Scanrail - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How internal IT can become a cloud services broker

Evidence suggests that cloud projects are much more likely to fail without IT support. Expert Tom Nolle explains how organizations benefit when IT becomes a cloud services broker.

There is strong evidence that without professional IT support, cloud projects are much more likely to fail, create security and compliance problems, and divide IT activities into uncontrollable silos. For some enterprises, including many of the largest, the best approach to the cloud is to let internal IT act as a public cloud services broker. IT management and planners need to prepare for such a role by creating an IT resource plan that accepts the public cloud as an equal partner, addressing line department fears of data center lock-in or loss of agility, and defining tools and practices to embrace cloud services from any source.

Even line departments, empowered by as-a-service cloud application choices, are concerned that exercising IT procurement on a per-organization level will lead to disintegration of unified workflows and loss of productivity. They're also concerned about security, compliance and cost overruns, and in many cases, line departments have sought internal IT advice on cloud selection. This approach is helpful, but it's hard to structure to avoid wasteful duplication of work when multiple line departments are pursuing cloud goals independently.

Think of IT as a broker of both cloud and internal services

All these concerns naturally lead to the question of whether internal IT should act as a "fair broker" of both public cloud and internal IT services. Line departments would go to the IT organization with a business plan, which IT would then translate into a commitment to the cloud or to internally hosted technology. Given that the cloud is a reality, such a role could be a benefit both to the IT organization and the company at large. But few internal IT organizations are prepared to play the role, because they don't have any application plans that don't discriminate against the cloud in some way.

Most large enterprises probably can't coordinate cloud adoption through any means other than using internal IT as a cloud services broker. Line departments that refuse to accept the concept, or an internal IT organization that refuses to accept the role of cloud services broker, eventually will create such discord, as well as workflow, security and compliance confusion, that it might even threaten company operations and profits. It is simply not logical to presume an IT future without the cloud, so it's critical that the future be managed based on the same IT principles used to guide operations today. Only the IT organization can do that.

As logical as the role of fair broker is for internal IT, few organizations are prepared to play it. Because line department-driven cloud adoption is largely spurred by suspicion of internal IT, it's important that a cloud brokerage plan be developed from a cloud perspective and not be seen as a defense of current data center practices.

Steps IT can take to become a cloud services broker

The first step in becoming a cloud broker is to build a unified resource plan for application hosting in "as-a-service" form. The plan should start by identifying platforms that are needed to host applications, and move to how those platforms are then realized on public cloud resources, as well as in the data center. The platform specifications must permit the platform to be priced out in any environment it's realized, so organizations can compare costs. The goal is to create abstract views of application resources that can be applied both to internal and cloud deployments.

The next step in the resource plan is to define an integration, compliance and security plan that frames mechanisms that will be provided on each supported cloud or internal platform. This is a critical step because it's the one that assures the individual platform choices can be harmonized with baseline IT processes to ensure information exchange and security. A map of current applications, components and workflows is helpful for this, and where a formal enterprise architecture model has been adopted, business process flows are of great value. The current practices can serve as a starting point, but be sure to adapt them to be cloud compatible.

Selling this approach to line departments can be challenging. And one tempting way to reduce the pushback is to offer the plan, and let line organizations suggest cloud applications and platforms, which IT would then certify and help integrate. This approach is most likely to win line department support, but it can introduce significant delays and chaos in later phases. It's best to pick three top cloud provider candidates as part of the program, but then let line organizations go outside this group -- accepting delay and additional costs in certification -- if it's necessary.

Selling a cloud services broker role requires planning

Experience shows that selling a cloud services broker role to line departments is facilitated if your resource plan includes specific tools and procedures for integrating cloud applications in any form -- i.e., software as a service (SaaS), platform as a service (PaaS) or infrastructure as a service(IaaS) -- and addressing the full spectrum of security, compliance and application lifecycle management (ALM). Such a plan not only provides confidence that the broker role you propose has substance and value, it makes it clear that there are major tasks to be completed that line organizations will inherit if the IT broker doesn't fill the requirements through the resource plan.

The first thing to look for in your tools and practices assessment is any vendor- or platform-specific techniques. These will be at risk if line organizations can acquire SaaS or PaaS cloud elements, so look for generalized and open architectures for integration, deployment and change management.

When any vendor-specific issues have been resolved, look at ALM policies that validate information integrity, security and compliance goals to ensure that they are flexible enough to incorporate cloud-hosted elements.

Both the cloud and the data center will be part of virtually every enterprise IT application plan, so the unification of these critical resources into a single accountable whole is critical for long-term IT success. With a plan to do that, enterprises can navigate not only the technology shift the cloud generates, but the internal political shifts as well.

Next Steps

IT roles evolve with cloud computing

What to expect from cloud service brokers

Are cloud brokers becoming system integrators?

Dig Deeper on PaaS and other cloud development platforms