When our CEO and Senior Forrester analyst Chris Sherman got together for a webinar last month to discuss the launch of our latest product Tachyon, both Chris and Sumir spoke about the benefits of this technology and how it is revolutionizing the IT industry.
That's a pretty hefty claim.
Then, a few weeks later, we released "The 2017 IT Incident & Response Report" explaining how much time, energy, and money is wasted every day due to the increased number of ad hoc requests IT teams are forced to respond to. We found some interesting pieces of data. A truly staggering amount of time—almost a third of each day—is spent responding to unplanned incidents.
It's no coincidence that Tachyon was being discussed simultaneously. Tachyon offers businesses the ability to cut their losses. It rewinds the clock so that IT teams can focus on what they do best.
While we had the privilege of Chris's company, we thought it best to yolk his knowledge and ask crucial questions pertaining to the data we collected.
Question: We found that, on average, every IT professional/team spends almost a third (29%) of every day responding to unplanned emergencies. Should central IT be primarily a reactive function, or are there ways it could be delivering more value to the wider business?
Chris Sherman (CS): The goal of every technology organization should be to be the driving proactive force of the organization. What that means is assessing business demands in real time and adjusting technology services automatically to meet them. It also means having the foresight to predict and prevent incidents before they occur. The key is to eliminate time wasted on manual and repetitive commodity tasks. Your technology team should focus on enabling policies, rather than merely implementing them. The team will deliver this through the adoption of modern automation and updated processes to support it.
Question: We found that, on average, it takes five times longer to remedy a problem than to identify it. What are the technical reasons for this disparity, and what are the real-world consequences in a field like security?
CS: A major factor here has been the role of infrastructure & operations (I&O). For years, I&O has acted as “gatekeepers,” translating directives into settings and executing changes on behalf of other teams, such as security. This has sometimes led to misreads of policy, but more importantly has often resulted in slow, reactive approaches to incidents. With proper tools and automation, I&O’s role fundamentally shifts to that of policy enabler.
Instead of manning the toll booths, I&O builds the automated toll lanes. Instead of creating roadblocks with traffic cones, it works with security to make sure the maximum amount of traffic drives along in a safe, reliable way. The real-world impact of I&O’s role shift is twofold. First, and most obvious, it decreases response time to incidents that can lead to embarrassing downtime or the divulging of personally identifiable information (PII). However, more importantly, it also removes the rift between I&O and security professionals. In an ideal environment, I&O should provide the means for these professionals to enact security changes directly to technology, rather than through I&O. This frees up both I&O and security to focus on more strategic initiatives.
Question: Is there some irony that IT take hours and days to do things? Shouldn’t IT be the epitome of digital speed? Why is it lagging?
CS: The lack of automation and reliance on manual intervention certainly play a key role in both central IT and security. However, there is also typically a disconnect between business and technological innovation. IT has traditionally focused on metrics such as uptime and efficient use of resources. BT, however, focuses on customer engagement and product delivery. Ironically, placing too much emphasis on traditional IT metrics can potentially lead to increased risk of disruption. If you spend more of your efforts on traditional service uptime and less on delivering new and updated services to your customers, your competitors can quickly outpace you. Note: This does not mean a company should neglect to provide stable and dependable infrastructure. However, one should not do so at the cost of growing and retaining customers.
Question: From talking to your clients, what is your view of the degree of satisfaction or dissatisfaction out there for central IT? And regardless, how could things be improved going forward?
CS: Part of the general dissatisfaction is a perceived lack of engagement and understanding. If a business customer can purchase software-as-a-service (SaaS) with the swipe of their corporate card, why should they go through the technology organization? In many ways, they believe IT just slows them down.
Of course, the reality is that IT is intimately familiar with the prerequisites and requirements for delivering new solutions, as well as the inherent risks. Much like enacting security requirements, the goal here should be for technology organizations to enable, rather than impede, innovation.
Ultimately, the best mesh of business and technology are integrated product teams. This mix of business analysts, developers, QA, enterprise architecture, and operations works alongside security, shared services, and customer experience professionals to deliver releases that enable the business and thrill the customer.