Saturday, November 19, 2016

Why we fail. Again. Sigh..

Sometimes being correct is an awesome thing.

That is not the case here.

A few years back, I wrote a book about enterprise private cloud called "Why we Fail."  The title was intentionally stark to try to gain attention to the book and the subject.  In that book, I made the argument that IT organizations that tried to use traditional business practices and governance were doomed to failure when deploying private cloud.

Sadly, this has turned out to be all too true.

As Thomas Bittman correctly points out, most of the issues facing enterprise public cloud are simply people and process issues.   Not technology issues.

While Gartner proposes a model they refer to as "Bi-Modal IT" to solve this problem, I would propose an alternate approach.  The key issue I have with Gartner is that they propose that Cloud is so new and fundamental to IT that you simply have to reboot and create a new greeenfield organization that is totally different than the old world.  I don't think that's true.

The issue isn't cloud.

The issue is broken IT organizations.  They're broken and thus they can't do what they need to do.  Pretending that "legacy" applications are working fine and can be simply hidden in the "Type 1" silo is just hiding your head in the sand.

The reality is that most IT organizations suffer from a severe lack of strategic vision.

As regular readers know, I am a huge fan of the Cranfield School of Business models for IT business management.  These models are not new.  In fact, they pre-date cloud by a couple of years at least.  However, if you look at them closely, you will see that they are very applicable to the conundrum that businesses find themselves in today.

One of the key messages in the Cranfield model is that technology products are like a stock portfolio.  Thus, the best way to reduce your risk is to diversify.  In addition, the way you manage different types of investments should also be different.  Just as you would not day trade on your house, you probably want to have different IT governance policies around your payroll system than you do for your CI/CD integration with Slack.

If you look closely at the reasons why shadow IT happens, you will usually find disconnects between business goals and IT governance policy.  Say for example that you are a developer working for a bank.  Normally, things like banking information need to be very strictly controlled.  For this reason, most banks have very formal IT governance policies.  As a developer of a new system that allows the marketing department to interact with customers via Twitter, you don't really have to worry about those things.  So, you ask for a VM or a full sandbox that has full Internet access.  Do you get it?  That depends on the governance policy.  If you don't get it, what happens next?  My guess is that you open up some EC2 instances on AWS and expense them.  You've got to get your job done, right?

This seemingly trivial example happens every day in enterprise IT organizations.  Some handle this very well.  Some poorly.  

No comments: