Slides from my recent presentation to the Cloud Circle- Is the Cloud a technical or organisational challenge? It’s probably a bit of both!
· What are the technical realities of developing an evolving IT infrastructure? (integration, interoperability, latency, bandwidth, business continuity, how do you go back to your old infrastructure if you leave the Cloud) In reality how straightforward are these issues to resolve?
· What are the organisational, cultural and political considerations that could derail your initiative? (change management issues/IT resenting lack of control/getting end-user buy-in)
· What about the business processes; how to get Cloud to flow through workflow
· Is security a technical or organisational challenge; the value of encryption versus best practice data governance policies. And what about compliance and data protection?
· Why does the human factor always threaten to derail your initiative?
· What skills will be most important in delivering Cloud success? (debate IT technical integrations skills versus more business integration skills)
· Who is going to make this happen?
The video is on Youtube- here: http://www.youtube.com/watch?v=UCB8T2zEkbE
For the first time in history, consumers have access to better IT at home than at work
PP – Discuss the issues when people in the workplace complain about this and explain the corporate challenges around this, such as cost, standardization, support, security, etc
PP - Discuss the perceived issues with allowing social media in the workplace, such as loss of productivity, doing personal things in work time, etc. The reality is that some companies are slow to understand the generational shift in how people communicate.
And consumer facing innovation is driving the market
PP – This is also driven by the fact that the line between working and not being at work is blurring, and therefore people are finding ways of being productive when they are not ‘at work’.
The infiltration of technology in our personal lives is now reversing back into our corporate lives.
But IT aren’t entirely to blame- they’re struggling to find a balance between employee empowerment and control.
PP – A lot of this is because IT are guided by HR departments with a possibly out-dated and misunderstood view of how people want to work against how people used to work. There is an a valid argument that too much empowerment creates a higher reputational risk strategy for the organisation.
But the problem is that the perimeter is gone. You can’t trust your own network anymore.
PP – This is true for a lot of organisations. The converse is also true, where everything is very locked down. A lot of companies are now looking at deploying VDI as a way of securing the desktop further
Force Can’t Solve All Problems-
"The more you tighten your grip… the more star systems will slip through your fingers.” -- Princess Leia
We need to enable them to use corporate systems, not because they have to, but because they prefer to.
But there is an asymmetry of risk here- all the benefits are accrued to the business unit and all the risk is carried by IT
PP – The problem here is that IT are often do not understand the risks that businesses are exposed to and what may or may not be acceptable or beneficial, and therefore they tend to err on the side of extreme caution.
I mean- who get’s blamed when things go wrong?
PP – lack of IT governance can be blamed here. IT operating in a vacuum, and the business operating independently of IT.
So what are the two challenges to adopting Cloud we’re going to address today?
Is it people?
Or Technology
Or Both?
So- who’s using it?
So- who’s using it?
So- who’s using it?
Part of the problem is choice- what do you move to the cloud? Email? CRM? Applications? Virtualised Machines?
In Dan Arielys Predictably Irrational he talks about a paradox. The common belief is that more choice leads to greater uptake and satisfaction. A study proved that this is actually not the case
A simple example of this paradox is an experiment they ran on people choosing Jams.
When only 6 Jams were displayed- shoppers purchased Jams 30% of the time
When 24 Jams were displayed, shoppers purchased Jam only 3% of the time.
The conclusion of the research was that too much choice actually caused people to refuse to make a decision, preferring to not have any Jam rather than make a decision that might leave a better choice unselected.
And the corporate IT real estate is a large and complex beast with choice literally everywhere. We need a way of simplifying it so we can make choices.
We need a frame of reference to make these choices simpler.
The key question is what stage of lifecycle is that technology is and what competitive differentiation does it give to the business. That defines what the choices are.
This is the Technology lifecycle- as defined by Simon Wardley. Competitive advantage is had where ubiquity and certainty in outcome is least- i.e. on the bottom left. The further up and right you go the less differentiation you get as the services become more commoditised.
Take the CRM market for example- the early systems are on the bottom left and move up through Siebel to Salesforce in the top right
Because if they don’t provide the business differentiation- should we be spending time and investing capital doing them?
Let’s reduce our choice so we can start to make some decisions. Then we can look at the issues had in transitioning
Because the issues are well known and understood.
So there are three types of risks we’re dealing with. Firstly the disruption of existing relationships. That software vendor you’ve worked with for years. How you’ve always done things.
Then the transitional risks relating to the shift from a product to a utility service model.
Thirdly the risks with outsourcing that activity to a third party. Let’s look at them
So thinking about the people issues
The fundamental problem is that you need different types of people at each different stage of the lifecycle. Simon uses the example of Pioneers, Settlers and Town Planners
Pioneers go out and find new lands- they are inherently chaotic. They fail often but their successes are responsible for your competitive advantage. They are your Leonardo DaVinci’s of the world.
Settlers follow behind the pioneers and make the land livable. They take the innovations from the pioneers and put them to work, making them usable and safe. They are your Machievelli’s of the world. You want them on your team.
And finally town planners make things solid, usable and scalable. They provide Operational efficiency. They’re ultra reliable and a safe pair of hands. They are your rock. They are your Vitruvius- the worlds first engineer to be known by name.
Mixing these people up and expecting them to deliver the same stuff isn’t easy. And asking people to operate in an area outside their capabilities is a recipe for disaster.
So are we asking IT to do exactly that? It’s not surprising then if we run into some issues…
PP – Often, IT departments are not clear on the business requirements. They are often asked to ‘save money’ or ‘do more with less’. This invariably means that decisions are taken that are not necessarily in step with the real business requirement.
So how do people outside of their comfort zone react? Not well normally…
More often than not- the response is “it’s not secure”
PP – This is a sometimes justified, after all IT departments are relied upon to use their knowledge to make judgements on whether putting information in the cloud is secure and in the company’s interests.
Actually what they’re saying is- I’m not comfortable
PP – This is really interesting. In countless meeting throughout my career, I’ve never had anyone in IT saying that they’re not comfortable.
And secondly it’s outside of my control. I like controlling things. What do you expect when you ask a town planner a question for a pioneer?
PP – Again, this can be justified in some cases, although things are changing fast, and most offerings these days offer a level on control that is more than adequate for most scenarios.
These are the two key areas to tackle if you’re to succeed with your implementation with people.
PP – Buy in from the IT team is vital if transitioning services to the cloud is to be successful, so it is important that the IT department are able to air their views, but also understand the business drivers.
Security- start understanding what makes a Cloud secure. Read best practice. Do due diligence.
PP – Understand the structure of data within your environment and where it is stored.
Vendors see the evolving security landscape and react and deploy in real time. Can provide much more effective Security and spend much more money on it- typically 4-7% of revenue which equates to about 10x customer security investment.
PP – This is especially true of smaller companies, who simply cannot justify such expenditure.
Over half of security incidents were done by an insider- malicious or not- we can’t trust people inside our perimeter. The perimeter is truly gone.
PP – Think of all the ways information gets in and out of a business: Hard copy documents, USB memory sticks, email, smartphones, ipods
Is control such a good thing if half of those security incidents were initiated internally? Is it always good to let IT have the keys to the safe?
IT needs to be focused on delivering sustaining competitive advantage- not just keeping the lights on.
PP – This is a key point. It is about the IT team understanding what they business does and being a part of the competitive process. This comes from management and is a shift in traditional cultures for some companies. It means IT not operating in a vacuum.
And the big worry of people in IT losing their jobs is just not a reality.
Simon Wardley talks about Jevons Paradox- where technological efficiency causes more, not less of the resource to be used. IT need not fear losing their jobs- they’ll just be used differently.
PP – In the short to medium term a lot of operational IT will be working on the transition of IT ‘real estate’ to the cloud. As Justin’s previous point states, IT people will be working differently. After all, who really enjoys working on backups ?.....
And lastly users- we talked about them right up front. They’re driving the change so by and large it’s welcomed with open arms if the systems are introduced well. They want to use IT on their smartphones and tablets.
PP – As IT service providers, we must never lose sight of the fact that we are here to serve our users and make sure that they have the right tools to do their jobs.
So what about the Technology?
The fundamental problem is that you need different types of people at each different stage of the lifecycle. Simon uses the example of Pioneers, Settlers and Town Planners
So what we’re really looking at is the transitional risks from shifting from a product to an outsourced utility service.
IT is complicated.
The challenges facing enterprises building private cloud services or leveraging public cloud services are significantly more complicated than just the technology. Fundamental change is needed in culture, business models, IT architecture, service management and politics — all opportunity areas for the channel to provide business consulting, but very different from the channel's traditional role.
PP – The lack of service orientation in a lot of organisations hampers any transition to the cloud. Successful transitions begin with a clearly defined service catalogue.
Greenfield sites
PP – Most businesses have legacy environments that are vital to them and their profitability. The problem with legacy environments is that often the people who set them up are the people you need to migrate or transition them, and often these people are no longer around. This is a dilemma, as we are at a stage where a lot of these systems will soon be unsupportable because the technology has moved on so far and the skills no longer exist to support the systems.
Risks:
Trust
Security of supply
Security
Governance
Outsourcing risks
Lock in to a vendor
Pricing competition
Loss of strategic control
PP – lack of local knowledge – they don’t understand your business
PP – One of the main barriers that need to be overcome in the transition to cloud based services is SLA’s. How good are they, do they meet your business needs, are you comfortable with them ?
Risks:
Trust
Security of supply
Security
Governance
Outsourcing risks
Lock in to a vendor
Pricing competition
Loss of strategic control
PP – Quality of service, alongside SLA’s are also a concern for organisations transitioning to cloud based services. How good are the eyes, ears and hands of our service providers, and how quickly do they respond when you need them ?
Risks:
Trust
Security of supply
Security
Governance
Outsourcing risks
Lock in to a vendor
Pricing competition
Loss of strategic control
Risks:
Trust
Security of supply
Security
Governance
Outsourcing risks
Lock in to a vendor
Pricing competition
Loss of strategic control
PP – Discuss jurisdictional issues that require data to be held within certain geographies and comply with local data laws.
Outsourcing risks
Lock in to a vendor
Pricing competition
Loss of strategic control
PP – Change in the format or structure of held data.
Outsourcing risks
Lock in to a vendor
Pricing competition
Loss of strategic control
Outsourcing risks
Lock in to a vendor
Pricing competition
Loss of strategic control
PP – It is often easier and more efficient to adapt business processes, rather than try to fit the technology to the process.
PP – Business processes need to be looked at in conjunction with IT services. There is often a lot of duplication of work, often because of legacy processes and/or systems, and these systems are often not integrated with the business IT service catalogue. Efficiencies, and ultimately cost savings can be made here.
Deliberate strategy- not an all or nothing approach. Do so on a project by project approach
PP – Certain IT systems are prime candidates for ‘outsourcing’, such as email management, archiving and backups. There is widespread agreement that these are the ‘low hanging fruit’ for IT departments.
Don’t be afraid of some failure.
PP – look at outsourcing some of the services previously mentioned – inline, low risk, such as backups and archiving. These can be run in parallel with current solutions.
PP – Understanding contracts up front is vital. What happens when you want to change provider or hosting technologies ? How will you get your data back, and how long will it take, how much will it cost ?
But with an eye for the spaghetti- you don’t want to end up with an unmanageable mess
PP – Do we actually know what we have ?
Hybrid architectures
PP – Hybrid architectures are often seen as good ways of transitioning to a cloud based solution. They allow the customer to control migration at a pace and level that they are comfortable with, whilst still allowing them a level of autonomy that they are happy with.
Mean professional services
Cloud readyness-
PP – this is about understanding your service catalogue and business processes.
At your own pace
PP – The process must be carried out at the right pace for the business.
- let the Cloud come to you
Hi My name’s Justin Pirie
I’m the Cloud Strategist here at Mimecast but I’m best known as an Analyst Blogger in the SaaS and Cloud space.