarcity of resources capable of supporting old infrastructure
• A multiplicity of different support teams, and duplication of support effort.
• Spiralling costs of technology refresh.

These issues can be addressed early, without having to resort to periodic “crisis management” technology refreshes.

The first phase of the Standardisation strategy is to define the “Production Readiness” criteria for your organisation. This means describing the importance of Scalability, Resilience, Security, Management and Supportability you require, as part of the Enterprise Architecture Framework.

Production Readiness enables IT Managers to “score” applications (whether purchased or in-house) for their suitability for deployment. 

Once a mechanism is in place to assess supportability, then an appropriate costing mechanism can be implemented, so that these costs are exposed when project decisions are taken.

A Production Standards strategy ensures that technologies are chosen on the basis of their long-term supportability. As a result, business IT decisions take into account the true cost of IT. Cost transparency leads to trust, which can lead to more focused IT investment.

5. Build People and Teams

Most IT managers accept that managing IT is as much about managing people as it is about the technology. Unfortunately, they are often given little opportunity to develop skills for managing and motivating people, other than through the hard knocks of doing the job, the sink or swim approach to team and people development.

The IT industry in general has a strong reputation for investing in technical training, but frequently does not invest in the “people skills” needed for managing teams.

Using a framework such as the Action-Centred Leadership model ( ii ), a Management Coaching and Personality Profiling initiative can help managers to improve their performance in the three core areas:

• achieving the task
• managing the team or group
• managing individuals

This approach helps Managers recognise the benefits of really understanding their team, and to learn how to capitalise on the diversity of skills and personalities that they are responsible for. This, in turn, leads to significant productivity gains as well as reduction in staff “churn”. 

Leveraging the services of a Management Coach and Personality Profiling is therefore an essential part of an effective IT Strategy.

6. Energise the  IT  Culture

IT departments often  see themselves  as nothing more than a cost centre or a slave of the real business. In order to drive forward the potential benefits of IT, the IT department needs to see itself as a business in it’s own right, with its own strategy, values, skill, expertise and passion. 

This can be achieved by:

• building a distinctive culture through team communications
• envisioning the team by a shared strategy
• acknowledging success and challenges as a common experience.

By addressing these cultural changes, the IT organisation will rightly see itself as a “profit centre”, rather than a “cost centre”. 

As it values itself and behaves differently as a result, then its customers, (the business sponsors) will start to  see it as  valued advisors, subject matter experts and enablers of business change.

Deliver Cost-effective IT

Experience tells us that it is possible to have an IT Strategy, which:

• is practical and workable.
• is easy to communicate and gives genuine improvements.
• uses proven techniques from IT and Quality Management in a systematic way.
• creatively combines solutions to build a better future.

For IT professionals, faced with 21st century challenges (Cloud Computing, Cyber Security, Green Imperatives, to name a few), an Effective IT Strategy is essential.

This original article was written by Dennis Adams, and appears in the TWENTY:12 Enhance Your IT Strategy Yearbook of the BCS - The Chartered Institute for IT.  Text reproduced by permission of the BCS and ATALink Ltd. 

i) The terms “chaotic, ad-hoc, individual heroics”, “managed” and “optimising” are taken from the Maturity Levels descriptions in the Capability Maturity Model. CMM is registered Carnegie Mellon University (CMU), which led to the creation of the Software Engineering Institute (SEI).

ii) The Action Centred Leadership model was developed by John Adair, who is also the author of over 40 books on management and leadership, including Effective Leadership, Not Bosses but Leaders, and Great Leaders.

The Cloud won’t solve your Management Issues

I like the idea of “cloud computing”; in our own consultancy business we use shared services for most of our key business processes. But I don’t think the cloud will solve some of the problems people had hoped for.

Of course, I may be just over-cautious.

Having worked in IT for a number of years, I have to fight the temptation to resist the “next big thing” which promises to solve all our IT problems. To make matters worse, I used to work in the sharp end of Software Sales, so I have seen over-zealous marketing glossing over the practical challenges of implementing the latest solution.

But this time my concern is more fundamental; It is based on our core motivation for embracing the Cloud concept in the first place.


Outsourcing compute processing, even core data, brings risks - security risks, performance and capacity risks to name a few. The justification for cloud computing is that the benefits outweigh the risks.

The attraction of the cloud approach is that someone else looks after hardware provisioning, capacity planning, availability management etc. etc. leaving you to get on with running your business processes.

So what if you need more capacity? Just pay more - Simple! Or is it?

The fact is that no technology provider has unlimited resources, and if you choose a supplier which is not the “right size” for you, you could end up with excess costs or (worse) a provider that cannot provision to your needs.

So you still need to think about Capacity Management.

The Cloud enables you to outsource technology. But there is no such thing as outsourcing responsibility.

For some, the attraction of moving to the cloud is that they no longer need to manage hardware and software. Instead, they need to manage the “wetware”; the people who supply the cloud solution.

You might get rid of Availability and Capacity Management.

But instead you have to replace it with Supplier Management.

And, as many people will tell you, managing people can be far more complex and hazardous than managing technology.

IT Production – Cinderella or Ugly Sister?

With the pantomime season fast upon us, many IT managers will be dreading the pager call in the middle of Act 2 “IT’s behind you!”, or rather “IT’s not working”. While the rest of us bask in the warm friendship of friends and family, other poor lost souls may well be struggling with a callout on a cold hardware failure, or a stubborn Oracle or SAP system refusing to produce the correct results.

For others, it will be a case of “I can’t come to the ball (for which read: consume massive quantities of alcohol etc. etc.), I’m on call this evening.”

Like it or not, our information-industrial society cannot survive without 24 * 7 IT. And that means 24 * 7 IT Production Support.

Surprisingly, given that for many companies as much as 75% of their IT Budget is spent on Business As Usual (“BAU”) or Production issues, it seems there are too few answers to the question of how to best manage this vital part of the IT landscape.

One approach to addressing these challanges is “MOPS”.

As is common these days, MOPS is a 4-letter acronym. (At which point, it may be worth remarking that there has been a plethora of FLAs – or four-letter acronyms – over the last few years. This is surely another indication of the growth of IT exceeding its “name space”).

The “M” in MOPS stands for “Metrics” and highlights the importance of capturing meaningful data on the Assets and Activity of IT Production. This can include all sorts of data from an Asset Register or small Configuration Management Database (CMDB) to track the growing responsibilities of Production. Also included are Key Performance Indicators to show Service Levels, Incidents and Callouts. Not to be forgotten is the importance of capturing the activity of the Support Teams by means of Timesheets. All of these metrics, properly collected, managed and structured, can go a long way towards helping the IT Production manger with his biggest challenge – explaining and justifying the IT Production costs.

Operational Tools comprises the second letter. Simply put, this part of the acronym highlights the importance of Software to help run Software and Hardware. The range of useful software extends from Backup utilities, Software Distribution, Monitoring, Management, Alerting and Capacity Planning. However, Software Tools in and of themselves would be unable to deliver the levels of efficiency and automation in IT Production unless they are properly integrated. In fact, the cost of IT Management Software is relatively cheap. The real cost of deploying such tools is the implementation and integration within the IT Production organisation. Here, the MOPS approach discusses how to establish a Monitoring and Management Tools Strategy, and how to build a “Referential” approach to Software Tools integration.

As we all know, effective management of IT is impossible without clear and appropriate Processes and Procedures –the “P” of the MOPS acronym. This is where the ITIL framework dovetails into the MOPS approach, since MOPS recommends using ITIL as the basis for defining processes. However, MOPS also identifies other processes such as how to manage Infrastructure Research & Development, how to build engagement processes with the Development projects, and how to build a Standards Governance process. MOPS also recommends using process improvement techniques such as Six-Sigma and LEAN to increase the efficiency of existing process workflows.

Often forgotten in IT Production, the final letter of the acronym (“S”) refers to the importance of IT Production Standards. Here, the MOPS approach discusses the importance of defining Infrastructure Technical Standards and how to define an IT Production Strategy and Architecture role to act as “gatekeeper” to the production estate. How many times in IT Production have we seen applications deployed that are functionally rich from a business perspective, but lacking in supportability, without reference to the IT Production imperatives such as resilience, scalability, backup and recovery capability and the ability to be monitored in Production. MOPS seeks to address this by looking at the definition of “Production supportable”, and setting a Standards process in place to be applied to proposed new application developments.

So MOPS may be one approach that could enable us to get a better level of control over the frenetic world that is IT Production.

So will things change in future? I hope so.

For a long time, the IT Production team was the Cinderella of the story. She was kept away in the dark recesses of the organisation, with few people realising or acknowledging that she was a vital part of the story.

Armed with “MOPS”, she may be able to sweep out some of the cobwebs that have built up over the years, and even be able to take time off for a party or two. Who knows?

I wish you all well in the festive season, whether or not you are on callout.