Pushing service delivery beyond the enterprise boundary

No more need for delivery managers? Pah!

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Workshop So far in this series we’ve been considering all things service delivery, with an emphasis on how the various elements of IT infrastructure can be managed as a single whole.

IT infrastructure isn’t what it once was however, as demonstrated by the increasing range of ‘cloud-based’ options available from third parties.

The word ‘service’ has been adopted, if not hi-jacked by terms like software as a service, platform as a service, infrastructure as a service and so on. The central question becomes, if such externally hosted services become more prevalently used, does the role of the service delivery manager become redundant?

Let’s get one thing straight: while some vendors talk about ‘the journey to the cloud’ as if it is a new place that leaves existing environments behind, we have seen no evidence of any wholesale shift of application workloads from internally managed platforms. However, our research does suggest hosted services add to the range of options for new workloads. Not only does this lead to trade-off decisions about where processing should take place, it also implies that future IT environments will incorporate both internal and external services, all of which will need to be “managed”.

From a service delivery standpoint, the challenge is to keep service delivery going wherever processing takes place. Some issues around service delivery are not going to be so different from those caused by the fragmented environments we have today, as discussed in the previous article in this series. There are, however, some additional considerations we need to take into account.

First and foremost are factors around where information exists and how it is being protected, particularly if there are compliance or security constraints associated with the data to be maintained in the service provider’s environment. Regulation may impose certain restrictions on where some kinds of data may reside, or at least mandate that you know where it is stored, which can be a problem with those service providers whose infrastructure crosses national boundaries.

Second, we have the architectural and commercial implications of data processing, transport and storage. Where high volumes of data are concerned, for example, it is generally more performant and economical to bring the processing to the data rather than vice versa. Routinely shipping huge volumes of information into a hosted compute cloud for number crunching can actually work out more expensive and time consuming than building a private cloud infrastructure to do the same job. Given that many cloud-based services today rely on an individual making a purchase through a credit card, keeping visibility on what services cost can also be an issue.

Third, particular attention needs to be paid to data security and access. Beyond the obvious question of whether a cloud service is secure per se, there is the question of policy management. The last thing you need, for example, is the overhead and risk of maintaining one set of policies and rules in-house, then another for each provider you make use of. Again, this is a management issue, and while standards and best practices remain immature, you will need to be careful that your own policies are being adhered to.

A final question is how information flows between service providers, or between in-house and external systems. In one study for example, IT professionals were generally more comfortable with the SaaS proposition in relation to discrete applications such as sales force automation, and were less certain about solutions with many integration touch points, such as ERP. At the root of this were concerns about physical integration (development, maintenance and support of interfaces) and the associated question of who is responsible for what when problems arise. Issues with visibility and policy management across domains were also highlighted.

As well as suggesting the need for appropriate due diligence before signing up to externally hosted services, it’s pretty clear from the above considerations that the need to keep control of things increases rather than decreases when operating a hybrid environment. Tracking, maintaining and monitoring a mix of in-house and externally provided assets in a coherent way requires practices and tools that support a comprehensive view of both internal and externally sourced components, complete with all of the dependencies.

To add to the complexity, there will be parts of the external environment that can’t be viewed – it’s unlikely that Salesforce.com wants to give you a live feed of server status for example. Monitoring these ‘black holes’ of service management become part and parcel of keeping tabs on the environment as a whole. Of course, the degree to which you might want to or be able to monitor and manage assets in a service provider environment is debatable particularly if the right service level agreements are in place (though we realise there is a big due diligence question here, particularly given the level of immaturity around service level guarantees from providers).

One element that needs managing across the on-premise and service provider domains, however, is provisioning and resource allocation. This is particularly the case if you want to take advantage of hybrid configurations and overflow capabilities – e.g. if a Web application runs out of resources in your data centre because of an unanticipated peak in demand, you may require the capability to provision virtual servers in the hosted domain and move workloads onto them with ease. The caveat, again, is that visibility on the cost of external resources becomes increasingly difficult if personal/corporate credit cards are relied upon as the payment mechanism – a factor that many service providers are only just starting to take into account.

In conclusion, any notion of cloud computing devaluing the role of service delivery managers is a bit of a myth. Perhaps there will be less need for some routine manual activities, but the impact of externally provided services is to make things more complex, not simpler, and management skills will need to respond accordingly. Indeed, the opportunity is to look for places where the management of less business-critical capabilities, or indeed the more boring elements of low-level infrastructure can indeed be offloaded, freeing up valuable human resource for the higher-order challenges which will undoubtedly emerge. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.