So you think your service management’s ready for cloud…
I’m certain the phenomenon that is cloud computing was created by dark forces inside the walls of the Palace of Westminster. That the erstwhile Office of Government Commerce wanted something so powerful that nobody could resist the adoption of ITIL and service management best practice to control it and deliver its benefits. Whether you are service provider or customer, it’s a racing certainty that you are caught up in the clamour to embrace cloud computing and benefit from it. The technology and its potential to deliver utility style services is truly exciting but a common concern is about its potential impact on service management. How do we design, secure, control and deliver in this new environment? Which service management processes will become must haves in an environment with the flexibility to tie itself in knots? There’s a genuine concern that years spent defining ITIL processes for their organisation will be worthless.
Stop! In true Hitchhikers Guide to the Galaxy style, “DON’T PANIC”. Best practice theory implemented in an integrated way can cope with this new paradigm. But…there’s always a but isn’t there?…as we all know a gram of reality is worth a kilo of theory and cloud will highlight the imperfections in your service management. There will be ITIL processes that can no longer be just ignored.
The first point to make is that there is a significant difference between public clouds or hosted private clouds and a private cloud hosted in your organisation. That’s not to say private, internal clouds present no challenges…just different ones.
We’ll start by looking at continuity of service. Let’s dispel a myth. Your CIO won’t be longing for cloud to give them 24×7 availability since current systems don’t offer that guarantee. What will be a bigger concern is your business and IT service continuity provision. The flexible nature of cloud services makes reproducing what might be, in theory, something infinitely elastic a challenge to say the least. Certainly scoping a second environment to fail over into will mean much keener identification of vital business processes. It is almost certain that any contingency cloud environment will not be as malleable as the original nor be able to deal with peaks and troughs of demand with the ease your primary environment can.
One area impacting public cloud or hosted private cloud is a lack of real control. Since services in on-premise private cloud are hosted internally, there would not be any significant difference in the way of working assuming your change management processes are sound and you have a good appreciation of your environment through a configuration management system (CMS). Much greater emphasis in the cloud computing environment will be placed on the request fulfilment process. The opportunity to automate and pre-approve many of these requests should be embraced to make greater use of the benefits that new technology can provide. Service requests are often provisioned based on the defined internal approval cycle of the customer organisation. The idea that the non-IT part of the organisation can effectively set up their own environments, in real time, without need for specialist IT intervention is attractive to them…scary to IT. However, particularly in private internal clouds, where there will be finite capacity limits, check balances and controls need to set up through capacity management to allow instant monitoring of a new environment and monitoring of the cumulative effect of requests on your infrastructure to prevent performance issues.
Effective supplier management becomes an important process in a cloud computing environment that is so much about instant, real time service provision. This is not only in terms of getting a good financial deal from your supplier but also in terms of building a sound working relationship that can be relied on to proactively deliver service improvement, keep you informed of technological advances and be there to go the extra mile for you when business critical failures do occur.
You can often hear cloud described as “pay as you go” computing with charges levied dependent on how much or little you use. This has obvious repercussion for the monitoring, configuration control and financial management elements of your service. The customer requires accurate information related to the details of utilisation you charge them for. They would also like information that can estimate bills or could help them in plan their usage of service. Thus, a service provider needs to have a well defined and implemented process for financial management which has to be supported by a good and efficient tool for monitoring. The billing is only part of the story. As service provider you need to consider your unit charging that you’ll implement and that will be included in your service catalogue. Cost has to be properly allocated to customers and services to ensure effective accounting and charge-back. So much more of that cost is going to be for indirect, shared resource making the problem of apportioning costs more acute. As service provider you must ensure the process is capable of supporting the calculation of return on investment (ROI) and total cost of ownership (TCO) of cloud services to feed into the service portfolio process.
One consequence of cloud is that just as the toolsets and technology got a handle on service asset & configuration management (SACM) along came virtualisation and the cloud to muddy the waters again. Where it’s possible, each IT component of a cloud infrastructure or a service has to be registered in the CMDB along with well defined relationships into a service catalogue. However, the virtual dynamic nature makes real time verification of data absolutely essential. These IT components would be responsible for supporting many customers and a failure of a single component has the potential to have a severe impact on many customers.
With cloud computing, the need for robust service level management (SLM) will become even more apparent. Customers are concerned with the service levels being delivered to them. Monitoring service levels and performance on services virtual services with multiple access points on a plethora of platforms sounds complicated…and, yes, it will be. The need to instantly monitor the delivered service from the customer perspective will be important. Developing a synthetic monitoring capability will also be key. In particular public and private hosted clouds will make it nigh on impossible to monitor components or performance. Monitoring will done using scripts created to simulate an action or path that a customer or end-user would take. Paths are then continuously monitored at specified intervals for availability and response time measures. Only this way can you guarantee a service was / will be there when needed.
Perhaps a principal concern for any organization that wants to move their services to external private or public clouds is quite literally “where on earth is my data?” This makes information security management a must have. IT security must be integrated with the organisation’s security requirements. Thus, an organisation seeking cloud services has to ensure that their overall corporate and IT security governance framework is not compromised upon while moving their IT services to a cloud environment.
The flexibility of the cloud is attractive particularly from the promise unrestricted usage of services. Don’t be fooled…virtually every cloud environment can suffer from a sudden surge in demand. The probability of the surge will be much higher in public cloud. To be ready to provision such demands effective mapping of patterns of business activity (PBA) is essential. The analysis of PBA and trends will allow more certain planning to take place and risk to be reduced. A close linkage of demand management with capacity management and IT financial management processes is needed to allow this to happen and give you the opportunity to influence demand through differential pricing of service offerings.
Capacity management and capacity forecasting becomes a truly complex and critical activity. One advantage is the toolsets to model demand are getting more sophisticated by the hour but the old adage of “garbage in, garbage out” still hold true. If you don’t understand what the business demand will be or where it emanates from you will have issues. It will prove impossible to automate the flexibility that virtual and cloud environments provide without tight integration between capacity management and SLM processes.
We’ve majored on design, service levels and service acquisition activity so far but the traditional IT operational areas of incident, problem and change management are not immune. Users will be making much more use of self healing and collaborative approaches to resolve incidents. So much so that social media may become first line with the traditional service desk the new second line support. Effective monitoring and recording of such events still should be done. The event management process will have to be integrated into this and the need for correlation engines to speed up resolution and analysis will increase. Building and designing this into new systems is so much cheaper than retro-fitting afterwards. There we go! Design again.
Every IT service or component has to go through a change at some point of time during its life cycle. Cloud services are no exception to this rule and it’s unlikely many of us will be able to afford the provision of continuously available systems and services where maintenance goes unnoticed. The real concern starts when a customer is using the public cloud, and even more so when the cloud infrastructure itself needs a change. These changes, specifically the ones related to cloud infrastructure, are controlled by the service provider and would be based on their change policy. For example, Google, Face book and Twitter are unlikely to ask you when they intend to take a service down for critical maintenance. If you rely on these public clouds beware that you understand the risks. This makes change management a key process.
This has barely scratched the surface of the service management issues you may encounter but should have covered the principal concerns. My view is that the service strategy and service design activities are the areas that we must concentrate on to deliver real value, lower TCO and reduce risk from the switch to virtual and cloud environments. The result? We have satisfied customers using flexible, business improving services not knowing or caring where the provision came from because we delivered what they needed, when they needed it.