All Roads Lead to Risk Assessment
Creating a Culture of Security
Exploring the Internet of Things
Thwarting Business Challenges With Technology
The Emerging Research and Education Cloud; The Case for Industry...
Khalil Yazdi, CIO in Residence, Cloud Services Program Development, Internet2
Thank you for Subscribing to CIO Applications Weekly Brief
Transitioning to a Cloud World
By Eric Gordon, SVP & CIO, CEC Entertainment
The business was recently acquired by Apollo, LLC, which set out to restore a culture of great guest service, sales and growth. Suffering from under investment in information technology and burdened by inhibiting legacy solutions, CEC embarked on a transformation of its business processes and enabling technologies with the goal of creating capabilities to better serve all locations and guests.
Adapting to the new world and learning to live with a Software as a Service (SaaS) and cloud-based solutions portfolio has been as challenging as implementing the technology. What began as a replacement of legacy HR and finance applications with Workday HR, benefits, payroll and financial has evolved to include new cloud-based store solutions, a new phone system, a corporate office move and new data center. All these investments are aligned to improve service for the company-owned 525 locations and millions of guests.
To ensure a successful IT portfolio transition and create a thriving company environment, CEC is adopting four guiding principles.
1. Change focus on security
2. Limit platforms and vendors
3. Simplify and adapt business processes
4. Improve architecture and quality assurance
Together, these principles guide the formation of new processes and the skills and behaviors of the IT organization. The objective of this piece is to describe how the guiding principles are used to shape behaviors and share some lessons learned from the process.
A major benefit of cloud-based solutions is accessibility. Associates can now access HR, payroll and financial information from their mobile devices or web browser, offering increased convenience for the end- user. It also improves business continuity planning in that critical infrastructure and is now running in Tier-3 vendor data centers, with remote access to key systems in the event of the loss of a corporate workspace. However, that convenience increases the number of end points vulnerable to a compromise or data breach. An ID CIO INSIGHTS | | November 2015 34 CIO Review compromise is now all that a threat actor requires to access sensitive corporate data from outside the network. This puts a premium on identity management and access controls and increases the importance of end point management.
An essential element to IT success in a cloud world is to strengthen architecture and quality assurance capabilities
Information security, the associated compliance frameworks, payment card industry requirements and intense focus on data privacy all serve to increase regulatory oversight of IT. Many non-technology companies view information technology as just a cost to be managed, rather than a competitive advantage, which is why companies need CIOs to help manage an array of stakeholders in an increasingly regulated environment.
One key to an efficient IT cost structure is to keep the solutions portfolio as simple as possible. More IT complexity requires more management, which translates to higher support costs. Many companies are suffering the hangover of “best of breed” applications strategies and overly complex portfolios, molded to fit unique business requirements. Increased vendor solution components also result in large numbers of complex integrations. Many of those decisions are backed by good business cases, but ignore the IT support impact. Companies can address this by limiting vendors and adopting “platform” solutions from vendors that offer a broad range of functionality. This approach limits the complexity of the portfolio and the number of vendors to manage, as each platform vendor becomes responsible for integration of their solutions. The other key benefit of hosted solutions is the simplification of the infrastructure footprint.
The long-simmering debate between “change business processes” and “modify software” is largely over. For commodity non-differentiating) business processes, the best approach is to modify business processes to fit software capabilities. Many companies will continue to custom develop software where competitive advantage is clear and, for some companies, the outsourcing pendulum has shifted back to more internal software development roles. However, hosted SaaS solutions are very sophisticated with many configurable features and options. The result can make it seem like he software configuration was twisted to fit poor or ineffective business processes. Changing those complex configurations can be time consuming, risky and expensive. Simplifying and standardizing business processes is still required, as is managing the health of the software configuration. Turning configuration management responsibility over to end-users is not the path to more stable, cost-effective technology solutions, so having knowledgeable IT teams focused on configuration and change management is more important than ever.
An essential element to IT success in a cloud world is to strengthen architecture and quality assurance capabilities. The IT architect role has evolved over the years, but the need to understand and efficiently design business processes, data and technology solutions to drive value and achieve business objectives is still the purpose of the role. The knowledge and experience of the IT architect now shifts to integration and software configuration skills. The ability to identify and explain tradeoffs between software configuration methods to meet business process needs is more important than ever, and compromise is essential.
Quality testing also becomes more important in a SaaS world. Companies must protect themselves from vendor- introduced bugs and undesired features. In the on premise world, companies frequently implemented software and were able to control when they allowed it to change. In the SaaS world, companies are at the mercy of vendor-introduced change on a vendor- defined schedule. A robust testing team and methodology is critical to ensure the stability of the operating model. Solution providers also control test environments, which helps reduce the company’s infrastructure footprint, but it introduces constraints on the test ecosystem. Interfaces and touchpoints between test environments are increasingly important to manage.
In conclusion, succeeding in a cloud- based world requires that IT leaders act as brokers of services and managers of this increasingly regulated environment, with extensive knowledge of business processes, architecture skills, security, vendor management and quality testing.