Feeds

Pushing service delivery beyond the enterprise boundary

No more need for delivery managers? Pah!

  • alert
  • submit to reddit

Top three mobile application threats

Workshop So far in this series we’ve been considering all things service delivery, with an emphasis on how the various elements of IT infrastructure can be managed as a single whole.

IT infrastructure isn’t what it once was however, as demonstrated by the increasing range of ‘cloud-based’ options available from third parties.

The word ‘service’ has been adopted, if not hi-jacked by terms like software as a service, platform as a service, infrastructure as a service and so on. The central question becomes, if such externally hosted services become more prevalently used, does the role of the service delivery manager become redundant?

Let’s get one thing straight: while some vendors talk about ‘the journey to the cloud’ as if it is a new place that leaves existing environments behind, we have seen no evidence of any wholesale shift of application workloads from internally managed platforms. However, our research does suggest hosted services add to the range of options for new workloads. Not only does this lead to trade-off decisions about where processing should take place, it also implies that future IT environments will incorporate both internal and external services, all of which will need to be “managed”.

From a service delivery standpoint, the challenge is to keep service delivery going wherever processing takes place. Some issues around service delivery are not going to be so different from those caused by the fragmented environments we have today, as discussed in the previous article in this series. There are, however, some additional considerations we need to take into account.

First and foremost are factors around where information exists and how it is being protected, particularly if there are compliance or security constraints associated with the data to be maintained in the service provider’s environment. Regulation may impose certain restrictions on where some kinds of data may reside, or at least mandate that you know where it is stored, which can be a problem with those service providers whose infrastructure crosses national boundaries.

Second, we have the architectural and commercial implications of data processing, transport and storage. Where high volumes of data are concerned, for example, it is generally more performant and economical to bring the processing to the data rather than vice versa. Routinely shipping huge volumes of information into a hosted compute cloud for number crunching can actually work out more expensive and time consuming than building a private cloud infrastructure to do the same job. Given that many cloud-based services today rely on an individual making a purchase through a credit card, keeping visibility on what services cost can also be an issue.

Third, particular attention needs to be paid to data security and access. Beyond the obvious question of whether a cloud service is secure per se, there is the question of policy management. The last thing you need, for example, is the overhead and risk of maintaining one set of policies and rules in-house, then another for each provider you make use of. Again, this is a management issue, and while standards and best practices remain immature, you will need to be careful that your own policies are being adhered to.

A final question is how information flows between service providers, or between in-house and external systems. In one study for example, IT professionals were generally more comfortable with the SaaS proposition in relation to discrete applications such as sales force automation, and were less certain about solutions with many integration touch points, such as ERP. At the root of this were concerns about physical integration (development, maintenance and support of interfaces) and the associated question of who is responsible for what when problems arise. Issues with visibility and policy management across domains were also highlighted.

As well as suggesting the need for appropriate due diligence before signing up to externally hosted services, it’s pretty clear from the above considerations that the need to keep control of things increases rather than decreases when operating a hybrid environment. Tracking, maintaining and monitoring a mix of in-house and externally provided assets in a coherent way requires practices and tools that support a comprehensive view of both internal and externally sourced components, complete with all of the dependencies.

To add to the complexity, there will be parts of the external environment that can’t be viewed – it’s unlikely that Salesforce.com wants to give you a live feed of server status for example. Monitoring these ‘black holes’ of service management become part and parcel of keeping tabs on the environment as a whole. Of course, the degree to which you might want to or be able to monitor and manage assets in a service provider environment is debatable particularly if the right service level agreements are in place (though we realise there is a big due diligence question here, particularly given the level of immaturity around service level guarantees from providers).

One element that needs managing across the on-premise and service provider domains, however, is provisioning and resource allocation. This is particularly the case if you want to take advantage of hybrid configurations and overflow capabilities – e.g. if a Web application runs out of resources in your data centre because of an unanticipated peak in demand, you may require the capability to provision virtual servers in the hosted domain and move workloads onto them with ease. The caveat, again, is that visibility on the cost of external resources becomes increasingly difficult if personal/corporate credit cards are relied upon as the payment mechanism – a factor that many service providers are only just starting to take into account.

In conclusion, any notion of cloud computing devaluing the role of service delivery managers is a bit of a myth. Perhaps there will be less need for some routine manual activities, but the impact of externally provided services is to make things more complex, not simpler, and management skills will need to respond accordingly. Indeed, the opportunity is to look for places where the management of less business-critical capabilities, or indeed the more boring elements of low-level infrastructure can indeed be offloaded, freeing up valuable human resource for the higher-order challenges which will undoubtedly emerge. ®

3 Big data security analytics techniques

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.