Business Ecology Initiative & Service-Oriented Solution

Michael Poulin

Cutter Consortium believes: "Cloud Presents Significant Problems"

user-pic
By Michael Poulin on April 29, 2010 5:58 PM 2 Vote 0 Votes

The IRM April newsletter 2010 announces the article For 2010, Cloud Presents Significant Problems, Opportunities for Architects by Mike Rosen, Director of Cutter Consortium Enterprise architecture Practice. The article is unusual in modern chorus and fanfares glorifying Cloud Computing; it articulates simple business risks associated with a reckless surrender to the Cloud hype demonstrated by the businesses, which don't see benefits further than 'for today'. This recklessness is not a corporate illness but rather an individual one because I cannot explain Mike's comment about Citibank in another way: "Just last month, Citibank (the third-largest bank in the US and no technology neophyte) lost tens of millions of dollars to cyber thieves, apparently in a Russian-based organization." Here is another example from the article: "...last month it was reported that Iranian militias have been intercepting the video feeds of Drone aircraft for at least six months. Worse, the Pentagon knew about the vulnerabilities ever since the weapons were deployed in Bosnia over 10 years ago, but didn't think local insurgents would be clever enough to exploit them. Well, $29.95 for some off-the-shelf software from a Russian company was all it took."

I agree with Mike about the current state of Cloud Computing, which "brings the industry back to the bad old days" by allowing Business Unit's (BU) interests to prevail over the corporate ones. Particularly, Mike says: "The "cloudy" future, where business units go to the cloud to provision their own infrastructure, brings the industry back to the bad old days, when every line of business did whatever it wanted, optimizing its own P&L while suboptimizing the enterprise; implementing redundant and inconsistent capabilities and data stores. This approach was largely responsible for creating the infamous "Enterprise Application Spaghetti" that business had spent, and continue to spend, billions cleaning up."

I can sign under this statement. However, I have been surprised by the means offered in the article to heal "the business rushed shortsighted into this decade's panacea[M.P.: i.e. cloud computing]". Mike talks about an education and certification of IT Architect who are supposed to stand up on the way of unjustified use of Cloud Computing in spite of the business "willingness" to do so. This sounds like a call for IT Architects to protect Business from itself...

Well, any education is always a good thing but in this case it appears as a reference to a second cousin instead of to the 'person' in fault. I think that right instrument to protect Business from itself is the Business's instrument only - money.

In my book "Ladder to SOE", I describe a service-oriented enterprise where IT is split by the BU, i.e. the thing so much criticised by Mike. However, this split must be accompanied by revoking the budget spending rights from the BU with regard to any modifications or new development. These rights must be allocated to the cross-functional and cross-departmental management team. Such team comprises Senior Executives, who have only one task - preserve interests of the enterprise over the interests of BU. The BU makes money but may not spend it on IT development without an approval from the cross-departmental management team. If the BU Manager wants to reduce a cost of technology maintenance in the department via deploying its applications into the Cloud and puts the entire company into the risk of exposing sensitive information (Clouds are not transparent to the corporate business so far) and losing the company's reputation, this manager better be stopped beforehand.

IT Architects are not in the position of stopping error-prone business decisions of this scale: promised initial money saving frequently overtakes justified risk of exposure; the business takes this risk on itself but immediately delegates to IT, to the same Architects, who raised the alarm. In my opinion, the role that can influence and protect (to some degree) an organisation from the cloudy threads is Business Architect. The Business Architects are those Senior Executives, who transforms Business Strategic plans into Business solutions, functions, features, products and services. The Business Architects are those who tell BU what to do (but not how to do), when and why. The Business solutions should be realised by the BU management in integrity and in balance of interests across the enterprise. The business well-being in the long perspective may be more important than saving on technology in one particular moment of the enterprise history.

Book Announce.JPG

Tags: , , , , , , ,
More Articles:

« Sizing Requirements with Function Points: A Surprise, Part 2 | Main | ONA as the Key to the Service-Oriented Model of Business Organisation »

2 Comments

| Leave a comment
user-pic
Michael Rosen | May 1, 2010 11:20 AM | Reply

First, I’d suggest people read my article for themselves and see what they think. You’ll notice that I’m only making some predictions about issues that will concern enterprise architects in 2010, nothing more. But, I feel that I have to repsond to Michael Poulin’s representation of my article to clarify a few points.

- My comments about Citibank and the US military are explained this way. If an organization as sophisticated as Citibank, or with the huge resources of the US military are subject to hacking, what can you expect from a less well equipped SaaS provider? Are you really ready to trust your data there? I’m not.

- In many circles, IT still has a reputation for being unresponsive. Many business focused viewpoints on the cloud tout it as a way for the business to circumvent IT and provision their own services and other infrastructure. I believe this is a step backwards for the enterprise. But, if IT doesn’t do something to be more responsive, it’s going to happen.

- I did not intend to imply any connection between certification and the cloud, merely that certification is another issue that architects will have to contend with in 2010. I don’t view certification as a solution to this issue. Perhaps I could have been clearer about that.

- I did not suggest that IT should protect the business from itself. Rather, what I said was that architects need to get out in front of cloud adoption and clearly articulate what the important enterprise concerns are, and what decision are reasonably within the domain of the business. This will give the business the flexibility it needs, within the boundaries required for enterprise consistency, security, reliability, etc. With these guidelines in place, the management and spending structure that Michael suggests could be an effective way to govern.

My views on the role of architecture are clearly explained in my book “Applied SOA: Architecture and Design Strategies� which is dedicated to practical ways to use architecture to influence enterprise outcomes at the business and technology levels. Michael - I’d be interested in understanding more about your approach and engaging in a constructive conversation…send me some email, and if you like, send me a copy of you're book and I'll review it for my Cutter column.

user-pic
Author Profile Page Michael Poulin | May 1, 2010 12:56 PM | Reply

I an very thankful to Michael Rosen for the comments and clarifications. I think we are looking to the same directions and very similar concerns. It is also possible that I misread the part of the article related to certification and, indeed, it sounded to me in a resonance to the rest of the text.

Nonetheless, IMO, telling Business "what the important enterprise concerns are" can bring real result if these words are said by the business executives (i.e. those with authority to point division managers on the concerns); at least, this is my experience.

Leave a comment

Recent posts from our Blogs

In this blog, Michael Poulin writes about business and technology ideas, concepts, methodologies and solutions leading to service-oriented enterprise, the primary instrument for obtaining business objectives in fast-changing environments.

Michael Poulin

Michael Poulin is an enterprise-level solution architect working in the financial industry in the U.K. and the United States.

He specializes in building bridges between business needs and technology capabilities with emphasis on business and technical efficiency, scalability, robustness and manageability. He writes about service orientation, application security and use of modern technologies for solving business problems. He contributes to OASIS SOA standards as an independent member and is listed in the the international "Who's Who of Information Technology" for 2001. View more

Subscribe

 Subscribe in a reader

Recently Commented On

Categories

Tag Cloud

'Navigating the SOA Standards Landscape, 1471, abstraction, ACM, active service, Adaptive, ADM, adopt changes, aggregate service, AIA, Amazon, analysis, API, application, Application Integration Architecture, architect, Architect, architectural mission, architecture, Architecture, architercture, AWS failure, Azure, B-SOA, BAWG, BEI, Best Practice, bottom-up, BPEL, BPM, brokerage, Brokering, brokering, bus, Busienss, busienss case, business, Business, Business Architect, Business Architecture, business architecture, Business architecture, Business Architecture Working Group, business concerns, business data, Business Ecology, business efficiency, business model, business operational model, business organisation, Business Platform Division, business process, Business Process Designer, Business Requirements, business risk, business service, Business service, Business SOA, business value, business view, business-centric, Business-IT problem, BuTechCon, Canonical Schema, capability, Case, CBDI, CBM, Centralization, choreography, CIO, Cloud, cloud, Cloud Computing, Cloud of Clouds, COBA, Collaboration, collaboration, collaboreation, commodity, component, Composite Application, composition, concept, Conciliator, consumer, contract, COSMIC, cost, cost estimate, cost of ounership, cost of ownership, coupling, crisis, CRUD, culture, Cutter Consortium, data ownership, data service, data store, DDD, decision logic, decomposition, definition, demand, design, Design Pattern, development, discipline, distributed orchestration, Domain, domain, Domain Aggregate, Domain Events, Domain Service-Oriented Modelling, DOSOM, DOSOSM, driver, Dynamic Process Edition, EA, EC2, ecosystem, EDA, efficiency, end-to-end, enemy, enterprise, Enterprise, Enterprise Architect, Enterprise Architectural Framework, Enterprise Architecture, enterprise architecture, ERP, ESB, event, Event, execution context, Execution Context, expertise, explicit, failure, fake, feature, Flexibilit, flexibility, FPA, FSM, Full Functional Points, Functional Points, functionality, functionality model, future, Gartner, goal, Governance, governance, granularity, harmonization, Healthcare, how to, IBM, identiy credential, IEEE, IEEE 1471, IFPUG, implementation, implicit, intangible, intangible value, Integration-Oriented Architecture, intent, interface, interface orientation, Inventory, investment, IOA, IT, IT Architect, IT Operation Support, IT organisation, IT without the IT Department, ITIL, Java, Ladder to SOE, leasable Cloud, lease, Loose coupling, Lost in Translation, Malik, management, Management, Manifesto, market, MDA, Michrosoft, Microsoft, Mike Rosen, model, Model-Driven Approach, modelling, Navigating the SOA Standards Landscape Around Architecture, navigation, OASIS, OASIS SOA RA, OASIS SOA RAF, OASIS SOA Reference Architecture Foundation, OASIS SOA RM, ODBC, OMG, ONA, Ontology, OO, Open Group, Oracle, orchestration, organizational change, outsourcing, ownership, participant, pattern, patterns, people, planning, policy, principle, principle of separation of concerns, principles, Principles, priority, Private, Private Cloud, process, Process, process-oriented, process-orineted, process-service, project, Provisioning, Pub/Sub, Public, Public Cloud, Public Cloud Busienss Requirements, QCon, RA, RAF, re-composition, Real World Effect, Real World SOA, redundancy, Referemce Architecture, Reference Architecture, Reference Architecture Foundation for SOA, Reference Model, Registry, rent, rentable Cloud, Repository, reuse, RIA, risk, RM, ROI, RPC, rules engine, RWE, SCA, scalability, Schema, security, semantics, Service, service, Service Autonomy, Service Composability, service contract, Service Contract, service description, Service Description, Service Discoverability, Service Execution Context, service orientation, Service Orientation, Service Oriented Enterprise, Service Relative Autonomy, Service Reusability, service semantic, Service Separation of Concerns, Service State Management, Service Statelessness, service-oriented, service-oriented eco-system, Service-Oriented Enterprise, service-oriented enterprise, service-oriented environment, ServiceContract, seven properties that differentiate emergent architecture from the traditional approach to EA, shared interface, shared library, simple, situational, sizing, SLA, SO, SO environment, SO Principles, SOA, SOA Manifesto, SOA standard, SOA-RAF, SoaML, SOBA, social, social networking, SOE, SOEA, software, solution SOA, SOMA, Spring, stakeholder, standard, Standard, study, subject, Summit, supply, supply chain, support, system, T-SOA, tangible, tangible value, Technical, Technical Architect, Technical Architects, Technical Architecture, technical capabilities, Technical SOA, technology, Technology, tendency, The Open Group, TOGAF, TOGAF 9.0, top-down, transparency, UI, UI Mediator, unstructured, use, Value Chain, Value Network, Value Networks, view, view model, viewpoint, vision, VNA, VPEC-T, WCF/WF, Web, Web 2.0, Web Service, Web Services, WebSphere, WS-CDL, WSDL, ZapFlash, ZapThink,

Monthly Archives

Blogs

ADVERTISEMENT