Once it is recognised that each type of business has a different motivator for their digital journey, one can step back and see the relative organisation effort that has been attributed to the change.
WannaCry impacted a large number of computers world-wide, it appeared to exploit random Windows computers world-wide in a cascade fashion. Exploiting the human element along with some known, though not patched, vulnerabilities in Microsoft Windows code (SMB). The question of should Microsoft have patched the code or more importantly, why they didn’t, is something that I’m guessing history will understand. As is the question about how extensive Microsoft has been exploited by the NSA and others for use in times of war or other state/syndicate needs.
However, despite the widespread distribution of the WannaCry malware, it appears that the authors have not collected their bounty in Bitcoins. This could be because it was more successful than expected, or that it was just not their intent. I can’t help feeling that this was mayhemware and not malware – something designed to cause disruption to perhaps test the potential to expose the risks posed by the NSA code.
Either way it is a wake up call to CISO’s and cyber security professionals all over the world – the old way of protecting the ‘edge’ of the network is dead. Everything needs to be untrusted and managed as levels of managed risk – people included.
More technical detail can be found on WannaCry on Wikipedia.
28th June 2017 Update: NotPetya is running rampant too. It appears to use a tweaked version of the open-source Minikatz code combined with the NSA leaked EternalBlue SMB exploit used by WannaCry. The key difference with WannaCry appears to be the use of the ‘administrator’ credentials to gain access to more vital areas of the hard disk’s file structure improving the potency of the encryption and rendering devices unusable unless decrypted with the paid for key.
Is this a sign that Malware extortion is actually growing breed of mayhemware with the coders perfecting their art?
Lack of PCI DSS awareness is not an excuse
For an organisation like Evans Halshaw, you would expect PCI DSS compliance and data standards that keep your credit card and personal safe. Yet they are part of a hidden problem where people just don’t understand the legal and moral obligations that they represent on behalf of their organisations.
I have a wonderful email from their “sales manager” Mike Spooner and team who state that “PCI DSS will not allow us to store credit card information”. With this gap in PCI DSS knowledge, it is likely that there is also a gap in how to handle general data protection. Therein lies the concern. They are taking credit card, loan, payment and personal plan details and what are they doing with them?
We pass our data and our information through our ISP’s. They have the ability to sweep data about us, inject adverts and code into our browsing. The have the ability to censor and limit what they think is right and appropriate. But how far should we allow this trust to go?
Sure, there are some legislative regulations to which they must comply (snoopers charter stuff), but they have the ability to make money out of your clicks, artificially promote information in their own interests and track your very lives.
Yet on the whole we trust these people, trust them to listen into our lives and to help us on our journey around the web (suggested sites and redirects). But should we?
There is general fear around the use of cloud based infrastructure-as-a-service. A cultural fear of the change it implies: the movement of IT from power to service provider, the perception that management will lose control, and the organisational structure changes and more.
Let us just recap first on the difference between traditional infrastructure and IaaS:
Traditional infrastructure, bought and installed on site, is expensive and takes upfront capital expenditure, requires the purchase of all associated supporting software and hardware (such as monitoring and management) and requires a team of people to run and manage it.
By moving to the cloud, there is less upfront cost, lower optional expense and has fast delivery times. This is a cultural challenge though:
big old IT projects -> dynamic procurements that are reliant upon 3rd parties
But where is the IT team with this approach?
Not known for their ability to evolve over time, IT teams traditionally are quite static, risk adverse and cost centric. Their challenges revolve around two key fundamental changes:
- IT needs to be able to let go and let their services run elsewhere
- Business owners need to feel comfortable that IT can keep their data safe on 3rd party services
Both are a question of ownership. IT needs to feel that it owns the services provided by 3rd parties and the business needs to feel comfortable that IT are keeping their information safe and secure. Both are reliant upon the other, but IT should be leading the way and facilitating change.
The fix to IT-as-a-Project?
The focus of IT though is wrong. In fearing the cloud providers, IT are alienating themselves from the business need for cost control, rapid change and flexibility. IT are becoming the problem and not the solution.
Cloud providers run IaaS systems in vast numbers. Security is their number 1 priority. Without a secure environment in which to run the services, their market and customer base would soon dry up. That’s not to say that the services hosted on IaaS are secure, but the base layer of the service must be secure.
So whilst IaaS focus their efforts on security, reliability and availability, internal IT teams focus on the next project. These projects are often at the expense of the maintenance of infrastructure and base level services.
Moving into the cloud, removes the risks of IT-as-a-project, giving IT a stable platform on which to work. As such it should be celebrated as a position that will enable IT to maintain a modern technology platform.
The IaaS budget problem
People are used to capital based procurements. It’s the traditional way of buying IT things. Big boxes turn up, they get plugged in and someone plays with them for six months to get them working. Finance get to depreciate an asset and on the books you see just a proportion of the actual cost.
Procurement of infrastructure-as-a-service is by its very nature different. There is no ownership of hardware, of flashing lights, of big data centres; you are procuring a service. With no depreciable value, the service is a line in the Opex column in finance and often operation costs are considered bad and something to be cut.
So, it is not just IT that need to change, procurement and finance need to realise that the way of doing business in the IT world is changing.
- IaaS prices are dynamic, going up and down in value
- IaaS has frequent repurchasing of shorter term contracts (2-3 years not 4-5 years)
- IaaS relies upon 3rd parties
- IaaS 3rd parties are likely to be leading edge
Summary of cultural problem of IaaS
This is a more complex subject than summarised, here, but as a starting point, think about these key areas of cultural change required to support IaaS:
- IT needs to embrace as-a-service and use it as an enabler for rapid change
- IT needs to adapt away from IT-as-a-project and embrace buying commodity IT as-a-service
- IT and finance need to move from Capex to Opex purchasing models
- IT and finance need to accept and manage the risk of as-a-service
Read more about thoughts on Cloud and everything-as-a-service.
Across all industries, organisations are under an increasing amount of pressure to achieve and deliver more value within a constrained budget. This has resulted in organisations turning towards an Outcome Based Procurement model for a solution.
WHAT IS OUTCOME BASED PROCUREMENT?
Outcome Based Procurement is significantly different from other more traditional procurement models. The contracts derived from this model focus more on the ‘What’ than on the traditional ‘How’, this means that organisations can focus on defining to a service provider what they want instead of trying to provide that themselves and thinking of the how to provide it.
This procurement model works by the organisation providing outcomes that they want met. This removes the need for the organisation itself to come up with a solution, instead the organisation transfers this responsibility to a service provider. Continue reading
It is perhaps true to say that the effectiveness of Enterprise Architecture varies from organisation to organisation, and it would appear that the differentiating factor in the success of practices is the level of acceptance from senior management teams. Organisations which value the contributions enterprise architecture can make in aiding business decisions where IT is a contributing factor, can reap the benefits of a joined up approach when realising institutional goals and ambitions. Let us not forget that enterprise architecture is not just about IT, it’s about bridging the gap between the services which IT can provide with the needs of the wider organisation and the strategic direction it is taking. Continue reading
The phrase ‘IT-as-a-project’ doesn’t naturally come to mind when you think of how to go about managing IT. It has been born out of the experience of project managers as they have progressed through organisations. It has become an almost religious experience for those caught in its grip. The ethos revolves around the need for all change to be a project. Projects become the IT organisation, its life, actions and structure.
IT-as-a-project has benefits: a known cost, a direction of travel (though simple) and an approach generally agreed with finance and the business. It also allows costs to be understood and fixed annually.
This can be useful: during transitions of senior staff, or as temporary constructs when moving IT to 3rd parties. Long term though, it has some serious constraints:
- Each project, as a temporary construct, is inherently selfish. Using Agile badly increases this selfishness. Selfish behaviour within a business is rarely sustainable.
- Your organisational maturity may not allow or expect over-running projects and project costs. Projects, especially poorly run Agile projects, are running risk around cost vs scope. It’s common for projects to just stop when the funding finishes.
- The medium and long term cost of IT becomes uncertain. Projects seem to take over the IT day job and the function of IT seems to get lost.
- A form of Ponzi scheme is often formed. New projects feed the legacy and failings of older projects and the interoperability, security and governance problems selfishness causes.
- Significant loss of competitive edge. As a selfish construct, IT-as-a-project is not looking at the bigger picture, not looking at doing the right thing overall, just what is right for each project individually.
So, should you take IT-as-a-project as your IT strategy? It comes down to two simple thoughts:
- Are you looking for a simple strategy that only needs to be effective short-term ?
- Are you prepared to accept the cost and risk of the medium/long-term impact?
Read about the everything-as-a-service model here.
The EU-US Privacy Shield agreement is due to replace Safe Harbour. The agreement intends to provide Europeans with a level of protection against exploitation of personal information, but with the basic premise based on American companies self-certifying their compliance with the agreement, many Europeans have a right to be skeptical.
There was great hope that the self certification elements of the old Safe Harbour agreement would be dropped in favour of an audit and assessment carried out by the EU, but in the proposal to date, it looks like any audit of a self certification would have to be done jointly between the EU, the ombudsman and the US FTC. Not an easy task and likely to put off all but the largest cases of breach or compromise of personal European information.
It’s the latest buzz word to hit IT – Bimodal – and yet it perfectly described the problems faced by most modern and digital orientated businesses: the ability to be agile and innovative whilst providing all those standard services that are required to keep the IT world running.
I’ve discussed a number of models with a recent focus on everything-as-a-service (XaaS), but the catchier and more complete Bimodal model brings together both my thoughts on buying as-a-service (for the BAU and keep the lights on functions) as well as the creation of innovation units dedicated to providing the business change and creativity to be competitive.
I certainly watch with fascination as the momentum behind Bimodal IT builds to become the standard functioning model of any modern IT service.
With the demise of Safe Harbour rulings, your online life has become a little less secure – is Boxcryptor the answer to the security needs of Cloud based storage?
The Cloud First Strategy
Part 3 – Moving from legacy support to supplier management
Hardware and software become largely irrelevant as the key question becomes, “does this service meet the business need?” The burden of complex supporting systems is moved to 3rd parties as part of the service they provide. Help desk/technical support for the product also moves to the 3rd party.
With XaaS IT, ‘service management’ becomes a much less complex place to be. IT must move to act as the intermediary between the customer and the suppliers.
- Manage multiple small suppliers and contracts
- Maintain compliance and regulatory integrity of the IT service
- Be trusted by the business, the IT team and the supplier community
Traditional IT teams must change. They must transition from ‘service management’ to become ‘supplier management’, they must move away from their focus on technology to contract compliance and supplier relationships.
Example of the differences
Traditionalist IT people struggle to understand this concept, so let’s kick off with an example from a traditional service management function:
- Help desk, call handling and 1st line support
- Purchased for millions and supported by legions of staff. Vast hidden quantities of money and effort are poured into bespoke and unique help desk systems. All this for those ‘important’ help desk stats.
- IT seems unable to work without its help desk and the unfathomable way people are expected to interact with it.
- System monitoring
- Another area tainted by the bespoke.
- Multiple monitoring systems, plugged into master monitoring systems reporting to other monitoring systems.
- Usually visually impressive, the stats and thresholds used are tweaked by IT who spend endless hours perfecting the meaning of red, green and amber.
- Configuration management
- Caught in a legacy trap, where IT consider people as a liability and risk.
- People often go out of their way to remove monitoring, auditing software from their devices due to privacy concerns or because the tools stop people working effectively.
Now, compare that to the XaaS world:
- Contracts include support and maintenance
- Point services and solutions will include the whole life cost including the cost of support and maintenance
- Pay by results
- 3rd parties paid on results. The business should not select based on the background technology. The supplier should be chosen on merit and ability to meet the business need – technology is their problem.
- Results = what your business values
- Little point defining metrics that are irrelevant, unachievable or introduce undesirable behaviours.
- Contracts designed to be flexible
- Scale up and down; match peek times of demand, reduce at lower times of demand.
- Agile. Stick to 2 + 2 years.
- Clear costs, known risk
XaaS Org Chart
The often traditionally bloated supplier management function does not even appear in the everything-as-a-service XaaS IT org chart.
Clearly this is a idealistic interpretation, as the need for help desk type services still exists, but they are provisioned by 3rd party experts and work for the supplier management function.
Is Xaas Outsourcing?
Outsourcing has sat in this territory for quite some time. But the aims and goals of outsourcing are different to those of XaaS. You can see my thoughts on the difference here. Suffice to say, XaaS is surgical in nature, outsourcing is, by comparison, a shotgun approach.
It is likely that outsourcing is chosen by default as it resolves, in one hit, many of the problems experienced by poorly performing IT teams. This though is created by an accidental slight of hand from IT:
IT support tend to work under the illusion that their IT service is unique and requires unique systems for support. They talk about, document and create bespoke systems to maintain the mystery (their job and role). This naivety helps to perpetuate the deception that IT is complex, impenetrable and poor value.
The more difficult the problem the more likely outsourcing is used to solve it; the more likely outsourcing is the more complex and bespoke IT make their systems; it’s a vicious circle that only culture can change.
There are plenty of reasons to keep internal teams, not least for the latent organisational knowledge; but often poor or out-of-date IT management skills push outsourcing as a quick fix.
One core aim of this approach is to fix the overly bureaucratic systems installed by management to create statistics, measurements, and controls. The culture created by these systems often pushes the business to question why ‘help’ is included in ‘help desk’ and pushes IT staff to close calls as quickly as possible.
There is no need to create an IT team that everyone hates. It is possible to design a service that meets the needs of the business in an affordable and sustainable way.
The goals of supplier management in XaaS
So you’ve decided the everything-as-a-service XaaS is the way to go, how do you convince your existing service management staff that supplier management is the way to go?
That’s not an easy one. Those that embrace change are likely to be evangelised by the opportunities presented; others will struggle and may need to stay in their comfort zone through TUPE to 3rd parties. TUPE may sound cold, but in the surgical world of XaaS IT, people can be moved into organisations that best fit their skills or ambitions. This is no outsource shotgun.
Something you should do for every part of your organisation is to set key goals. These should compliment and reinforce your vision for your IT organisation and should help people understand your intent and strategy.
Top 5 goals for XaaS supplier management:
- Enable the digital workplace
- Engage with customers, listen and take ownership
- Form a sustainable relationship with the suppliers
- Provide feedback to suppliers and customers
- Create a sustainable and open financial model for IT services
Take note of the keywords here:
- Ownership: alone taking ownership will increase the positive perception of IT. It will create a shared sense of purpose, a shared need and a shared driver to help the business.
- Sustainable: emphasises the need for practical and maintainable relationships, finances and business services. This reduces the knee jerk IT management style prevalent in some areas.
Key take away points
Whilst brief, the paper aims to discuss the theory of everything-as-a-service IT and it’s impact on a traditional service management function. The proposed move away from service management will scare most IT traditionalists and excite the visionaries, so please take these few points with you:
- Service management in its current format is not sustainable and requires significant revision
- Move to engage, listen and take ownership
- Form a sustainable working relationship between business, customers and 3rd parties
- Create a culture of change, innovation and partnership
I’ve pushed the apprenticeship scheme at Plymouth University for some time and took on Scott Walker to work in my IT Architecture team. A former car mechanic, Scott moved from Carlisle down to Plymouth. For Scott to be short listed for IT Apprentice of the Year is great news!
- Scott’s has created over £650,000 of potential savings for Plymouth University and averted £7million of potential risk
- Scott excelled in driving forwards a city-wide project to connect 100 businesses to super-fast broadband in collaboration with Plymouth City Council
- Completed 2 Year NVQ Level 3 in less than 1 year
- Heading for a Distinction in BTEC
The recruitment process for is often tricky, but from the first moment that the panel met Scott, it was obvious that we’d found someone special… his motivation, confidence and professionalism far exceed his years.
Over the past 18 months, we’ve seen Scott’s ability grow exponentially. It will be a bittersweet day (for his colleagues) when Scott’s Apprenticeship is complete.
He is a trusted colleague and an inspirational person. I wish him every success for not only this but every venture that he undertakes in his career. I have no doubt in his continued success.
“Strategy & Architecture apprentice shortlisted for an award
Adrian Hollister, Head of Strategy and Architecture, Plymouth University
Congratulations to Scott Walker who has been has been shortlisted for IT Apprentice of the Year at the UK IT Industry Awards.
The UK IT Industry Awards 2015 benchmark outstanding performance throughout the UK computer industry and focus on the contribution of individuals, projects, organisations and technologies that have excelled in the use, development and deployment of IT in the past 12 months.
Being shortlisted for one of these prestigious awards from Computing and BCS, The Chartered Institute for IT, is a major boost for Scott’s career prospects and the IT apprenticeship scheme.
Scott has to attend a Finalists Judging Day in Reading on 25 September and the winners will be announced at an awards dinner on 18 November.”
So congratulations Scott Walker and all fingers crossed for a win! To find a little more from Scott himself, head on over to the Plymouth University Strategy and Architecture blog.
XaaS vs Outsourcing: It’s a theme brought up at alt-c this week and something that most people are confused about: Outsourcing and everything-as-a-service XaaS are not the same things.
They may be used to achieve the same results but when you compare the intent of each they clearly show their differences.
Whats the difference between XaaS and Outsourcing?
XaaS is granular, focused and can be applied surgically to key areas that need attention. Outsourcing is expensive to negotiate and apply. It takes time, introduces additional cost of purchase and sale and implies a reduction in flexibility – details are lost or hidden in contractural obligations, service level agreements, the transfer of assets, liabilities and risk.
- Outsourcing tends to apply to larger elements of business. Whole teams or departments moved. The impact to IT itself is structurally significant.
- XaaS tends to apply to surgical strikes. Moving clearly defined elements to a 3rd party. The impact to IT is small and can be managed over time.
Which is best? XaaS vs Outsourcing
That’s going to depend on your organisation, neither may be suitable. To help you decide in the XaaS vs Outsourcing debate, think about the following Top 6 reasons…
Top 6 reasons to go XaaS
- Focus on business need
- Speed and Flexibility
- Standardised, transparent pricing
- Access to global high skill resource pools
- Improvement in image
- Increase in competitiveness
Top 6 reasons to Outsource
- Pass risk/staff to 3rd party
- Create a structured framework of IT services
- Focus on core business
- Long term stability
- Access global high skill resource pools
- Known cost framework
If you have a business (even home based) you can get connection vouchers for up to £3,000 to cover the cost of installing high speed business broadband. The voucher scheme can be used against a package from one of the registered suppliers in the area.
If I read it right, you can put multiple vouchers together from businesses on the same premises. This could enable business parks or multi-occupancy offices the ability to collaborate on the cost of a much bigger internet pipe.
There is a page for Plymouth with the specialist providers listed.
Seems to be a rather overlooked opportunity for business to make the most of some free money to give them high speed business broadband. So, make the most of it now and apply as soon as you can!
The Cloud First Strategy
General change and projects need to be self funded. I’m going to say that again – they need to be self funded. The cost of IT should be the cost of the provision of the known service. The unknown cost of change is given to the business to empower them to choose the priorities and provide the flexibility to select services not provided by IT.
IT should not be scaled to provide endless change and project support, but should be scaled to be the technical conscience of the business: facilitating change, translating business need to technical deliverables, engaging 3rd parties and providing an oversight into the IT elements of change.
Think SME not 3rd Party
Engaging with a 3rd party for delivery does not force you down the consultancy route. Think of the SME approach – dynamic, agile, best of breed skills to best of breed solutions.
Suppliers will thrive in this environment if they are allowed to part of the team and part of the journey. The relationship with suppliers must be sustainable and based on trust between both parties. Suppliers must be able to make a viable and sustainable profit and should run open book integrated into the IT accounts.
Remember: there is little point engaging with a supplier based on the lowest possible cost. Underbidding suppliers run the risk of attempting to make up the money with change control, delivering a valueless service, or withdrawing from the contract.
It may even be viable to export any existing delivery team via special purpose vehicle (SPV) to allow them to work more dynamically, realistically with efficiency and energy.
Moving to an SPV could also be a quick enterprise that moves money around the balance sheet and reduces the headcount numbers. An outsource may also achieve the same result, but costs will need to be carefully controlled and understood – change is often used as a source of profit in such enterprises.
Move away from bespoke code
Poorly executed Agile and similar methodologies often create swathes of poorly documented bespoke code. With projects being self funding the sustainability of the solution must include on-going run costs. Bespoke may be cheap to write, but it’s not cheap to maintain or support.
In the SPV model, the SPV is incentivised to pursue efficient, sustainable delivery models by owning the maintenance of the code and solutions. Inefficient, undocumented, or poorly designed solutions will be financially and materially expensive to support and maintain. The SPV will quickly have to become more efficient or loose contracts to 3rd parties.
The back catalogue of legacy and bespoke code created using agile or similar methodologies is likely to follow this SPV. A contract for maintenance and support must be provided and at a fixed, but sustainable cost. The risk owned by the SPV with clear incentive to reduce and remove the costly bespoke code elements.
Compensations drives behaviour
The move to SPV or outsource must have effective incentives for the staff and SPV. The business may need consistency for a number of years after the structural change or the business may require immediate cost savings, either way, the team moved into the SPV must be motivated to achieve these goals. The SPV route is a great way to move constrained exec’s out of the core and give them the flexibility to excel as a commercially driven arms length body.
What about general day-to-day change?
It would be fair to assume that in the everything-as-a-service model there is strong reliance upon the need for the contracts with 3rd parties to include the cost of maintenance and support change. These elements are needed to ensure that services are compliant with regulatory and security standards and to ensure that services can continue to interoperate.
The contractual obligations of 3rd parties should also be extended to allow the IT team to plan and organise change between the various solutions and 3rd parties. This is standard IT practice, but here the intelligent customer becomes more relevant. It requires a strong understanding of enterprise architecture, governance, the contractual commitments and a timetable of key business events and priorities.
Remember that purchasing on cost alone will fail in this model. Whilst this is not unique to this model, purchases do need to be made on value to the business and support the everything-as-a-service model. Excellence is required in supplier and contract life cycle.
Allow the business to change direction
Once in a while the business will need to change direction. To scale up or down. To create a new branch or brand; or to remove a few. IT should not constrain the business from doing what it needs to do. The contracts put in place with 3rd parties should be designed to allow the business high flexibility.
Services procured could be based on metrics key to the business: the number of products, staff or turnover. This variation of the standard usage model often applied by suppliers may require significant negotiation and contractual skills. Not all 3rd parties will be keen to work differently, so careful and pragmatic selection is required.
Key take away points
Change is embraced as part of the everything-as-a-service IT model through the use of 3rd parties that are incentivised to be more performant, flexible and cost efficient.
How to manage change in XaaS IT:
- Cost of change is given to the business to empower them to set priorities
- IT must not constrain the business from doing what it needs to do
- Use dynamic and agile 3rd parties for delivery
- Remove bespoke code by accounting for whole life cost of services
There is an opportunity to move existing delivery teams into a special purpose vehicle (SPV):
- Allow radical reduction in delivery headcount
- Allow constrained exec’s to flex their wings
- Facilitate cost reduction through the removal of bespoke code
- Facilitate competition with 3rd parties
Cloud First Strategy: Read the next article Part 3 – Moving from legacy support to supplier management go to the INDEX or go back to Part 1 – Impact on the IT organisation
The Cloud First Strategy:
Adrian Hollister, Digital Transformation, August 2015
By now it should be clear that buying IT the old way has long gone:
tin + software + installation + maintenance + staff + training + management + support tools = expensive + slow + poor value
Cloud has been coming for some time, but it’s the everything as-a-service (XaaS) element of Cloud computing that is so compelling. Removing the need for expensive and all consuming IT departments, thinning them down to an intelligent customer layer.
So what does that mean in practice?
As cloud based services are being adopted the approach and model of the IT department needs to change. Services move from local data centres to the cloud, storage moves to the cloud, telephone to the cloud, even network controllers and authentication are moving to the cloud. Office365, Skype, BYOD (bring your own device), Dropbox, etc. That natural convergence of IT services doesn’t leave a lot for IT does it?
There is plenty of value IT can still deliver, just in a different way. No longer about flashing lights, complex help desk systems, and the mysteries of poorly documented services; the IT team can now focus on delivering real business value.
But IT has seen a number of organisational models already in widespread use today, so let’s do a brief comparison:
- Centralised IT. The most commonly used model. Line of business are beholden to a CIO who controls the pace and priority of change. Attempting to be a compromise and usually perceived to be driven by cost and technology not business value.
- Decentralised IT. Usually with this type of model, each line of business has their own IT Director. Priorities are set at board meetings controlled by the line of business (LOB) and facilitated by the CEO. Multiple IT teams, development teams, help desks and support models.
- Federated IT. IT services are owned by a number of parties and the LOB may choose not to use the central IT service. It is quite common to see this after a merger or change and is usually short lived. Complex arrangements of interlinked services, support and development teams.
- Service led IT. A core set of IT services are provided from the centre but are provisioned by 3rd party. CIO focus is shifted to adding value to the business, away from commodity IT provision. Move from developing code to buying services. This is the core to everything-as-a-service (XaaS) led IT departments.
The service led model is a variation of the ‘intelligent customer’ approach taken when business move towards a heavily outsourced model. They key variation is that contracts in the service led IT model are numerous, short and with pinpoint focus. Creating the opportunity for numbers of smaller, specialised and high value businesses to apply.
This creates a level of competition and introduces flexibility to end failing contacts early and pursue new ideas when the business needs change. This also shifts the work that the IT department needs to do, from a hardware and bespoke solution focus, to one of managing their customer and their suppliers. In this approach, the organisational model looses ‘IT support’ but gains ‘supplier management’.
Being commodity, the help desk also goes, replaced from a specialist supplier; and perhaps this commodity element is the big differentiator. Anything that is not a core function of the business and is readily available to procure from a 3rd party should be considered commodity IT and provisioned by expert 3rd parties.
The delivery function also losses out. Without the need for vast quantities of bespoke code the delivery teams can be paired down to a core set of PM, Architects and developers for legacy code and integration maintenance. It’s important to note that all change in this model has to be self funding.
Example everything-as-a-service XaaS org chart
Change is not quite so difficult with as-a-service
Any new model or approach is going to be difficult: there must be a clear strategy for IT. Not only a sense of what is needed today, but also tomorrow; and that strategy must be understood and agreed with the business. The change however, can be quicker than a re-organisation with staff being redeployed in new roles or moved (TUPE) over to suppliers. As such the impact on the organisation and staff will be low compared to traditional reorganisation methods.
The financial considerations will also be different to a traditional reorganisation. Moving head count into supplier contracts will reflect good on in-year savings and savings may be had by purchasing more efficient services, returning floor space and reducing risk. Costs are also likely to be moved towards a standardised monthly fee, giving the business good visibility of often hidden IT costs. Finance will thank you for being able to plan clearly and provide consistent and open costings.
The approach to contracts needs to change. By using short 2 year or 2+2 contracts the business can choose to change provider. This will help the agility of IT provision to meet the changing needs of the business. Some may be tempted by cheaper longer term contracts and for some core services this may be appropriate, but it will limited your ability to grow and shrink to business demands.
There is a significant change in culture, from employment of vast teams of developers, support, help desk and technical specialists; the IT function needs to move to professional supplier and contracts managers and experts within EA, Security, BA and relationship management; and more importantly, projects and business change must be self funding.
By moving to a self funding business change programme, IT wont change things for IT’s sake.
IT for IT’s sake
It’s the bane of any business – IT doing the best thing for IT. Techies wrapped up in their technology, their brand or the latest toys. There is a place for this, but not in the provision of core IT services.
A pragmatic as-a-service model will force IT to move away from looking at technologies and brands and force them to think about what services can be used to meet the business need. It will force a move away from bespoke development to commercial off-the-shelf software and services (COTS).
- COTS – remove the need for developers to create endless unsupportable bespoke code. There are specialist applications and services that are likely to meet the majority of the business need. Start here and be flexible with expectations.
- Software as-a-service (SaaS) – remove the need to worry about the platform and the supported software layer. Just get up and running with the service provided. Flex to need.
- Platform/Infrastructure as-a-service (PaaS/IaaS) – remove the need for people to touch or play with hardware, brands, upgrades. Why do this in house, when you could be using industry experts who do this day in and day out.
It will be a substantial shock to the IT traditionalists. By taking a step away from the coal face of technology provision IT can work closer to the business; for the business; delivering real business value.
The move towards Cloud and as-a-service is inevitable. Will IT be able to keep up with the pace of change?
Key take away points
This is a big subject area that I’ve condensed into a couple of pages, but even if you do not have time to go through the text, here are my key take away points:
The value of everything-as-a-service (XaaS) led IT
- Vastly reduced in-house IT team – keep just the experts
- Vastly reduced in-house IT footprint – services in the cloud only small on-site d/c
- Focus on relationships with the business – IT only exists to support the business
- Clearly accountable IT costs – no hiding project, development and support costs
5 core rules of everything-as-a-service (XaaS) led IT
- Focus on being the intelligent customer
- Drive innovation and business value
- Commodity services should be provisioned by a 3rd party in the Cloud
- Restructure the organisation to focus on business value
- Document, plan ahead and agree your strategy
Cloud First Strategy: Read more: Part 2 – How do you manage change in an XaaS IT model?
It will always be impractical to implement superfast broadband for every household, especially for those with rural broadband. But why?
Roughly 5% of houses will not be covered by real superfast broadband. This is commonly because they are geographically dispersed, have long lines to the exchange or have no BT fixed line service. All of these premises, people and businesses are stuck in a time warp drying up their ability to use the digital world and preventing growth of smaller businesses. The internet is now so pervasive, I would argue that it is far more important than traditional telephony, especially when it comes to inclusivity of our society (leaving people behind), and inspiring the next generation.
High speed Internet is essential for our society going forward. If we are to compete with the likes of the asia block, we must invest and bring real superfast speeds to every household. Aiming for 100Mbit for each household should be a minimum; and not in 10 years but we need to start working now.
A world of connected devices, Internet of Things, real free sharing of information, open honesty from governments, financial transparency, all of these rely upon an open and inclusive Internet. As the barriers between countries become lost into an electronic world, we should be at the forefront, the pioneers, the innovators.
But we are stuck in the international slower lane, and told that fixed telephone line is not always the answer to super fast internet. We are told this as the 5% left are expensive, complicated or just not profitable to service. Let’s first think of the alternatives:
- Mobile providers are now slowly distributing faster data services, but for the 5%, they are not going to be anywhere near the top of the list of telecoms masts to upgrade to 4G. When we can’t even get good mobile internet coverage on the train, how are we going to expect good rural coverage?
- Satellite broadband services are available – offering up to the ‘slow’ end of the superfast spectrum (10Mbits), they are very expensive; bandwidth limited and they introduce large time lags making it virtually impossible for computer gaming and time sensitive security applications (VPN’s etc).
- There are also a few wireless initiatives, but these are few and tend to focus on ‘slow’ speeds for defined communities (such as villages) and still backhaul over BT fixed line network.
In essence, whilst there are a few alternatives, none of them live up to a sustainable and high quality service that we have come to expect over the BT fixed line network in towns and cities.
If the answer is the fixed line network, there are a couple of scenarios that should be considered:
- UK plc should invest heavily into this fixed line service to upgrade all lines to FTTP. This will help bring us inline with our international competitors, allow the country to aim higher, facilitate home working and create a platform for sustainable business innovation.
- UK plc should bring the fixed line network into public hands, take the cost/risk away from a public company and return an asset to the country. Whilst some may consider this to be BT’s crown jewels, it is essentially run as a separate entity, it would allow BT to fairly compete and grow it’s business base.
The risk here is that the R&D investment BT has made into the broadband network would get lost. That spark and driver for innovation forced by competition may be lost.
- Perhaps the compromise is the formation of a UK Openreach – a publically owned shell organisation that distributes contracts to 3rd parties for the provision of a fixed line network. This would have to ‘own’ the local loop connection from exchange/green cabinet; but not the back haul to the ISP’s network. This should not stop at just BT though; Virgin Media’s fibre network etc should also have to give up their wares to competition.
- Amend the universal service obligation to focus on broadband and Internet speeds and not calls – after all, mobile or IP telephony is simple with sufficient speed to the Internet.
What ever we do though, we cannot afford to lose world class technologies companies like BT. There needs to be enough incentive to be creative, exciting and excellent in their use of technology; innovative enough to provide them with a business platform that is sustainable; and produce companies that are internationally competitive and world leading.
After all the hype of Apple Watch, big screens and iOS 8, the launch of new Apple products went ahead last night. I just can’t help being underwhelmed. Big screens to catch up with the competition, NFC support to, err catch up with the competition and an iWatch to catch up with the competition. I’m not sure there is enough there to make people want or need to upgrade.
Still, I’ve no doubt that Apple will do what they do best – they will make it easy to use, make it pervasive and perhaps more importantly create an unstoppable frenzy of consumer demand.
LED lighting is moving forward at a pace at the moment and prices are dropping quickly. 7dayshop have started stocking ‘Ecolight’ branded MR16 bulbs running at 5W. These are produced in China but are made by the Daewoo group, so at least they meet EU standards.
So, from first looks, they are the typical multi LED configuration and as the ones I’m testing are ‘warm white’ the LED’s are the typical yellow colour when not turned on. It’s also good to see that the packaging in minimal with no plastics, just recyclable card/paper. The specification of the bulb is good on paper too. They are 12V MR16 bulbs consuming 5W putting out 370lm of light (about the same as a 40W halogen). They have a 120 degree projection angle, so are good all round lights.
In line with most LED based bulbs, they are IP44 rated and A rated for energy consumption. At a hefty 50,000 hours of lifetime, they put all but the most expensive halogens into the shade. Perhaps one downside is that they are not dimmable. Not too much of a problem for me, but if you like to change the intensity of your lighting then you will need to look elsewhere.
Installation is a simple as removing the old bulb and installing a new one. Retrofitting these into an existing installation may cause you problems though. Some traditional 12V inverters don’t work at such low power consumption levels and you may need to replace them with an LED driver.
So if your MR16 LED bulbs are flickering, you will need to find a lower power constant current driver. I’ve switched to a Halolite unit, but there are plenty out there to be found. This will impact your total price as these units are not cheap, so if immediate cost saving is your goal, you may need to look to alternative forms of lighting.
The light pattern is good and unless filtered, it’s difficult to see the LED’s. The Ecolight MR16’s are bright with a warm light – something of a departure from standard halogens that seem quite cold. I’ve replaced 6 35W halogen bulbs with 6 5W LED bulbs, so my consumption levels have dropped from 210W at 12V to 30W at 12V. Quite a substantial reduction. The light levels are higher and with the new drivers installed, flicker free.
Overall, these are an excellent way to reduce the total power consumption, increase the general light levels (compared to 35W MR16 bulbs) and offer a warm light alternative to cold halogens. If your goal is to save money though – the additional cost of constant current drivers may push this to a long term cost saving measure only.
A project to enhance the internet connections across Plymouth University’s campus has earned recognition from judges at a national awards ceremony.
The major upgrade, part of a programme of investment in state-of-the-art technology, included an overhaul of the wired and wireless networks in more than 1,700 student rooms and other communal areas.
The project has now been named runner-up in the Best Use of Cloud category in the Real IT Awards, which aim to recognise outstanding IT innovation across the private and public sector.
Plymouth was the only educational institution on the awards shortlist, with other nominees including multi-national giants such as Volkswagen, E.ON, GlaxoSmithKline and Pepsi, as well as Government departments and public sector bodies.
Adrian Hollister, Head of Strategy and Architecture in Plymouth University’s Technology and Information Services Directorate, said: “When we saw the calibre of the other nominees, we realised that just being on the awards shortlist was a major achievement in itself, and a vindication of all our hard work on this project. Our students expect to be able to access internet services wherever they are on campus, and it is vital we do not rest on our laurels and remain in a position to meet those expectations. Enabling them to stay connected is a key part of their academic and personal development.”
The four-week upgrade was carried out by leading technology service company CAE, and involved providing a 600Mbit Wireless N service and a 100Mbit wired service, giving students full access to the University’s suite of online resources on all their desktop, laptop, tablet or mobile devices. It enables families and friends to access the internet anywhere on campus during visits.
The upgraded service also includes a commitment to enhancing student employability by recruiting ambassadors for the service, who will become the first point of contact and providing out of hours help if required.
John Wright, the University’s Chief Information Officer, added: “This praise is due recognition for our outstanding technology team, who are consistently pushing the boundaries to keep the University ahead of the game. Through constant innovation, we have created an environment where students and staff can stay connected, and the new high performance wireless network has enabled us to achieve our ambition of supporting learning and leisure for all.”
Notes to Editors
The wireless upgrade involved the installation of 400 sector-leading Cisco Meraki wireless access points in halls, which have fast data throughput of 600 megabits per second. These devices are connected to the network using 12. 5km of high-tech cabling – CAT7 is the latest standard of cabling and is designed to work the next generation of technology and last around 20 years. An additional 8 Cisco Meraki wireless access points have been installed throughout the student village to provide students with WiFi access in popular outdoor areas including North Hill.
For more information about this press release, contact Plymouth University Press & PR Officer Alan Williams on 01752 588004 or email firstname.lastname@example.org.
About Plymouth University
Consistently ranked as one of the leading universities in the UK, and awarded a Queen’s Anniversary Prize for Higher and Further Education in 2012, Plymouth has a strong record of excellence, enterprise and innovation across its teaching and research activities. Distinguished by its long-term engagement with business and the community, the University enjoys outstanding links with employers and plays a key role in civic and regional leadership. It is the only university in the world to have been awarded the Social Enterprise Mark in recognition of its work in support of the sector.
With around 30,000 students, including those studying higher education at its partner colleges throughout the South West, the University is one of largest in the UK. It enjoys a high rate of graduate employment and has recently invested more than £150 million in its estate and facilities to enhance the student experience and support world-class research.
Plymouth has embedded sustainability across its operations, and is the overall best performing university in the People & Planet Green League. It is the first modern university to found a medical and dental school – the Plymouth University Peninsula Schools of Medicine and Dentistry – and is the leading provider of Higher Education in Cornwall. For more information, please visit www.plymouth.ac.uk
It’s been a long time since I’ve updated the blog, so it’s had a well needed make over. Moving from the older Serendipity platform to WordPress will help me keep things up-to-date and should keep me on top of the latest features available on the web.
So a big thank you to those that have helped me create this site and hello to a new set of technology.
If, like me, you have poor reception in certain areas of your home, you could look to the so called Range Extender’s to boost your existing network coverage. But my problem is not always boosting my own signal, but boosting local BTWiFi networks. I often work away from home and I am always disappointed with the range and reception of the BT Wireless offering that is often bundled free with BT broadband and other packages. I end up squeezing my laptop or iPad onto window sills that give me the best reception. What a nightmare.
Step in the range extender’s. They are simple wireless hubs that exclude some of the features required by your main hub – dhcp, firewall, etc. Some are so simple to set up and use, they need no manual, just a bit of common sense and a power socket. The TP-Link TL-WA730RE is one of the easiest wireless hubs that I have ever touched. Maplin are selling these hubs for about £30 quid, but they are cheaper on amazon and other on-line retailers if you can wait for delivery. So they are cheap, easy to get hold of and easy to use, but just how easy?
Set up of the TP-Link device for unsecured wireless networks (such as BTWiFi or BTWiFi-with-FON) is as follows:
- Plug in power
- Wait for lights to show the device is ready
- Push the ‘Range Extender’ button on the back
- Job done
Ok, you do need to put it in a place where it can receive signals from the network your interested in, but as it’s repeating the wireless network you don’t need to be too fussy with this (window sills are a good place from my experience). There is a wired port Ethernet in the back too if you want to use a cable, but I’m going for convenience.
It does get a little more complex if you have lots of unencrypted networks in your area, but all you do is put a disk into a Windows machine plug in the Ethernet cable and run a simple set up program. A few next, next, next steps and you can choose the network you would like to connect to. You will also need to use this set up program if you want to connect to a secured / encrypted wireless network where you will need to select the network name and put in the network password.
Light and low power the TP-Link TL-WA730RE has a three year warranty in the UK with 24×7 support available too. The spec is not top end, but with Wireless N 150Mbps and such a simple range extender function (something essential for extending BT free WiFi service BTWiFi), it is amazing value that I would be happy to recommend to anyone.
Apologies to anyone using 'Contact Adrian Hollister' on my blog page – it seems these were going no where for a while. So I will try to get the information back and fix the technical glitch. If I miss you out please try again, it's working now!
Well, my new power supply turned up today for my Pure Evoke-2 radio, the old one released magic smoke and gave up the ghost. Could have got a genuine part from Pure, but they are very expensive and ended up getting one from Amazon (Pure 9V YHAD-48-091500VB replacement power supply). Although only a couple of quid, the unit has turned up and seems quite substantial, run's cold and has all the right approvals stamped on the side. So far, so good. Good for the money for sure.
When will the mobile operators work out that they are just wireless data providers? A commodity place with what needs to be commodity pricing? The likes of Vodafone and O2 desperately cling on to the hope that their value add is in reception, availability and price of their calls; when most people don’t want these things, they expect them as basic parts of the service.
Mobile operators have started to feel the data provider pinch – data based mobile messaging is killing the text message scam that the operators have enjoyed for so long. SMS messages costing up to 20p each have been a great source of income, but iMessage and Blackberry Messenger run over the internet and sip very lightly on internet bandwidth. They are cost effective and they are a sign of things to come.
The ingress of IP phones have also crept onto the smart phone. Skype, SIP phones and similar all use tiny amounts of data traffic whilst providing a good enough service. Apples own Facetime seems at this point to be banned on the data networks – not for any good reason that I can see other than quality of the connection may be too variable; but again this is a case of waiting for the mobile operators to work out that they are just a wireless data shop.
So where do they need to go? Three to some extent has the right idea – it’s all about data. Virgin Mobile in the UK are also getting there, with trials of 4G starting connected directly into Virgin’s fibre network.
But there is a problem. Mobile operators have been making a lot of cash out of basic services, long contracts and hardware lock-in. They lock people into two year contracts for whilst offering discounts on handset hardware costs. This is massively attractive for some as they pay over time and not up front. Whilst those that can afford it and are the most savy are likely to just buy their phone and take the cheapest ‘Internet’ tariff, the majority will look to continue this buying behaviour.
You can’t expect 3rd party resellers of mobile services such as Car Phone Warehouse to start selling mobile phones at a fair price and separate to a contract – it would destroy their revenue stream; but there is an opportunity out there for a companies to start selling the hardware at a fair price without a contract. A contract free phone would give the consumer the ultimate choice of provider based on real performance and not perceived value of discounted hardware.
If we want consumer choice at a fair price, we must look to break the cycle of contract based on hardware discounts. It’s time for the mobile operators to realise that they are just a wireless BT and, as BT have tried to do, they need to reinvent themselves around the highest quality of internet service and drive the cost of their core services (calls) to commodity prices.
I am on the whole a great fan if Vodafone. Their service and reception us second to none, especially here in the North Wessex Downs where mobile services from any other provider are either non existent or so patchy that it's too unreliable to use. The news that Vodafone have successfully trialed femtocells in Garston to boost signal to not spots is a great idea. The thought of our local MP, Richard Benyon, begging on his knees to a Vodafone exec to get the service up an running, makes it seem even more interesting.
But Vodafone are always going to get bad press whilst they forget two key things:
-Customers want data these days.
-Citizen's of our country want corporates to do the right thing – like paying their fair share of tax.
The second part of this is obvious – all corporate should be compelled to do the right thing. Not only for the company and it's employees, but for the country and our society overall. Corporates must understand that they have a responsibility that expends beyond their balance sheet – it's a social responsibility that should be mandatory for all companies in the UK. But it's the data aspect that I want to discuss today in this blog.
As with most other mobile providers, the Vodafone data network in the UK leaves a great deal to be desired. Often slow and unreliable, especially when travelling, our mobile networks are often pot luck and not a sure thing. I may be especially sensitive to these things as I travel on trains & buses quite often and see either the dreaded GRPS only marker (so slow, even basic web pages refuse to load) or a full five bars of signal but no internet at all.
This is not just a Vodafone thing, but is indicative of what is missing – aiming for only populated areas limits the availability of the service and often brings data not spots to large sections of the country. This is often more apparent for people on the train – who you can see frustratingly saying they may loose connection (and often do) or who are desperately struggling to send email's, read web pages or do anything else on the data networks.
These often train journeys are a perfect bit of down time – somewhere between breakfast and the commute nightmare that's London, or between work and the rush home. These are valuable bits of time that could be regained and re-used by the population. Perhaps by facilitating working from trains, buses etc people could leave work an hour early? Missing a good deal of the rush hours, spreading the commuting load and, by implication, allowing people to spend more quality time at home. Perhaps though, it's just about using the time to contact people, say hi, discuss their day on Facebook, tweet the things that are important to you.
So we could help return a little bit of the day to people with a fully integrated communications strategy. 90% land coverage is not good enough, but neither are hundreds of new phone masts covering some of the best parts of our country. Perhaps though the re-use of some of the current TV spectrum will help – lower frequencies can travel further and often through obstructions that force the use of large numbers of small comms towers.
One thought though could be re-use of the existing spectrum in a more efficient way. Old GPRS spectrum could be re-used for 3G, LTPA or similar. But this brings in a competition problem. For the multitude of companies to compete effectively in the current system, they need to have a level(ish) playing field. OFCOM attempt to do this by handicapping the larger companies and letting the smaller players have a few competitive advantages. This wasn't helped by selling off the spectrum to the highest bidder. Those that won, did so at a huge cost, further crippling true competition and limiting expansion of existing networks. It should not be about how big your bank account is to provide service to the citizens of this country – especially as ultimately it is will be the citizens who pays for this cost through their mobile bills anyway.
So what's Adrian Hollister's big idea for the mobile communications network? How can, in my simple mind, fix the problems of availability, competition, cost effectiveness and in the world stage, ensure that the UK is state of the art, highly efficient and helping it's citizens return part of their day or improve their quality of life?
I would look at three key approaches:
1. Move critical infrastructure into public hands
2. Allow comms towers to be shared between providers
3. Move to a high availability service – blanket coverage of voice and data
Let's look at these in a bit more detail. The first is an obvious one. Depending on your political leanings you may related to this or not, but in terms of something highly efficient it cannot be disputed. Just in terms of the duplication of comms towers there is a level of duplication waste that could be removed and reinvested in other areas in need of service support. But by covering the whole of the UK, you gain the ability to architect (plan and design) service coverage that helps our citizens, protects what is part of our critical national infrastructure (something I am not sure is fully recognised yet by HMG) and provides a base for fair competition and high quality blanket services.
I don't think there are too many people who would dispute the National Grid's role in providing an essential service throughout the UK, and more recently the rail infrastructure was moved back into a public owned company. These are examples of key and critical infrastructure for the country that is most efficiently served though a centralised, co-ordinated and designed from the ground up to provide the most efficient and effective service to the citizen.
With the assumption that the wireless network throughout the UK has been move into a single public owned company, then the reuse of comms towers and communication bands between providers is a simple thing to facilitate. If companies are truly allowed to compete in the market place, then this is one step that would level access and availability for the smallest and largest providers. It would move the question of consumer value to a different playing field. Vodafone, 3, O2 and the others would have to offer higher value services (perhaps contention ratio, internet bandwidth etc). These services would better suite the consumers than basic price – though I'm sure some would compete on raw price alone.
But neither of the top two will work unless the country moves over time to good quality, redundant, blanket coverage of voice and data services. Clearly this would take time, but investment in the services could be provided by auctioning off value add service elements or pre-payment from the mobile company for useage on the new network. How ever we arrive at the investment profile, it's key that the public owned infrastructure company must aim to be not for profit over a fair business cycle. It is a service that critical for our citizens and must be cost effective on that basis.
So what would we end up with?
a. We would have a mobile network owned by the citizens of the country. We control the areas of core investment and we aim to make no profit from it.
b. Each of the mobile providers would have a level playing field and they can differentiate their services though the use of value add services or price. Competition would be opened up to many new providers that could purchase core service directly from the public infrastructure core.
c. We could move to blanket coverage. High availability services. High data services.
In summary though, we could create a UK with a significant competitive advantage compared to our competition. Our country would have a much more cost effective and personally effective service. We could return quality time to people and facilitate new ways of work (such as from home or on public transport). We would have a competitive landscape that would be the envy of the world.
It's also clear though that the Conservatives and their poodle Liberal Democrats do not have the vision for this. Richard Benyon's begging at Vodafone's door clearly shows the limitations of our current service, and whilst I appreciate the investment Vodafone has made in one of our Downland villages; there is a more efficient and effective approach available.
A happy new year to everyone. I've a twitter blog going now as well, so anyone interesting in following me can find me with the following: