Emerging Tech

Embrace the cloud and hosted services... with some rules

Scott Lowe shares some of the steps his organization takes when they research initiatives for individual units.

Quick show of virtual hands: How many of you out there have had someone from a line of business come to your office and say, "Hey, just got off a demo with a vendor and we're going to go with their product to help us meet a need. The best part is that they don't need any help whatsoever from IT, so you guys are off the hook!"

A hundred percent of the time, when the vendor makes that particular claim, it's a lie. OK, maybe it's not a lie lie, but it's certainly not entirely truthful for organizations that make serious use of IT systems and want things to work as a cohesive whole.

That little mistruth aside, there is a lot of value to be had in conglomerating some of the disparate services that are offered by various vendors. However, for most organizations, it's not really palatable to simply allow individual departments to sign their own contracts and move forward without at least some centralized coordination point. Allowing this kind of chaos leads to:

  • Potential inefficiency as multiple groups possibly undertake similar efforts with different products
  • Lack of organization-wide alignment in technology-driven efforts, which may lead to spending on services that are not top priority
  • Inconsistent user experience between services, which can lead to confusion, less than optimal uptake, and increased calls to the service desk
  • Inability to centrally aggregate data from many different services, which may lead to reporting and intelligence gathering difficulty
  • Units procuring services that replicate internal capabilities, leading to waste

Although these may sound like pretty significant challenges, they can be overcome. At Westminster College, as units research individual initiatives, we take the following steps:

  • A deal can't be signed without my OK. This allows us to make sure we're not procuring services we already have in-house. This has helped a few times to help units find better ways to use existing tools rather than simply buying new ones.
  • Any considered service must have the capability of authenticating against our local Active Directory. This allows us to continue providing users with a single credential that provides them with access to all their campus services and keeps the help desk from having to constantly answer password-related issues. We want to control authentication as tightly as possible. Services that can't provide this kind of authentication integration face an incredibly steep approval process.
  • Where possible, we request integration with our campus portal.
  • Deep data integration is requested of all vendors along with data layouts. Ideally, we like to have the ability to report in real time and directly against provider-housed data. When this isn't possible, we request regular extracts. We also require providers to acknowledge our ownership of all data elements.
  • Procured services need to have at least some kind of automated integration with our data systems. For example, we outsource our learning management system, but the data synchronizes on a regular basis with our on-campus student system and the users of the hosted LMS authenticate against the hosted service using our own local Active Directory domain controllers. This kind of integration eliminates the need to manually update data at the provider side all the time. In the past, we have eliminated from consideration systems that did not have an automated update mechanism. Although the manual workarounds worked well for one or two pilot test users, the solution did not scale at all and would have created a nightmare.

It is certainly true that we are seeing many more requests to consider these kinds of services. Through careful planning and analysis and a basic framework to help us guide our efforts, we're able to procure services that don't significantly overlap existing capabilities in ways that maintain a secure environment and a positive user experience. I'm sure that there is more that we could do, but we don't want to make it impossible for people to procure services that could solve business problems.

What about you? What steps do you take with regard to outsourced services?

About

Since 1994, Scott Lowe has been providing technology solutions to a variety of organizations. After spending 10 years in multiple CIO roles, Scott is now an independent consultant, blogger, author, owner of The 1610 Group, and a Senior IT Executive w...

Editor's Picks