Tuesday, August 25, 2009

Cloud Computing Uniquely Enables Specific Business Solutions to Meet New Industry Needs

Transcript of a sponsored BriefingsDirect podcast on cloud computing and the new business opportunities it offers for specific industries.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Hewlett Packard.

Free Offer: Get a complimentary copy of the new book Cloud Computing For Dummies courtesy of Hewlett-Packard at www.hp.com/go/cloudpodcastoffer.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to BriefingsDirect.

Today, we present a sponsored podcast discussion on the implications cloud computing has on companies in the manufacturing industry. We'll look at how to best define cloud options and how specific businesses can use these new means to add flexible sourcing to gain new business agility. The goal is not to define cloud by what it is, but rather by what it can do, and to explore what cloud solutions can provide to manufacturing industry companies.

Here to help us uncover the specifics of cloud-enabled business outcomes is Christian Verstraete, Chief Technology Officer for Manufacturing & Distribution Industries Worldwide at Hewlett-Packard (HP). Welcome, Christian.

Christian Verstraete: Welcome, Dana.

Gardner: We’re also joined by Bernd Roessler, marketing manager for Manufacturing Industries at HP. Welcome, Bernd.

Bernd Roessler: Thank you, Dana.

Gardner: And we're also joined by Mick Keyes, senior architect for Business Critical Systems at HP. Welcome to the show, Mick.

Mick Keyes: Many thanks.

Gardner: We want to look at this whole issue of cloud by first better understanding what we are talking about. The notion of how cloud is defined, of course, has been up in the air, pun intended. Let's first go to Christian. What has made the world different about cloud issues now? Why all the fuss?

Verstraete: Well Dana, I think there is a lot of fuss, because on the one side, there are a lot of promises that seem to be coming out of the cloud and, on the other, there are a lot of requests that are actually being asked of IT professionals. One of the major ones is to reduce cost in the current situation and circumstances that we are in.

So, with that in mind, cloud with its "promises" -- and I put promises between brackets -- of drastically reducing costs is obviously appealing to a lot of people. However, there are probably as many cloud definitions as there are people who are actually doing something in the cloud and talking about the cloud.

I don't want to go into any of those. I just want to highlight what we at HP want to do, and are doing, in that particular space, because we feel the company really has a role to play in three different areas.

The first area is that even if you, as a cloud user, don't use any infrastructure or anything, that infrastructure needs to exist somewhere in the cloud. The first thing is that we provide cloud-service providers with an appropriate infrastructure to be able to provide those services that we were talking about earlier.

Number two, many of our own customers don't really know what cloud is and how to get there. So, we help our customers address their needs and help them understand how they can transform their IT to embrace cloud.

Number three is that we, ourselves, as a company, are providing some cloud services.

Gardner: The idea, I think, is "faster, better, cheaper," "Everything as a Service," but with a variety of different approaches that are specifically tuned to the enterprise.

Everything as a service

Verstraete: Absolutely. Ultimately, and you pointed it out, it's going to be "Everything as a Service." Actually, the concept of "Everything as a Service" is nothing new. It goes back to a gentleman named Joel Birnbaum, who was heading up HP Labs around 1980-1982.

He spoke about compute appliances and compute utilities. The cloud is really that compute utility. He was actually foreseeing the beginning of the 21st Century, and he was pretty close.

Gardner: Well, that's very good. Let's go to Bernd, now. Tell me some examples of what we consider to be critical success factors. How do we know, when we look to cloud enablement, that we're going to be getting something for our money or that we are going to be doing something we couldn't do before?

Roessler: I'd like to start by highlighting the fact that cloud services to consumer are distinct, different things, compared to cloud services in the enterprise. I'm representing some thoughts from an industry vertical perspective and I think we need to have a particular look at what is different in providing cloud services for enterprises.

Number one is that everybody likes to live up to the promise of saving costs by introducing cloud services to enterprises and their value chains. Nevertheless, compared to consumer services like free e-mail, the situation in enterprises is dramatically different, because we have a different cost structure, as we need not only talk about the cost of transaction.

In the enterprise space, due to legislation of the surroundings, which are critical for enterprises, we also need to think about, privacy, storage, and archiving information, because that is the context under which cloud services for enterprises live.

The second dimension, which is different, is the management of intellectual property and confidentiality in the enterprise environment. Here it is necessary that cloud services, which are designed for industry usage, are capturing data. At the moment, everybody is trying to make sure that critical enterprise information in IT is secured and stays where it should stay. That definitely imposes a critical functionality requirement to any cloud service, which might contradict the need for creating this, "everybody can access anywhere," vision of a cloud service.

Last but not least, it is important that we're able to scale those services according to the requirement of the function and the services this cloud environment should provide. This is imposing quite a few requirements on the technical infrastructure. You need to have compute power, which you can inject into the market, whenever you need it.

You need to be able to scale up very much on the dependencies, however. And, coming back to the promise of the cost savings, if you're not combining this technology infrastructure scalability with the dimension of automation, then cloud services for enterprises will not deliver the cost savings expected. These are the kinds of environments and dimensions any cloud provisioning, particularly in enterprises, need to work against.

Enterprise requirements

Gardner: Christian, it sounds like we are talking about the true enterprise requirements for doing cloud. As we're pointing out, they're different from a consumer perspective. Another important aspect of any business is the amount of trust and verification and the ability to measure and define expected outcomes and then present some sort of a cost benefit analysis.

These providers of cloud services are in a position now where they perhaps have to gain the trust of these enterprise users, based on what they have been expecting as business as usual for IT services. Could you explain what we mean when we go to the trust issues in how a secured, mature cloud environment might unfold?

Verstraete: Absolutely, Dana. There was one point that Bernd just made that is a very important one and it's often overlooked by people. The cloud, as it exists today -- think Amazon, Google, or some of the others -- is really being built around the consumer. You consume some cloud services. You pay with your credit card.

That’s a very simple example. This is the best shadow IT I have ever seen. IT departments should get absolutely red hot on that one, because now IT can be sourced completely outside of their control, outside of their environment, outside their processes, and outside their structures. With that in mind, how do you maintain Sarbanes-Oxley compliance?

How do you maintain all of the things that need to be done to ensure that enterprises remain within the boundaries of the law and remain within the boundaries of what they need to do? Cloud-service providers will have to rethink a number of things that they're doing and demonstrate to enterprises that yes, they are secure, that yes, they provide and they can avoid having anybody in the organization just tap services without anybody else's knowledge.

Let me give you a very simple example. I was talking to a customer about two months ago. One

There are still a number of things that need to happen and haven’t been put in place yet today to provide enterprises with all the bells and whistles they're used to in either their existing environments that they own or in the environments that they outsource.

of his people had tried hard to convince him to use a cloud service -- in this particular situation, Google Docs -- to share documentation between people who were working together, because it was very secure -- he was told. Everything worked fine. Then, one of the vice presidents did a search in Google and suddenly saw a secured document from that company appearing in his searches. Oops.

There are still some trials and other things going on. I don’t want to beat specifically on Google in this particular example, because the others are in the same situation. There are still a number of things that need to happen and haven’t been put in place yet today to provide enterprises with all the bells and whistles they're used to in either their existing environments that they own or in the environments that they outsource.

That's where the critical element is for an adoption of the cloud in large enterprises. It has to do with the protection of intellectual property. It has to do with trust and the limitation of the risks of the person that provides them the services, and so on. It’s really about that. That's core and central.

Gardner: In addition to having to make these services appealing to enterprises, based on what they have come to expect, in terms of these larger issues of trust and compliance and so forth, we also need to consider that perhaps one size doesn’t fit all, and that these industries, these companies will look for some specialization or customization. They have business processes that are unique.

Let’s go to Mick. Can you offer us some insight into how a specific business might look to cloud computing, not for just the most blunt services but perhaps something a bit more surgical?

Product traceability

Keyes: Sure. One of the major topical areas in this space is the area of product traceability in global supply chains. The more traditional "one step up, one step down" method, which is the norm today in addressing the tracing of any product, has its limitations in providing visibility into the product across its lifecycle. Hence, getting an accurate, single picture of the life story of a product is something the industry and the consumers have struggled with continuously.

That’s part of an initiative in bringing what we call a "cloud traceability platform" to market. We at HP will be creating a number of specific services to address this area. One of the initial services we will target is in the area of product recall. We will be creating a unique product-recall service in conjunction with GS1 Canada, an international standards body.

This service will provide users with secure, real-time access to product information, which will facilitate industry efforts to ensure that recall products are fully traced and promptly removed from the supply chain.

This will enable more accurate targeting of recall products, while security enhancements will make sure that only authorized recalls are issued and only targeted retailers receive notifications. Our plan with this service is to then extend this to other sectors, such as the hospitality sector, and then consumers down the line.

Gardner: As I try to understand it better, now, we have a course in which you’ve got a product recall for some reason or another. You need to bring a product back or alert people of some change in the status of that product. This impacts a number of different players -- retailers, distributors, and manufacturers -- and country-by-country, it could be different organizations entirely. So you’re looking at a number of different players, and a cloud approach benefits that in some way.

Keyes: Absolutely. As I mentioned, the more traditional approach has always been one step up, one step down, and each entity in the supply chain had to be connected together.

What we're offering is a centralized offering, a hub, where any of the entities in the supply chain or nodes in the supply chain -- be they manufacturers, be they transportation networks, retailers, or consumers -- can use the cloud as a mechanism from which they will be able to gain information on whether our product is recalled or not.

Gardner: And, this has a very dramatic economic impact. If you can elevate this process to the cloud, more players can be quickly brought up to speed, and there's more opportunity to control the issue at hand. That can save boatloads of money, I would think.

Consumer confidence

Keyes: Absolutely, and it’s been a very topical area in the last few years with a large number of recalls across the world, which hit industry fairly heavily. But also, from a consumer point of view or visibility into where the food comes from, this can be extended to other product areas. It improves consumer confidence in products that they purchase.

Gardner: I want to go back to Christian. Did you have an example as well about something in the automotive industry that would benefit from a cloud perspective?

Verstraete: Yes. It’s something that already exists in an early cloud format, if I can put it that way, but that will actually evolve over time. It’s called IMDS. It’s basically a database or a central set of information that is providing most of the automotive manufacturers today information on their critical components and particularly on the substances that are comprised within the critical components.

They can get the appropriate reports to be in line with the legislation around sustainability and around hazardous materials in a number of those areas. What we’re doing is tying together the suppliers of parts who know what goes into the parts and the automotive OEM’s who will use those parts and will combine those parts with other parts.

They can figure out what the total hazardous materials are and what the total critical substances are in this particular car. What we are doing is tying together dispersed sources of information to provide consistent answers to the users.

Gardner: That's very interesting. I really like these business examples that show the ability to

You want to get things at your fingertips, even if the source of that data may rely in multiple spaces and from multiple sources. That’s an added value of the cloud in this type of a problem.

pull in multiple partners, which has always been a bit of a difficulty when only one partner’s application might be at use. Then, it became a middleware immigration problem. Now, we’re talking about simply a coordination process problem. Is that fair?

Verstraete: That's absolutely fair, and there's another element in there, Dana, which is critical and important to understand. It's one of the reasons GS1 Canada and HP decided to go to the cloud. In a cloud environment, you can keep your data distributed.

There are all sorts of regulations today that some data needs to remain in particular countries. But, what you want to do, when you start pulling all of that together is you want the countries being able to view a complete set of data. You want to get things at your fingertips, even if the source of that data may rely in multiple spaces and from multiple sources. That’s an added value of the cloud in this type of a problem.

Gardner: Very interesting. Just to go back to consumers for a moment, they're becoming accustomed to using so-called Web 2.0 technologies to be able to communicate and create communities on the fly, harness different viewpoints within ad hoc discussion, and then instantiate that into an application set of some kind. Now, we can take this into the business, but in a way with which enterprises are comfortable.

Let’s go to Bernd. Tell me about some examples that you’ve been working with..

Changing behavior

Roessler: A couple of examples might illustrate that. We've been talking about the requirements of trust, but let me discuss a couple of examples where we have been finding out that some dimensions of cloud are changing business behavior of companies. Let me start with the famous trust element.

In a lot of cases, we're finding constellations, where a market or a particular problem cannot be resolved, because the market participants are in a lock box. Very often, a trustee can come in, destroy that lockbox, and enable new agility and new services towards the market participants. I'll give you a couple of examples.

Point one could be incorporated and accelerated collaboration between automotive OEM’s and their dealerships. Nowadays, it’s still "who owns what data," particularly about the driver. The trustee can come in and provide a set of cloud services, thus enabling the automotive OEM to have a much better view of the real end user situation and demands, but without jeopardizing the requirements of the dealerships to keep the concrete individual data in their hand, because it's their customers.

A trustee can offer cloud services to both of these market participants and thus transform the overall quality of information serving the joint intent -- selling more cars and providing better services towards the automotive drivers.

The other example is this element of the print services. With today's digital printing technology,

This gives the publishers the possibility to address niche markets, which is very often called "addressing the long tail" of publication users at the end.

you have, in combination with cloud services of information generation and production, the possibility to build magazines and print them on demand in very niche areas..

One could think about producing a magazine, which is aimed for people who are interested in analog players the hi-fi market. It's not a very big crowd of people. So, with the cloud service, plus digital printing technology, you have the possibility to create a customized, very targeted type of magazine for those people. This gives the publishers the possibility to address niche markets, which is very often called "addressing the long tail" of publication users at the end.

Gardner: Christian, on this whole point of sharing and trust, we've heard quite a bit about "co-opetition" in recent years, where the competitors can cooperate at some level. It's easier said than done. Is there something about what we can do in the cloud that makes that level of cooperation even among competitors a bit more viable?

Verstraete: Yes, because in the example I was giving, where the data basically resides in multiple places, the data resides and remains with you, being one of the players, and you can identify at the data-item level what information you will share with whom and what access you will give to whom.

You can have within the same environment a series of data that you're prepared to share with your coopetitor, and some other data you definitely want to keep for you. That's not an issue. That's way easier than when the data has to reside in a central location, is outside of your control, and anything can happen.

Out of your control

That data that you don't want to share with your coopetitor you may have to share with somebody else in your supply chain. So, the data can get out of your control in the traditional approach. That's an example where the cloud can really make a number of things easier.

The second related element is that, in the traditional collaboration approach, somebody needs to set up the environment in which people are going to collaborate. Typically, that's the OEM in the supply chain, but that means that somebody needs to go and invest for that to happen.

Here, there are no needs for predefined investment upfront, or at least for very little investment upfront. You can use the cloud and the cloud environment to basically provide that. It facilitates the entry point in starting cross-enterprise collaboration.

Gardner: Now, Mick, this collaboration can take place not only among companies, but between the public and private sector, particularly in this food industry or recall tracking application approach that you mentioned. Tell me more about what might be offering us benefits in the future between public and private cooperation.

Keyes: Certainly. We see quite an extension into what we're doing here from our initial services.

We're looking at how next generation devices, edge of the network devices as well, will also feed information from anywhere in the world into the profile that you may have in the cloud itself.

We see how business and industry, especially in the food or pharma area, will buy into this concept, but we want to extend it directly to the general consumer in some way.

It's not just in the food area. We also see it expanding into areas such as healthcare and the whole pharmaceutical area as well. We're looking at the whole idea of how you profile people in the cloud itself. We're looking at how next generation devices, edge of the network devices as well, will also feed information from anywhere in the world into the profile that you may have in the cloud itself.

We're taking data from many disparate types of sources -- be it the food you actually eat, be it your health environment, be it your life cycle -- and be able to come with up cloud based offerings to offer a variety of different services to consumers. It's a real extension to what industry is doing and to how the consumers live their life.

Gardner: So, it's a sort of common denominator between the private sector, the governments, or public sector, and then also the consumers.

Value-add services

Keyes: Absolutely. For example, in the whole area of recall, we're looking at value-add services that we will offer to regulatory bodies, other industry groups, and governments, so they can have a visibility into what's happening in real-time. This is something that's been missing in the industry up to today.

Gardner: Now, Mick, as an architect, what is it about HP's approach that fosters more of this über perspective on business processes?

Keyes: Our traditional strengths are in certain key areas, particularly in the whole area of transaction processing and next-generation transaction processing. Also, we've been very strong in providing more traditional services to stock exchanges, to telcos, and to a variety of different environments across manufacturing and healthcare.

We're taking the concepts of derived features -- the reliability, the availability, and the service availability of environments that we've implemented in the past. We're looking at the same blueprints of concepts to bring into consideration from defining the actual architectural blueprint of what we offer.

The most important thing here also is scale. So, from our own Business Critical Systems (BCS)

That's one area, working with the provider himself, to help him develop an extremely robust, high-performance environment that can really address the changing demands that are coming up to him.

concept within HP, offering scalability and environments that will host cloud type environments, we'll be able to offer that to industry and consumers.

Gardner: Christian, as we mentioned earlier, we need to make these processes and benefits of going to the cloud enterprise-ready and mission-critical. Perhaps you could fill us in a little bit on how HP has used this services enablement blocking and tackling, if you will, around SOA governance, the ability to exercise a variety of hosting options, and, of course, management software.

Verstraete: Well, let me come back to what I pointed out earlier. We're basically working on three fronts. Mick alluded to the first one, which is working with service providers to make sure that they have data centers that are really optimized from a performance point of view and that are very much capable of ramping up and ramping down services extremely fast.

For example, not long ago, we came out with a new product that we call Matrix that allows a very quick reprogramming of blade servers and storage, so that you can start adapting your environment as and when your needs require. You can provide the uptime and the service levels that consumers and customers expect from you.

That's one area, working with the provider himself, to help him develop an extremely robust, high-performance environment that can really address the changing demands that are coming up to him.

Appropriate security

The second element is looking at it from the other end. We talked about trust earlier -- how we can reassure the enterprise customer that the service that he will use in the cloud has an appropriate level of security and performance, has service level agreements, and so on.

Here we're building on our experience and expertise in our management software in general, and particularly in our own experience with offering these management tools on a software-as-a-service (SaaS) basis to help them using those tools, to understand and assess what level “pipe” they have in the cloud, and how good that one is at any given moment in time.

Gardner: You know what's really interesting to me about this conversation is that many times nowadays we hear cloud discussed strictly in terms of return on investment (ROI), reduced costs, or the savings from getting on-premise systems off of the company's budget and on to a per monthly payment schedule of some sort. But, what we're talking about is being able to do things that couldn't be done before across these businesses that are unique and specific to these industries.

I wonder if we have some sort of a metric of success from some of the examples that we’ve talked

. . . we're able to offer a lot more visibility to every element in the supply chain about the different stages of how the product is actually used.

about so far. We’ve talked about automotive and food and retail recalls. What do these new and interesting processes actually get for us as a business?

Keyes: One example I would like to highlight here especially is in the traceability area around product. If you look at some of the more difficult supply chains, food is one of the more difficult supply chains out there. There can be anywhere up to 20 different nodes or elements from "farm to fork," as they like to say in the industry. Industry or entities near the start of the supply chain would like to get more information on how the product might be used.

In the more traditional way of what we like to call the "one step up, one step down," when a product is bought by a consumer, the actual entity of the grower -- be it the farmer, the producer, or whatever -- may not have information to how that product is actually used.

Now, with this mechanism, this cloud-based service, because each entity is subscribing to the whole cloud hub -- or exchange, as we like to call it -- we're able to offer a lot more visibility to every element in the supply chain about the different stages of how the product is actually used. That becomes something that can be turned into quite a competitive nature also.

Gardner: Does, anyone else out there have some metrics of success of how businesses have already been able to use this to their advantage?

Cost saving potential

Roessler: I'd like to build on some of the thoughts we were discussing earlier. One of the dimensions clearly has cost-saving potential. The cloud is pushing a critical enabling technology into the IT departments, and whether they're sourcing the cloud from outside or they are building cloud services within the enterprise doesn’t matter. In order to be successful and capitalize on the technology, you need to automate a significant portion of your services as an IT company. That will then ultimately deliver the cost savings everybody is waiting for.

A lot of IT departments are still spending the majority of their budgets on operations, and so cloud is pushing even further the need for automation. It subsequently will be measured and judged on the deliverables towards cost savings.

Verstraete: If you'll allow me to give out one additional example, Bernd talked a little bit earlier about this whole concept of MagCloud, and he was pointing out the long tail of magazine printing. Fundamentally, the other element in MagCloud is that it becomes a print on demand, which means you only print the magazine when someone actually buys it.

I don't know whether you realize that 60 percent of the magazines that are printed in the US are

By using cloud services and by changing the approach that is provided to the customer, at the same time you do a very good thing from an environmental perspective.

not sold to customers and are going back for recycling. It’s fascinating when you think about it.

By using cloud services and by changing the approach that is provided to the customer, at the same time you do a very good thing from an environmental perspective. You suddenly start seeing that cloud is adding value in different ways, depending on how you use it. As you said earlier, it allows you to do things that you could not do before, and that's an important point.

Gardner: So, this visibility across multiple partners, including the end consumer, could reduce waste significantly, which of course reduces energy use and the carbon footprint. So, we should think about overall resource efficiency as an aspect of this as well.

Verstraete: Absolutely.

Gardner: Now, for those listeners who are getting some ideas about how they could use cloud and how it could enhance their business specifically, how does one get started? How does one start on this journey, where these cost reductions are in the offing, as well as efficiencies and these innovative new business processes?

Cloud over-hyped

Verstraete: I would suggest they first ask themselves one question, and you alluded to it earlier, Dana. Cloud is very much over hyped. So if we all think about the Gartner Hype Curve, what’s going to happen is we’re going to go through a trough of disillusionment?

Companies that are able at this point in time to invest in cloud are companies that understand that we’re going through that disillusion. We will start hearing bad noise and bad news about cloud. Despite that they continue investing and continue learning where and how the cloud could actually serve in their environment. If they're not, it’s probably not a good time to invest right now. I want to say that first.

The second element is to gain a good understanding of what the cloud is and then really start thinking about where the cloud could really add value to their enterprise. One of the things that we announced last week is a workshop that helps them to do that – The HP Cloud Discovery Workshop -- that involves sitting down with our customers and working with them, trying to first explain cloud to them, having them gain a good understanding of what a cloud really is, and then looking with them at where it can really start adding value to them.

Once they’ve done that, they can then start building a roadmap of how they will start experimenting with the cloud, how they will learn from implementing the cloud. They can then move and grow their capabilities in that space, as they grow those new services, as they grow those new capabilities, as they build a trust that we talked about earlier.

Gardner: Does anyone else have some thoughts on how to get started?

Roessler: I'd like to build on what Christian was saying. I think that we are, particularly in the


What we’re offering to our clients is to capitalize on some of the research, some of the findings, and also some of our own insights . . .

enterprise space, seeing that a lot of companies that are at the very beginning of the learning curve. I think it’s a joint requirement to work on that learning.

What we’re offering to our clients is to capitalize on some of the research, some of the findings, and also some of our own insights, because we shouldn't forget that HP is not only building the computer, we’re also in the consumer environment. So we're in the unique position to capitalize on what we would call the cloud to the business, as well as the cloud for consumer environments, and we are inviting our clients to basically capitalize on that.

Gardner: We've been discussing how the cloud can help uncover new technology-enabled business opportunities. The cloud is more than just a blunt instrument that cuts cost for consumer services, but increasingly is now being used in the enterprise, and we expect that to pick up over the coming years.

Helping us to understand these issues we've been joined by Christian Verstraete. He is the Chief Technology Officer for Manufacturing and Distribution Industries Worldwide at HP. You've been joining us from Brussels, is that right Christian?

Verstraete: Absolutely.

Gardner: Very good. I appreciate your input.

Verstraete: You're welcome.

Gardner: We’ve also been joined by Bernd Roessler, marketing manager for Manufacturing Industries at HP. Where are you joining us from today, Bernd?

Roessler: Frankfurt, Germany.

Gardner: Very good, I appreciate your input as well. Then lastly, we've been joined by Mick Keyes, senior architect for Business Critical Systems at HP, and I believe you're in Dublin today, is that right Mick?

Keyes: Yes indeed. I'm here from sunny Dublin for a change.

Gardner: Well, thanks again. This is Dana Gardner, principal analyst at Interarbor Solutions. You've been listening to a sponsored BriefingsDirect podcast. Thanks for listening and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Hewlett Packard.

Free Offer: Get a complimentary copy of the new book Cloud Computing For Dummies courtesy of Hewlett-Packard at www.hp.com/go/cloudpodcastoffer.

Transcript of a sponsored BriefingsDirect podcast on cloud computing and the new business opportunities it offers for specific industries. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.

Monday, August 24, 2009

IT and Log Search as SaaS Gains Operators Fast, Affordable and Deep Access to System Behaviors

Transcript of a sponsored BriefingsDirect podcast on how IT and log search and analytics are helping companies and MSPs better monitor, troubleshoot, and manage their networks and applications.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Paglo.

Automatically discover your IT data and make it accessible and useful. Get started for free.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to BriefingsDirect.

Today we present a sponsored podcast discussion on efficient ways to keep IT operations running smoothly at the scale demanded of public-facing applications and services.

We'll explore IT search and systems log management as a service. We'll examine how network management, systems analytics, and log search come together, so that IT operators can gain easy access to identify and fix problems deep inside complex distributed environments.

Here to help us better understand how systems log management and search work, and how to gain such functionality as a service, are Dr. Chris Waters, co-founder and chief technology officer at Paglo. Welcome, Chris.

Chris Waters: Hi, Dana.

Gardner: We're also joined by Jignesh Ruparel, system engineer at Infobond, a value-added reseller (VAR) in Fremont, Calif. Welcome Jignesh.

Jignesh Ruparel: Hi, Dana.

Gardner: Chris, let's start with you. How has life changed for IT operators? We have a recession. We have tight budgets. And yet, we have demands that seem to be increasing, particularly when we consider that more applications are now facing the public and are under this large Web-scale demand?

Waters: IT never stands still. There are always new technologies coming on line. Right now, we're seeing a really interesting transition, as more applications become Web-based, both Internet-oriented, Web-based applications and Web-based applications provided out of the cloud.

For an IT professional, being able to monitor the health of applications like this and the successful deployment across the local area network (LAN) and the wide area network (WAN) to their local users provides them additional dividend that hasn’t been there in the past.

Gardner: What sort of requirements have changed in terms of getting insights and access to what’s going on within these systems?

More information

Waters: There are several things. There’s just more information flowing, and more information about the IT environment. You mentioned search in your preamble. Search is a great technology for quickly drilling through a lot of noise to get to the exact piece of data that you want, as more and more data flows at you as an IT professional.

One of the other challenges is the distribution of these applications across increasingly distributed companies and applications that are now running out of remote data centers and out of the cloud as well.

Gardner: As folks start to wrap their minds around cloud computing and the benefits, there's an inherent risk in being responsible for services that you don’t necessarily have authority over. Is this something that you are finding at Paglo? Are customers interested in how to gain insight into systems beyond their immediate control?

Waters: Absolutely. When you're trying to monitor applications out of a data center, you can no

You can’t do any IT at all, if you don't start with a good inventory. And, inventory here means not just the computers connected to the network, but the structure of the network itself . . .

longer use software systems that you have installed on your local premise. You have to have something that can reach into that data center. That’s where being able to deliver your IT solution as software-as-a-service (SaaS) or a cloud-based application itself is really important.

Gardner: So, as we're looking to do IT management and network monitoring, we're interested in log management at a higher level abstraction of analytics, the same old tools don’t seems to be up to the task.

Waters: That’s exactly right. They're much more oriented towards managing LAN environments than they are to managing the evolving IT landscape.

Gardner: Furthermore, this is not just for remediation and fixing, but audit trails, making sure you know what you have under your purview and what is actually supporting business processes. You can’t fix what you don’t know that you have.

Waters: You can’t do any IT at all, if you don't start with a good inventory. And, inventory here means not just the computers connected to the network, but the structure of the network itself -- the users, the groups that they belong to, and, of course, all of the software and systems that are running on all those machines.

Gardner: Many vendors that deliver enterprise infrastructure have some very strong tools for themselves, but they don’t necessarily extend that across their competitor's environment. So, we need something that is, in a sense, above the fray.

Bringing solutions together

Waters: You've got this heterogeneity in your IT environments, where you want to bring together solutions from traditional software vendors like Microsoft and cloud providers like Amazon, with their EC2, and it allows you to run things out of the cloud, along with software from open-source providers.

All of the software in these systems and this hardware is generating completely disparate types of information. Being able to pull all that together and use an engine that can suck up all that data in there and help you quickly get to answers is really the only way to be able to have a single system that gives you visibility across every aspect of your IT environment.

Gardner: As we see more interest in SaaS applications, as we see more interest in mixing up

Nothing in this world ever gets simpler. What you're trying to find are solutions that help you capture all that noise.

sourcing options, in terms of colocation or outsourcing, cloud providers launching their own applications on someone else's infrastructure, these issues are just going to grow more complex, right?

Waters: Nothing in this world ever gets simpler. What you're trying to find are solutions that help you capture all that noise.

Gardner: Tell us a little about Paglo. What makes it different? You deliver search for log systems as a service?

Waters: That’s right. Paglo is different from other IT systems in two significant ways. The first is that at the heart of Paglo is search. Search allows us to take information from every aspect of IT, from the log files that you have mentioned, but also from information about the structure of the network, the operation of the machines on the network, information about all the users, and every aspect of IT.

We put that into a search index, and then use a familiar paradigm, just as you'd search with Google. You can search in Paglo to find information about the particular error messages, or information about particular machines, or find which machines have certain software installed on them. So, search is a way that Paglo is fundamentally different than how IT has been done in the past.

SaaS offering

The second thing unique about Paglo is that we deliver the solution as a SaaS offering. This means that you get to take advantage of our expertise in running our software on our service, and you get to leverage the power of our data centers for the storage and constant monitoring of the IT system itself.

This allows people who are responsible for networks, servers, and workstations to focus on their expertise, which is not maintaining the IT management system, but maintaining those networks, servers, and workstations.

Gardner: I suppose that puts the emphasis on the data and the information about the systems and not necessarily on agents or on-premises' appliances or systems.

Waters: Exactly.

Gardner: Tell me a little bit about how that works. It sounds a little counterintuitive, when you

That’s why we have a piece of software that sits inside the network. So, there are no special firewall holes that need to be opened or compromised in the security with that.

first think about. I’m going to manage my system through someone else's software on their cloud or their infrastructure.

Waters: The way Paglo works is that we have what we call the Paglo Crawler, which is a small piece of software that you download and install onto one server in your network. From that one server, the Paglo Crawler then discovers the structure of the rest of the network and all the other computers connected to that network. It logs onto those computers and gathers rich information about the software and operating environment.

That information is then securely sent to the Paglo data center, where it's indexed and stored on the search index. You can then log in to the Paglo service with your Web browser from anywhere in your office, from your iPhone, or from your home and gain visibility into what's happening in real time in the IT environment.

Gardner: What about security? What about risks -- the usual concerns that people have with SaaS and cloud?

Waters: There are a few aspects there. The first thing is that to do its job the Crawler needs some access to what’s going on in the network, but any credentials that you provide to the Crawler to log in never leaves the network itself. That’s why we have a piece of software that sits inside the network. So, there are no special firewall holes that need to be opened or compromised in the security with that.

There is another aspect, which is very counterintuitive, and that people don't expect when they think about SaaS. Here at Paglo, we are focused on one thing, which is securely and reliably operating the Paglo service. So, the expertise that we put into those two things is much more focused than you would expect within an IT department, where you are focused on solving many, many different challenges.

Increased reliability

Ultimately, I think what people see when they use SaaS offerings is that the reliability they get out of their software goes up dramatically, because they are no longer responsible for operating it themselves or dealing with software upgrades. There is no such thing as a software upgrade for a SaaS service. It's a transparent operation. The same applies to security as well. We are maniacally focused on making sure that Paglo and our Paglo data center are secure.

Gardner: Is this just for enterprises, small or medium-sized business, or managed service providers (MSPs)? How does this affect the various segments of the IT installed community?

Waters: We see users of Paglo across all aspects of the IT spectrum. We have a lot of users who are from small and medium-sized businesses. We also see departments within some very large enterprises, as well, using Paglo, and often that's for managing not just on-premise equipment, but also managing equipment out of their own data centers.

Paglo is ideal for managing data-center environments, because, in that case, the IT people and the hardware are already remote from each other. So, the benefits of SaaS are double there. We also see a lot of MSPs and IT consultants who use Paglo to deliver their own service to their users.

Gardner: Let's go to Jignesh. Jignesh, you have been very patient, as we learn about IT search


That would not have been possible, if there wasn't one place where we could aggregate all this information and quickly extract it, either into a reportable format or a customized format.

as a service, but tell me about Infobond. What sorts of issues were you dealing with, as you started looking for better insights into what your systems are doing?

Ruparel: As far as Infobond, we have been in business for 15 years. We have been primarily a break-fix organization, moving into managed services, monitoring services.

The first challenge in going in that direction was that we needed visibility into customer networks of the customers we service. For that we needed a tool that would be compatible with the various protocols that are out there to manage the networks -- namely SNMP, WMI, Syslog. We needed to have all of them go into a tool and be able to quickly search for various things.

To give you a very small example, recently we had some issues with virtual private network (VPN) clients for a customer who was using Paglo. We took the logs of the firewalls, plugged it into the Paglo system, and very quickly, we were able to decipher the issue that was taking place with the client that wasn't able to connect.

That would not have been possible, if there wasn't one place where we could aggregate all this information and quickly extract it, either into a reportable format or a customized format. That was the major challenge that we had.

Advanced technology

We basically looked at various solutions out there -- open source and commercial -- and we found that the technology that Paglo is using is very, very advanced. They aggregate the information and make it very easy for you to search.

You can very quickly create customized dashboards and customized reports based on that data for the end customer, thus providing more of a personal and customized approach to the monitoring for the customers. We deal in the small to mid-sized markets. So, we have varied customers -- biotech, healthcare, manufacturing, and real estate.

Gardner: Now, you've been able to use this search function for this one-off remediation and discovery types of tasks, but have you built templates or recurring searches that you use on a regular basis for ongoing maintenance and support?

Ruparel: Absolutely. Right now, we have created customized dashboards for our customers. Some of them are a common denominator to various sorts of customers. An example would be an Exchange dashboard. Customers would love to have a dashboard that they have on the screen

At the end of the day, I look at it very simply as collecting information in one place, and then being able to extract that easily for various situations and environments.

for Exchange and know what the queues that are taking places in the Exchange Server, mailbox sizes, RPC connections, the service latency, and all this kind of stuff. We have an Exchange dashboard for that, which our customers use regularly to get a status update on what's taking place with their Exchange.

We also have it for VMware. These are some things that are a common denominator to almost all customers that are moving with the technology, implementing new technologies, such as VMware, the latest Exchange versions, Linux environments for development, and Windows for their end users.

The number of pieces of software and the number of technologies that IT implements is far more than it used to be, and it’s going to get more and more complex as time progresses. With that, you need something like Paglo, where it pulls all the information in one place, and then you can create customized uses for the end customers.

At the end of the day, I look at it very simply as collecting information in one place, and then being able to extract that easily for various situations and environments.

Gardner: So, from your vantage point, going SaaS for these values is not something to consider as a risk factor, but really is an enabling technology factor?

Ruparel: Absolutely. There is always going to be that. We are at a stage where SaaS implementations are taking place at a very rapid rate, and that is the wave of the future. Why? Because, if you look at it, what would you need to set up a monitoring system that supports so many protocols in your own network it would be very expensive.

Missing pieces

Not only that, but if you were to take some other piece of software out there, install it in your network, and monitor the systems, it will not be an end-all solution. There will always be pieces missing, because each vendor is going to focus on certain aspects of the monitoring and management. What Paglo is doing is bringing all of that together by building a platform where you can do that easily.

Gardner: Let's go back to Chris. Why don’t older approaches work? Why wouldn’t an on-premise server and appliance approach offer the same sorts of benefits?

Waters: There are a couple of issues. Jignesh just touched one of them, which is particularly appropriate to MSPs. Once the people who are managing the data are remote from the systems, then where are you going to put the servers as an MSP, if you want to manage information from multiple clients?

Now you are into the business of having to build out your own data center to aggregate that information, which obviously is costly and involves a lot of effort, not to mention the ongoing effort of keeping all of that stuff alive.

Gardner: Well, we've heard this makes great sense for the MSPs, the small and medium-sized businesses, and the ecology of play there. What about the large enterprise? They almost act like

Paglo can take data from all of those different disciplines, and, as you try to solve problems or improve the monitoring or service level agreement (SLA) monitoring that you are doing on your network, within Paglo you've got one place to look.

their own MSPs. How does this fit with their legacy approach to the log data from these systems and being able to search and index it?

Waters: If you look at the IT management landscape, especially for enterprises, what you see is a highly fragmented environment, where each different IT problem has a different system or set of tools that are applied against it.

The beauty of taking search and applying that to IT and log management is that it allows us to pull together in one place data that previously would have been considered completely different disciplines. The data was previously being fed into your network monitoring software, into your IT asset inventory, or into your server management software.

Paglo can take data from all of those different disciplines, and, as you try to solve problems or improve the monitoring or service level agreement (SLA) monitoring that you are doing on your network, within Paglo you've got one place to look. You can look across servers through the network to users in a single consolidated view.

Gardner: Jignesh, back to you. You mentioned several important industry segments. A couple of them are under quite a bit of regulation. Is there something about audit trail, search, dashboards, and the SaaS approach that in some way benefits compliance and adherence?

Configuration changes

Ruparel: Absolutely. Keeping track of configuration changes on devices is important. Some of the stuff that I am mentioning may not be available at this instant on Paglo, but knowing the infrastructure as I have learned it over the last four to five months on Paglo, I'd say that building such tools is very easy.

They already have a bunch of reports on there that give you a lot of support with various compliance measures, such as HIPAA, Sarbanes-Oxley, and provide reports on that. However, there is still a little bit of work that is required to get to that stage, where the reports are directly targeted towards a particular regulation.

As far as the generic reports that deregulation would require, say audit trails on who logged in, I mentioned to you regarding the VPN issue that I faced. I generated reports on all the users who had logged in via VPN over the last month in a snap. It was very, very quick. It took me less than two minutes to get that information. Having that quick of response in getting the information you want is very, very powerful. I think Paglo does that extremely well.

Definitely there is a huge advantage of having this information collected. As far as generating reports are concerned, that is something that not only Paglo can provide support on there, but Infobond, if you are interested, can provide support on it as well.

Gardner: We've talked about some of the qualitative benefits and the benefits of SaaS, but what

You would probably need a person dedicated for approximately two to three months to get the information into the system and presentable to the point where its useful. With Paglo, I can do that within four hours.

about cost? It seems to me that the implementation cost would be lower, but how about the general operating cost, Jignesh, now that you've been using this for several months?

Ruparel: Let’s look at it from two different perspectives. If I go and set things up without Paglo, it would require me, as Chris had mentioned, to place a server at the customer site. We would have to worry about not only maintenance of the hardware, but the maintenance of the software at the customer site as well, and we would have to do all of this effort.

We would then have to make sure that our systems that those servers communicate to are also maintained and steady 24/7. We would have multiple data centers, where we can get support. In case one data center dies, we have another one that takes over. All of that infrastructure cost would be used as an MSP.

Now, if you were to look at it from a customer's perspective, it's the same situation. You have a software piece that you install on a server. You would probably need a person dedicated for approximately two to three months to get the information into the system and presentable to the point where its useful. With Paglo, I can do that within four hours.

Gardner: Can you give me any metrics of success in terms of cost? It certainly sounds compelling?

Lowest cost

Ruparel: As far as cost is concerned, right now Paglo charges a $1.00 a device. That is unheard of in the industry right now. The cheapest that I have gotten from other vendors, where you would install a big piece of hardware and the software that goes along with it, and the cost associated with that per device is approximately $4-5, and not delivering a central source of information that is accessible from anywhere.

As far as cost, infrastructure cost wise, we save a ton of money. Manpower wise, the number of hours that I have to have engineers working on it, we save tons of time. Number three, after all of that, what I pay to Paglo is still a lot less than it would cost me.

Gardner: Chris Waters, tell me a bit about the future. It seems to me that this is a paradigm shift, if I could use sort of a cliché, in terms of cloud resources, and then using the network a bit more strategically. Now that you have taken this first step with Paglo, do you have any sense of where you expect to go next?

Waters: We're riding the wave of adoption of cloud by services, and we use that ourselves. The reason we're able to offer our service so cost effectively is that we leverage a very efficient data center. The Paglo back-end is designed specifically to support many, many tens of thousands of SaaS customers. So, they get to take advantage of the infrastructure that we have been building there, and we pass those cost savings on to them.

We all know that we're riding the benefits of Moore's Law as computational power becomes cheaper and network bandwidth costs less. Those things both allow us to do with Paglo more sophisticated analysis and capture more interesting data about the IT environment.

The most recent data source that we added to Paglo was the ability to capture information about

Companies like YouTube taught us . . . that if you for a second forget about bandwidth costs and you forget about storage costs . . . you can do some really interesting things.

your logs. I would say that the log management space is still barely scratching the surface of what’s possible with logs. As companies move towards more Web-based services, there is an interesting characteristic. Web-based services generate more log data, when you contrast that with more traditional client-server based software. So the possibilities for analyzing that data and drawing conclusions from that data, and having it integrated with an overall perspective of the entire IT system is going to be a pretty cool part of Paglo's future.

Gardner: In the past, there were a number of inhibitors to where you could go with this. There was the storage cost. There was the access cost. There were simply network and bandwidth issues, and then the ability to deal with that increasing load of data. Now it sounds as if you are pretty much free to start collecting everything.

Waters: Companies like YouTube taught us, and taught everybody, that if you for a second forget about bandwidth costs and you forget about storage costs, because they are rapidly hitting towards zero, and let your imagination run wild, you can do some really interesting things. Paglo takes advantage of those insights.

Gardner: For those folks who want to learn more about this, how does one get started? Is this a long process? I think Jignesh mentions only four hours, but tell us a little bit about the ramp-up process and where you might get some more information?

Principle of transparency

Waters: One of our fundamental operating principles here at Paglo is our principle of transparency. We want to make it extremely easy for people to find out information about Paglo, try it, and buy it.

You can go to paglo.com and read a lot more about how Paglo works and see a lot of screen shots of what the Paglo experience is like. You can sign up without a human ever being involved. So from sign up, to being able to search your own IT data is simply a matter of minutes.

Gardner: Very good. We've been learning quite a bit about the opportunity to do IT search and log search and management as a service. This gets to the heart of network management and analytics, and appears to be a value for MSPs, SMBs, and enterprises.

Here helping us discuss how we scale IT operations to the demands of the Web more smoothly and apparently at quite a bit of less cost, we have been joined by Dr. Chris Waters, co-founder and CTO of Paglo. Thanks for joining, Chris.

Waters: Thanks.

Gardner: We have also been joined by Jignesh Ruparel, system engineer at Infobond. Thanks so much, Jignesh.

Ruparel: Thank you Dana.

Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions. You have been listening to a sponsored BriefingsDirect podcast. Thanks for listening, and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Paglo.

Automatically discover your IT data and make it accessible and useful. Get started for free.

Transcript of a sponsored BriefingsDirect podcast on how IT and log search and analytics are helping companies and MSPs better monitor, troubleshoot, and manage their networks and applications. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.

Sunday, August 23, 2009

ITIL 3 Leads Way in Helping IT Transform Via the 'Reset Economy' into Mature Business Units

Transcript of a sponsored BriefingsDirect podcast on the latest version of ITIL, and how it helps IT organizations transform how they operate as business units.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Hewlett Packard.

Free Offer: Get a complimentary copy of the new book Cloud Computing For Dummies courtesy of Hewlett-Packard at www.hp.com/go/cloudpodcastoffer.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you're listening to BriefingsDirect.

Today, we present a sponsored podcast discussion on how to better understand the standards and methods around ITIL Version 3, Prescriptions and Guidelines. We'll unlock the secrets behind ITIL Version 3, and debunk some common misunderstandings about ITIL and how it can be best used.

We're joined by three experts on ITIL, and they are folks who have been instrumental in ITIL development. They'll help us look into ways that IT leaders can leverage IT Service Management (ITSM) for better efficiency, operational accountability and how to keep the IT trains running on time and also at the lowest possible total costs.

Please join me in welcoming David Cannon. He's the co-author of the Service Operation Book for the latest version of ITIL, and an ITSM practice principal at Hewlett-Packard (HP). Welcome David.

David Cannon: Hi, Dana. Thanks very much.

Gardner: We’re also joined by Stuart Rance, service management expert at HP, as well as co-author of ITIL Version 3 Glossary, and of numerous other service management pocket guides. Welcome, Stuart.

Stuart Rance: Hello. Thank you.

Gardner: Also joining us is, Ashley Hanna, business development manager at HP and a co-author of ITIL Version 3 Glossary, and other industry best practices. Welcome, Ashley.

Ashley Hanna: Hello. Thank you.

Gardner: Let me direct my first question to David Cannon. Tell us a little bit about why the need for ITSM is a bit more acute nowadays. What do a tough economy and lean budgets mean in terms of how ITIL can be of benefit?

Cannon: That's a very interesting question. The first thing that comes to mind, whenever we think about that, is that IT needs to save costs. In fact, the business puts a lot of pressure on IT to bring their costs down. But, in this economy, what we're seeing is that IT plays a way more important role than simply saving money.

Business has to change the way in which it works. It has to come up with different services. The business has to reduce its cost. It has to find better ways of doing business. It has to consolidate services. In every single one of those decisions, IT is going to play an instrumental role. The way in which the business moves itself towards the current economy has to be supported by the way in which IT works.

Now, if there is no linkage between the business and the way in which IT is managed, then it's going to be really, really difficult for the business to get that kind of value out of IT. So, ITSM provides a way in which IT and the business can communicate and design new ways of doing business in the current economy.

Gardner: Some of the popular business press released here in the United States has been calling the recession a "reset" and saying that "business as usual" is really not going to fly. Is ITIL something that can help with that, both at the IT level and the business level with this notion of a reset, David?

Changing operating models

Cannon: Yes, it is. That's not to say that, in every single case, IT is going to drive these changes to the business. What we're seeing in the reset is that businesses have to change their operating models.

Part of an operating model within any business is their IT environments and the way in which IT works and is integrated into the business processes and services. So, when we talk about a reset, what we're really talking about is just a re-gearing of the operating models in the business, and that includes IT.

The way in which IT works and the processes that you read about in ITIL Version 3, for example,

What I've seen recently is that organizations that have already achieved a level of ITSM maturity are really building on that now to improve their efficiency, their effectiveness, and their cost-effectiveness.


are increasingly being used in the business environment to create new services or different ways to manage their existing operational environments.

Gardner: I wonder if any of our speakers thinks that the economy has, in fact, provided an impetus or catalyst to embrace ITIL, whether it's in its versions, 1, 2 or 3. Is it possible that there has been a silver lining to this dark economic cloud?

Rance: That's a really interesting question. What I've seen recently is that organizations that have already achieved a level of ITSM maturity are really building on that now to improve their efficiency, their effectiveness, and their cost-effectiveness.

Maybe a year or two years ago, other organizations that were less mature and a bit less effective were managing to keep up, because things weren't so tight and there was plenty of fat left. What I'm seeing now is that those organizations that implemented ITSM are getting further and further ahead of their competition.

For organizations that are not managing their IT services effectively towards the end of the slump it's going to be really difficult. Some organizations will start to grow fast and pick up business, and they are going to carry on shrinking.

Gardner: Thank you, Stuart. Ashley, do you have anything further to offer?

Hanna: I think, as well, that if ITIL has been implemented correctly, then it is not an overhead. As times get tough, it's not something you turn off. It becomes part of what you do day-to-day, and you gain those improvements and efficiencies over time. You don't need to stop doing it. In fact, it's just part of what you do.

Gardner: For those of our listeners who might not be too deeply aware and have the background for ITIL, let's give them a quick primer. David, help me understand a little bit about the context of ITIL and where it fits in now.

Helping operations managers


Cannon: ITIL was initially created within the UK government to help operations managers within IT manage that environment a lot better. As the industry progressed, and as we became more mature about the way in which we managed IT, it became very clear that what we were really doing was not simply managing a set of infrastructure components and applications. What we were really doing was delivering a set of services to the business.

As that matured, we began to realize that we're not simply providing a set of outputs to the business and then forgetting about what the business does with them, and, as long as we produce the outputs, we've done our job. We began to realize that this approach wasn't good enough. What we had to do was focus on not only what we delivered to the business, but also what the business did with those services. So, we are focused more on the business outcomes.

In the current environment and in the current version of ITIL, we're looking at not only how IT manages itself, but how IT provides service to the business, and also how the business generates value based on the services that they use from IT. That's where the industry is right now.

And, just to stress, ITIL didn't invent the stuff. ITIL is not a theoretical approach that came out of the minds of a few academic individuals. It really is based on what companies have been doing over the past 20 years. So, when you read ITIL, everything you see in those books is something that has been done by a company somewhere, and it has worked.

What you have there is a set of recipes, which really talk about how I, as an IT professional, can play a strategic role within the business, and how I can help to measure my contribution of value within the business organization. That's really where we are within ITIL right now.

Gardner: Stuart or Ashley, do you have anything further to offer on a level set on ITIL nowadays?

Rance: I've got a lot that I'd like to say about value, but I'll hold off on that for now. I'd like to talk about what service management is from a more operational viewpoint, because a lot of people don't really get what we're talking about, when we talk about service management.

The point is that there are lots of different service providers out there offering services. Everybody has some kind of competition, whether it's internal, a sort of outsourcing, or alternate ways of providing service.

All of those service providers have access to the same sorts of resources. They can all buy the same servers, network components, and software licenses, and they can all build data centers of the same standards. So, the difference between service providers isn't in those resources they bring to bear. They are all the same.

Service management is the capabilities a service provider brings in order to deploy, control, and manage those resources to create some value for their customers. It includes things about all of your processes for managing changes, incidents, or the organizational designs and their roles and responsibilities, and lots of different things that you develop over time as an organization, it's how you create value from your resources and distinguish yourself from alternate service providers.

Gardner: Is there anything from you, Ashley?

Focusing on outcomes

Hanna: I'm just reflecting on what both have said. We've gone from managing technology processes, which was certainly an improvement, to managing end-to-end IT service and its lifecycle and focusing on the business outcome.

It's not just which technology we are supporting and what silos we might be in. We need to worry about what the outcome is on the business? The starting point should be the outcome and everything we do should be designed to achieve what's wanted.

Gardner: David, it certainly seems to me that the progression of IT is toward the delivery of processes, rather than technology sets. The feature function abstraction is perhaps elevated, particularly now, when we think about cloud services and a variety of different sourcing options. That seems to me to dovetail very well with the fact that we're changing the way that IT operates at precisely the same time as the way that IT is consumed is changing. Does that sound fair?

Cannon: Yes, it does sound fair. I think in terms of initiatives or movements like cloud, or should I say trends, what you're seeing is a focus on exactly what it is that I get out of IT, as opposed to a focus from the business on the internal workings of IT.

What you've seen historically is that the business has traditionally been very concerned about the internal workings of IT. They're very concerned about mitigating risk and very concerned about making sure that we're running in a cost-optimal way. What things like cloud tend to do is to provide business with a way of relating to IT as a set of services, without needing to worry about what's going on underneath the surface.

However, I need to point out that, even within a cloud environment, where you have a cloud-service provider, that service provider still has to worry about the processes.

So, business is going to look for clear solutions that meet their needs and can change with their needs in very short times.

They have to worry about managing the technology. These issues don't go away. It really is just a different way of dealing with the sourcing and resourcing of how you provide services.

Gardner: So, I suppose the point is that ITSM, how you run your IT department and how you provide for your users and their perceptions of IT as a business partner, is being elevated by some of these other trends in the sourcing environment?

Cannon: Yes, and what we're seeing is just the need for business to be able to react quickly and the need for them to be able to be very flexible within a rapidly changing volatile economy. So, business is going to look for clear solutions that meet their needs and can change with their needs in very short times.

Gardner: Ashley, let's go to you now about some of the myths or misunderstandings around ITIL -- what needs to be debunked or what lets people stray in understanding ITIL and how they could avail themselves of it?

Responding to change


Hanna: A lot of the issues are based on the fact that something has changed. We all know and love ITIL Version 2, and have a certain image of that in our minds -- and we all respond differently to change.

An issue that comes up quite a lot is that ITIL Version 3 appears to have gotten much bigger and more complex. Some people look at it and wonder where the old service delivery and service support areas have gone, and they've taken surprise by the size of V3 and the number of core books.

There is new content in Version 3, but actually Version 2 was pretty big, if you looked at the complete set of publications that came out. This view of it being small and self-contained was reinforced by what we were taught, when we studied Version 2.

The highest level of certification then was the Managers certificate and exam.

. . . these changes are long awaited and they're very useful additions to ITIL . .

This concentrated just on service delivery and service support. Yet, there were at least five other significant areas. Publications that came out from those other areas, such as business perspective and planning to implement, didn't get the same kind of attention.

When Version 3 came out, it launched with a much bigger perspective right from the beginning. Instead of having just two things to focus on, there are five core books. I think that has made it look much bigger and more complex than Version 2.

It is true that if you go through education, you do need to get your head around the new service life-cycle concept and the concept called "business outcomes", as we've already mentioned. And, you need to have an appreciation of what's unique to the five core books. But, these changes are long awaited and they're very useful additions to ITIL, and complementary to what we've already learned before.

Gardner: Stuart, just for the edification of our audience, what general characteristics would you apply to Version 2 and then Version 3, and what generally distinguishes them?

Better and cheaper


Rance: Version 2 was very much about how the IT service provider could do what it does effectively, efficiently, and cost effectively. All of the Version 2 processes led to ways that the service provider could deliver what they did better and cheaper. What it didn't really look to was the value of what they were doing, and were they doing the right things?

I'll give you a simple example. Version 2, in financial management, talked very much about what sort of cost units you should be looking at, how you should be calculating things, how you should be doing your accounting.

Version 3 includes that, but it includes it in quite a small part of the book in a couple of sentences that basically say your accountants will tell you how to do that. If you look at financial management in ITIL Version 3, it says you really have to understand the cost of supplying each service that you supply and you have to understand the value that each of those services delivers to your customers.

Now, that's a very simple concept. If you think of it in a broader context, you can't imagine, say, a car manufacturer who didn't know the cost of producing a car or the value of that car in the market. But, huge numbers of IT service providers really don't understand the cost of using its service and the value of that service in the market.

ITIL V3 very much focuses on that sort of idea -- really understanding what we are doing in terms of value and in terms of cost-effectiveness of that level, rather than that procedural level.

Gardner: Going to you David, is there something about ITIL and the confusion that might exist in some quarters around this notion of financial management? Where do you see this financial management aspect of ITIL and is that something that people need to better get their heads around?

Cannon: Financial management really hasn't changed in the essence of what it is. Financial management is a set of very well defined disciplines.

ITIL V3 very much focuses on that sort of idea -- really understanding what we are doing in terms of value and in terms of cost-effectiveness of that level, rather than that procedural level.

There are well-established procedures and practices. When applied within IT, financial management really starts to answer some very specific questions.

In Version 3, the nature of those questions changes. For example, in Version 2, we talk about how to account for the cost of providing IT services and how to track your assets, for example. It's very much a cost-based model of financial management.

Within Version 3, the financial management questions become more strategic. How do we calculate value? How do we align the cost of a service with the actual outcome that the business is trying to achieve? How do we account for changing finances over time?

For example, if we invest a certain amount of money this year, what is the relative value of that investment going to be in 5 or 10 years time? How do I align financial decisions that I make with the portfolio of services that I deliver? How can I track the investment in IT throughout the life-cycle of the services that I am providing?

Questions have changed


So, the questions that we ask in financial management within ITIL have changed significantly, but the underlying core procedures and practices are still the standard financial practices that exist within any organization.

Gardner: As we progress from applying financial management to systems, and then now to processes, it sounds as if we're starting to talk more the talk of the business side of the house. Business probably wants to understand the true cost of processes.

My question then is, do the folks on the business side of the house need to know anything about ITIL, or do they simply need to know what the fruits of ITIL are? Let me throw that out to Stuart.

Rance: Something that David said earlier, which I have also come across, is that a lot of businesses are in the service business themselves. It might not be IT service, but many of the customers we're dealing with are in some kind of service business, whether it's a logistics business or a transport business. Even a retailer is in the service businesses, and they provide goods as well.

In order to run any kind of a service you need to have service management. You need to manage your incidents, problems, changes, finances, and all those other things. What I'm starting to see is that things that started within the IT organization -- incident management, problem management and change management -- some of my better customers are now starting to pick up within their business operations.

They're doing something very much like ITIL incident management, ITIL change management, or ITIL problem management within the business of delivering the service to their customers.

. . . if you're running yourself as a business, you need to understand the business or businesses you serve, and you need to behave in the same way.

That completely gives you an end-to-end value chain, where the incident management, problem management, and change management you're doing within IT is simply a subset of your overall business incident management, problem management and change management. And, I could have listed all the other processes as well.

Gardner: It sounds as if we're moving toward some sort of a unifying theory of how to run both your business and your IT department. Essentially, they're both providing service management, provisioning, delivery, and measurement function. Why shouldn't they have a similar framework?

Hanna: I absolutely agree. Some of the shock that some people have when they pick up the service strategy book in ITIL V3 is they see it reads as a business book -- where is the IT, where is the data, where has my memory chip gone from this book? That's deliberate. It sets out that if you're running yourself as a business, you need to understand the business or businesses you serve, and you need to behave in the same way.

There's a great deal of new thinking that has gone into the service strategy side of things around providing a service of any kind. And as Stuart said, businesses can start adopting some of the IT process practice, but also the other way around. The IT people, when they start thinking about it, start to realize that it's not just them who have change management and incident management. Their business has to implement these aspects when they talk to their customers and the products that they sell. It is very much coming together in the industry.

Gardner: Is this a two-way street? Do the lessons learned on the business side apply to IT, and then vice versa? Does anyone want to offer an insight into the transfer of best practices?

Two-way communication

Rance: It's a very important question, but I'd like to go even further than that and say that, as a business unit, IT is already participating in a lot of this two-way communication. In many cases, IT doesn't think of itself as a business unit, but if you think about it, they really are. Today, the average IT department is delivering services to external customers and those services are revenue producing.

When that starts to happen, the IT unit starts becoming both an internal service provider, as well as a strategic business unit within the organization. And so, not only is it communicating with the business, it, in fact, is the business in many cases. That's a very important realization to come to within most IT organizations.

Gardner: I suppose we're all parochial and that we are involved with IT, but it sounds as if IT is not just a peer business unit, but perhaps a special business unit in a modern cooperation or enterprise. David, do you have any sense of whether we can claim special status in IT, or whether that gets us in trouble?

Cannon: We certainly could claim a special status, but I wouldn't try that. I think that the most important thing about ITIL and about ITSM is to ensure that IT is viewed as part of the business, that it is contributing to the value generated from the business, and that it is able to achieve its objectives.

I wouldn't try to create any special case for it. I would simply say that the management

I never heard an organization saying it needed to get the legal department aligned with the business or the finance department aligned with the business

challenges within IT tend to be more unique, and it's important to use approaches like ITIL, which are specifically designed around these challenges.

Rance: Can I speak up on that just for a moment? In the days of ITIL Version 2, a lot of organizations used to talk about business-IT alignment, and how important it was to align IT and its goals and strategies with the business and its goals and strategies.

I always found it very strange that you never heard a similar conversation about other business units. I never heard an organization saying it needed to get the legal department aligned with the business or the finance department aligned with the business.

I think that used to be a fundamental failing of IT organizations -- that they were trying to align with the business instead of trying to be a part of the business. That was one of the big changes in ITIL V3. I don't think an IT department should consider itself special or different. It should consider itself part of the business in exactly the same way as other core, shared services are.

Gardner: Perhaps another way to phrase the question is rather than to ask about whether it should be special, ask why it should not be special, and should be peer.

Rance: Exactly.

What do they want?

Hanna: Absolutely. One customer I work with felt they were getting a beating from industry best-practices consultants. The consultants were saying, "Look, you need to understand and align with your business. If only you did that, everything would be okay." What the IT organization found when they tried to do that was that, when they communicated with the business and got the right discussion around availability, performance, or whatever it was, the business didn't know what it wanted either.

So there's this idea that the magic is just a little bit further away, if you can get there. Once that organization engaged with the business, and they both realized they had challenges in this space, and it wasn't just one or the other's fault, they were able to start working together to get things done in a better way.

Gardner: I wonder if we could take a moment to understand better the relationship between HP and its approach to IT data centers, IT shared services and ITIL. Several of you here are instrumental, but also working with HP, what's the relationship?

Cannon: Dana, are you talking about the relationship between data-center management and ITSM?

Also I'm using it myself personally. I'm using ITIL guidance to help define and manage a service portfolio, which is a new concept within ITIL.



Gardner: No, I was asking about HP, as a vendor supplier, a partner and ITIL as a progression. How do they relate?

Hanna: I'm a business development manager within HP, within our Mission Critical Services organization, and I'm using ITIL as part of our assessment and continual improvement methodologies and tool set. So, I'm either helping to sell those kinds of ideas as a product or I am using it to improve what I do when I do that.

Also I'm using it myself personally. I'm using ITIL guidance to help define and manage a service portfolio, which is a new concept within ITIL. Within that, I have a pipeline of services that I offer to my customers, and new services or significant changes I'm bringing along. I've also got a service catalog of things that I sell to my clients today.

So, I am very much personally using ITIL, and I know many of my other colleagues are. But, it's not just how we go to market -- it's also within our own infrastructure.

Gardner: Does anyone else want to offer a way in which the philosophy of HP aligns with ITIL?

Everything is ISTM

Cannon: Absolutely. The point is that there is nothing in HP that we do that is not service management. Everything that we do -- from manufacturing and delivering computers to installing those computers, to making sure that they are operating effectively, to working with our customers to make sure that they are able to use IT and support their businesses -- are essential components of ITSM.

So, our whole approach to ITSM is not only that we help our customers do ITSM, but, as Ashley pointed out, we use ITSM internally to make sure that we are doing things in a quality manner and in a way that creates an added value for your customers.

For example, when I got into the data center services side of things, a lot of people said to me, “Oh, so you are leaving service management?” And the point is, no, absolutely not. How can you deliver IT services, how can you manage those services, if you have no control of your data center? Everything we do is tied into service management and how our customers are able to achieve value within their organizations.

Gardner: I would think that also end-to-end visibility, control management, and integration are essential to providing that end service in a timely and efficient manner. Is there a

Within our service management profession, it's incredible how many different things people are doing with service management.

comprehensive aspect to what HP involves in working with a number of partners and what you can then attain with ITIL guidelines?

Rance: We have within HP something we call a service management profession, which is part of our overall knowledge management. Interestingly, knowledge management, a relatively new process for ITIL was something we have been doing for a long time, as with many other organizations of course.

Within our service management profession, it's incredible how many different things people are doing with service management. They're all engaged with service management and they're all sharing knowledge and capabilities with each other, but it ranges from people who are developing, planning and delivering ITIL training courses. People are developing, delivering, configuring, installing, and managing our complete range of software products.

Our internal IT organization, our outsourcing organization, many different people doing different source of consulting, anything you can think of in the service management space, there is somewhere in HP a team doing it. Usually, those teams are doing it in every country around the world. We all talk to each other and learn from each other, and it's a lot of fun. I don't think there is any other organization in the world that comes close to that.

Gardner: So, in a sense, it's a whole greater than the sum of the parts.

Rance: Absolutely.

Concrete examples

Gardner: We've talked about this ITIL set of benefits and we debunked some of the misunderstandings. We've kept it at a fairly theoretical level, but I wonder if we had some concrete examples. As you pointed out earlier, ITIL has come from practices and not academics. Where are people applying these guidelines and the increased role of ITSM to a benefit? What are some of the metrics of success? Let's start with you, David.

Cannon: It all depends what each company is trying to achieve with their implementation. For some organizations it's about simply trying to solve a very specific problem. For example, how do I become more responsive to my customers when my IT services break, or how do I control changes within the organization?

If that's all that you are trying to achieve right now, then your metrics are going to reflect what it is that you've been working on. So, am I getting quicker at resolving these incidents? Am I getting fewer incidents? Are changes being more controlled, and are there fewer incidents as a result of rolling out changes? Some of the metrics that you are going to focus on are going to be very operational and very much focused on the problem that you're trying to solve.

In other organizations, which are trying to go for a more holistic implementation and are trying to really get into a growth mode for their organization, they are going to approach this in a very different way. They are going to look at things like, "What kind of services am I delivering? Are those services achieving the desired outcomes?"

The metrics are going to be a combination of what their businesses are using to measure their

So, the discussion changed very, very quickly from, "How much does ITSM cost us?" to, "Hey, can we have some more of this kind of thing?"

success, as well as how IT is measuring the consistency, the reliability, and the availability of their services. It's going to be a combination of that.

We've seen a number of organizations, which have really been using ITSM extensively, coming up with some very interesting ways of measuring the success of the program. What's interesting is that they may start out with looking at, "What is the cost of ITSM and how can I demonstrate the return on investment (ROI)?" But, where they end up is very interesting. Where they end up is, "How does IT support our business?"

I was sitting in one customer organization and they were talking about the cost of IT. We switched the discussion around and took a very specific example of a service that was used commonly within the business. We said to them, "Let's not focus on the cost of IT for now. Let's focus on what you get out of the service."

The managers in the business sat around and talked about the things that they do with the service. It turns out that by using the service, the business was able to save something like $20 million a year in certain testing procedures that they were running.

So, the discussion changed very, very quickly from, "How much does ITSM cost us?" to, "Hey, can we have some more of this kind of thing?" Again, it really depends on the kind of initiative that you have going within your organization and how you're going to measure the success of your ITSM program.

Gardner: Stuart, how about you? Do you have any examples of ITIL in practice and perhaps any metrics on its impact?

Service management journey

Rance: I'll tell you about one of my customers. I don't think it was a metric when they stopped, but it was certainly an outcome. This was an organization that started on their service management journey about four years ago. It was a big mobile phone company somewhere in Eastern Europe.

They started on an ITIL implementation program at the time of ITIL Version 2, and their goals and metrics were largely around quality of service and cost of delivering service, the sorts of things that we think of when we think about ITIL Version 2. It was a really good program and it went really well.

They got the cost reductions they were looking for. They got the improvements in services they were looking for. The other thing that wasn't originally on their goals was that was they got a massive improvement in the relationship with the business. As a direct result of the improvements that they made with their ITIL program, the IT manager became the IT director. In other words, he got himself a seat on the board.

He was quite happy to come back to us afterward and say, "Thank you for your help. Implementing that program directly led to me getting a seat on the board."

The outsourcer couldn't complete the deal, and the IT organization is still in house today. So, that's a great success story from that IT organization.

It's a really nice piece of feedback, because the next thing he said to me was, "Now, what does ITIL V3 mean for me, and how can I capitalize on that and get even better?

I've run quite a few strategy and planning workshops to look at the best way of implementing ITIL V3 in different organizations. We did one of those here and came up with a number of ideas for his next four- or five- year program to improve the relationship even better and to improve the outcomes he's delivering in the business.

Gardner: Ashley, similar question to you.

Hanna: I have a very interesting example as well. I've worked with one of our customers on the Mission Critical Partnership and we helped them implement continual improvement over a number of years. We benchmarked them as to where they were against best practice and against peers in the industry. Then, we helped them identify key risks to address and the improvements that they could make. We helped them measure their progress on an annual basis.

What's very interesting is that they were so successful that, when the decision was made to outsource the IT organization, the outsourcer found that they were already so efficient and effective, they couldn't make the required saving to make the deal worthwhile. The outsourcer couldn't complete the deal, and the IT organization is still in house today. So, that's a great success story from that IT organization.

Looking into the crystal ball

Gardner: Before we wrap up, I'd like to take a peek into the crystal ball, looking into the future a bit. As I mentioned earlier, it strikes me that the emphasis on process over systems and on services from a variety of sources, over monolithic and tightly controlled centralized delivery, is probably going to be growing in importance over the coming years. That perhaps augurs well for ITIL and particularly ITIL V3. So I'd like to go one last time through our panelists on this crystal ball notion. David, what's your prediction for how ITIL Version 3 progresses?

Cannon: What we're going to start seeing is the market will continue to mature, as it has been over the last 20 years. More and more organizations will get in control of their IT environments. They will be articulating value to the business more and more.

But, two additional things are going to start happening as we move forward. The first thing is

In addition, we're going to see ITSM moving more-and-more inward into the IT organization.

that service management is going to move outward. We are already seeing how organizations are starting to use the procedures, the practices, and the principles of ITIL within the business. For example, a lot of businesses are using simple IT event management to drive some of their business operations. So we are going to see ITSM moving out and being applied into business environments.

In addition, we're going to see ITSM moving more-and-more inward into the IT organization. We're going to start seeing ITSM being applied to the actual infrastructure, applications and networks within the IT organization, and we are going to see more and more technical applications of ITSM as well.

Gardner: Stuart, your view on the future?

Rance: I'm not sure if I agree with David on this. Rather than more organizations getting good at service management, what's going to happen is a massive consolidation. There will be fewer really good organizations that understand service management, do it well, Increasingly, they're going to be dominating the market, and the small, ineffective IT organizations aren't going to suddenly learn how to do service management. They're just going to go out of business.

The other thing that I see happening is that those organizations that are currently running their services using good service management practices and developing the capabilities and managing end-to-end services are in a really great position to take on new technologies, paradigms, and ideas to invest in things like virtualization, clouds, blades, and other technologies which provide a more complex infrastructure environment.

Because they're already managing these things from the viewpoint of the service, they're going to find adoption of new and interesting architectures much easier. So again, those organizations that do service management well are the ones who are going to be able to take advantage of all of the flexibility and cost savings of new technologies.

Gardner: Last point to you, Ashley.

Much easier to do

Hanna: Speaking to that idea around the new technologies, some organizations have used some of the new blade infrastructures in virtualization as being easier to deploy than some of the old style mainframe heavy-duty things, but are finding that actually a lot of it is absolutely much easier to do. There is more automation and things work better and smoother.

But, with many more devices and new concepts, they still need to apply these traditional service management approaches. So, I think, we'll see a lot of these organizations that have branched out recently into new technologies realizing that they need to equally invest in new service management guidance.

And I think, best practice today is relatively high level, and I think we'll see the actual sources of best practice like ITIL will get deeper down, and we will get more day-to-day operational advice and templates made available that also adhere to this best practice.

Gardner: Very good. We have been discussing how to better understand the standards and methods around ITIL Version 3, Prescriptions and Guidelines. And we have been better understanding how that can impact the modern enterprise.

I want to thank our panel for today's discussion. We have been joined by David Cannon, an ITSM practice principal at HP, thank you David.

Cannon: Thanks for having me.

Gardner: We have also been joined by Stuart Rance, an ITSM expert at HP and author of the ITIL V3 Glossary. Thank you Stuart.

Rance: Thank you. It's been fun.

Gardner: And Ashley Hanna, an author of Version 2 and Senior Examiner for ITIL V3 as well as a business development manager at HP. Thank you so much, Ashley.

Hanna: Thank you.

Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions. You have been listening to a sponsored BriefingsDirect podcast. Thank you for listening and joining us and come back next time.

Free Offer: Get a complimentary copy of the new book Cloud Computing For Dummies courtesy of Hewlett-Packard at www.hp.com/go/cloudpodcastoffer.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Hewlett Packard.

Transcript of a sponsored BriefingsDirect podcast on the latest version of ITIL, and how it helps IT organizations transform how they operate as business units. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.