ITSM and the Cloud Center of Excellence
Given the current issues that the world is facing with COVID-19, there’s a need for IT-related focus and firefighting to maintain business operations. From ensuring that employees can still work if they’re no longer located in your offices, to ensuring that your organization’s external customers are still being served and supported as well as possible. At some point in the future, however, there’ll be a need to plan for whatever normality returns to. This blog is aimed at helping you with that planning (when needed), by sharing advice on what’s being called a Cloud Center of Excellence (CoE).
A Cloud Center of Excellence (CoE) is becoming a common approach in enterprise cloud adoption programs to build cloud-specific best practices that may be different and contradict existing IT service management (ITSM) practices. To help its customers, the AWS Cloud Adoption Framework – of course, other cloud service providers are available – highlights how to do this in non-technical language that ITSM practitioners will recognize. And Capital One is a great example of an enterprise that has successfully used a Cloud CoE to connect the two universes of cloud and ITSM.
This blog looks at the need for a Cloud CoE and the role that ITSM could and should play.
This blog by @Joe_the_IT_Guy looks at the need for a #Cloud CoE and the role that #ITSM could and should play. Share on XA Cloud with no CoE and no ITSM
It’s common for an organization’s cloud adoption to have started with curious minds working on small projects in a single team. These early efforts can quickly sprawl and before long a production system is running on a cloud that has none of the ITSM guardrails that the enterprise would usually expect.
The result of this unfettered cloud sprawl is likely to be:
- Inefficient budgeting – manifested as unexpected cloud overspend
- Insecure internet-facing services containing confidential data
- Incomprehensible and deeply technical requirements to use the cloud, ruling out many normal users who might otherwise benefit.
Then learned cloud practices are purely tribal knowledge – they aren’t documented, verified, or developed with the wider enterprise community in mind. As George Brady of Capital One said about their cloud journey:
“In everything we do at Capital One, we always start from what our customers need and work back from there to figure out how to give it to them.”
What is ITSM if it’s not starting from the perspective of the users and customers?
At some point in every enterprise’s cloud journey, it’s recognized that the cloud has some benefit to the organization but there’s a need to stop uncontrolled sprawling and to start governed adoption from the users’ perspective.
The answer to this is the creation of a single Cloud CoE and engaging the ITSM team to use the Cloud Adoption Framework.
Capital One’s cloud governance and excellence
The AWS collateral on “how to get cloud right” is based on real customers such as Capital One. The recommended practices are therefore not theoretical futures thought up by consultants, they’re based on real companies, real people, and real events.
This quote from Capital One captures the spirit of their cloud-adoption program which embodies the Cloud CoE and Cloud Adoption Framework:
“One key early step we took was to establish a cloud governance function, consisting of risk managers and cloud engineers, to curate capabilities and controls that would keep us well managed as we moved applications into the cloud,” says Brady, adding that this team has continued to update and refine the cloud-risk-control framework quarterly.
“We developed and open-sourced a compliance-enforcement engine called Cloud Custodian to automate detection and correction of policy violations so we could keep our teams inside the guardrails without restricting their ability to work creatively and innovate for our customers. We also built a reporting portal where we can see and measure compliance in the entire fleet of services throughout our complex, multi-account environment.”
What is the Cloud CoE and the Cloud Adoption Framework?
The Cloud Center of Excellence is kind of like a SWAT team brought together for a set period of time as a forcing function to create new capabilities for the organization. This CoE may evolve into a complete function or it may disband and melt back into an evolved organization.
Without a CoE forcing function, people will continue to use non-cloud processes and either fail to adopt cloud or implement cloud incorrectly. Given the choice between “the old familiar way” and the “new, uncomfortable, not quite right way” then the path of least resistance will be chosen.
@Joe_the_IT_Guy discusses Cloud Center of Excellence, which he describes as a kind of 'SWAT team brought together for a set period of time as a forcing function to create new capabilities for the organization'. Share on XThe CoE consists of cloud engineers, ITSM pros, user representatives, security pros, and others. They should be focused on cloud adoption and not distracted by non-cloud, old projects. They should be given permission to try new things and not be punished for failure or missteps.
The Cloud Adoption Framework is a collection of signposts of what to develop, organized into six-perspectives – the first three are business perspectives and the latter three are technical perspectives:
- Business
- People
- Governance
- Platform
- Security
This is the map – and action plan – for the Cloud CoE to follow.
Example activities for the business perspective, say, are:
- Learn about baselining a consumption-based budget
- Investigate the tax impacts of a CAPEX to OPEX shift
- Update IT strategy guidance to include a cloud decisioning framework
- Learn about AWS compliance certifications
- Evaluate AWS compliance certifications against our needs
- Learn about chargeback capabilities.
Source: The AWS Cloud Adoption Framework: Creating an Action Plan
Using your ITSM people, processes, and tools for cloud
In terms of people, the ITSM team should know more about how services are used, what’s wrong with them, and have more valuable cultural and operational knowledge than others in IT. A lot of this intuition can be backed up by data in the ITSM tool(s) and this should be analyzed by the Cloud CoE.
Discover how the Cloud Cloud Center of Excellence and the Cloud Adoption Framework can help your #ITSM teams avoid #cloud sprawl in this blog. Share on XIn terms of processes, the ITSM processes/practices as explained in ITIL 4 work very well with cloud and, in many cases, will be shortened, reduced, or even eliminated due to the “outsourced” nature of cloud. For example, when using a cloud-based automated release pipeline integrated with an ITSM tool, the process is standardized, codified, and automated meaning that the ITSM team can have confidence that the process is being executed correctly.
In terms of tools, the ITSM tools are familiar to users for getting approvals, access, and new systems and services. And any new cloud services have more chance of success if they’re integrated with existing systems. So, use an ITSM tool that can “drive the cloud” rather than adding in yet-another-tool that adds costs and potentially baffles and frustrates users.
Finally, it’s important that the “old ways” do not inhibit progress. “We’ve always done things that way” is not the answer to “How shall we do this?” or “Why do we do this that way?” Not everything old will survive. And “Killing your Darlings” is not limited to writers when it comes to making progress.