Addressing your ITSM needs

We’ve been very busy in recent months finding innovative cost-cutting ways to help customers derive more value from their IT Service Management processes and disciplines.

Some key (and probably very obvious) drivers for our customers have been:

1. Reduce direct vendor costs (software licenses and maintenance costs)
2. Faster time-to-market for new features and benefits
3. Reduce implementation time & cost
4. Improve service quality
5. Improve alignment of Service Delivery team to the Business

To achieve these we’ve had to overcome a few key challenges:

Legacy Challenge #1: Cost & Complexity

The legacy ITSM solutions are about as cumbersome and complex as the typical organizational specific ITSM processes and workflows themselves.   Granted the legacy vendors are trying really hard to re-invent the front-end usability, ease of implementation, etc, but there’s no way they can just overhaul a complex ITSM product overnight.  It’s a bit like trying to change the wheels on a moving vehicle.   The challenge with using these legacy solutions [as powerful as they may be] is that the license, maintenance and implementation costs are prohibitive for smaller organizations.  Even large organizations – especially in the current economic climate – are desperately looking for innovative ways to reduce costs while improving their service delivery capability and quality.

Our Solution:  Change the underlying technology.   Service-now.com is a web2.0 [modern] solution, built from the ground up, is cloud based [no more operational babysitting and system administration nightmares], and was designed with ease of use and implementation as a fundamental guiding principle.  This means we can design, build and test the ITSM solution in third of the time of what we traditionally could and did.

The Benefit:  Reduced cost and complexity – and significantly so.  Our Service-now.com customers are ecstatic with their choice of technology and our ability to deliver.  Once delivered, the administrative overheads are substantially reduced and the fact that Service-now.com is offered through the cloud, means that the painful and costly exercise of upgrading and remaining current evaporates into thin air [excuse the pun].   I always used to maintain that technology is “just technology” and no one technology can make a huge difference… well I’ve been proven wrong.  I was actually astonished as to how big an impact the changing of an underlying technology can have on the key drivers listed above.

 

Legacy Challenge #2:  Engineers & Consultants

We “grew up” in an industry where organizations relied on consultants to help define their ITSM processes (and requirements) while an independent reseller or systems integrated implemented the ITSM solution.  There appears to be increasing frustration with misalignment between the perfect [often over-engineered] ITSM processes, the business needs and what the technology is able to deliver within a reasonable time.  To avoid this misalignment, a more inclusive consultancy approach to solution delivery has become paramount.

Our Solution:   Our delivery teams increasingly rely on experienced ITSM solution experts, business analysts and consultants that understands the underlying solution capabilities.  This means we guide the customer through a design process using a far more pragmatic approach.   Our experienced business analysts and consultants work together to engage [interrogate] the business users and capture the true business requirements.   They either design or assist in the design of the customer’s processes and ensure that the user and business requirements are converted into well defined technical delivery requirements.

The Benefit:  Our customers are now getting more value from the process design through to implementation.  Our pragmatic approach means the processes are designed to bring simplicity, ease of use, achievable results and are quick to implement, directly achieving many of the key drivers identified above.

 

When next faced with questions on your improvement strategy, you should be considering a lot more than simply how to improve current processes.  By using an innovative solution like  Service-now.com and an agile implementation/consultancy partner such as Marutech, you’d be surprised how easily you can swop out the underlying legacy technology AND improve your processes for less than what you would have spent on your next big upgrade.

CloudWashing – a recurring topic

I can’t tell how many times I’ve read articles and blog posts about the differences between legacy vendors and “true” cloud vendors.

Legacy vendors tend to hop on the cloud bandwagon by simply hosting their legacy applications and then [sometimes] building some fancy wrapping and automation around it.  And then there are those that think because they’ve hosted their application on some virtual infrastructure (aka VMWare or other), that they now have a pure cloud offering?  (They even believe it themselves)

On the other side, [true] cloud vendors do things differently by taking the time to build their solutions from scratch.  They tend to use modern technology and programming techniques and most importantly, the tend to focus on the ease of use for the end-user.  The more modern paradigm is what cloud computing and Software as a Service is really about, but few of these new and small startups or vendors have the marketing budget to compete with the large legacy vendors that have managed to white-wash the cloud paradigm [or is it brain-wash their clients?] with a “hosting is also cloud computing” idea.  True cloud vendor’s products are simply better suited to the 21st century – they’re simpler to use, quicker to implement and give you better bang for your buck almost every time.

All the early adopters and thought leaders out there will know what I’m talking about…  The rest, well, I suppose we’ll see you onboard [or is that enlightened?] sometime in the future…  perhaps just in time to get confused by the next big thing.

 

Going Cloud… Thinking Security (part 2)

This series reviews 4 ‘things’ you should take seriously when considering cloud solutions.  Part 1 looked briefly at Application Integration – critical if your cloud solution needs to form part of an integrated IT strategy.

Now, we look at security.

Even though we have written about and discussed security a number of times it is still of extreme relevance and importance in the move to a cloud based service.

Most security consultants have had to deal with a huge shift in focus regarding security, but the basic security fundamentals for users of cloud services still apply. As a first step, assessing the risk in security and compliance is imperative. Core security topics such as control and manageability, tracking records of actions, trust and incident management, liability and support, misuse and data leakage, these are all more critical than ever.

According to Nico Popp, VP of product development at Verisign “This requires layers of security, including multifactor authentication, identity brokers, access management and, in some cases, an external service provider who can provide that high a level of administrative control”

“Security and cloud hosting are two separate things, but the cost of entry is so low, and often so simple, that customers may not do as much due diligence as they should to find out who’s responsible for security,” says Ezra Gottheil an analyst who covers server issues for Technology Business Research.

Too many times companies assume that their cloud provider is taking care of security – leaving themselves vulnerable to attack, and all too often, ignorant of the fact.

Customers must demand transparency, avoid vendors that refuse to provide detailed information on security programs. Ask questions related to the qualifications of policy makers, architects, risk-control processes and technical mechanisms and the level of testing that’s been done to verify that service and control processes are functioning as intended, and that vendors can identify unanticipated vulnerabilities.

Here are seven of the specific security issues Gartner says customers should raise with vendors before selecting a cloud vendor.

1. Privileged user access

Get as much information as you can about the people who manage your data. Ask providers to supply information on the hiring and oversight of privileged administrators, and the controls over their access.

2. Regulatory compliance

Traditional service providers are subjected to external audits and security certifications. Cloud computing providers who refuse to undergo this type of scrutiny must only be used for the most trivial functions.

3. Data location

Ask providers where your data will be stored, and if this data centre has sufficient security measures in place to obey local privacy requirements on behalf of their customers.

4. Data segregation

The cloud provider should provide evidence that encryption schemes were designed and tested by experienced specialists to ensure data integrity.

5. Recovery

Even if you don’t know where your data is, a cloud provider should tell you what will happen to your data and service in case of a disaster.

6. Investigative support.

The vendor needs to assure you that they can investigating inappropriate activity and must show that they have already successfully supported such activities.

7. Long-term viability

Ideally, your cloud computing provider will never go broke or get acquired and swallowed up by a larger company. But you must be sure your data will remain available even after such an event.

Remember we need to qualify the vendors we want to do business with, that is why Marutech and Cornastone have invested a considerable amount of time to cut through all the hype and get to the point. To ensure that our customers know full well that the solutions in our stable really do meet the above requirements.

In the next article we look at storage, which continues to be one of the weak points of many a provider.

Virtualisation and Cloud – How do they Fit ?

“Virtualisation and Cloud – How do they Fit ?”

At the 2010 VMWorld held at the Moscone Center in San Francisco, VMware unveiled a new approach to ‘Cloud Computing’ that enables businesses and larger enterprises who already have virtualized infrastructures, to shift some of their IT operations to an ISP’s cloud service offering.

The new service, Computing as a Service (CaaS) enabled by VMware vCloud Datacentre, is currently in field trials. Enterprises can use this hybrid service without having to rewrite applications that operate on VMware, using their current modes of operation, according to the vendor.

“It is intended to lower some of the barriers to adoption of cloud computing.” says Joe Crawford, executive director of IT solutions. “VMware customers will be interested in this functionality. There are hundreds of thousands of customers who use VMware today, and they can now use a cloud-based solution using the same tool set and same knowledge base”

For some ‘Virtualization’ and ‘Cloud Computing’ is still a grey area, so let’s try to clarify this a bit.

Virtualization is the creation of a virtual version of something, such as an operating system, a server, a storage device or network resource, in essence it is scaling down from a ‘one server, one application’ model to ‘one server, multiple servers and multiple applications’ model. A number of customers have used this model to scale down massive power hungry data centres to run on a few high capacity servers. With an array of benefits.

Whereas ‘Cloud Computing’ is Internet based computing, it is also a general term for anything that involves delivering hosted services over the Internet. These services are broadly divided into three categories – Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS)

This new service is ground-breaking for VMware, a company that has factored heavily in the service provider community’s move to cloud computing. VMware have started to engage with ISP’s to offer this cloud based solution, built on the customers’ requirements.

The new service also promises security for applications shifted onto the cloud-based architecture.

One immediate area of appeal is disaster recovery and business continuity, Joe Crawford, executive director of IT solutions says, “as enterprises look for network-based computing options that enable them to stay in business in the face of natural or man-made disasters or service interruptions. In addition, the CaaS offering will give businesses the ability to add or subtract computing resources as needed, paying for what they use rather than investing capital in computing power that sits idle during slower times.

InterContinental Hotel Group (IHG) has been selected to trial the field tests for this service, using cloud computing to handle higher booking activity during peak travel times,  and with the upcoming to holiday season, they are likely to need extra capacity until the off season.

With this service, you can have variable workloads hosted by the service provider as opposed to using your own resources, so if you require a higher capacity it is as simple as putting through a request.

So moving forward we can see infrastructures scaling down through virtualized environments and them saving money, by only paying for what they use. We have a high expectancy from the field trials and hope within the next year we can see our local ISP’s adopting a CaaS model driving forward with VMware at the helm.

Marutech ad iWeek

Take a look at our latest full-page add that featured in the ITWeb iWeek 11 August publication… (inside back cover).

Take a look!

The message is hopefully quite clear.  The world is changing, and if you’re not changing with it – you’ll end up as a fossil.

Cloud helps ITSM (ITWeb publicity)

The ITWeb Virtualization and Cloud Computing event in Jo’burg last week was a great success.

ITWeb published an online article highlighting our presentation’s key points…   read it here.

Eassy goes live!!

Finally, the next big step forward in SA’s internet age is happening.   The East African Submarine Cable System (EASSy) is set to go live today, upping our international bandwidth capacity by another 1.4Tbps!

Read more here…

ITWeb – Eassy goes live today

TechCentral.com  – Seacom rival Eassy set to go live

Yeah!

Past views on network management…

I almost forgot.  Another very interesting thing I read this week was a 2008 ComputerWorld article which asked the question “What ever happened to network management?“.   Sometimes its great to look at opinions and identified trends from a few years ago and compare them to today.  I found a lot of points to be on the mark while others not so much (the same goes for comments btw), but some of the trends noted back in 2008 became like fulfilled prophesies by 2010.

I also found a conspicuous lack of cloud or SaaS terms in the article.  It’s a different story today with virtually every big and small player making a play for cloud models, but I’m not convinced that 50% of these vendors aren’t confused about what it is they’re competing for.  

Confusion in the cloud business model (Insights #2)

I find it quite interesting to see how this landscape is constantly changing…  the winds of change seem to be blowing more violently now than ever before, and there are a lot of people out there that are getting quite confused – and with good reason.

I received two news-type emails today with views that tell very different stories…   The first email from ITWeb referred to a Business World article stating that “EMC Philippines has unveiled a technology for ‘advanced virtual storage’”.   The very next email was from InfoWorld with the main article titled “Why some vendors regret becoming cloud providers“ , which talks about EMC’s regrets and why they are shutting down their Atmos  Online cloud storage service.

So who’s confused?   Everybody?

My personal opinion is that its everyone. EMC in my opinion is missing the point to an extent or don’t understand ‘the cloud’.  Sure the business model is tough and it might not make sense for a hardware vendor (or any vendor) to lose traditional business to its new cloud service offerings.  We’re face with exactly the same when our existing licensed solftware clients want to convert to SaaS solutions.

Here are a few points to consider if they don’t offer the service:

• Someone else will.  In my book, that’s lost opportunity.
• It doesn’t mean that existing customers will continue buying hardware forever (from EMC).  They may just consider alternatives at some point.
• They missing the potential parallel (backup) revenue stream – there are a lot of cloud adopters out there, and adoption is growing – fast.
• They shouldn’t be selling the same volumes ‘as a service’.  In other words: don’t sell the same volume – sell the same value!
• Cloud services may not generate the same revenue per customer in year 1, 2, 3 or 4, but by year 5 the scales start tipping.

That being said – I just need to emphasize that I don’t really understand the storage space – or the EMC Atmos model for that matter.  I’m merely commenting on the general premise of these articles that I find them both interesting and amusing that I should get these emails within 20 minutes of each other.  What these articles did do however is leave me wondering who’s not getting it – the vendors, reporters or me?

That being said – I think we might finally be coming out of the Gartner hype-cycle peak with regards to cloud computing.  People are starting to understand the value proposition as well as the long term cost implications.   Some of the vendors are starting to hit the stumbling blocks (alla EMC articles) and these are going to expose those that jumped on the bandwagon without a full understanding of what it’s all about….   Infoworld posted another worthy read that points to some of the potential shortfalls and realities of cloud computing and SaaS titled “Is the SaaS experiment finally over?”

Well, I hope you got some value from my ramblings…

Happy reading.

The Cloud Security Alliance (CSA)

If you haven’t come across the CSA before, then here’s a brief introduction and few interesting bits to go with it….

Who are they?
“The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, the Cloud Security Alliance Web site is www.cloudsecurityalliance.org.”

Trusted Security Certification
Novell and the Cloud Security Alliance (CSA) announced in March 2010 the vendor-neutral initiative for the Trusted Security Certification program.  I’m not sure how busy they are with this in the background, but I’m certainly hopeful that this will help to drive cloud adoption.   Of course – once the certification exists, vendors need to adopt and comply, otherwise, it’s just going to be another certification with no weight.   This is most certainly a topic I’ll be keeping an eye on.   Read more here..

Useful Documents
You can download and read (or glance over) v2.1 of the “Security Guidance for Critical Areas of Focus in Cloud Computing” document for some very helpful information if you feel a little lost when people are talking about cloud-computing and what it entails.  This document deals with 3 main (and very important) areas being: architecture, governance and operations.

Another useful document to scan/read is Top Threats to Cloud Computing.  CSA have done a good job of summarizing some of the threats and categorizing in a fairly quick and easy way to digest.

Keep it going…
The CSA might not be the only organization out there trying to guide security standards for cloud computing, however, they are most certainly an important one which makes them an organization worth mining for information on  a regular basis.