Archive for the ‘IT operations’ Category
Google Wave beta, the BITA view
I would like to welcome everyone back and hope your holidays were great. Consider this one those early January real world wake up calls reminding you that the holidays are over and it’s time to hit it again. It’s OK to have a heavy sigh of resignation now; I’ll wait until you’re finished… OK, now that you’re fully reengaged, I’ll move on.
A few weeks ago I became part of the Google Wave beta program. For those of you that don’t know what Google Wave is, I’ll summarize. It’s Google’s spin on what real-time threaded message collaboration should look like. For those of you who want a more robust description, I’ll provide a link here. For those of you who are more visual there is a YouTube video below.
I believe that Google sees it as the next generation of email. I think that is naïve at best. The current version of Wave tries to be all things to all people and is just too much for most people outside of a dedicated team collaboration scenario. For example, writing notes on paper preceded email by millennia. Yet it persists both in the form of paper notes as well as electronic text messages. I do think that Wave will offer some great opportunities for those of us in the business-IT alignment, or BITA, space. One of the core requirements for IT doing a better job of supporting their company’s core business processes is improved communication between IT and their customers. Any tool that makes that communication more effective is a good thing.
The best way to explain my point is through a simple example. An example wave is shown below. Since I am the only member of this hypothetical team I must ask for your understanding by imagining a larger group.
What you see is a threaded discussion much like you would see in Lotus Notes, Microsoft Groove or any one of several other discussion board tools. In this case, the wave is a new manufacturing requirement proposal document that IT needs to prepare. The initial entry for this thread is the general statement of what needs to be done. Subsequent statements hold the initial text for each of the three sections. The collaborators for each section can then begin to edit that text with supporting discussions as to why they made their changes to it.
The strength of Wave is the ability to see modifications as they are made and to engage in an instant messaging discussion as the process takes place (phone calls can work too but that isn’t very Web 2.0). You could be seeing text and discussions appearing in all three groups simultaneously in real-time by different people. It would be a little like having a real-time control room where you are watching a manufacturing activity taking place before your eyes. Such activity can become unmanageable very quickly without some ground rules, especially if the manufacturing group is included as collaborators. This doesn’t consider that the whole Wave platform is open source and can be extended to include all kinds of cloud-based tools.
To me it’s clear that for work of any complexity it makes sense to embed Wave into another application which will manage the workflow and constrain the flexibility of the Wave tool to something that is manageable for real world use. The good news is that such applications can be built fairly quickly or adapted from other existing applications.
I’m sure that Wave will evolve fairly quickly into something very useful for real business use. Then it just becomes a question of a company’s comfort level with using cloud-based tools for sensitive work. I hope you found this post useful. I can now say that I’m fully reengaged after my holidays. My heavy sigh follows…
Cloud Alignment – Part III (Security)
The purpose of this post is to address the issue of the security of cloud based applications from the perspective of the CIO of a midsize company. His focus would be primarily on prudent cost reduction opportunities. I will not attempt to provide an in depth technical discussion here. I will provide some useful links to such discussions. However, I don’t think a midmarket CIO, or CXO, would be well served by loosing himself in the technical details at this point. It’s all evolving too fast.
As I researched this topic I was initially amazed at the amount of information. After I thought about it for awhile I realized that this was a hot and rapidly evolving topic, so this volume of information is to be expected (and I’m contributing to it myself with this blog post). My research has been fairly extensive but not exhaustive. I could have easily made this a white paper taking months. It will also be dated fairly quickly. Like I said, this subject is changing quickly.
The first item of business is a definition of some useful terms. I will standardize on the definitions provided by NIST (National Institute of Standards and Technology). The link to those definitions is here and a link to a cloud computing overview is here. I like the NIST definition: “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” The other document at this site is a 92 page PowerPoint presentation. I think it is useful but lacks sufficient material in the speaker’s notes.
I am a big fan of Gartner’s Hype Cycle diagrams. Over the years I have found them to be a good way of representing the expectations we have of technology. I have included an overview below. A link to the Gartner site is here.
Every technology category is typically represented by a point on the curve. That point is color coded to indicate how fast it is moving through the cycle. If you want more details on this I encourage you to go to their site and sign up for their free registration. In Figure 1 I overlaid a red line on that section of the curve where I believe cloud computing is today based on Gartner’s predictions as well as other sources. We are clearly at or near a peak of enthusiasm and expectations for a new technology.
Figure 1 – Cloud computing expectations
One concern that I have is that when I have talked to people in midsize or small companies making a decision on how to use cloud computing all I hear about is the opportunity for cost reduction. That opportunity is real but the decision is not just about cost reduction. It’s also about risk exposure and that means security concerns. One document that details those risks is from ENISA (European Network and Information Security Agency). Its link is here. Be warned, this document is not for the faint of heart. It is large and detailed but does offer a comprehensive list of risks. Another less detailed source of cloud security insight is provided in an InfoWorld article on a Gartner report. Its link is here.
One thing to remember is that using cloud computing usually means virtualized applications made available over the internet. A useful but detailed discussion of virtualization can be found here. There are several types of virtualization risks such as attacks on the hypervisor, attacks on automated provisioning and problems in digital forensics due to mobile locations of virtual machines. Detailing each of these examples generate a significant amount of information and is beyond the scope of this post.
We should also briefly touch on the major players providing cloud based infrastructure and development environments. The three big names in these areas are the Google App Engine, the Amazon Elastic Compute Cloud (EC2) and Microsoft’s new Azure Platform. For these offerings, you rely on either secure data center operation or the security capabilities of their development tools. Cloud computing is new to most developers as well. Their skills in using these tools are still maturing, including security.
It would be easy to discuss various risks almost indefinitely. However, that wouldn’t address the main concern of making an informed decision on what to do with cloud computing now. As you can see from Figure 1, I placed a red line over the region of the curve which represents the earliest time for mainstream adoption. The period between where cloud computing is today and mainstream adoption starts is a time for trying out this technology. I recommend a trial that doesn’t involve sensitive company data but is non-trivial. Such a trial will provide insight into the management of cloud based infrastructure, applications and working with cloud vendors. It will provide an opportunity to gain experience in relative safety.
For example, I am part of the Google Wave beta program. If interested, check out this link or the Google site. In addition to that, I am working with Itensil on a new product which leverages Google Wave with its other existing products for collaborative, wiki-based consulting project work. For me it’s a great opportunity to learn more about using cloud computing to do something relevant for my business. That work could eventually lead to a significant competitive differentiator. For a business IT alignment consultant, it’s putting my money where my mouth is and aligning some cloud IT to my own business.
For a blog post, this one is long. As a discussion of the security of cloud based computing, it just scratches the surface. The recession has accelerated the adoption of cloud computing and the recovery will accelerate its adoption further. Midsize and smaller companies will be most of the early adopters of cloud technology along with a few large corporations. Security concerns will be the throttle that regulates the speed of adoption. As cloud security is resolved I think we are in for some very transformational times.
Thanks for stopping by and stay tuned for more…
Is IT – Business Alignment Meaningless?
I recently read a blog post that hit a nerve with me. Its link is IT-Business Alignment is Not a Meaningless Catchphrase. In this post, the author defends against the notion that IT – business alignment is passé and out of date. I agree with his argument. Alignment is the cornerstone of my consulting business because experience has taught me that it is a major issue. I decided on that business model after many years of running IT as well as other business units. I observed the need to improve the understanding our IT staff had of its customer’s needs. I’ve already had one post on the topic.
I believe that much of the discounting of the importance of IT-business alignment comes from the frameworks themselves. They don’t include much about personal relationships because they are just formal IT frameworks. They are meant to be customized for each individual company. If all that is implemented is a framework, what you have is just a formal contract. Such contracts are definitely needed and important. They govern formal expectations and deliverables. They provide the metrics to measure those deliverables. However, trust must also be present for there to be success. To have trust there must first be relationships and communications. That is where most formal IT approaches fall short. The diagram below provides a simple map for those relationships in a typical company. Professional service companies may be the exceptions to this diagram but manufacturing and manufacturing related service companies are represented.
In order for IT to be perceived as aligned and useful for the organization, the entire organization must perceive that to be so. That means all organizational levels must agree. That means there must be a willingness to understand and to trust IT. That means that appropriate relationships between IT and their customers must exist and those relationships are different. In aggregate they do fall into two major categories. Any individual relationship may vary, but when we focus on groups, these categories hold true. The leadership groups are similar, differing only by how much of the company’s P&L statement they own. The big change is when we focus on the people who actually make the day to day operations run. Those people may understand some version of a “big picture” but their real focus in on a very limited set of functions related to their job. They also represent the bulk to the IT group’s customers.
The message here is that IT-business alignment is important but isn’t achieved without trusting relationships between IT and their customers. Those relationships don’t exist without IT initiating the effort to build them. It’s a part that is easily ignored if we only focus on the formal part of IT best practices. These “softer” skills are a vital element in the equation.
Let me know what you think and stay tuned for more…
Cloud Alignment – Part II (Overall Performance)
This is part II of my series on some of the practical aspects of cloud computing. In this post I’ll focus on the overall user-centric performance of the cloud computing experience. I’m using this vague phrase because the performance of the user experience is made up of several factors, like Internet congestion, “last mile” bottlenecks, hosting server performance and user PC performance, to name a few. Let’s start by defining some general classes of users.
User Types
The most basic classes of users are those that do all their work in one place with dedicated infrastructure (fixed users) and those users who may do their work from multiple locations, both connected to the Internet and not connected (mobile users). Examples of fixed users are customer service workers, corporate staff jobs like clerical accounting workers, etc. They go to work at the same place every day, sit in front of the same PC doing the same kind of work and then go home at the end of the day and leave their job behind. I hear there are still some of them around these days. Examples of mobile workers are everybody else with a job and a computer. Now we need to focus on the types of data traffic involved.
Data Traffic
Any basic graphic of the use of the cloud consists of a user with a PC, a cloud containing a server and a lightning bolt connecting the two, as shown below. The firewall (brick wall symbol) can either be on the local network or in the user’s machine itself.
I am presenting two scenarios to consider. Scenario 1 is the least demanding on the user end and represents the slowest, lowest cost option. It is the scenario usually implied when we talk about cloud computing. It does require that the overhead of the user interface is moved down to the user’s machine along with the data itself. Scenario 2 is actually representative of a user application which relies on an external host to provide compute power and push data down to the user’s machine. It is the faster but more expensive option. It doesn’t require that the user interface overhead be sent down along with the data since the user interface is already on the user’s machine. Remember, the yellow lightning bolt (the remote connection) is the limiting link in the chain. It is by far the slowest segment of the trip. Now we need to consider the tradeoff between the two scenarios for each user type.
Tradeoff – Productivity vs. Cost vs. Performance
For the fixed user, scenario 1 will probably work well enough to justify the cost savings at the expense of performance. Our definition for this type of user is primarily clerical in nature. However, as we move to the mobile user, things get a little more complicated. The speed of the remote connection link will vary depending on the location of the user. In some cases, the remote connection will be slow or non-existent. If the remote connection is slow the user interface overhead will make a cloud application unacceptably slow. Obviously, if the connection is dropped or not available the point is mute, there is no cloud. There is a subset of the fixed user community that has other issues. There are those who are fixed in their location but are creative types who need the flexibility and richness of local applications. Examples of these people are graphic artists, designers, architects, engineers, etc. For them, browsers are not yet a visually rich or powerful enough user interface for their work. In time, that will change but not now.
The solution for mobile and creative types may lay with composite applications, mashups and hybrid clouds. The discussion of these options is beyond the scope of this post, but check out the links for more information. My main point is that cloud computing is not one size fits all. It’s important to not get caught up in the hype and realize that, with some adaptation, the benefits of cloud computing and acceptable levels of performance are available for all users.
I have provided some video links below that present a somewhat cynical view of cloud computing. While I think that Larry Ellison (Oracle CEO) represents an oversimplified view, he is entertaining. The Forrester analyst offers a thoughtful counterpoint.
onclick="javascript:pageTracker._trackPageview('/outbound/article/www.youtube.com');">Larry Ellison on Cloud Computing " onclick="javascript:pageTracker._trackPageview('/outbound/article/www.youtube.com');">Forrester Research
Internal IT must extend reach beyond ITSM
When I think about the various IT Service Management, or ITSM, frameworks (a collection of best practices) I am concerned that they are very heavy on a contractual mindset and very light on a relationship mindset. I am not saying that we don’t need service level agreements or any form of commitment from IT to their customers. I am saying that if a contract is all you have for a relationship with a customer that relationship is destined to become adversarial very quickly. I am saying that IT must have an informed consultant relationship with all of their customers. To do that a number of things must happen.
What are the roles?
The diagram above summarizes the major components of a successful collaborative relationship between IT and its customer base. First, we must be clear on our definitions. Customers are simply those people who consume IT services delivered over some IT infrastructure. IT simply refers to that group responsible for providing for the IT needs of their customers. The business domain skills pool is a little less simple. It is a group of domain experts, either dedicated to such a pool or contributors to that pool virtually. These people are also IT customers themselves. Of course, the IT group is also their own customer. The diagram shows each group overlapping with the others. That is intended to reflect the close working relationships which require sharing some common vocabulary and concepts.
Cross training
I believe this to be core to success. In order for communication and collaboration to happen, everyone involved must share at least some core vocabulary. There is always a challenge to get hard core IT folks to learn business topics, whether it’s manufacturing, service, or consulting skills. It’s also always a challenge to get hard core business folks to understand enough IT vocabulary to have informed conversations about new topics like cloud computing, virtualization or security. Neither of these groups needs to be experts in the other’s field. They just need to be able to have intelligent, informed conversations and collaborate.
Those customers not involved in the domain expert pool also need some education but at a much higher, more general level. They primary obligation is to be able to clearly articulate their needs to IT support staff. The domain experts also need a high level understanding of Web 2.0. They will also need to have a general understanding of Web 3.0 as it occurs.
BPI consulting
This brings us to the discussion about the basic behavior of IT staff as they collaborate with their customers. Those “front line” IT folks must earn the trust and respect of their customers. They must be good partners and team members as the business works to improve their business processes (BPI), using IT tools to their best advantage in a way that makes business sense. I have always liked the analogy of an artist. It is the responsibility of IT to understand a broad range of IT tools (the palette) but also how they can be applied to solve business problems (painting on a canvas). Not all IT people need to be able to do this but a few must have that level of understanding.
Conclusion
The preceding discussion is above and beyond the formal notions of IT operations required by the ITSM frameworks. My point is about relationships, not just contracts. We need IT to make and keep their performance commitments to their customers and to employ best practices where ever it makes sense. However, we should extend our vision of IT’s responsibilities beyond formal contractual and procedural constraints. At the end of the day, success ultimately comes through relationships between people.
Thanks to being here. Stay tuned…