Wednesday, November 28, 2012

IT and the Cloud – the 'Value Paradox'

Cloud influence on IT activity and the changing role of the IT manager.

On Paradox - “If you try to fail, and succeed, which have you done?”  ― George Carlin

I know what IT did last summer 
Since the advent of packaged software , IT staff spent a great deal of their time making software available to their internal customers.  What did that entail?
  • Comparing optional vendors and offering
  • Procurement – negotiating and finally purchasing the software
  • Designing and customizing the solution
  • Securing the hardware and installing the software – sometimes this would take months to purchase and install the servers, operating systems and the software.
  • Testing the environment and the software
  • Deployment and training
  • Maintenance – expanding resources, upgrades, etc.
All this work revolved just around ‘keeping the lights on’, and IT was usually understaffed with tasks continually piling up.

While it was crucial to have the software up and running',  IT could not devote the necessary attention to derive more value from the application, because just making the application available exhausted what little time and resources IT had at the end of the day.

Shift of Focus
In the world of SaaS - Cloud applications – many of these tasks are becoming extinct.

Procurement is done in many organizations by the business manager, and even if IT is involved, the decision is usually made by the Line of Business manager.

Securing and installing hardware is no longer needed, and neither is installing the software and testing it.

Maintenance is usually non-existent or negligible as well as deployment.

Training is also downshifted as most SaaS applications are designed for simplicity and intuitiveness.

In the Age of Cloud, IT is shifting from Managing Software to Managing Applications - As SaaS applications take a larger share of the companies’ portfolio , IT will have less “traditional” tasks, and therefore more time to concentrate on bringing value to the business.

What value would that be?
  • Performance – a better end-user-experience, understanding when and where and for whom the application is not delivering acceptable response times.
  • Subscription management – save the business unnecessary expenses by ensuring the right number and level of subscriptions were purchased (e.g. don’t continue to pay for employees that have left the company, or don’t pay premium subscriptions for users that are utilizing only the basic functionality)
  • Application utilization – discover usage pattern, optimize the usage, ensure that the applications are being used in the way they were meant to, point out where training may be needed. Know how the application is used, by whom, when and where from.

The Value Paradox
Herein lies the paradox - On one hand, the cloud enables IT to start focusing on the important stuff ( bringing true value to the users and aligning itself with IT), but on the other hand, because of the Cloud’s ‘cloudiness’,  IT cannot deliver the benefits since it has no visibility into what’s going on.

The CIO has a debilitating blind spot when it comes to monitoring Cloud applications. All the communication in SaaS is done between the end user and the service provider. All traffic flows between these end points without IT having any visibility of who is using what, when, from where, how and how much. 
There are a number of tools available on the market that, although not designed for this particular challenge, provide partial information on various aspects. They include SSO, Synthetic transactions, APM, License management and log analysis. 

For example, Symantec recently released O3 Gateway while Salesforce is now delivering Identity Force SSO. Both solutions may provide a limited view of some of the knowledge needed.

Each one of the solutions above can give some visibility into this dark matter, but In order to resolve the “Value Paradox”  a new generation of tools will be required and they will need to be simpler, less costly, insightful and better fitting for the SMB market.

Monday, August 20, 2012

On Blindness – The Cloud Veil

“Living is Easy with Eyes Closed” ― John Lennon

Cloud is good, but…
Perhaps the single most powerful appeal of the Cloud – the ability of business managers to circumvent IT and get immediate IT resources - is also the most problematic aspect of it.

No wonder there is still a large group of CIOs and IT directors that shudder at the thought of letting go and have the business managers, or anyone in the organization, go out and purchase these resources with a swipe of a plastic card.

The fact that IT can be bypassed by the process is really neat: It save lots of time, there is zero bureaucracy, it is probably cheaper, and it is available anytime/anywhere. The fact that there is no go-between gives the business users all these advantages but in the same time leads to a debilitating blindness.

What we can’t see
Since all communications are done between the end user and service provider, there is zero visibility on the following information:
  • What Cloud resources/applications are being used by the organization? Have various business units subscribed to services without IT’s consent or knowledge?
  • Who is using what and how much? Perhaps the organization is paying for many subscriptions of employees that have left the company, or simply not using the app? 
  • What modules are being used? Maybe the business is paying for the Unlimited Edition, while most of the users are only using modules of the Basic Edition – the difference can be significant – in some cases ranging from $5 to $350 per user, per month.
  • What is the user experience like? Are the applications performing as expected? Which browser performs best per given app? Are the services providing similar results in the different office locations?
  • How are the applications being used? Are all the modules accessed, and if not perhaps training is needed? Are the apps used as expected? E.g. if a CRM is used only between 4-5 PM every day or perhaps once a week, one would suspect that the service is not used as intended. 
  • Compliance – how do we know that we are compliant to the various PCI, HIPPA, GLBA, FISMA requirements if we have no idea how the applications are being provided, or are being used by our employees?
Back in the days where all the applications were in-house, on-premise, IT could (in principle) know exactly what systems are running, who is using them, what the performance behavior of a given solution is and how the applications are being used.

Tools such as Network Sniffing, APM, and log analysis could be deployed in the network and monitor the traffic between the end users and the applications. For services that were offered outside the organization, one could use synthetic transactions to monitor performance and end user experience.

But what do you do if all the traffic is outside of your reach? How do you know what is really going on?

Single Sign On
Some companies use SSO to give them a measure of visibility into the application usage. While SSO has its merits, it is also limited in a number of ways. First, one must ensure that all employees are using the gateway to access the application. If employees have been using a certain SaaS service for a while, there is no guarantee that they will stop accessing it directly, and in any case, IT may not even know what apps are being used.

Even if IT manages to enforce the policy that every user in the org, accessing a certain Cloud app, will go through the company’s gateway, (whether from the office, on the road or from home), even then, the knowledge of the usage is limited to the single fact that user 'U' logged on to application 'A' at a certain time. Did that user ever advance from the login page or did she log out immediately afterwards? Did she stay signed in for three days, what modules did she use and at what frequency? What was her user experience? All these questions remain unanswered.

Service Provider Logs
A very small percentage of Service Providers have started making available usage logs for their customers. Potentially, these logs are quite helpful, as they can give a detailed view of the usage of the Cloud resources.

The drawbacks in this solution are threefold: First, as mentioned, only a small fraction actually does provide such reports, at different levels of detail. Second, each report is formatted differently and therefore, one needs to study each report, try to normalize the data and build a dashboard to capture the information. (bare in mind that some organizations consumes dozens of SaaS apps). Finally, this is simply data. To create actionable, insightful reports will require a huge investment in time, resources and ingenuity that I doubt many IT departments will consider.

Where is IT?
Perhaps in the future, businesses could thrive without an internal IT (just as we make do with power and utilities today). There is a hot discussion going on right now on the various internet forums, as to what shape IT will have (if at all) in the future. But right now and for the foreseeable future, IT is here, and will be needed to resolve a multitude of technical and procedural issues.

Therefore, even if one is a big believer in Cloud (as I am), IT will need to be involved. At the end of the day, all the problems will be brought to the helpdesk (even if IT was not involved in the process of purchasing and setting up the Cloud apps). Issues of performance, usage, security, compliance and integration will remain in the realm of IT, because the business managers and individual user will not be capable of handling them.
And, therefore, the blindness must be cured. Tools allowing visibility and reports providing actionable insights must be made available.

Wednesday, July 25, 2012

7 Considerations for Transitioning to SaaS

“Beware of missing chances; otherwise it may be altogether too late some day” - Franz Liszt

Not there yet?
We are nearing the end of 2012 and there still are thousands of ISVs that have not yet transitioned to the Cloud. For some, the effort might be too big and they fear it will mean an optional death. For others, they might have a steady, captive audience, and their customer base is still strong – perhaps not growing, but enough to sustain them for the short term. What I am certain of, is that no ISV is oblivious to the Cloud revolution, and not thinking of the implications and next steps.

I have been advising ISVs on this process since 2004 and have developed a program that I implement at my customers who went through the process. Some decided to postpone, others have launched successfully. Following are considerations that are the cornerstone of my methodology.

1.    Motivation
There are many compelling reasons to transition from the on-premise model to the Cloud, but many companies do it for the wrong reasons.
I believe that the vast majority of ISVs will transition to SaaS, or cease to exist, so don’t get me wrong – the transition is necessary, but it is also very important for the company to understand why they are doing it. The transition is a Strategic Business Model change, and don’t fool yourself otherwise.

The fact that Everyone Else is Doing It should pop the questions ‘So What’? Fashion alone is not a reason to change your business model. If you are going to be a ‘me too’ company, or put a little cloud on your logo hoping that it will appease your customers, it will not bring you success. Are you losing your customer base, are your customers demanding a web solution? Are you doing it to capture new markets, new geographies, or expand services within your space?
These questions are critical to define your strategy.

2.    Define Goals. Market and Offering
This seems almost too obvious, but one would be surprised at how little this is practiced. At many companies, the drive to offer a SaaS service is driven by a customer request, an initiative of a product manager, or a ‘me too’ attitude. Hence, they decide to play it safe and to first "test the water" by starting the SaaS initiative by offering “something” in order to watch the market’s response. They think that once the motivation is clear, the target market will be better understood, and the offering could be defined. This is a pretty sure fire way not to succeed.
The strategic goals must be defined prior to the transition:  Are you reaching out to the same customer base with improved services? Are you reaching out to smaller customers that were previously below the radar? Will you be offering the same product or a simplified version to smaller customers? Could you expand to new geographies that were out of reach because of the previous need to establish costly local operations?

3.    Go-To-Market
The go-to-market strategy is very much a derivative of goals, product and target market, but it is important to understand the relationship between them all. Think of the possibilities. Will you be going after your own customer base with the old school, of elephant hunters and wining and dining and 18 months sales cycles? Will you go after a wider audience with inbound marketing and a low-touch approach? Will you place your service on a market place (e.g. AppExchange, ApplicationMarketPlace) with a zero-touch approach? What would be the role of the Channel in the new service?

These decisions will weigh heavily on the design of the product and most probably on the technology, not to mention the support, sales and marketing functions within the company.

4.    Think outside of the Box
SaaS is not just another way to reach a larger market with your existing product – the Cloud offers so many new opportunities that were not possible before. The idea is not just to recreate your client-server application on the web, but use the web as fertile ground for stuff you could not do before. Just think of all the usage data you have now - the ability to understand what your customers are using and how, share that knowledge with the community, or sell the benchmarking data as a service or add features and modules to your service that you were not able to provide before. Since everything is available in the Cloud, you can integrate value added services without the need for a scary, time consuming PS project.
Drive a brainstorming session and ask the employees what they think can can be done in the Cloud. You would be surprised at how many fresh, original ideas will surface.

5.    Understand the Pain
As I have written in numerous occasions – the move to SaaS is not expanding through another channel – it is a total paradigm shift and it will affect every silo within the organization. If you do not grasp the enormity of the shift, there is a good chance that you will either fail in the process, or come out on the other side weakened and exhausted. You must understand the effects it will have on every group and the implications, and by "every group" I mean Product, R&D, QA, Support, Marketing, Sales, Finance, Legal, Professional Services and Operations.
If your strategic sessions lead you to conclude that the shift to SaaS is inevitable, you must enhance your chances of success by first understanding the impact, identifying the problem areas and tackling them through buy-in, education and sometimes, yes, the need to let people go.

6.    Spawn Out the Cloud Service
Because of the paradigm shift that comes with switching from a product-centric model to a service-centric one, and because it will affect the way things are done in every department, one must consider a near complete separation between the on-premise and SaaS teams. Whether by spawning out a satellite company, or creating a new division, it is necessary for the success of the SaaS offering without trashing the old customer base. Having the same team working on both models, (whether product, engineering, QA, Marketing, Support or Sales), will, at best, make things difficult, create conflict of interest and will risk the success of the new endeavor.

You should definitely create this new team from your best existing employees and perhaps strengthen it with a few outside recruits. You could begin with a product manager and a small team of young (in spirit) developers, those that thrive on new technology. Challenge them to deliver a new Cloud offering in record time – you would be surprised to find out how much can be achieved in a very short time. (When I started out, over a decade ago, there were so few tools and environments available – one had to build everything from scratch. Now the Cloud provides hosting and eco-systems that allows one to build full-fledged services with billing, integration, monitoring and BI almost out-of-the-box.) Make sure that they report to a C-level in the company that will take this initiative as a personal goal.

7.    Vision & Leadership
There are numerous examples of companies that succeeded in the transition, despite the hardships and challenges. (Concur being the ultimate example) The common thread was the executive leadership's belief that they are doing the right thing and their ability to carry their enthusiasm to their employees.
There are also quite a few examples of companies that failed in the process. Some of them paid dearly for that move (Mercado as an example of a very promising company that depleted itself through the process, and basically evaporated). I believe that the common trait of these failures was a lack of leadership and/or understanding of the managerial and strategic resources needed for the transition. Either the process was carried out by an enthusiastic director who got a mandate to "test out the water" as a sideline project, or that the Sales team stepped in and bungled the attempt as they perceived it contrary to their agenda, or the company tried to run both models in parallel with the same teams.
It is not enough that the CEO believes in the model. She must make sure that the board of directors is behind her and that every C-level is on the team, understands the issues, the opportunities and the difficulties, and propagates the enthusiasm all the way down to the entry-level employee. Bring the sales team on-board at an early stage and get them excited. They have the most to lose in the short term and they can be a royal pain in the backside if they chose to.

And yes, listen to your customers – one of the downsides of on-premise software is that you don’t really know if and how your software is being used.

There is a lot of misunderstanding about Cloud; too much hype has been thrown around. It is important to educate the staff and create a common vocabulary, to facilitate effective discussions in the board room and next to the coffee machine. Make sure that the most junior level worker has a clear understanding of the goals and the path to achieve them and get them excited about the prospects.

Thursday, April 12, 2012

All the Right Reasons for not adopting the Cloud (Scientifically speaking, of course)

“Just as no one can be forced into belief, so no one can be forced into unbelief” - Sigmund Freud

Last week I participated in an expert-panel in a Cloud-meeting for CIOs. The conference started with an hour long CIO panel, then the vendors displayed their goods and finally, the expert panel.

What was obvious, was that different CIOs had completely differing opinions on whether Cloud should be embraced or not. There were those that were completely for Cloud and were actively seeking how to consume more Cloud services while others explained why the idea was mostly ludicrous.

When asked to summarize my impression of the meeting, my observation was that the difference in attitude towards embracing Cloud and SaaS had nothing to do with the size, or business or  type of enterprise these CIOs were representing, but with the psychological makeup of the CIO.

Perfect Reasoning
If you are for the Cloud, then the TCO and ROI clearly indicate that Cloud is the logical choice. If you are against the Cloud, you could prove how it ends up being more expensive.

If you do not want to adopt SaaS you can always pull out the regulatory winning card.

If you are for Cloud, you can talk about the flexibility of using SaaS. If you are against, you talk about how inflexible SaaS is without the ability to customize.

If you are a SaaS seeker, you tell the audience how much better the security of SaaS providers was than your own facility, but if you feel threatened by SaaS, you bring up those horror stories to justify not going there.

Que Sera Sera
I have no doubt that the train has left the station and that the old-school CIOs will, with time, become a minority. But then, you still hear some scientists arguing that Global Warming is fiction and they have scientific proof.
I don’t know what the future will look like, and what trends will dominate a decade from now, but Cloud is here to stay. Mind you, there are still mainframes running business on COBOL code, forty years later, so one would assume that on-premise will still be around in one way or another.

But as for the arguments, like religion, faith and whether the Sun revolves around Earth, no “scientific proof” will be able to change people’s minds.

Tuesday, March 06, 2012

Give me Freedom – Give me SaaS

“You can have peace. Or you can have freedom. Don't ever count on having both at once” - Robert A. Heinlein

I really like LinkedIn. 

[ I dabbled with Facebook for a little while, but truth be told, I gave it up. Even though I know that every company that respects itself has a presence there, it still feels a little silly to share my professional views on a social network where my kids exchange juvenile videos, girlfriend status or tomatoes on Farmville.]

The professional groups on LinkedIn can generate very lively discussions on things that matter to their members. Recently, I participated in a comment-war-of-attrition (over 50 extensive comments) on one of the larger CIO groups on LinkedIn. The origin of the discussion was a simple question of how to evaluate SaaS vendors, but the discussion quickly shifted to the concept of SaaS and then to the idea that SaaS limits the freedom of the CIO.

Lack of Freedom?
One of the participants was especially passionate against SaaS and kept talking about the idea that SaaS takes away your freedom because of vendor lock-in, because there is no control over the servers and the application and because there was no option to customize the software. Another point was that SaaS was totally dependent on the Internet to function (my refrigerator is totally dependent on the electric grid; is that a reason not to buy one? I find it hard to believe that any modern business is NOT dependent on the internet whether it has SaaS or not).

It’s not about IT and it’s not about the CIO
Let’s examine the kinds of freedom that this CIO is talking about. Owning and maintaining your own hardware. Wow! You have the freedom to research, negotiate, purchase, rack, stack, connect, test, maintain and upgrade. Yea! Are your users in HR thrilled about that? Are they applauding the efforts and wonderful results? Does all that effort get them closer to a solution or is it a justification for the IT budget?

IT has the freedom to research, purchase, install, test, integrate, maintain and upgrade the software package. Yea again! It did take nine months to get here, but guess what? we have our own software!

The Sales department might ask you why couldn’t we have done that nine months ago, using a SaaS solution, but' heck, what do they understand about IT’s needs. Oh yes, forget about the new versions that came out since – now we have the freedom NOT to upgrade (actually, we are scared s**tless about touching production after finally stabilizing the system).

I believe that the freedom the CIO was talking about was mostly about the freedom to stay in charge and have the business units dependent on IT.

[I do agree that in some cases, maintaining control of on-premise software has merit or it is governed by regulations; but that should be the exception, not the rule.]

Freedom to Customize
But, aha, IT will say, we have the freedom to customize the application to our heart's content. We own it! We can do whatever we want with it. But do we really want to customize the application? Is our hospital so different than thousands of other hospitals that our WFM software must be customized to our specific needs? Would customizing the Travel Expenses software give our bank the market edge?

SaaS applications embody the best practices of hundreds or thousands of robust businesses that share 90% of the business processes.  Most solid SaaS applications provide a level of configuration that should take care of an extra 5% of specific business processes.
On any day, nine out of ten business managers will prefer to have a working solution today that does 95% of the work, rather than wait twelve months for characterizing, prioritizing, designing, coding, testing and installing a solution that provides the 100%.

Real Freedom
SaaS gives IT and the business:
  • Freedom from hardware purchases
  • Freedom from racking, stacking, configuring, installing.
  • Freedom from the endless maintenance and firefighting
  • Freedom from the upgrade nightmares
  • Freedom to choose – SaaS almost always gives you free trials to play with before you make the heavy commitment
  • Freedom to change your mind  - if you are not happy, you can switch (yes, I know it is not simple, but at least in early stages you can do it with minimal damage while with on-premise software you are stuck with your decision for years) 
  • And that means freedom from long-term, substantial, financial commitments
  • And finally, Freedom to say NO to the business units that absolutely insist on that extra feature that will be forgotten by the time it is implemented

I am surprised that in 2012 we are still having these discussions, but apparently the veteran CIOs are still around fighting to maintain the old world order (see my previous post on Democratization of IT).

Saturday, February 11, 2012

Occupy the Server Room! – The Cloud and Democratization of IT

“The best argument against democracy is a five-minute conversation with the average voter" -Winston Churchill

(Based on a presentation I gave last week at the annual IASEI conference. The presentation was a segue to a CIO panel that I moderated in which the CIOs  discussed how they are dealing with the changes in IT)

I have been following with awe the events this past year from Tahrir Square in Cairo to downtown Manhattan and other Arab and Western capitals across the world. The message is clear – there is too much power for too long in the hands of too few. The masses want to decide what’s good for them and not let a small group of (revolutionary generals / self-appointed businessmen / grand ayatollahs) have control over various aspects of their lives.

It seemed obvious to me that the same phenomena is happening in the corporate world. I am not sure we will soon see the employees storming the CIO’s office with torches and pitchforks, but the distribution of control from IT to the business units and to the individual workers is a trend that cannot be reversed.  It is a result (and driver)  of three other trends that have been as relentless:
  • Consumerization of IT
  • Commoditization of IT
  • Democratization of Information

The Great Democtator

Like benevolent rulers that know what is good for their subjects, IT managers decided what was good for the organization, what technologies would serve the people and have traditionally held all the cards close to the chest. The more complicated the world of information became, the more dependent  the business units and employees were on information technology, the more power IT had and the bigger the budget.
And like any society ruled by a single central power, dissent is inevitable and, with time, the more you try to control the elements, the more people will try to break from your hold.

IT as a Technology Broker
Not so long ago, an employee needed the IT department to do almost anything that touched technology in one way or another.  IT was a broker of hardware, of solutions and of information.
Remember the Wang 1200? It was a big machine that needed its own office space and an operator to run. What did it do? Word Processing! Imagine that you needed IT's help to write a document.

  • You needed a phone? IT would pull a land line to your desk and install the connection, then bring the device (which took them months of research and testing to decide on what model  is right for you) configure the phone and configure the setting in the PBX.  Nowadays you just use your mobile phone and ask IT to pick up the bill.
  • You needed a CRM to support your business process? IT would spend months researching and testing different packages and negotiating a price. Then IT would need to purchase and install the servers (sometimes the DB licenses as well) and that could have taken months as well.  Then IT would spend time on installation and testing and perhaps customizing and integration. All this means that you could not have done it without IT’s crucial role.  These days you would subscribe to a SaaS CRM and try a free trial.
  • Your hard drive got fried? IT will try to revive it. If a few days later they are unsuccessful, you will be issued another disk and IT will install it on your desktop and reconstruct from the backup tapes (they’re in Nebraska) at least some of the files so you could get back to work within a few days.Today, you open your Smartphone and pull up those files from DropBox.
The point being that Cloud has eroded a large part of the need for IT to act as a technology broker. Many of the resources they used to control in the past are now a mouse click away.
Reversed Trends

Once upon a time, most of the technological breakthroughs and innovation would come out of the defense industries, the military and NASA. Years later they would make their way into the major corporations until finally, we mortals would see the expensive gadgets in the store. Remember the Casio digital watches, the TI calculators and early GPS systems?
Well, the trend has clearly been reversed. Most of the new innovations are directed at the end user – the consumer:  Instant messaging, search engines,  blogging, Wiki, web search, polling, social networks and twitter. All these technologies made their way into the corporate world after becoming popular and useful for the general consumer population.

A Historical Perspective

Switch from 2nd to 3rd Gen Languages
It is common to think that the revolution began with the PC, but I believe that the seeds were planted when the third generation programming languages became available (FORTRAN, COBOL, BASIC, C). This enabled tens of thousands, then hundreds of Ks, of geeks around the world to join the exclusive club of perhaps a few thousand programmers that controlled the tech world thus far, and with the advent of the PC, they could do it outside the stranglehold of the large corporations. I think of it as the Magna Carta of the IT Democratization process.

Personal Computers
First there were the PCs that marked the beginning of democratization. Heavens forbid, people could actually play solitaire at work without IT doing anything about it! And then, when the affordable PCs at home offered them more freedom, they started installing all kinds of software on their work desk tops using those damned floppies to get stuff around. PCs meant that geeks could sit at home and develop cool stuff without the monstrous budgets needed till then.

Then came the internet and with it so many possibilities. Do you still remember the days when IT blocked internet access or limited it to only a few pre-defined sites? Heck, there are many financial institutions that still today do not issue email accounts to their employees; if you really need something done the employees have to use their private Gmail or Yahoo mail accounts.

The internet also enabled the Democratization of information:
WikiThis, WikiThat, how-to sites; the internet enabled crowd-sourcing, so that you no longer needed in-house developers or testers to do the work, and there is less need for  IT experts to help you out.
Social networks and evaluation sites let everyone ‘like’ or ‘dislike’ your products and services, so one cannot hide behind the great firewall any longer. No longer are you dependent on IT to get the technical information. The fact that IT would probably do a better job and will be able to sift through the information more intelligently is irrelevant. The business managers have access to the information and it gives them a sense of freedom they never had before; “Power to the People!”
And, of course, Open Source software which would have been impossible without the Web. Isn't that the ultimate manifestation of Democracy?

Mobile Computing

Anytime – Anywhere – Anyhow. As much as IT tried to resist it at first, PDAs, Blackberries and then Smartphone and Pads became the standard and every CIO had to deal with implications. What apps should be installed on the mobile devices, what kind of access do you allow from the device to the corporate systems, how do you synchronize and protect the data?


Fast Forward Icon in 48x48 pxAnd then along came Cloud, which is a big nail in the IT Control coffin. 
The Cloud became a catalyst of all the above trends. Everything shifted to Fast-Forward.

The Cloud drove the Commoditization of IT – for most purposes a server is a server is a server. And with virtualization, no one knows and, frankly, no one cares.  Gimme computing power, storage and bandwidth, and let the geeks fight the acronym battles amongst themselves.
On the one hand, anybody in the organization could go out and consume IT services without the CIO being involved. Be it a server, storage, backup, development environment or a full enterprise application, it was only a credit card swipe away – and half the stuff out there is free anyway, or available as a free trial.
On the other hand, any three guys and a goldfish with a great idea, (even if they reside in a third world country) can easily get a full development or production environment up and running and sell their services to the world.
Impact on the CIO?

There are good sides to this trend, even from the perspective of the CIO.
Cloud liberates the IT group from a lot of the menial work they are engaged with – wiring, installing, testing, maintaining, upgrading… Imagine all this disappearing overnight. IT can switch from firefighting mode to strategic planning, from a cost center to a value center. The CIO can metaphorically crawl out from under the desk, where he was busy connecting wires, and join the executives’ strategic discussion over the desk.

But the democratization of IT is introducing many headaches to those in charge of technology in the enterprise:
  • Lack of visibility – who is using what, when, from where and how long?  All that information is now in the hands of the service provider.
  • Utilization of the Cloud resources – while moving to the Cloud many have been a substantial cost saving, it may end up being expensive if you do not know what resources are being utilized in the Cloud.
  • Lack of uniformity – each department or individual employee can access resources without the intervention of IT.
  • No control over performance or SLA adherence
  • Support of multiple mobile platforms that is very dynamic:
    • Unknown patched state
    • Unknown application vendors
    • Unknown application compatibility
    • Complexity to access corporate data
  • Security (Access  Management, Theft ,Privacy)
  • Corporate and government regulatory compliance
  • Intellectual property protection
  • Integration with legacy and with Cloud application
  • Subscription utilization – ROI
What to do!?

Bring Down the Wall
IT has enough issues to deal with just maintaining the on-premise IT resources. Faced with the enormity of the challenges, the initial instinct is to shut down all access from the outside world. Think of the last days of a dictator hiding in his castle, living in denial. But the reality is that the CIO has to embrace the trend, not fight it. Democracy is here to stay since there is so much for the employees (and therefore the enterprise) to lose if we rewind and return to where we were a decade ago.