Are cloud and ITIL like oil and water?

If, like the Air Force, Navy and a growing number of other agencies, you’re modeling many of your information technology operations on the best practices of the Information Technology Infrastructure Library (ITIL), then your aim is to have total control and knowledge of everything that happens on any piece of consequential equipment or software behind your IT curtain.

That omnipotence is what lets you deliver high-quality computing services to your agency’s workers and quickly snuff out any technical problems that pop up.

But what if you want to throw some cloud computing into the mix? With cloud, instead of worrying about headaches like buying software, hardware, systems configurations and capacity planning, you get some third-party provider to own that bailiwick and you pay them only for the amount of computing services your people use.

Would using the cloud mean you could send your ITIL chiefs home early, since keeping close tabs on that cloud-based infrastructure would become unnecessary, if not impossible? Or does ITIL become even more important when applied to external service providers?

Cloud advocates have not really addressed those questions head-on. For example, what would happen to your ITIL change management process if you didn’t have control over — or even know about — server upgrades made in the cloud?

And what impact will that have on your IT department’s responsibility to make things work? So asks ITIL consultant Aale Roos in a comment he posted on a blog called "The IT Skeptic." As a case in point, Roos refers to his local airline, Finnair, which says Facebook (a cloud service) has become an important channel for the company.

“What about configuration and change management?” Roos wrote and added a dig at Facebook founder and CEO Mark Zuckerberg. “Forget it. Finnair is just one zucker to Zuckerberg, like all other Facebook users.”

But others say the question isn’t whether ITIL still flies when clouds are present, it’s whether you dare do cloud without it.

That’s because ITIL is about much more than tracking software patches, server settings and calls to the IT help desk. It’s also about providing computing resources that meet an organization’s operational needs, whether those capabilities originate in-house or someone else provides them from the cloud. “I don’t see how you can do this without ITIL and service management,” said Randy Steinberg, a national specialist leader at Deloitte Consulting.

“I think we’re on the cusp of a new evolution in IT,” added Steinberg, who has helped the Homeland Security Department and other agencies adopt IT service management practices like those enshrined in ITIL. “What IT used to build and design on their own, they can now rent. Therefore, IT’s role is becoming more of a service integrator.”

ITIL supporters will point out that the framework has always had provisions for outsourced services, and cloud is just a new spin on outsourcing.

However, it’s also true that most current ITIL practitioners have focused on tightening configuration, change and incident management for their internal IT systems because that’s what leads to the quickest return on investment.

So most will have to learn some new ITIL skills if they also want to manage cloud services that way. Service portfolio, supplier management and solution sourcing will become the pre-eminent disciplines within IT service management, said Rob England, a consultant who created and writes "The IT Skeptic" blog.

“Nevertheless, we still need incident, problem, change and configuration as much as ever,” England said. “Sure, you can't see the detail of any of them any more, but the big picture becomes more important as you drive your outsourcer to ensure they are dealing with the detail.”

That means in a more cloudy world you’ll spend less time building ITIL-infused technical processes to gather super-granular system information and more time forging business contracts with cloud providers. Those contracts will need to codify many details: among them, how service problems will be handled and by whom; how service quality will be reported; and what kinds of infrastructure changes in the cloud require customer notification.

Ironically, a cloud-and-ITIL combination might provide a more stable IT environment than internal IT did before. That’s been true for the state of Utah, which started using ITIL in 2005 during a major data center consolidation and now also uses it to manage a growing number of cloud services.

“You’re probably tweaking things less in the cloud because you’re conforming to their specification and you expect that configuration will not change without notification otherwise,” said David Fletcher, Utah’s chief technology officer.