Disaster Recovery is a Must
Many IT organizations correctly interpreted the onset of the pandemic as an event that would trigger disaster recovery measures. The normal workplace was no longer available. Application availability was disrupted, not because the applications were down, but because user connectivity to those applications was disrupted. Perhaps even more frightening was the immediate upsurge in cyber-attacks and ransomware focused on the recoverability of applications and data.
Any organization that continues to give the implementation of disaster recovery capabilities a back seat does so at its own considerable risk. Data security is taking a front row seat in this planning. The category of events that threaten continued business activity and prompt a recovery grew last year to include pandemics.
Other threats will arise, probably some that we are not presently able to anticipate. IT does not need to know what they are now in order to prepare for their arrival. But IT does need better systems for securing and responding to disasters. The list of excuses for not implementing DR gets smaller as the availability of cloud resources coupled with DR as a Service offerings grows. Robust DR is within budgetary reach as never before.
Finding Balance Points in IT
IT is often pulled in different directions at once. Last year, pandemic management was top priority. As we’ve seen, implementing DR capabilities was a response. But accelerating digital transformation projects was another. On one hand, IT was mitigating risk while on the other, expanding business opportunities. This is a laudable balance between opposing forces in IT – the absolute need to keep operations running versus the desire to add value to the organization and pursue business expansion. Budgetary and staff resources were assigned to both and perhaps in equal measure.
Similar balance points should be identified and reached within other areas of IT. One we see rising in importance is the friction between application development and IT operations. While this one is not new, the number of forces at work here is new and growing. On the application side is the desire to leverage new and often cloud-related technologies. VMs are laggards. Containers are agile. Infrastructure as code is cool. Serverless computing is coming.
While these initiatives inspire developers to do the amazing, IT operations must continue to manage the mundane. One operations executive summed up the conundrum with the following example: In his organization, IT executives recruit and pay dearly for top application development talent. While at the same time, operations staff assigned to data protection wind up with the high risk/low reward responsibilities. Their lower-paying job is to preserve the organization’s information assets. For them, data loss is a career-threatening event. In 2021, IT executives should look for these types of imbalances and address them.
While pursuing research into cloud data protection last year, we ran across an attitude that may well be pervasive. That is, getting workloads into the cloud and operational first, then worrying about managing them later. OK then. 2021 is the time to start worrying.
Two years ago, we started to hear that 30% of all cloud storage was “orphaned” meaning that the instances they were once associated with were no longer running and would never be reactivated. Recently, we heard that statistic repeated. As cloud users continue to chafe at growing cloud costs, paying for unused storage has to hurt. It is time to take control over cloud resources. However, users trying to do so with the assistance of a third party management application will encounter a fragmented and confusing cloud management application landscape.
So far, we have seen two types of cloud management apps: all-inclusive and point product solutions. An example of the all-inclusive cloud management approach is offered by VMware with vRealize Operations buttressed by Cloud Health. Between these, cloud administrators can monitor costs, performance, usage, access, and a list of other cloud usage metrics while automating management tasks. BMC’s Cloud Lifecycle Management suite and Cisco’s CloudCenter also fall into this category. Point product solutions are many and varied. Some vendors lead with cost control, others with resource monitoring and optimization. As time goes on, they add management capabilities. Morpheus for example started with orchestration but now offers cost analysis and security scanning. The larger, well-established vendors tend to gravitate to the all-inclusive suites while the startups pursue a “land and expand” strategy. Prospective users will find cloud management applications to be a challenging marketplace but one that is worth pursuing. The need is present while the solutions are developing and appearing quickly.
As a Service and IT Staffing
IT management staff can now be categorized as follows: those working for and paid by an organization with its own IT infrastructure; and those who work for and are paid by a vendor of IT services that are sold to IT users. Cloud Service Providers and IT outsourcing firms have typically defined the second category, but they are now joined by a growing list of vendors offering their products on an as a service basis.
The reason that staffing is an important perspective to take is that the skill sets in demand are the same for both internal IT users and all of the other vendors of IT services. All compete among one another for talent. This is why, in 2021, it is important to keep an open mind when considering the staff impact of new project implementations for example. Does one pursue the traditional path of buying the infrastructure and adding it to the existing staff burden for management? Or does it make more sense from a staffing perspective to leverage the services vendors and their management staff? Hard and fast rules that address how infrastructure is acquired should be reviewed and challenged when they have a negative impact on IT staff and when top talent cannot be acquired any other way.