Security and Operations Have More In Common Than You Think

There is growing evidence of a harmonic convergence of Infrastructure and Operations (I&O) with Security and it is hardly an accident. We often view them as separate worlds, but it’s obvious that they have more in common than they have differences. I live in the I&O team here at Forrester, but I get pulled into many discussions that would be classified as “security” topics. Examples include compliance analysis of configuration data and process discipline to prevent mistakes. Similarly, our Security analysts get pulled into process discussions and other topics that encroach into Operations territory. This is as it should be.

Some examples of where common DNA between I&O and Security can benefit you and your organization are:

  • Gain economic benefit by cross-pollinating skills, tools, and organizational entities
  • Improve service quality AND security with the same actions and strategies
  • Learn where the two SHOULD remain separate
  • Combine operational NOC and security SOC monitoring into a unified command center
  • Develop a plan and the economic and political justifications for intelligent combinations
Read more

ITSM: People are the Problem, but People are the Solution

I just spent most of this week at the annual itSMF conference called Fusion, held this year at the sprawling Gaylord National Resort below Washington DC. As always, it was a wonderful gathering of some of the finest people I know. When you’ve been involved in the IT service management field as long as I have, you get to know a LOT of these people very well. In fact, when I delivered the closing keynote of Fusion in 2009, I opened by saying, “This feels like a family reunion … except I like you more!” I was only half joking because many of these people ARE like family and I do indeed like them.

 As Forrester’s “automation guy” I often make statements about the flaws of the people in IT. I always try to inject some comedy into these statements because we have to be able to laugh at ourselves. There is a serious side to this position, however. There are now just under 7 billion idiots on this planet and none of us is exempt from that characterization. People do dumb things. We all do. Hopefully, we do more start things than dumb things. Since we do dumb things, we need to protect ourselves from ourselves.

ITSM is one of many mechanisms that offers such protection. We need ITSM because IT has rightfully earned an awful reputation for chaotic execution. It seems that IT is one of the most egregious demographic groups exemplifying human error and sloppiness. It is full of smart people doing dumb things. We in IT have a very serious problem.

Read more

New Study Yields Eye-Opening IT Service Management Benefits

In April and May of this year, Forrester and the IT Service Management Forum’s US chapter (itSMF-USA) conducted a joint study to assess the state of ITSM. We collected data from 491 qualified subjects that are heavily involved in ITSM efforts (69% have two or more years of ITSM experience and 95% hold some level of ITIL certification; 50% at an advanced level). Since it was in conjunction with the US chapter, the responses were heavily US-centric.

The results offer empirical evidence of something ITSM professionals already know: ITSM offers significant benefits to the organization and to the professionals themselves. The full report is now in the final editing stages and will be available soon to all Forrester clients, all itSMF-USA members, and all participants who do not already fall into one of those groups. Forrester clients and itSMF USA members will receive email notifications when it is ready. Others will be contacted directly by itSMF.

This morning (Monday, September 26, 2011), I presented the results at the itSMF-USA’s national conference known as Fusion 11. Here are a few key insights from the study:

  • 51% of ITSM efforts are driven primarily by IT or business executives
  • ITIL has had an overwhelming positive impact on:
    • Organizational productivity: 85% positive and 2% negative
    • Service quality: 83% positive and 1% negative
    • IT’s reputation with the business: 65% positive and 3% negative
    • Operational costs: 41% positive and 4% negative
Read more

NetIQ + Novell: A Nice Combo That Could Be Even Better If ...

 

On 22-Nov-2010, Attachmate Corporation announced it was acquiring the assets of Novell, Inc. Once on top of the IT world, Novell's glory had clearly faded. Along the way, however, it acquired several attractive assets of its own (e.g., PlateSpin, Managed Objects). Towards the end of its independence, the future certainly looked bleak for Novell and especially its management software businesses.

The immediate reaction to the Attachmate acquisition was skepticism among most industry watchers, including yours truly. My reaction was similar when Attachmate acquired NetIQ. After all, what rationale is there to a legacy mainframe software company buying either NetIQ or Novell? The perception was that all of these product families would be milked for their maintenance revenue and innovation, and other development would be killed. It now appears these fears were largely unfounded, though I stand by my original skepticism. Veterans like me have seen such things unravel before.

The various Novell assets have been redistributed across four companies in the Attachmate Group, with the management assets being assimilated under the NetIQ brand. While a full merger of the NetIQ and Novell assets will take at least a year, the (now) NetIQ team has moved with impressive speed to launch its initial consolidated families.

Read more

Please Join Our Landmark ITSM Study

Shortly before the IT Service Management Forum's annual Fusion conference in 2009, Forrester and the US chapter of IT Service Management Forum (itSMF) put the finishing touches on a partnership agreement between the two entities. There are many aspects of this partnership, including Forrester analysts speaking at numerous itSMF events throughout the year. (I had the pleasure of speaking to and spending the day with the Washington, DC area's National Capital LIG just today!) The truly exciting aspect of the partnership, however, is our intent to perform some joint research on the ITSM movement. By combining Forrester's venerable research and analysis capabilities with the wide and diverse membership of itSMF our hope is to gain unprecedented insight into ITSM trends and sentiments. The beneficiaries will be everyone in the broad ITSM community! What a concept!

Sound the trumpets!

It took us a while to get everything lined up, but I'm delighted to announce that the research study is now live!

The study is open to all itSMF USA members, so we expect a large sample size for the research. That said, we encourage everyone to participate. The results will be tabulated by Forrester, who will perform the analysis and produce the research report on the findings. This report will be free to all itSMF USA members and Forrester clients. If you are neither, that's no problem. If you participate, you are eligible for a free copy, regardless of your affiliation. This is our way of thanking you for your help! Naturally, you will have to provide some contact information so we can send you your copy when it is ready.

Read more

Cisco Buys A Credible Automation Entry Point With NewScale

Cisco announced today its intent to acquire NewScale, a small, but well-respected automation software vendor. The financial terms were not disclosed, but it is a small deal in terms of money spent. It is big in the sense that Cisco needed the kind of capabilities offered by NewScale, and NewScale has proven to be one of the most innovative and visible players in that market segment.

The market segment in question is what has been described as “the tip of the iceberg” for the advanced automation suites needed to create and operate cloud computing services. The “tip” refers to the part of the overall suite that is exposed to customers, while the majority of the “magic” of cloud automation is hidden from view – as it should be. The main capabilities offered by NewScale deal with building and managing the service catalog and providing a self-service front end that allows cloud consumers to request their own services based on this catalog of available services. Forrester has been bullish on these capabilities because they are the customer-facing side of cloud – the most important aspect – whereas most of the cloud focus has been directed at the “back end” technologies such as virtual server deployment and workload migration. These are certainly important, but a cloud is not a cloud unless the consumers of those services can trigger their deployment on their own. This is the true power of NewScale, one of the best in this sub-segment.

Read more

Who Are Your Anchor Vendors?

Every day we read about technology vendors making acquisitions and merging with their competitors. Some recent examples: Verizon acquired Terremark for $1.4B to take a leadership role in IaaS, NetApp acquired Akorri to move up the virtualization stack, and the highly popularized "storage shoot out" in late 2010 between Dell and HP for 3PAR (ending with HP’s winning bid of $2.4B). Since there is no evidence to suggest a decrease in the pace of these acquisitions, it’s important for infrastructure and operations (I&O) professionals to keep a keen eye on these proceedings. 

Read more

Categories:

Management Software Sleeping Giants Awaken

Many industry watchers, including me and my Forrester Research colleagues, often highlight an elite group of management software megavendors commonly known as the “Big Four” that consists of BMC Software, CA Technologies (as it is now called), HP Software, and IBM Tivoli. These four have dominated the management software business for well over a decade. They are big by just about any measure, each with a broad array of product families and annual revenues exceeding one billion US dollars. Because of their stature, they are generally positioned as anchors in most enterprises' management software portfolios. An anchor vendor becomes a strategic partner to the enterprise and is usually the default first choice for a particular need.

Read more

CMS Pockets Of The Truth Or CMDB Unified Ambiguity?

I've had many discussions with clients and others about CMDB (configuration management database), not surprising as I am coauthor of a book called The CMDB Imperative. These discussions almost always come back to questions about how this thing called a CMDB looks. How is it built? What tool(s) do I use? Which "database" is best? There are many more.

My first response is usually, "I hate the term CMDB, so let's try to kill it off in favor of the ITIL v3 notion of a CMS." If you pursue a CMS (configuration management system) as opposed to a CMDB, a few things become evident:

  • The CMS implies a distributed (federated) model consisting of many management data repositories (MDRs). Each of these MDRs hold data relevant to the scope of coverage for the tool that encompasses that MDR (e.g., a network discovery tool is a network domain MDR and an application dependency mapping tool is the key MDR for the application domain).
  • While a CMDB can certainly be formed in a similar federated fashion, the term "CMDB" has become tainted by the implication that it is a database. The natural assumption here is that this database is one big monolith that holds every detail being tracked. This is unwieldy at best and almost always destructive.
  • The CMS has a more complex structure, but because it enables a divide-and-conquer approach to the overall system, it is a more pragmatic approach. You can bite off each piece and gradually build out your CMS. A "big bang" is not needed and certainly not recommended.
Read more

IT Is Industrializing – What Does That Mean To Me?

 

Like many movements before it, IT is rapidly evolving to an industrial model. A process or profession becomes industrialized when it matures from an art form to a widespread, repeatable function with predictable result and accelerated by technology to achieve far higher levels of productivity. Results must be deterministic (trustworthy) and execution must be fast and nimble, two related but different qualities. Customer satisfaction need not be addressed directly because reliability and speed result in lower costs and higher satisfaction.

IT should learn from agriculture and manufacturing, which have perfected industrialization. In agriculture, productivity is orders of magnitude better. Genetic engineering made crops resistant to pests and environmental extremes such as droughts while simultaneously improving consistency. The industrialized evolution of farming means we can feed an expanding population with fewer farmers. It has benefits in nearly every facet of agricultural production.

Manufacturing process improvements like the assembly line and just-in-time manufacturing combined with automation and statistical quality control to ensure that we can make products faster and more consistently, at a lower cost. Most of the products we use could not exist without an industrialized model.

Read more