Friday, March 18, 2016

Sleep at night with managed services

It is tough for the IT leader of medium sized companies to do everything they need to accomplish given the rapidly changing world and the rapidly changing business needs.   There is a solution.   It is about having a strategy, one that has been created thoughtfully to do target outsourcing of functions by experts in each area that is critical to the business.   Today, there is a great deal of hype around Cloud.   This can satisfy some of the needs, but in reality, there ais a wide range of services that an IT leader needs to deliver.   In the medium sized company, he/she is unlikely to be able to hire the staff to deliver on all of the needs.   

Here is my list of services to outsource for a medium sized IT leader
  • Server management as a service - Clouds are great for what they do, but all organizations will have infrastructure that is not outsourced.   
  • Network management as a service - Same comment as servers.   The best manage service vendors are specialized.   Look for a good network managed service vendor that is responsible for changes, monitoring, diagnosing, and resolving issues.  Do not accept one that does not monitor and respond.
  • End-to-end application monitoring as a service.   End-to-end means you need visibility to the user experience thorugh all layers of the architecture that can affect this experience.   Buy into allowing this outsourced service to declare that events have occurred and orchestrate response across other managed service providers.
  • ERP Managed Service or SaaS service - This is very popular for a reason.
  • Ecommerce Platform managed service or SaaS - If it is not part of the ERP managed service, it needs to be integrated not only with data but also for incident management and change management.
  • eCatalog data integration management as a service - this is a specialty of the Distribution industry.   I'd love to speak with you about this.
  • Security management as a service (logs, penetration and vulnerability testing) I would include Phishing training management as a service in this group.
  • Disaster Recovery as a Service has a place that can be well tuned for a low-cost public cloud implementation.   
  • Email as a service.   This should be on the top of the list.   As you know, it happens to be the most business critical application that no one thinks of until there is a problem.   If it is not outsourced, do it the first day on your new job.

Tuesday, November 12, 2013

Measuring Enterprise Architecture through Technology Business Management

Enterprise Architecture  (EA) is a discipline with a goal of ensuring that the architecture of applications, data and infrastructure are aligned with the business goals.   One begins ensuring this alignment is created by starting with business capabilities and then mapping the application, data and infrastructure architectures support the required business functions.   The art of EA comes from not only identifying and fulfilling the objectives of the business as they stand today, but also to ensure that the respective sub-architectures are flexible to allow the business to adapt to the changing business and customer needs.   One of the limitations of Enterprise Architecture is that while it supports the alignment of business functions to technology and ensures flexibility, the currently defined methodologies focus on EA being the center of the world.   An alternative approach is to consider that it is one of the disciplines necessary to run IT as a business.   One of the results of this approach is that it is difficult to measure the value of the EA program.   By considering it a building block to effectively running IT as a business, the results can be measurable in IT business performance indicators.   These might include:

  • cost of business services in the service catalog (and the forecast for these costs, e.g. is there a path to lower them through a modified EA)
  • the unit costs of supporting IT offerings, e.g., CPU, memory, storage, network
  • the present value of unused spare capacity and the interest expense of this
  • the response time of IT to fulfill service requests, requirements for burst capacity
  • the agility of IT to provide new services and eliminate services that are no longer needed
  • overhead of managing the existing application and project portfolio
To align the business capability/requirements/priorities with the need to run IT as a business, the IT organization needs to implement IT Financial Management in a way that provides the right metrics and an EA program that takes these metrics into consideration as part of its process.   One of the interesting initiatives that is driving the IT Financial Management strategy is Technology Business Management.   There is an independent council of IT thought leaders from significant companies that is driving this.   You may want to take a look at Technology Business Management Council for more information on this initiative.

Thursday, October 03, 2013

Why cloud?

I have helped large organizations relocate enterprise applications to the cloud, helped small companies make cloud vendor selections and have been CTO of an IaaS cloud.   I also have experience running large IT organizations and have provided consultation to companies on many aspects of their internal processes and technology.   I have been asked many times "why cloud?"   While the question has been asked many times and there are many biased answers, my view through the fog provides me some specific answers.

While the answer will be different for every organization, but the parameters fall into a combination of five areas:

  • ROI - some organizations can show an ROI for moving infrastructure and applications to the cloud.   Typically, the cost savings come from reductions in employee costs (harder to justify since the downturn in the economy in 2009 when many companies cut IT resources and possibly reduced service levels).   There are some potential savings from CapEx avoidance on refreshes, potential cost reductions from colo-sites.   I have built a fairly elaborate model that always needs tweaking based on a specific business situation.
  • Agility - I believe this is the real the driver behind the long term growth of cloud.   More today than ever before, businesses are required to respond rapidly to competitive changes and business opportunities.   The legacy model of IT that is slowed by CapEx anchors of previous purchases and the availability of IT resources within the organization reduces agility.   Cloud is the newest method of outsourcing IT with portentially a new benefit of varying cost and changing vendors more easily.   There are immediate agility benefits from a move to cloud.   The ensuring that business remain agile with a transition to cloud requires planning and management.
  • Improved Service Levels - Cloud vendors will live or die based on their service levels.   Even AWS will need to have improved availability and MTTR going forward.   The ability of an internal IT organization to justify the cost of improved service levels has always been limited because it is managed as a cost center.   Regardless of the size of an organization, I find that there are never enough IT resources.   IT as a The shift to cloud will deliver the SLAs that are desired at an economy of scale that most businesses cannot afford.  Improved service levels will also come from cloud vendors having more resources, more specialized resources.
  • Improved Data Security - Yes, I said better data security in the cloud than in the enterprise.   As a CTO of an IaaS cloud, I knew that we had to be better than the internal IT organization at protecting data.   I also know, having been inside many businesses, they they actually struggle to achieve the data security that they demand of cloud vendors.   Transition to cloud is good for all in this area as well.
  • Improved BCP/DR - Many organizations are required to have business continuity plans, disaster recovery plans and an ability to execute on them.   Even some privately help companies that do not have compliance requirements driving them in this direction have decided that it is smart to have this insurance policy to ensure survivability.   Virtualization and cloud make BCP and DR much easier and provide many more options for controlling the cost of a BCP/DR program.



Sunday, September 22, 2013

Cloud Relocation takes planning

Planning for a Cloud Relocation

It is easy to create a new environment in a public IaaS cloud to develop or test a new application.   But it takes planning to relocate a set of applications and shutdown of a legacy infrastructure.   It also takes detailed implementation steps.   I plan on discussing those in future articles.   As CTO of dinCloud, Inc., and as a leader of T3 Dynamics, I have found that there is a limited number of IT leaders and practitioners that have a thorough understanding of the components of a cloud relocation.    

When you relocate applications to an IaaS cloud, the result is the equivalent of a data center transition with a partial outsourcing of IT.   So the topics listed below will not be surprising for experienced IT professionals.   Each, however has a different flavor because this transition is not like any other that has been done before.    I will follow-up with more details on each subject.

Cloud Relocation Planning Topics

  • Business Justification
  • ROI Cloud vendor selection
  • Functional and Non-functional Test planning
    • Application regression testing
    • Performance testing
    •  Security testing
    • Failover testing
  • Network planning
    • Wide area network changes
    • IP Address planning
    • DNS architecture and vendor selection
  • Application architecture planning
    • Inventory of applications, data flow and service interdependencies
    • Application changes (to remove legacy IP addresses) or re-architect for failover
  • Server architecture planning (physical if private cloud; sizing if public cloud)
  • Data architecture planning
    • Data migration or synchronization
    • Design for Disaster recovery
  • ITIL Processes change planning
  • Security change Planning
  • Business Continuity / Disaster Recovery planning
  • Plan to decommission of legacy servers and network

Tuesday, May 17, 2011

Feel like there is not enough IT to go around?

The good news is that Spring seems to have sprung for IT.   There are signs of activity in many areas, new job openings, technology sales and most importantly - new projects.   There appears to be a drive from the business to allow IT to execute on much of the demand that has been on hold for a couple of years.   The challenge is that IT has been on a significant diet for the same length of time.

Are you seeing any of these symptoms?
  • Projects that were expected to start near the beginning of the year, are just being kicked off
  • Even though development resources levels may be addressed, new projects may be constrained by infrastructure capacity that has resourcing issues and its own ramp up schedule
  • New projects appear to be affecting each other because they may have been initiated simultaneously and draw on the same pool of resources
  • You have a feeling that quality may be affected as IT pushes the envelope on risk to achieve delivery dates
If this is affecting your organization, what can you do as an IT leader?
  • Ensure that the project portfolio maps well to the business strategy – this is not the time to be working on any projects that aren’t the highest business priority.
  • Mitigate risk by recognizing the issues of resource constraints and interdependencies and focus on 100% execution through good planning – avoid the pressure for ready, fire, aim projects.
  • Leverage variable capacity opportunities offered through consulting resources and the new secret sauce: public cloud – consider short-term ramp up of consulting for burst capacity, moving more infrastructure resources to outsourced managed services and consider a long term shift to leveraging cloud for infrastructure where your organization can live with concerns for data security.
Taking on these issues now could help you live with the result in 12 months.  

Tuesday, April 26, 2011

Amazon EC2 Outage and Cloud Strategy

Last Friday, Amazon experienced a partial outage of its cloud infrastructure.   Here the initial update and the closing updates:


Event Issue
"The problem started with a "networking event" that led to problems with how data is mirrored: We'd like to provide additional color on what were working on right now (please note that we always know more and understand issues better after we fully recover and dive deep into the post mortem). A networking event early this morning triggered a large amount of re-mirroring of EBS [Elastic Block Storage] volumes in US-EAST-1. This re-mirroring created a shortage of capacity in one of the US-EAST-1 Availability Zones, which impacted new EBS volume creation as well as the pace with which we could re-mirror and recover affected EBS volumes. Additionally, one of our internal control planes for EBS has become inundated such that it's difficult to create new EBS volumes and EBS backed instances. We are working as quickly as possible to add capacity to that one Availability Zone to speed up the re-mirroring, and working to restore the control plane issue. We're starting to see progress on these efforts, but are not there yet. We will continue to provide updates when we have them."

Closing update from Amazon:

As we posted last night, EBS (Elastic Block Store) is now operating normally for all APIs and recovered EBS volumes. The vast majority of affected volumes have now been recovered. We’re in the process of contacting a limited number of customers who have EBS volumes that have not yet recovered and will continue to work hard on restoring these remaining volumes…
We are digging deeply into the root causes of this event and will post a detailed post mortem.

One of the unfortunate realities of infrastructure and operations is that the goal will always be 100% uptime for all infrastructures but it cannot be achieved.   The SLAs for infrastructure and operations is very unlikely to be 100%.   The strategic question will always be what SLAs can be afforded, what is the impact to business agility for the target SLAs and what can be improved from a people, process and technology perspective to achieve the business goals and minimize cost. 

Because there are clear ties between performance, availability and security objectives and the success of outsource cloud infrastructure and operations, I believe that public cloud will outperform internal infrastructure over time.   This does not lessen the requirement for internal roles of architecture, end-to-end management of performance, availability and security, and vendor management.   These roles will increase in importance within organizations. 

The current Amazon issue re-emphasizes that a cloud strategy needs to include

  • Clear and continuous risk management program for IT
  • Enterprise change, incident, problem, release and configuration management process re-engineering
  • End-to-end SLA and systems management
  • Server provisioning process and technology
  • Patching process
  • Server configuration baselining and auditing
  • Repurposing of servers
  • Disaster recovery planning and testing

Tuesday, March 22, 2011

Private Cloud - why and how?


There is an explosion of change occurring in infrastructure and operations.   While it took almost a decade for virtualization to become main stream, cloud options are evolving much more rapidly.   There are two major business drivers – variable cost for consumers of IT resources and a need for increased IT agility.   All cloud options are built upon shared physical network, virtualized server and storage resources.   Cloud takes virtualization to the next level.   On top of virtualization it layers automated self-provisioning, chargeback for resource utilization, and service level agreements for cloud services that are in the service catalog.

The primary cloud discussions today center on when an enterprise will use public cloud and if it needs to implement private cloud as a stepping stone along the way or as a step-sibling for a longer period of time.   The growth of public cloud is large.   IDC estimates that the total expenditure on public cloud to be $29.5 billion by 2014.   There are some issues affecting the speed of public cloud adoption.   These are compliance concerns, data security, and cost.   As a competitive public utility, cloud cost will eventually go away as a concern.

In the meantime, Gartner believes that the most enterprises over the next couple of years will focus their attention on implementation of private cloud.   Today, there are three options for private cloud.   Enterprises can build their own private cloud (in their data centers or colocation sites), they can contract with a public cloud provider to create a physically separate private cloud for the enterprise (in cloud provider data centers or contracted colocation sites), or they can contract with a managed services provider to manage a private cloud in the enterprise data center.  

Whether an enterprise chooses to move to a public cloud or implement a private cloud, the approach to developing a strategy and implementation plan needs to follow the same methodology.   At a high level, the methodology has a four steps:
  • Define an end-state that satisfies business requirements including the financial goals, service goals and resourcing/role goals.
  • Identify the transition actions including development of services, financial changes, skill/role changes, ITIL process changes, and infrastructure changes.
  • Plan and communicate the individual transition work streams.
  • Communicate the overall program frequently and execute.
While the overall transformation creates business value and opportunity, each of the transition actions will create resistance.   Call me if you want to discuss this further.