Tech Briefing

By John Zyskowski

Blog archive

Cloud might let users bypass IT -- for a while

Undoubtedly the greatest bit of hype around the predicted rise of cloud computing is that the role of the CIO and the IT department is going to be diminished as end users bypass internal IT and go directly out to the cloud for what they need.

Want to start using that cool new software-as-a-service Web app to share documents among your team and track your project? Forget those killjoys in the IT department and all their tiresome “procedures.” You can sign up for the cloud app from your desk and start using it right away without IT ever even knowing about it. Hey, they’d probably thank you for it if they knew because it’s less work for them, a veritable win-win.

That is until the cloud provider goes out of business one day, and you find out your people can’t get access to all those great documents and ideas and data they had stored in the now-shuttered provider’s servers. Or until the group of go-getters discover that the Web app stopped working for their co-conspirators in the St. Louis office because of some conflict with that location’s new server settings.

That’s when it’s time for the call of shame: “Hello internal IT department, we’ve got a problem. We need your help.”

It’s for reasons like these that agency IT departments will still need to be fully engaged with the process of making sure end users have the IT resources they need to do their jobs. What will change as cloud computing gets more popular is where those resources are coming from, and that will mean a change for IT department’s role, not the reduction or elimination of it.

The generic name for what the IT department will need to be really good at is “IT service management.” Though this philosophy has been around for decades, even when IT designed, built and ran virtually all the systems its end users needed, it’s going to take on far more importance in the age of cloud-style outsourcing.

I wrote in a recent story about how the use of one particular method for practicing IT service management called the Information Technology Infrastructure Library, or ITIL, is changing with the advent of the cloud.

As always, I came across a lot of good information and the people I interviewed made some great points that I didn’t have room enough to include in the story. Here is some of that information.

New IT skills needed in age of cloud

Randy Steinberg, a national specialist leader at Deloitte Consulting and expert in IT service management, observes that many organizations are starting to realize that cloud computing will change the skills they need in their internal IT department.

“The role of IT is now becoming more of a service integrator,” Steinberg said. “You can see evidence of this in the industry already – some of the fastest growing jobs are in IT Service Management, sourcing experts, service definition skills and procurement. The issue of service catalog/portfolio for example, was almost non-existent 3 years ago – now almost every company I speak with is doing something with that in some form or other.”

Another source for my story, Rob England, a consultant who writes a blog about IT service management called the IT Skeptic, also noted how the interface between an internal IT department and the rest of the organization will change as cloud takes off.

“One aspect that doesn't get enough attention is that service desk becomes more important not less,” England said. “Who knows how my company locally archives Gmail? Who knows the policy and peculiarities of how we use SalesForce? Somebody needs to present a cohesive face of Information to the users, and that is the Service Desk.”

“That Service Desk probably won't be an IT Service Desk though - it will be an organizational Service Desk,” he continued. “Carr's “IT Doesn't Matter” is coming true - the cloud will help break down the isolation of IT as a cultish specialty and place Information as just another department.”

As both Steinberg and England pointed out, ITIL is just one of the IT service management disciplines and frameworks that organizations can and probably should use as they increase their use of cloud computing. Here are some of the others (not in order of importance):

  • eSourcing Capability Model (eSCM) – built from an outsourcing perspective;

  • Control Objectives for Information and related Technology (COBIT) – this provides other aspects of IT management and governance not covered by ITIL and its ilk.

  • ISO 38500 – helps formalize governance.

  • Universal Service Management Body of Knowledge (USMBOK) – guidance for non-IT-centric service management.

Dearth of research on ITIL use

We know from our reporting at FCW and Government Computer News that ITIL is quite popular around government. We found many ITIL followers when we first covered it in 2006 in the story “Simple advice, big payoff,” and then plenty more in the later stories “ITIL given a government spin” and “ITIL emerges as new sheriff of IT management.”

Even though one can see plenty of anecdotal evidence of ITIL uptake, it turns out that good research about ITIL adoption rates and return on investment are hard to come by.

The IT service management vendor Hornbill has a recent user survey about ITIL use that has some interesting data about the areas of ITIL that current adopters are most interested in.

Something to watch for will be an IT service management user survey that Forrester Research is doing with the membership of the IT Service Management Forum USA.

Finally, here are the results of an informal survey on ITIL adoption done in 2008 by James Phelps of the University of Wisconsin.

Posted by John Zyskowski on Aug 06, 2010 at 12:20 PM


Featured

Reader comments

Thu, Aug 19, 2010

Reminded of earlier GCN article: http://gcn.com/Articles/2008/12/15/Changes-in-store-for-government-IT.aspx Excerpt: "Amit Yoran (former Director of the US-CERT and National Cyber Security Division of the Department of Homeland Security) recommended that chief information officers and other government leaders learn what their users want and provide them those services. It is often better to enable a requested functionality than to try and block it, he said." "So users need to share their MP3 files, they say it is absolutely, positively business critical," Yoran said. "If you don't enable a way for them to do it, they will enable it themselves. You need to accommodate in a way that hopefully manages risk rather than encouraging users to bypass your security efforts, because they absolutely will."

Wed, Aug 11, 2010 Steve Crawford

As Yogi Berra once said, "it's deja vu all over again." Not too many years ago, server proliferation became a big issue for IT, which then led to server / data center consolidation (and then virtualization). So why did servers proliferate? Costs came down, and renegade departmental heads (like me) would buy servers and software with discretionary budget to bypass having to deal with IT. The barriers to entry back then was a thousand bucks or so. Today, cloud computing has lowered the barrier to a few dollars per month. But now the implications are much worse for IT. Imagine a young marketing person uploading their entire customer database into a SaaS based email marketing solution to send out a newsletter, without IT knowing about it. Not a good scenario for demonstrating SOX compliance (or pick any other regulatory policy). IT will need to evolve as an internal 'cloud service broker' who can mix and match best-of-breed internal and external services to meet LOB's needs -- so that they're not bypassed by renegade users.

Fri, Aug 6, 2010

Regarding "Or until the group of go-getters discover that the Web app stopped working for their co-conspirators in the St. Louis office because of some conflict with that location’s new server settings," if it is software as a service delivered via the browser, server settings on their backend should make no difference to distributed users. The App keeps working for all locations. It is much easier to telework and collaborate securely using HTTPS than using VPN's.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above