Blog

Cloud Computing is mainly Service Management

Oct 28, 2010
Martin Kuppinger

When looking at all the discussions around the "cloud" I still miss some focus on the real essentials of a strategic (!) approach for using clouds. Clouds are, when looking at the right now common understanding of private, hybrid, and public clouds, in fact nothing else than IT environments which produce IT services. These services are provided at many different layers, like in the common (and pretty coarse grain) segmentation into SaaS, PaaS, and IaaS. But: It is about the (efficient, scalable,...) production of standardized, reusable services.

Cloud Computing is about using these services. It is about procurement, management, orchestration, accounting, and so on. With other words: Cloud Computing is mainly about service management, in a standardized way. In a perfect world, all services of all products (internal and external) would be managed consistently. There could be one consistent accounting, ending up with something like an ERP for IT. However, the service management aspect of Cloud Computing appears not to be in the centre of most discussions around Cloud Computing. Many discussions are just about tactical comparisons and views of parts of Cloud Computing. Many discussions are around security. But about service management, the really strategic thing? The part which will fundamentally change the way we are doing IT?

For sure there is a lot of discussion around service management today. ITIL is a good example. However, that covers just a part of IT. We have to look at it from the highest layer (business and its requirements, described as real business services like "managing contracts of type ... in compliance with regulations and...") down to granular web services used in SOA architectures. Services are sort of everywhere. And the future of IT is about having two layers:

  • Service production (In the Clouds)
  • Service consumption (Cloud Computing)
That requires fundamental changes in IT organizations. The core competency is to become best in class in mapping business requirements to the required services, e.g. in doing the "cloud computing" part right. For the "production" part of IT, it is about becoming best in class in providing efficient services. But typical IT organizations will be split into two parts: Consumption/Orchestration/Management and so on - and production in the private cloud environment. Enabling this shift is the key issue for any organization today.

You might now argue "what about security?". Pretty easy: Security is a part of this. Every service has a functional part and a "governance" part: Where is the service allowed to run due to compliance? What about encryption of transport and data? Who is allowed to access the service (or parts of it)? And so on... With other words: When you've solved the service management piece, you've automatically solved at least a large portion of the security piece. You might argue that there are some infrastructural aspects not covered by this (how to enforce what you need for service governance). But that could be understood as well as part of your service environment.

A lot of aspects around Clouds, Cloud Computing, Cloud and Services, Cloud Security and so on will be discussed at EIC 2011/Cloud 2011 in Munich, May 10th to 13th.

Latest posts by Martin Kuppinger
The Ping/ForgeRock combination
Securing the Digital Universe: Where Do We Even Start?
Microsoft Putting Decentralized Identities Into Practice
Microsoft Security Copilot: Value-adding Generative AI