Posts Tagged ‘Cloud computing’

Service Management in an as-a-service world – Part 1

July 30th, 2015 Comments off
Reading Time: 5 minutes

This is part one of a guest blog I was asked to create for the Service Management Conference. you can find the original here and where it was published completely in the July issue of the itSMF Bulletin.

Screen Shot 2015-08-30 at 12.37.17 pm

Why moving to the cloud can give you more control, not less.

What are the opportunities and challenges for the IT service management team in a world where more applications are moving into the cloud, offered as subscription services, from a multitude of vendors? Can you keep control and visibility?

Recently I led a discussion at an itSMF Special Interest Group meeting about IT service management in an “as-a-Service” world – a world where the way IT is procured, delivered and consumed has fundamentally changed with the advent of cloud computing. Not that cloud computing is new by any means – particularly in smaller organisations, but it is now becoming more and more prevalent in large enterprises. Or it is expected to be…

While there has been a lot of hype around “the cloud”, what became apparent at the meeting is that most information is targeted at the executives in high level overviews, or at techies in great technical detail.

Meanwhile, the IT service management team has been left in the cold. There is little clear direction on “how to” or “where to start” and too much hype versus fact. Yet it is the service management team who often has the responsibility to “make it happen”.

In our discussion, which included IT service management professionals from government, financial services and IT vendors, the concerns/queries about service management in a cloud environment were startlingly consistent across industry sectors:

  •        What is the best way to monitor and report service delivery?
  •        How have other organisations done it?
  •        What is hybrid cloud and how do you manage it?
  •        How do you manage service integration across multiple vendors?

The Australian Government defines cloud computing as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Interestingly, the itSMF group viewed cloud as a commercial model for delivering IT, rather than a technology. And the overriding concern is that these services are not in their control.

So how does cloud impact the policies, processes and procedures service management uses to plan, deliver, operate and control IT services offered to end-users?

For me it comes down to recognising that while traditional IT procurement has changed, you can still be in control; defining a clear – but flexible – business map for how the technology, processes and people will support the business; and ensuring transparency across multiple vendors.

New Ways of IT Procurement Don’t Have to Mean You Lose Control

Much of the fear of losing control comes from the feeling that IT departments are relinquishing control to IT third parties because they no longer own the IT and can’t see, touch or grab it. Yet in many ways they have more control than ever as it is easier to increase or decrease capacity quickly in response to changes in your organisation or the market in which it operates. And, if you chose the right vendor, they should provide you with regularly updated innovative solutions and contracted service levels rather than you being locked into a technology that will start to age as soon as you implement it.

Of course it’s not simple matter of moving everything into the cloud. Sometimes legislative requirements will dictate where data can be stored or who has access to it which may force an application to be insourced. Or it may depend on the maturity of an organisation’s approach to IT – an immature organisation may refuse to outsource because it is simply fearful of doing so whereas a mature approach is open to pushing risk outside the organisation.

And not all clouds are the same. A private cloud is used by a single organisation. A community cloud is for the exclusive use of a specific community of consumers with shared concerns (eg security requirements or mission). A public cloud is for open use by the general public. And a hybrid cloud is comprised of multiple distinct cloud infrastructures (private, community or public). Whilst the debate over public vs. private cloud services rages on, in the context of the above and the relative organisational needs and maturity, they all have a place.

This feeling of a loss of control can be exacerbated by departments choosing their own systems, easily bought and delivered over the Internet. However this “shadow IT” should not be feared – instead it should be seen as an indicator that the IT department is not delivering what they need. This is why business mapping is so important.


Part 2 of this blog will cover why business mapping is critical to ensuring IT and Service Management truly support the business and how to get started.

Leveraging IoT

March 31st, 2015 Comments off
Reading Time: 8 minutes

IoTLast week I was fortunate enough to attend the AIIA Government conference on “Navigating the Internet of Things”. This is the 4th year that they’ve run a Government specific conference for sharing experiences and educating people on what is happening in the industry, locally and globally in Government with Technology.

The conference was opened by the Honourable Malcolm Turnbull MP (Minister for Communications), who gave a great summary of the state of affairs with regards to the adoption of Internet technologies and how industry, on the back of initial Government stimulation, is thriving, constantly reinventing itself and driving innovation.

The major themes of the conference was transformation, transformation of cities and how we do things more efficiently, be it resource use, transportation or healthcare. It also reiterated that the emerging IoT world is very much a Digitally driven economic world.


Resource Use

One example used by Minister Turnbull was Water. Water Utilities loose 25-50% of water  due to leaks and due to the reactive nature repairs, are extremely costly to  repair – NICTA have created analytics on predicting what pipe is is most likely to fail and when, allowing for proactive maintenance, reducing the cost of the service. David Gambrel of NICTA explained how this approach was already being used on the Harbour Bridge reducing the cost of maintenance 10 fold.

Energy use and smart lighting that make up approximately 25-50% of government energy budgets, was the another area explored. The move to transforming lighting to smarter, LED based technologies has the ability to significantly reduce the cost and use of energy. One idea posed was the ability to equip smart lamp posts with ability to be charging stations, also creating an opportunity for governments and councils to offer charging to electric cars and create a new source of revenue.



Another example of resource use is roads. In Australian cities, congestion on roads account for 4.26B working hours wasted, said Minister Turnbull. Connected vehicles for traffic management could solve some of this. One of the biggest hurdles to date is the getting real life data and not driver opinions. As the cost of sensors and integrated chips continues to drop, live monitoring of services becomes more feasible, especially when we include feeds from the likes of Google Traffic. Understanding how roads (as a resource are used)

Steve Leonard, Executive Deputy Chairman, Infocomm Development Authority of Singapore (IDA) presented the challenges of the Singaporean government and their approach to Transportation – how to use infrastructure more efficiently, In summary support adoption of smart cars to essentially allow them to be packed closer on roads, potentially doubling the capacity of the existing roads. This was supported by Susan Harris, CEO of Intelligent Transport Systems Australia who’s research suggested that up to 40% more cars could be put on roads if we had automated cars with smart telemetry capability.

Lutz Heuser, CTO for the Urban Institute presented his Institute’s Reference architecture for future cities (see below). This was part of a wider view that to be successful in  to create a new Government service Infrastructure of data streams and analytics – new utility provided by governments. Cloud based open and realtime.

Smart city Ref Arch

Smart Cities Reference Architecture – Lutz Heuser, Urban Institute, 2015

Finally UBER’s Melbourne General Manager explained how IoT and the marketplace they created using that technology allowed them to extend and supplement the public transport system.

The real future of the connected city or “Smarter” city will have smart and autonomous vehicles, providing better use of existing transport systems, allowing for denser and more efficient use of vehicles on the already crowded routes. All enabled by sensors that feed large inter-connected systems that make sense of the data.



Again Steve Leonard, (IDA) explained the problem they have in Singapore. Urban density of approximately 8000 people per square kilometre, means that they are not only far more dense than Australia or the U.S. but that they need to make sense of the projected needs of the population with the real estate available. Singapore, like most have an ageing population- they are all living longer and birthrate is slowing – This change in demographic has caused them to look at the statistics of hospital stays. If you are over 65 you are likely to stay 30% longer in hospital – this has a huge impact on hospitals and the projected number of future hospitals needed to support the population. Given geographic and economic constraints Singapore cannot build hospitals as much as they need; nor could they staff them. Additionally their studies have shown that 20% of patients contributed to 80% of re-admissions. So how can they offload chronic care, focus on triage and emergency care? They’ve looked to technology. leveraging their fibre network reach (1GB to each home) and eHealth technologies with in-home care to offload.

Dr James Freeman, CEO of a Telehealth business delivering services in Australia via video-conference so patients don’t have to physically see a Dr. and can have scripts filled and ready for pickup from local pharmacy. With the proliferation of sensors and cameras in consumer devices, they are able to deliver some consultation services remotely, never having to physically see a patient. Dr. Freeman pointed out that that the adoption is slow to date and this is a combination of no financial incentive to take up these services and legislation being slow to catch up to technology. The financial incentive model is absolutely necessary as there is little chance people will use these services off their own back. I’ve recently seen with my father-in-law, being issued a blood pressure monitor from his health insurer. Each measurement is logged and set directly to the provider for them to track his health. He rarely does it as there is yet no incentive to do so, no lowering of his premium or rebate for his troubles.


Government as a Service – The new Utility

What all of these presentations and discussions showed was that the future for Government is providing data as a service. Today the DTO is working at improving the way government delivers services, with the end goal of speaking to customers as one public sector. Delivering services on common platforms. will continue to be developed and invested in.

This view was echoed by Ros Harvey, Chief Strategist and Advisor for KEI and Sirca, Government as a platform is the future, getting the community to innovate on top of the services and data that government supplies. This was reiterated by Pia Waugh, department of finance, who has been working for years working towards the goal of “Government as an API” and creating the mashable government- making what Gov does more available regardless of agency or jurisdiction.

If the Australian Government can continue with the work that they’ve started it will be well on its way to making Australia the worlds leading digital economy, an aspiration of Minister Turnbull.


How to make IoT successful.

The resounding themes were integrity and security will be important as IoT proliferates. Security must be the foundation of any platform (Brian McCarson, Intel) and approached from an epidemiological standpoint (Turnbull). Using high level pattern analysis and large mass data analytics to see trends and changes in the system.


fundemental IoT

Fundamental Tenants of IoT, Intel, 2015



IoT is breaking through the novelty and into the mainstream with the backing and support of Government. As more and more sensors find their way into roads, waterways, infrastructure components and government systems, this data, raw and refined, will become the new economy that governments will not only collect revenue from, but use to manage and shape the policies of the future. Using this knowledge and mapping the ILC cycle will help businesses (and government) understand how to leverage the innovation and properly commodities the services needed.


ThruGlassXfr starts to make an impact

October 2nd, 2014 Comments off
Reading Time: 2 minutes

logoIt is awesome to see that Ian Latter’s work on bypassing all security measures to exfiltrate data via the screen is starting to be received by the InfoSec community. Today an article written by Richard Stiennon on Ian’s presentation at COSAC has been syndicated through to Forbes. Well done Ian!! this follows up on a post I did in July when I was allowed to start talking about TGXf.

As part of Ian’s presentation preparation (and in response to a number of CFP reviewers NOT READING HIS SUBMISSIONS) he also prepared a number of videos demonstrating the capability of ThruGlassXfr along with his ThruKeyboardXfr.

ThruGlassXfer Open Letter (PDF) – TGXf VER8 FPS5 GD

Android smart-phone in flight mode, downloading a PDF from Youtube via a Laptop screen

TGXf Demo – Open Letter PDF, ANSI (Terminal) Version 1 at 8 FPS
(i.e. you don’t need graphical access to steal data)

TKXf Demo – Keyboard upload of virus to hardened Windows platform
(i.e. I can type a virus into Windows .. stop me)

TKXf Demo – Keyboard upload of payload via Windows to Linux
(i.e. I can type any payload into anything via anything .. stop me)

TCXf Demo – Attacker exfiltration from Linux via socket over PuTTY/XPe/HP Thin Client
(i.e. I can route anything via anything over screen and keyboard)

And my personal favourite!!!!!
TCXf Demo – IP networking over Screen and Keyboard!

Yes that last one is a functional network over TGXf and TKXf…

As a Security Enthusiast I love seeing this, though I have to say as a Security Technology Vendor and IT Outsourcing and Management Supplier it causes me pause. Now I finally have that enthusiasm back to write that paper on the risks of BYOD.


WhatsApp: an Incomplete thought

February 22nd, 2014 2 comments
Reading Time: 3 minutes

WhatsAppSilicon Valley’s latest acquisition has the twitter sphere in a tizz. For those living under a rock, Facebook acquired messaging company WhatsApp for $19B dollars


What I like about the whole situation is that WhatsApp exploited a perceived gap in market. Sure there are messaging apps that work across multiple platforms, but their focus is all about the social platform. WhatsApp’s was more simplistic, universal messaging across platforms. Given the platform and style of service, users feel far less threatened and take up in various geographies show this.


They are also a “cloud service platform” that allows them to mine the information on relationships and interconnectivity that a lot of players in the social service space would kill for. The fact that Google offered USD$10B previously is a clear sign of their value. This can be attributed to a lot of things, least of which is their growth rate and repeat customer rate.


Whilst this might highlight some some trends in market, like the purchase of startups focused on social services, it is a blinkered view of the market as a whole. These MEGA players (Google, Twitter, Facebook, etc) have a weird and wonderful product and marketing model that most of the world is still trying to get their heads around. Like most marketing machines, new product are critical to the survival of a company (be it new to market, improvements or repositioning). WhatsApp shows a link between Google and Facebook’s understanding of their customers (BTW that’s not you) and what they want, but most importantly, what it is worth.


Apart from the incredulity that is coming out by the average Joe, there are severalitems and articles out there that attempt to show why the $19B.


The best article I read was from Danny Crichton (@DannyCrichton)  who points out that the growing trend in social application business acquisition is going to change the nature of business, certainly in Silicon Valley. I’m leaning toward agreeing with most of his observations though I’m wiling to bet that some of the other cities around the world will get a look in as the Valley is rapidly becoming expensive!


Business Mapping

July 29th, 2013 Comments off
Reading Time: 12 minutes

I’m very much of the view that every business is a technology company. Trying to say that they are not is not only fooling themselves but setting their business’ up for a failure. Over the last six to twelve months I’ve been looking at the practical application of business mapping. This is all courtesy of the work of Simon Wardley and his sharing of something he has been doing for some time. In the process of taking these concepts and applying to my every-day job as an Enterprise Architect and recent undertaking of a Masters degree I’ve pulled together an expanded view of how to apply this, not only to my business, but for customers wishing to outsource.

Simon’s view – See insert image “Simon Wardley – Value Map”

Simon Wardley – Value Map

This is Step 4 of Simon Wardley’s basic’s of business mapping  – 

I’ve added a little something to it as I’ll discuss below.

Ideally you would start with a business map and decompose it, but in my role as an Enterprise Architect I find that I’m forced to take a technology centric view and then shape everything around it. Ultimately the outcome is the same. A holistic view of the business’ make-up (value chain), the technology that supports it and the trajectory of the evolution and value of the technology over time.

The following is how I’ve taken the simple technology road-mapping, paired it with market audits and then used that to create a view on business mapping that puts the humble technology roadmap in context. There are a number of tools I’ve used, they are not definitive, nor are they necessarily the best ones. These are the ones that have worked for me.


Technology Roadmaps


Let’s put it in perspective, what is a technology roadmap? As wikipedia points out – A technology roadmap is a plan that matches short-term and long-term goals with specific technology solutions to help meet those goals. Mapping of any sort shows the hows (and potentially whys) of attaining technology goals. These can be presented in any number of ways. The most popular are in diagrammatic format with little boxes or bubbles that group capabilities together and show the different states. There is also examples where capability can be linked in a hybrid view showing capability development over time with a Gantt chart. Google it if you don’t know what I’m talking about. Here are a couple of examples and a close crop image of one from Enterprise Architects below:

Enterprise Architects - Reference Architecture Example

Enterprise Architects – Reference Architecture Example

Context for Technology roadmaps

Why do we create technology roadmaps? Some people do it because they just do it and have little understanding of the use of roadmaps (been there and done that myself because it was a contractual deliverable), others to illustrate what they are thinking. The reality is that it is for helping customers (internal business users are customers too) understand the technology, current and future, that is at work in their business. It shows managers and executives a clear view of their current investment of technology and the linkage between the different investments. It sets the scene for asking “Why?” and helps businesses with investment planning. But the technology investment view is only a very small part of the puzzle.


Market Audits with trending


Looking at just  roadmaps of technology, and what capability you need as a business, is only a part view. To make sure that you are not only addressing the business’ immediate and projected needs but also not setting yourself up for failure, you need to have a larger view of the product/capability and what is playing out in the wider market or landscape. This is know as a market audit.

What is a market audit?

A market audit is the term for process of reviewing the landscape and determining the product fit within the market itself and various hierarchies of business strategy. Kotler (2009) had a number of questions that should be answered in the process of the market audit including:

  • Current market situation – What is happening now in terms of size, growth, and segments within the market?
  • Product situation – What is the organisational view of sales, product, prices, margin and profits for the products(s) being reviewed?
  • Competitive situation – Who, or what are your major competitors?
  • Distribution situation – Who are your major collaborators for growth, size, goals, etc?

These questions only glance the surface of all the questions you need answered, however, they are a very good start. This audit will allow you to better understand the various forces at play and how they will affect your business. These are all extremely important when moving on to business mapping. Previously I’ve approached the landscape analysis (as I used to call it) in a piecemeal way. During my recent studies I’ve come across a number of different tools that can be used together to create a more complete view.

There are a number of tools and techniques that you can use to help review the environment; the external forces, internal forces and interaction of them on each other. Below I’ve exampled a couple I’ve used.


External forces

I found the PESTLED analysis technique very useful in looking to understand the opportunities and threats for a given capability, product or service.

  • Political – Legislative constraints that may affect your audited capability.
  • Economic – Customer buying power
    • Macro – what is happening in the larger political-economic sphere. As Simon has pointed out in the past, Hayek and Keynes are good ways of viewing the manipulation of the economic factors at play.
    • Micro – What you see individual business doing with regards to their spending habits. In this case, what my target potential customer’s trends are and how they compare to the generalised trends of their peers.
  • Social/Cultural – The generic values attributes and benefits expected from the capability
  • Technological – Changing markets through technological advancement. What is emerging and what is trending for the capability. You can take the time to audit the environment yourself, or use a number of sources like IDC, Gartner and Forrester for the mainstream, or smaller boutique and specialist firms that target your chosen capability, to point you in the direction. Whilst I don’t think that they are always on the money, they will certainly give you a good view of the wider industry and trends.
  • Environmental – What are the environmental expectations or considerations you need to make.
  • Demographical – Population breakup and markets within it
    • People = consumer focus
    • Organisations = B2B

Internal forces

There are a lot of internal moving pieces that make up a business and you ned to understand how they are used to support the capability, product or services you are auditing. Understanding how each of these affect the component in question will help you understand the inertia a business faces when trying to move on past one phase of the capability evolution into another. These are the business’ strengths and weaknesses.

  • Company – all parts inside and those that feeds the business
  • Customers – the people that buy
  • Suppliers – Raw material/inputs to allow the creation of products
  • Intermediaries – Or marketing channels that help crate and deliver value.
  • Competitors – Those that can limit your success.
  • Publics – any group that has potential interest in an organisation.


Porter’s 5 forces analysis

Whilst this is generally used by businesses for product development there is a lot of use in this when mapping out the landscape and understanding the various market forces that could be at play, Figure 1, below.


Figure 1 – Porter’s 5 forces

  • Rivalry amongst existing competitors
    • Driven by: numerous competitors; slow growth; high exit barriers; committed rivals.
  • Threat of new entrants
    • Low entry cost = high threat. Prices must be kept low or high investment to deter competitors
    • High entry cost = low threat. If there is a threat, profitability will be kept low.
    • Barriers to entry are:
      • Supply-side economies of scale
      • Demand-side benefit of scale
      • Customer switching cost
      • Capital requirements
      • Incumbency advantages independent of size
      • Unequal access to distribution channels
      • Restrictive government policy
      • Expected retaliation – how potential entrants believe that they will be received, and how this will shape their strategy
  • Threat of substitutes
    • These can be direct or indirect substitutes that perform the same or similar function. Causes profitability issues.
  • Power of buyers
    • The more powerful the buyer, the greater their ability to force down price, keeping value for themselves.
  • Power of suppliers
    • The more powerful the supplier the more value they keep for themselves (through higher prices)


Affect on roadmap mapping

What all of this does is forces you to cast aside any preconceived ideas on what it is you think the best implementation of capability, product or service should be and look at what it NEEDS to be given the various influences at play.

In the provider (technology or services) space you can also use this technique to identify trends in approaches. These may buck the trends that you think are happening and allow you to ask more questions.


Business Mapping


Now on to the important part, business mapping. As I originally said, the business map should ideally happen at the beginning, however, in the process of looking at all these various capabilities that the business uses you will have started to get a very good view of the individual landscapes involved in delivering the products or service your business markets. The trick is now pulling this all together. this is the business map. I’ll use a completely fictitious map for this as I don’t wish to offend anyone (past or present employers included). For an overview of business mapping please see Simon Wardley’s blog here.

As Simon points out it really starts with a value chain view of the organisation (actually it starts out with the business identifying the need that they are addressing, but I’m skipping that, very important part).

Figure 2 – S. Wardley – Value Chain

This is then mapped to the evolution cycle. There are a number of different ways that you can do this:

I’ve chosen Simon Wardley’s model of genesis through to commodity/utility as it works really well for a number of other applications. Figure 3:

1. Start View

Figure 3 – Start view of value map

Using the market audit you will have identified that some of these capabilities have a certain trajectory from bespoke or product through to commodity and utility (Figure 4). This not only shows the relationship of each area of business and technical capability, but it also clearly identifies the perceived value the business places on each piece. The trajectories can show where the industry trends see those capabilities and provides the business a view on where their future should be, unless there is a really good reason for not (Figure 6) going that way.

Figure 4 - Projected view

Figure 4 – Projected view

This starts to highlight a number of trends, especially popular are those capabilities that are now being delivered as a Service (aaS), see Figure 5.

Figure 5 - aaS option view

Figure 5 – aaS option view


Figure 6 - aaS where value it soo great

Figure 6 – aaS where value it soo great

What I started to see is that there starts to exist an imaginary line across the graph where management of the capabilities are clearly considered too valuable to push outside the boundaries of the organisation, despite its place in the lifecycle, Figure 7. My own interpretation of this is where a business is with its maturity in approach to IT, though occasionally affected by regulation.

Immature –  insourcing components that are obviously products and services that can be obtained externally, arguably cheaper and potentially more robust, through FUD (fear, uncertainty and doubt).

Legislative constraints – Forced to insource.

Or mature in business and outsourcing – taking the low value new-capabilities and bespoke builds, pushing the risk and pain of development external to their core business, bringing it back in-house once it has proven its worth and demonstrated value.

This can also explain the ongoing war between private and public cloud people. It all comes down to the specific use case and reasons behind the decisions to insource or outsource.

Figure 7 - Managed services view

Figure 7 – Managed services view

These maps now arm the technologist, and business professional, with information that can be used to understand the overall business’ direction and what factors influence the various capabilities that underpin the central need of the value chain. Providing context for recommendations and decisions.

Update: Based on some questions and feedback I’ve added an example of a reference architecture and some links as well as a link to Simon Wardley’s blog for an overview on business mapping.