Fear Rogue Workloads!

"Enterprise IT is under pressure to transform from bottleneck to business enabler. The rise of public cloud services such as Amazon EC2 have provided a clear example of what enterprise IT is expected to become: A simple, self-service on-demand infrastructure provider. IT organizations that fail to make this transformation will watch in vain as rogue workloads follow the path of least resistance to the public cloud."

How's that for using fear as a marketing tool? That was the introductory paragraph for an invitation to join a webinar on transforming the IT organization into the purveyor of on-demand services.

Of course, they're right at a certain level. Anyone with a credit card can spin up an instance and have your data crunched, client information or sensitive documents stored off your secure network, or generally in an environment that has not been vetted according to your organization's security practice.

So, how then, does one go about transforming the IT organization into a 'business enabler'? It seems to me that this same question was posed a decade ago when IT budgets were running rampant and accounted for a significant chunk of an organizations expenses.

This particular situation has arisen not because IT is not a business enabler, but because of a perceived lack of flexibility, long delivery times for IT service requests, and expense policies that, while originally robust, now have loopholes that allow anyone with a credit card to acquire off net compute power.

Any potential solution should include the following:

1. Revise IT processes to increase flexibility in meeting user requests.
2. Review IT service metrics to determine delivery times and work to reduce them.
3. Refresh expense policies to take into account this new reality and educate employees about the new policies and how they will help reduce risk for the organization.

In general, this requires an update of the organization's governance structure to ensure that its processes are adequate to manage this new technology, whether it is a planned introduction or not.

Another way that IT can help resolve this problem is to partner with a cloud services provider or identify an approved vendor for future demand of cloud based services. Of course, this requires that the organization have a more mature level of understanding of what cloud based services can offer as well as the will to adopt these services before such a relationship can be created.

Employees under pressure to perform and meet goals will follow the path of least resistance to achieve them. Perhaps management should consider clarifying employees' roles in this context as well and in parallel to all other efforts.