Blog
I like this
I don't like this

CIO Advice: How to Make Your Digital Business Fly

Sep 13, 2021
Martin Kuppinger

Doing IT right is the premise for delivering time-to-value in the Digital Journey. Success requires an agile IT for delivering secure Digital Services on time.

Virtually all organizations have become digital at least to a certain extent in the past three decades since the World Wide Web (already an old-fashioned term) took off. But we are still on that journey. There is a good reason not to name this Digital Transformation, but Digital Journey. It is not about transforming from the analog to the digital state, but an ongoing journey.

This journey is driven by ever-changing business models, rapid innovation of products and services, as well as a shift from product business to service business, and last but not least, new entrants in the competition. Business must compete harder than ever before to be successful.

Fig. 1: Digital Services: Software as a differentiator. Success in the Digital Age builds on competitive differentiation through Digital Services & Digital Experience.

Making Digital Services a Differentiator

Differentiation in the Digital Business is based on Digital Services. The phrase “every business is a software business” never has been truer than today. Software is ubiquitous. It forms the backend of digital services, it forms the frontend via apps, it is in connected things, and it is in microchips of connected vehicles. Software is everywhere. The intellectual property of businesses is melded into software. The USP (Unique Selling Proposition) of companies results from delivering better digital services. This is what differentiates them in today's competitive environment.

However, Digital Services are not only about translating business into Digital Services, and thus software development. It is also about delivery, operating, and last but not least, securing these services. The link between security, Digital Services, and Digital Experience (DX) is Digital Identity. Only if delivery, operations, and security are built for agility and rapid, reliant, and resilient delivery of services, and only if the Digital Identity approach is built for the needs of today’s hyperconnected business, will organizations be able to deliver the Digital Experience that differentiates them from their competitors and makes them successful.

Fig. 2: Even greenfield IT consists of many components that must be delivered, managed, and secured. And even greenfield IT will become brownfield IT that has to cope with legacy.

Conceal Heterogeneity through Standardization and Unification

While some startups can build on a greenfield IT, reality is that even this quickly becomes a mix of new and established (or “legacy”) elements, and is based on multiple clouds. For most organizations, though, it is about a complex mix of IT, both in the backend and with respect to all the devices that are used to access services. However, the latter are out of control of the business because Digital Experience is about supporting what the customers and consumers are using to access the Digital Services.

And, regardless of greenfield or brownfield approaches on IT: Digital Services consist of many elements, from backend applications, storage and data to the services themselves, the apps used, the software that is baked into microchips, and so on.

The reality of the IT of the vast majority of organizations is multi-cloud, multi-hybrid, with many different deployment models. Some can just build on multi-cloud, but even new organizations end up with more complexity when it comes to manufacturing, where on-premises IT and Edge Computing are needed. Thus, organizations must prepare their IT to deliver to the business on demand and on time, while accepting the heterogeneity of today’s IT. Heterogeneity will not easily disappear. Thus, it is about making it work better, by reducing complexity and by concealing heterogeneity through standardization and unification.

Fig. 3: IT must serve to the needs of agility and security while keeping cost under control and delivering to the control & compliance needs of organizations.

Keeping an Eye on the Costs

Agility in delivering to business demand is just one element of what a good, modern IT must deliver. As always, cost must be kept under control. Succeeding in the Digital Business will always require delivering the Digital Services at a reasonable and competitive cost. Control & compliance requirements are more important than ever before, with ever-increasing regulatory pressure. Last, but not least, security and resilience are essential to the success.

Digital Businesses are at risk of cyber-attacks as well as failure in delivery. Failing in cybersecurity can destroy a Digital Business. When everything is based on Digital Services, when every business is a software business, then cybersecurity is more important than ever before.

The challenge is delivering on the various needs in an efficient, reliable manner across development, delivery, operations, security, and identity. This will not work with point solutions, because everything is integrated in the digital business. It will also not work when relying on manual administration in many of the areas. Manual work is expensive and error-prone. Using approaches like "everything as code" won't work. There are too few people who can code, and coding is both expensive and error-prone, as we all experience regularly in bugs, updates, and patches.

Fig. 4: Policy-based automation is the foundation for successfully running the complex IT environments of today and serving the demand of the Digital Business.

Automation Is Key

The solution lies in automation based on policies, supported by intelligent solutions utilizing what AI (Artificial Intelligence), ML (Machine Learning), and other techniques can deliver. This requires collecting information about everything in IT, from services, backend applications, devices, and apps to all the various types of users to the underlying infrastructure, regardless of where this is located across the multi-cloud multi-hybrid IT universe of the organization.

Fig. 5: Management of IT must focus on what can be well-managed. Identities and services are where organizations can get a grip on. In the end, it is about someone or something accessing services. This is where IT unification starts.

When looking at automation, it requires infrastructure automation. It requires efficient development with automated testing and delivery into production. However, from a management perspective, the potential for unification and standardization across a heterogeneous, complex IT environment, is in focusing on the areas that organizations have under control: Identities and services or, in broader terminology, the resources that support and form the Digital Service.

Access happens from humans, devices, things, or services to other services. Identities can be managed and must be managed. Applications, their data, and the services and infrastructure delivering this are under control. It is way harder to get a grip on all the devices – just think about BYOD (Bring Your Own Device) approaches or all the different devices used by customers and consumers. Even harder, is control of the network in a hyper-connected world where Work from Home (WfH) is the new normal. Thus, Identity and Access Management (IAM) as well as a consistent, automated, efficient management of the IT services, is where the focus of modern IT must be.

Fig. 6: Digital Business: Technology impact on agility. Digital Identity, Cybersecurity and Agile Development & Operations as key enablers.

Managing Digital Identities Is Essential to Gain a Competitive Edge

The technology impact becomes visible when mapping the impact of technologies to support organizations in changing to the needs in their Digital Journey. Managing Digital Identities of everyone, specifically the consumers and customers, but also the relationships to devices and connected things, for example, is essential to win in the dynamic competition of the Digital Age.

The technologies with the highest relevance are: Digital Identity Management, Cybersecurity – to secure the Digital Business – and Agile Development & Operations for developing and delivering the Digital Services.

Fig. 7: Eight fundamentals for successfully developing, delivering and securing the Digital Services that make Digital Business succeed.

Eight Fundamentals of Digital Business Success

Success in the Digital Business is based on eight fundamentals:

  1. Business demand drives IT, which exists  to support the business – and IT has never been as important as it is today, where every business is some sort of a software business.
  2. Multi-cloud, multi-hybrid IT is the new normal. “Cloud first” is a meaningful paradigm, but Edge Computing demonstrates that not everything will run in the cloud, not to speak of a single cloud.
  3. Built on policy-based automation. Policy-based automation is the key to managing complex, heterogeneous environments. Doing this right, requires the use of AI & ML to help in creating and optimizing policies.
  4. Gather the status of everything. Policy-based automation also requires data about everything. The identities, the infrastructure, the code and structure of applications, APIs, and so on. This must be gathered into repositories that then can be utilized by policies.
  5. Identities & resources in core focus. Someone or something (with an identity) is accessing services and the resources in the background. Which device is used, which network is used: This is hard to control. But identities and resources are known and can be well-managed.
  6. Unified view of resources – everything as a service. This leads to a perspective where, ideally, everything is treated as a service, regardless of whether deployed from the cloud or on-premises. Identities are accessing resources – this is where unification can start.
  7. Agile development, integrated delivery & operations. Rapid delivery of Digital Services to the business demand requires agile development that integrates with delivery and operations (and, last but not least, security). Again: This will work across all layers only when being based on policy-based automation.
  8. Automate security across everything: Identities & resources. The automation of security must start where organizations have control. They have that control over identities and resources. Control is way harder to win over devices and networks. Thus: Focus on identities and resources for a unified, efficient management of IT.

It is time to revisit the way we do IT, and to improve it.