Traditionally, IT leaders have found themselves caught in a tug of war between security and IT operations management and the demands of business users. Business users across the organization want to implement new software and access development resources ASAP, but IT must first ensure that doing what business users want won’t expose the organization to external threats, cause functional disruptions or drive out-of-control spending. This is especially true in an emerging cloud-based world.
Fortunately, new tools and methods relieve this strain tremendously, allowing IT ops leaders to be viewed as strategic business drivers instead of bottlenecks. This switch in perception is built on a self-service model for provisioning cloud resources—one that provides guardrails and controls to give developer teams what they need when they need it while minimizing organizational security, operational and financial risks.
The 5 Principles of IT Infrastructure Management
Balancing IT’s need for security while keeping pace with the needs of developers is no easy task. Fortunately, if IT ops adheres to the following core principles, it can be done.
- Self-service: A self-service delivery model gives developers access to resources like storage, compute, networking—even complex, multi-tier application stacks—without undue delays.
- Intelligent automation: By “intelligent,” we mean that the IT resources available through the self-service portal are configured for the end user’s role and requirements, as well as the business overall. This enhances security with role-based access controls and tames spending by putting limits on how long resources are available. The result? Better governance and cost control.
- Comprehensive visibility: The proverbial “single pane of glass” is key. Business and IT ops leaders need visibility into all of their infrastructure—whether that’s virtual machines on-prem, private cloud networks or applications living in AWS, Azure or Google Cloud Platform (GCP). They need to know where and how all resources have been deployed, monitored from a single platform.
- Modular extensibility: To fully take advantage of the rapidly evolving technologies and services that can drive business growth and efficiencies, IT leaders know they need modular, extensible frameworks. Such frameworks—for example, modular plug-in in the form of scripts, web-hooks and email notifications—align with the array of cutting-edge tools embraced by advanced IT departments. The world of hybrid cloud can mean using a mashup of existing tools and vendors. Modular extensibility means less vendor-lockin and the ability to build your hybrid cloud, your way.
- Continuous insight: Capturing data across workload, clouds and teams does more than help IT teams guard against security risks and inefficiencies. It allows them to execute data-driven resource planning. With increased accuracy in rate estimation and up-to-date views of inventory, IT operations leaders become enablers of innovation rather than inhibitors of it.
How These Principles Pay Off for IT
The five principles we’ve described help IT ops leaders address the most pressing security and infrastructure challenges they face:
- The security (and cost) risks of shadow IT: When bottlenecks exist, users resort to shadow IT. Even well-accepted and approved tools can have security issues, and if the IT department isn’t aware that users have installed the tools on their infrastructure, there’s no way to mitigate that risk. These risks aren’t trivial: Combined data breaches and losses from shadow IT applications are estimated to cost up to $1.8 trillion annually (CloudCodes).
- Keeping pace with digital transformation: Agility and speed are the watchwords for businesses and their IT departments today. With more than 60% of IT spend driven by new business opportunities and workforce demands (Interop: 2019 State of IT Infrastructure Report), extensibility is critical in adopting and integrating new technologies.
- Responding to a hybrid, multi-cloud world: AWS, Azure and Google Cloud Platform provide similar capabilities, but they do so in different ways with different APIs, toolsets, nomenclature and taxonomies. Intelligent automation lets IT departments standardize across cloud environments. In turn, developers and others can use the cloud providers that best meet their needs while IT maintains visibility and control, keeping usage and costs in check.
How the Business Benefits
The five principles identified above don’t just help IT ops—they help the organization as a whole, with greater efficiencies due to the insights and automation of implementing self-service IT. As IT updates its self-service catalog, developers can devise new apps quickly, get products to market sooner and increase the pace of revenue generation. The risks and inefficiencies of shadow IT are eliminated because users no longer feel a need to work around IT ops—instead, they work with it.
— Grant Ho