The New IT Operations Model for the Cloud Era
Organizing IT operations into four groups can bring an IT organization into alignment with how businesses acquire IT services in a cloud computing world.
Even if your IT organization remains cloud-phobic, it's likely that your business may be engaging in "Shadow IT" practices that will force a cloud strategy in 2013. That said, cloud technologies are disruptive to the way that IT operates, so if this is the reality for 2013, what impact will a cloud strategy have on the way that IT organizes the people and processes that support delivery of services via cloud technologies?
One approach, suggested by Gartner analyst Alessandro Perilli, is to recognize a new IT operating model for the cloud era and organize into teams that specialize in the various delivery models that cloud computing has to offer. This approach requires a traditional IT management group, a private cloud management group, a public cloud management group, and over all the others, an IT broker group. Such a strategy acknowledges that the future is a mix of traditional, private and public cloud environments and puts in place groups that can optimize each, while aligning to business expectations for agility and costs.
Organizing IT operations into these four groups can bring an IT organization into alignment with the way that businesses look to acquire IT services in a cloud computing world, while reducing the risk exposure associated with "Shadow IT." There are several reasons why this organization structure makes sense.
Traditional IT Management Group
As disruptive as cloud technologies can be, it's worth noting that most IT organizations that aren't startups will continue to require a traditional IT operations team to support traditionally delivered IT services. Traditional IT services will include applications running on physical systems as well as in virtual environments, which are a stepping stone to private clouds, but should not be confused with them.
Private Cloud Management Group
To distinguish between virtual environments and private clouds, determine if your environment meets the five NIST essential characteristics of cloud computing, including self-service, elasticity, and measured service. Private clouds are an evolutionary step beyond virtual environments and require additional skills, processes, and technologies to manage, thus dictating a need for a separate management group.
The skills needed for this group are typically in short supply. In response, some public cloud providers are now offering a private carve-out of their resources, dedicated to a single client. Call it "cloud-slicing" if you like, but this approach will make private clouds, with the benefits of a more secure and controlled environment, obtainable for all organizations regardless of maturity level. In this scenario, the private cloud management group is actually outsourced, although governance must be maintained internally to the IT organization, potentially by the IT broker group (more on that group later).
Public Cloud Management Group
There is clearly a need for a traditional IT management group and a private cloud management group, but what is the need for a public cloud management group? Since public cloud providers are an outsourced model shouldn't they bring their own management? The answer lies in understanding the need for cloud governance. Like any technology used to deliver IT services, public cloud offerings must adhere to the policies of the business organization as a whole.
Policies should include those for identity and access management, security and regulatory compliance, performance and disaster recovery, data sharing, and for costs and responsiveness of providers. Without a dedicated team focused on identifying and governing these policies, providers will be chosen without regard to their ability to adhere to them. This may be satisfactory for a time, but as auditors raise concerns, as users are impacted by poor performance, or if a provider switch becomes necessary, the lack of policy governance will be keenly felt. The public cloud management group is not focused on architectures and technologies so much as it is on evaluating, negotiating, and auditing public cloud providers and services.
IT Broker Group
Yet, even if IT operations is optimally organized to deliver services via cloud technologies, how can a business be convinced to leverage this capability when it is easy to contract with public cloud providers directly? This is the "Shadow IT" problem, where business users circumvent traditional IT, potentially exposing the business to unintended risks of data loss, outages, and cost overruns. That's where the IT broker group -- or perhaps even better, the IT service broker group -- has a role to fill.
This broker group must work with business customers or relationship managers to understand the need, the budget and timeframe and then source the appropriate service from the traditional, private cloud and public cloud groups. This could be via a self-service catalog for standard services or through requirements definition for more custom services, but the role does not end with sourcing a service.
The broker group must also support users of the services via a service desk or help desk to understand the level of satisfaction, track costs, and take requests from users for new services that can potentially be added to the catalog. Communicating about changes or elimination of services is also a role that must be filled. If users feel that the broker group is responsive to their needs, without bias against public cloud offerings, there will be significantly less "Shadow IT."
These changes to the IT operations organization can bring balance to the tension between the business and their demand for flexibility, and the IT organization with their need for control to reduce the risks of cloud computing. To become most effective, these four IT operations groups must operate collaboratively because this new era of cloud computing includes workload portability, enabling applications to move between cloud environments and shared resources operating in mixed environments. The changes forced by cloud computing are inevitable -- without change, the future relevance of IT is not.
Travis Greene is a service management strategist at NetIQ.