Must 'Cloud' Translate To 'Ungovernable'?
December 07, 2012
Cloud computing gives us a lot of choices of where to run workloads: our own data centers, a private cloud within a premises data center, a public cloud or a hybrid. But where workloads and services reside isn't the conversation we need to have. Instead, we must ensure that all workloads are reliable, and that all services meet their SLAs.
For that to happen, IT and business leaders must embrace IT Service Management (ITSM). A service orientation and smart use of clouds can help with operational reliability and improved IT accountability if, as part of that transformation, you adopt some ITSM best practices. Yes, OK, I'm talking about Information Technology Information Library (ITIL) and other frameworks, but keep reading. My message is that ITSM can't become an end in itself; in fact, that kind of thinking gives frameworks a bad name. Frameworks are a means to an end.
- Client Windows Migration: Expert Tips for Application Readiness
- Thwart off Application-Based Security Exploits: Protect Against Zero-Day Attacks, Malware, Advanced Persistent Threats
- Best Practices for Security and Compliance with Amazon Web Services
- Why a New Business Model is Needed for SSL Certificates
- State of Cloud 2011: Time for Process Maturation
- SaaS 2011: Adoption Soars, Yet Deployment Concerns Linger
ITSM and the Cloud
When IT services develop a split personality with an uncontrolled shadow (and sometimes even rogue) element, the danger is that IT's left holding the bag. ITSM can offer a pragmatic way to rein it all in, while not stifling business optimization and agility. An agile and action-oriented CEO might question the smarts of bringing in COBIT or ITIL when more immediate priorities related to cloud migration are on the agenda. The answer: Do some governance now to avoid having costly mistakes come home to roost later.
The motivation for ITSM shouldn't be direct monetary benefits as much as indirect savings through governance, risk avoidance and compliance. Yet cost reduction still weighs heavily on the discussion. For instance, an interesting study by the APM Group showed that reduced costs ranked second among a list of ITIL benefits that include improved service quality, standardized processes and working environments, and customer satisfaction.
12 top vendors. Detailed features matrixes with over 60 data points. Your one stop shop for an IaaS short list.
Even if you go into it with realistic goals, ITSM adoption is fraught with disappointments and obstacles, especially when pursued as a silver bullet instead of best practices for processes, people and technology. Some pitfalls include:
• Too many standards and too little enforcement of policies. Policy creation and enforcement for clouds has been gaining traction and mindshare only for the last three years or so, but it's critical.
• A lack of policy portability. Policies are an integral part of your IP and hence your apps and services. And, like apps and services, policies need to be portable. But are they? And what about lifecycle management of polices themselves, important because policies have to move at the same speed as the business?
• Complexity. Many-to-many relationships among workloads/services; users, as in role-based IDM; geographies; and deployment zones demand a powerful policy engine to govern and control all the rules that encapsulate the many permutations and combinations.
• Skepticism about ITSM, and especially its readiness for clouds. In a survey by ITSM provider Axios Systems, more than half of IT professionals (51%) didn't think their ITSM processes were mature enough to effectively manage cloud-based services.
Contrary to what ITSM and ITIL purists and naysayers alike may attest, cloud is neither at odds nor incompatible with the goals of service management, particularly change management. Cloud is simply a more optimized form of IT delivery, and as such it very much fits within the purview of ITIL's best practices of service lifecycle management.
Yes, cloud does abstract a lot of the minutiae related to infrastructure change management--and that should be viewed as a big plus. Freedom from those chores, not to mention the money and time saved, should free us up for customer-facing service management.
ITSM will also help make sure certain critical requirements of a cloud service are met, including:
• Well-defined control over physical and virtual environments, both on-premises and in the cloud, for routine health checks and the ability to diagnose and recover from failures.
• Provisioning, metering/billing and cataloging.
• Transparency over on-boarding and off-boarding of resources and services.
• Unified management for on- and off-boarding of resources and services.
ITSM is not plug-n-play, not for hybrid IT, but we have the benefit of proven frameworks, processes, standards, repositories and tools. It's time to take advantage of them.
Sreedhar Kajeepeta is Global VP & CTO of Technology Consulting for Global Business Services at CSC.