All Posts in Cloud

|In: Career Management|Last Updated:

A funny thing happened on the way to the future — it ended up looking a lot like the present, only more so.

Information technology is trend city. Those of us who write about it are always looking for the Next Big Thing. The problem is, there are far too few NBTs to fill the space we need to fill every week (about 800 words in the case of Keep the Joint Running, including ManagementSpeak).

Since I’ve been in the field, the list of NBTs that turned out to actually be big is pretty short:

  1. Personal computers and everything that runs on and attaches to them.
  2. Database management systems.
  3. Graphical user interfaces.
  4. Local Area Networks.
  5. The Internet, World Wide Web, and electronic mail.
  6. Object-oriented analysis and programming and services-oriented analysis and programming.
  7. Visual programming.
  8. Open source.
  9. Virtualization.
  10. Smartphones.

How about tablets, the cloud, big data, and social media? Maybe.

Tablets are entering the workplace but aren’t (yet) transforming it, except for a few specialty areas. Cloud computing? It’s almost entirely the same old stuff only on someone else’s servers — there’s little or nothing in the cloud that’s new and interesting.

Big data? Few organizations even have medium-sized data; fewer yet have a culture that supports the sort of data-driven decision-making that warrants big investments in data warehouses and analytics (which is why, other than “visual programming” which includes report-writers and similar technology, these don’t make the list).

How about social media? Socially, very interesting. For businesses? LinkedIn matters for recruiting. Twitter has mostly replaced the press release. But most companies that have Facebook pages more or less reproduce their corporate website there — they haven’t cracked the value code, and it isn’t at all certain there’s a value code to be cracked.

All four are, that is, potential NBTs with varying degrees of promise.

So we have ten proven Next Big Things, with roughly four years between appearances. Miss the next one and you’ve blown it. Spend too much time chasing NBTs, though, and you’ll miss something even more important — day-to-day business.

Look, Apple is known for its breakthrough innovations. Justifiably so. And yet, how many successful ones have there been since the second coming of Jobs? The iPod, iTunes Store, iPhone, iPad, and maybe the App Store.

Five at most. Everything else is incremental improvement — day-to-day business that leverages these five breakthroughs.

Follow Apple’s lead. Keep your eye out for breakthrough opportunities (which are also deadly threats if one of your competitors takes advantage of them well ahead of you) because all it takes is one to give your company an enormous advantage in the marketplace.

But spend most of your time on the fundamentals, which are:

  • Support for personal technologies: Keeping employees operational with their PCs, smartphones, and occasional tablets, and helping them become more sophisticated in their use.
  • COTS support: In most shops, IT’s bread and butter is installing, configuring, integrating, and extending commercial, off-the-shelf software.
  • Application development: While most IT departments do a lot less of this than they do working with COTS packages, they still do quite a bit of it, and yet, for some reason, no matter how many times we analyze the business, design a database, and create screens to add, delete and change records, the next time we do it, it’s still hard.
  • Project management: Whenever you’re trying to make tomorrow different from yesterday, project management is the skill you need. Without good project managers … and the project management culture they need to be successful … your company will be trapped in its current configuration, unable to adapt to anything.
  • Software quality assurance and change control: Yes, in principle, SQA is embedded in COTS support and application development. In practice, it’s a separate, independent trade within IT, with more affinity for change control than anything else. SQA and change control are how you make sure COTS and in-house-developed application changes don’t mess up …
  • Operations: The Rodney Dangerfield of information technology, operations gets no respect because the only time anyone even knows it’s there is when something goes wrong. Otherwise it’s invisible, and keeping it invisible is the single most important responsibility CIOs have. Not the most strategic, but definitely the most important, because in this day and age, when systems are down, the business is down.

These are the basics — the blocking and tackling the business needs from you, day in and day out.

Which is why I call this blog Keep the Joint Running.

Comments

|In: Cloud|Last Updated:

Ready for a classic horror story?

It’s a dark and stormy night (of course it is). Deep shadows are spreading. In them, a nameless evil starts to take form.

A secret society is there to name that evil and fight the shadows (sound fx: crack of thunder). But it needs your help!

The secret society is Internal Audit, the spreading shadows are shadow projects — the too-small-to-notice-but-too-important-to-let-fail projects business managers charter. The name of the nameless evil? “Shadow IT“!

Now you know why I don’t write fiction.

It is, however, a horror story because the last thing IT should be doing in most organizations is treating these as evils.

The story so far:

Before the cloud became a force, IT had mostly stomped out shadow IT by locking down desktops, limiting the availability of MS Access, and disabling VBA. That successfully eliminated the risk that non-IT staff might create value with IT innovation, while shifting intruders from buffer-overflow exploits to phishing attacks.

But then came the cloud, and specifically Salesforce.com, which represented a triple threat:

  • It catered to Sales, the least rule-conscious group in any business. Being part of revenue and all, it has more political muscle than IT, too.
  • Unlike most business applications, Salesforce.com can be implemented effectively without any integration into other business systems.
  • IT couldn’t stomp it out without instituting Internet filtering, which is a labor-intensive pain in the patootie requiring additional headcount the CFO probably wouldn’t approve were IT to try to make its case.

Face it: The cloud means shadow IT is going to happen. That ship has sailed. We can either climb on board or wait at the Greyhound station, doing what we can to keep our so-called “internal customers” from climbing onto buses they no longer want to ride anyway.

Oh, and in a classic case of turnabout being annoyingly fair play, while IT can’t stop shadow IT anymore, our partners throughout the business can easily stop us from climbing the gangplank to join them.

Then there are shadow projects. Like shadow IT, shadow projects happen outside the company’s approval processes. The managers who want them to happen simply charter and assign them, because they have enough authority without anyone else butting in to make sure they’re “done right,” whatever that might mean.

Something else the two shadows have in common: As a practical matter, their costs are low, their benefits are, in proportion, high, and the cost of stopping them would exceed the cost of just letting them happen.

One more characteristic they share is that they increase risk, because the folks who take them on often aren’t as familiar with the company’s compliance requirements as IT professionals are who have to take them into account with everything they do.

That doesn’t, however, mean IT has to become the Deputy Dawg of company compliance.

The fact of the matter is, Internal Audit gets a bad rap in most companies. It’s goal isn’t to prevent people from doing their jobs. It’s to recommend a healthy set of management controls, then to make sure everyone complies with the controls management actually adopts.

Describe a hypothetical shadow project to Internal Audit. Make it a typical one — one that’s going to build some shadow IT that won’t cost very much, and will do something useful and profitable. Ask if it should be stopped because it might lack the proper controls, and the most likely answer will be, no, don’t stop it. Just have it add the proper controls.

Internal Audit isn’t the only compliance function in the company. Inside IT (or inside its orbit), enterprise technical architecture management (ETAM) and information security wear compliance hats, and sometimes the PMO as well. Because they’re compliance functions, making sure everyone complies is almost instinctual. That is, after all, what compliance means.

And so, ETAM turns into the architecture police, the PMO turns into the methodology police, InfoSec turns into the Value Prevention Society, and IT takes the easy way out, doing its best Sergeant I-see-nuthink! Schultz impression while deploring the whole shadow enterprise.

There are alternatives. ETAM and InfoSec can collaborate to create a secure and supported end-user-computing platform. Internal Audit can provide a compliance checklist available to anyone who wants it.

IT can provide consulting services on how to design and build small applications. And if you have a PMO, it can provide training and coaching in ultra-basic project management techniques.

Preventing failure and encouraging success aren’t the same thing. The difference is the vast gap separating “No!” from “How can we can help?”

Comments