CIO Decisions

Cloud computing governance: Know thy users


Manage Learn to apply best practices and optimize your operations.

Cloud governance starts with knowing your end users

Is cloud governance possible when many of a company's cloud tools are procured on the sly? Yes, but only if IT buddies up with the business.

Want to gain an edge in cloud governance? Grab a pith helmet. 

With the consumerization of IT now extending to cloud services and adding to the woes brought on by shadow IT, it's a cloud jungle out there in the business.

But IT standardization can be a powerful means of re-establishing command and control while maintaining business agility, experts say. Standardizing cloud services, through service catalogs or service portals, gives CIOs the oversight necessary to efficiently enable the business and keep it secure.

This can only work well, however, if end users are getting the IT services they really need, stresses Ian Clayton, senior vice president of operations at U.K.-based G2G3. An ITIL and service management guru, Clayton suggests that the best way to ascertain this is to embark on a "service safari" and observe users in their natural habitats. The aim is to learn about what cloud tools they use day-to-day in order to discern whether the cloud services they've chosen line up with real business needs. The next step is to make it as simple as possible for users to get the proper tools.

"Behind the scenes it can be really, really complex, but … IT should stand for 'invisible technology,'" Clayton said.

IT as trusted adviser to cloud services

For Eric Hawley, CIO of Utah State University, this is all preaching to the choir. In a quest to centralize IT at the school of more than 32,000 students, staff and faculty members, engaging end users to simplify and standardize IT services became his modus operandi.  He took his fair share of service safaris and spent a lot of time talking about work objectives.

If we can give users that same level of choice and present them with [a few options] that's probably going to be good enough. They feel like they've got a choice but they're not getting into the deep, deep weeds.
Chris WardCTO, GreenPages Technology Solutions

"We would simply ask, 'Show us what you're trying to do.' We sometimes came up with a different way to do it, but we'd always make sure the desired outcome would be met," Hawley said. The payoff was mutual. "There was less arguing around tools, less arguing around methods of implementation and the focus was on the reason why they asked for what they did."

Indeed, one indicator that IT is missing the mark is too much talk, according to Clayton. Sustained back and forth between IT and the business means cloud service offerings haven't been laid out correctly. A key facet of standardization, he said, is creating a consistent set of practices for informing customers of the progress of their request. He likens it to ordering fast food.

"We've all been taught by McDonald's how to order McDonald's -- pick a number," Clayton said, referring to the establishment's numbered meals. "They'll get used to it if it works, they'll start to understand the key functions they need to perform, how they think it should work and eventually say, 'I just hit this button and the magic happens.'"

Using 'shadow IT' to shape cloud governance

The bane of the IT organization, shadow IT is nothing new. But with the growing popularity of cloud services, IT experts have come to realize its existence can work to the benefit IT strategy -- provided IT can leave their egos at the door. If IT staff members can establish meaningful communication with the business -- perhaps taking a few of those service safaris -- and engage end users on the solutions they've adopted on the sly, they will get a sense of what IT needs aren't being met. 

There's another, somewhat ironic benefit when the business -- and segments of IT for that matter-- do an end run of IT.  By turning to outside vendors, end users are training themselves to accept limited options when it comes to service selection, according to Chris Ward, CTO of Kittery, Maine -based technology consulting company GreenPages Technology Solutions.  He said he has witnessed this firsthand when dealing with developers.

When developers go to the IT organization with a laundry list of demands -- a certain number of CPUs, vast amounts of horsepower, this many IOPS -- in many cases, Ward said, IT will simply build what IT wants to build and tell the developers to "live with it." This rarely sits well -- next stop, Amazon Web Services. It's not long before that demanding developer discovers that the mighty Amazon also has limitations in the form of a catalogue with select options. Rather than take their business elsewhere, however, these cloud shoppers take what they can get, Ward said.

"That developer … seems to be a little more OK with it because that catalog exists; it's not up to him to define what he needs, it's defined for him," Ward said. CIOs should pay mind.

"When we bring that to an internal private cloud perspective, if we can give users that same level of choice and present them with [a few options, that's probably going to be good enough. They feel like they've got a choice but they're not getting into the deep, deep weeds," Ward said.

Read part two of this story, which examines how to succeed as an IT service broker.

Article 2 of 6

Next Steps

Balancing the risks and rewards of cloud governance

CIO discusses three steps to better business service delivery

Gaining full benefits of virtualization through mobility and standardization

Dig Deeper on Cloud computing for business

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

We’ve been using the same concept of the “service safari” for several years now across different parts of our IT organization, and it usually pays off well. We found it not only provided much better insight into the way the business users were working with the tools they had, it also showed us their pain points while showing them that IT cared about what they did. That proved very beneficial when it came to establishing cloud governance because (1) we had already established a good relationship with the business that could be built on to reach that trusted advisor role, and we also had insight into the shadow IT resources they were using, so we could asses the resources they were using and better implement a governance policy.

Get More CIO Decisions

Access to all of our back issues View All