IT professionals find themselves in a seemingly impossible position. They are being asked to be daring and nimble, quickly delivering innovative, dynamic IT solutions. Yet the business still expects IT to be as reliable and secure as ever. SITS Insight and Ivanti have joined forces to help solve the great ITSM paradox and ensure that our haste to go faster doesn’t end in disaster.
How can you maintain IT security and reliability while offering unprecedented flexibility and agility? That’s the problem threatening to redraw the business technology landscape in a way that potentially precludes many IT professionals.
The problem is that the business is no longer fooled by IT’s excuses. “Why doesn’t IT do this?” has become a common refrain and something of a ‘cry-wolf’ statement. Yes, delivering flexibility and security may seem contradictory goals, but the business has become so tired of the negative attitude that it is refusing to see anything other than a stubborn IT department.
Matthew Hooper, product evangelist for Ivanti explains how deep the division between business and IT has become.
“Too many people within IT have built empires which they won’t let go of. This stubbornness led initially to ‘shadow IT’ in which business unit owners began sourcing their own products and services. But now I’m seeing pockets within the business which are running initiatives such as DevOps separately from IT. This is because IT refuses to change its mindset, so we see people within the business saying “don’t go to the service desk, come to us.” The problem is that ITIL is like a religion to many people within IT and because they won’t let go, the conversation has to happen elsewhere.”
IT as a competency
“IT is no longer a department, it’s a competency. ‘Shadow IT’ is only called that within IT. For the rest of the business, it’s just technology.” Matt’s observation means that far from being leaders and guardians of technology, IT is in danger of being left behind in the fields that tradition and job titles decreed it was the leader of.
The only way to combat this is for each business, or IT professional, to change their mindset. “I was speaking to the head of product for a major organisation recently who said they were trying to change their culture by uniting IT and business goals but losing the battle. So they called timeout and looked at it differently. They’ve realised it’s not ‘shadow IT’, it’s just business IT. They have ended the mentality – IT is no longer a service provider dealing in technology, IT is a business partner.”
“If you project a ‘them and us’ mentality, if you call your business partners ‘customers’, you are not part of the business and they won’t be part of you. There’s an inability of IT and ITSM leaders to grasp this concept: it’s not an IT project, everything IT does should be a business project,” explains Matt.
Where does change need to take place?
You need to look at the lifetime value of a service, how much it costs and most importantly, you must be able to validate everything you do as Matt explains.
“Most businesses have failed at configuration management. If you look a the average CMDB, it starts with changes, but that is too late in the process. Why wasn’t the asset or service considered at the planning stage or the procurement stage? You should be able to right-click a service and see what it costs and what value it delivers. Then you could quickly shut things down that aren’t working and double-down on the services that do offer value.”
Matt believes the problem is a persistent isolationist view of IT. “ITSM crosses the business. Assets are not separate, security is not separate. Service management is practiced by accounting, HR, facilities. This is the digital economy and IT is the business.”
Flexible, secure IT seems like an oxymoron because it suggests maintaining the current infrastructure exactly as it exists today, while adding a new layer of complexity that contradicts this apparent serenity. Yet this simply isn’t the case.
“As an industry, we’re spending too much time maintaining a status quo which doesn’t necessarily need maintaining. Yes, security, prudent planning and monitoring is still essential. But a slavish devotion to outdated processes and preserving services which we don’t even know we need has created a workload which leaves no time or resource for anything else.”
Matt summerises how IT can avoid disaster while still giving the business what it needs. “Stability and security must remain a rock-solid pillar within IT. But by eliminating unnecessary waste, and changing the way we test, measure and create services with approaches such as DevOps means that we can maintain robustness, but give ourselves the freedom to experiment, connect with the business and deliver exactly what it needs, not what we think it needs.