Five Steps To Agile InfrastructureBy Steve Nunn | Posted 2011-05-10 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce REGISTER >
IT and business are faced with five key decision points as they seek to build an agile infrastructure.
A more agile IT infrastructure – one enabled by cloud computing and new outsourcing models – promises to drive new business value, reduce costs and deliver sustainable growth into the future for an enterprise. Yet, to achieve such a transformation, a IT organizations must be prepared to address these five key decision points:
1. Do we continue to build out our data center environment?
If an IT system is nearing the end of its lifecycle, exploring cloud solutions should be a priority over investing in in-house replacement systems. While there will be legacy applications that do not lend themselves to a cloud strategy but remain core to the enterprise – such as security controls or network authentication – most organizations will be using major lifecycle events within the existing data center as trigger points to begin their move to cloud services.
2. Which parts of the business should we move to the cloud?
Simply taking its current data center and moving it out to external cloud providers, is likely to be more, not less costly to an organization. Cloud services from these vendors can often be used more cost effectively for key projects or seasonal changes in compute volume.
IT organizations should also consider the cloud for new applications or business processes, as business needs evolve, which can significantly reduce time to market when rolling out new software or processes. Take the case of a new CRM system, for example, where the typical in-house CRM application deployment could require 4-6 weeks in user requirements analysis, 4-5 weeks in vendor selection, and another 12-18 months in customization, development and implementation. By comparison, a cloud-based solution can have an organization operational in a little over two months.
3. What type of cloud deployment do we use?
Cloud deployments come in three primary flavors: public, private, and hybrid.
Use of a public cloud is frightening to many organizations because of issues involving security, compliance, and quality of service. But public cloud services are maturing and more effectively addressing privacy issues and other concerns.
The majority of public cloud capability to date has involved Infrastructure as a Service (IaaS) – a base-level service in which raw compute power is delivered through a variable model. Other categories include Platform as a Service (PaaS), a value-added capability of development and utilities provided on top of the basic infrastructure and delivered as a service; Software as a Service (SaaS), in which applications such as ERP are scaled to business functional and user capacity requirements and delivered as a variable service; and Business Process as a Service (BpaaS), in which a full functional process (such as logistics) is delivered to the end user as a service and charged by consumption or transaction.
Private clouds, which allow for strict security measures and compliance requirements, are more appropriate for companies in industries with heavy compliance and data security concerns. These include on-premise, in which virtualization, orchestration and provisioning services are deployed, with a portal front end that serves as a service catalog and is housed in the enterprise data center; and off-premise, an emerging service offered by telecommunications companies that are dedicated to specific customers.
Over the next 3-5 years, the hybrid cloud – which provides the best balance of flexibility and risk management – should emerge as the preferred choice for most enterprises. In such an environment, IT focuses on orchestrating the business process while treating everything else as a service. Service providers compete less on price and more on how well they can differentiate their offerings based on such factors as quality of service and the robustness of their application.
4. How must our governance models evolve to drive this agility?
Historically, back in the 1980s and early ‘90s, governance models failed to keep pace at a time when enterprise IT moved from mainframe environments to distributed, client/server computing. Ever since, many business organizations have had trouble measuring the true cost of IT.
Is history now repeating itself? Many IT organizations have dealt with the frustration of business units procuring cloud services with a credit card and deploying their own applications, and only later learning about the new service when the help desk gets a call about an application that’s not in its inventory.
Avoiding this scenario requires airtight governance around procuring cloud services. One possibility is a broker model, in which IT provides a menu of cloud services that business users can commission through a portal. This way IT retains control over which services are offered and how they are managed, while business units maintain a voice in getting the technology they need.
Governance over the service providers themselves will also have to evolve. With the IT ecosystem becoming increasingly complex – a large enterprise may employ a half-dozen or more cloud vendors – IT needs to assume the role of service integrator, managing services across the entire ecosystem.
5. How do I securely drive the next generation of business-enabled IT?
CIOs are tasked with defining new security policies and procedures to absorb IT services inside and outside of the corporate firewall. In a cloud environment, the “fortress mentality” – locking everything behind a firewall – is both outdated and unrealistic. Therefore, new measures will be required to ensure that while data can be accessed anywhere and anytime, businesses do not cross data protection laws.
This new environment will require CIOs to play a more active role in protecting a business’s most important asset – its customers. As increased regulation and policy enforcement puts the privacy of individuals at center stage, organizations will need to demonstrate they have the capabilities to protect sensitive customer information – and the flexibility to respond quickly and forcefully should a breach occur.
CIOs sit at a crossroads today. The decisions they make in terms of these five key points will have great ramifications over the next few years, ultimately determining whether the enterprise grows over this time, or stagnates and declines.
Steve Nunn is global managing director, infrastructure consulting, Accenture. He’s based in London.