OK, it was innevitable. We just got asked “what’s a TLA”
In short, it stands for Two Letter Acronym or Three Letter Acronym.
In long, it stands for IBM, HP, BMC, CA, EMC, and any other megalith company in the IT service management arena.
In verbose, it means those companies who are sucking the life out of our IT budgets.
How often do you go into a meeting with high levels of endorphins driving a feeling of intense satisfaction because you know that what you are about to be told will be groundbreaking, a revolution, and you’re going to want to spread the new gospel because it just sounds so right!
Not often huh?
Same here. But, that being said, that’s how I and my team entered a briefing from a major TLA recently.
Only to be totally and utterly disappointed with their extreme lack of vision, clear mis-understanding of the true issues affecting the operations of Incident Management today, and shock at how blind they were to our perspectives.
We’ve all had vendors telling us about their ability to Predict that an Incident is going to occur a given time before that incident occurs right?
Netuitive, Integrien (before they were swallowed by EMC/VMware and, BMC with ProactiveNet have been selling us on this schpeel for years.
The notion goes:
1. I analyse your historic performance trends across a large number of attributes
2. I use big data analytics techniques (multi-variate correlation seems to get bandied around a lot) to correlate coincident adverse performance spikes or “Anomalies” and the trend leading to them to create a model of the good and the adverse behavior of the infrastructure
3. I use that “Model” applied against real time performance trend data and when I see the conditions which look like they will lead to an Anomaly pattern, I generate a Predictive Event telling me that i’m about to have an Incident.
4. The Predictive Event should give me time to take remedial action prior to the forecasted incident, ensuring that the incident does not manifest.
But as those of us who have spent money on this kind of software, and then the time, and more time, and more time (…) to train, re-train, guide, edit, assist etc. the model know, it doesn’t work.
What is it really telling us? IF (and the if is BIG), it does actually produce a non-phantom early warning, all it’s really saying is that we have a performance or capacity issue on the way (most of these vendors say “at least 20 minutes” early warning – yeah right!). Even with an early warning of a performance or capacity issue, our processes don’t enable us to react in that time.
But that’s not the key issue. More importantly, that early warning does not indicate any cause to the performance or capacity issue, only that there may or might be one. We’re still in the dark as where to look or what to do.
So what does it really do? Simply tells us, IF it works, that our customers are going to suffer a possible usability issue. Hah! So now, when they call, we can say, “yes, we know, awful isn’t it!”.
But I keep using the “Big IF”.
Does it work?
Well, here’s the rub. When does a historic performance trend actually offer any indication as to the likely future performance trend? We’re in the financial services community and I can tell you, our systems and behavior are changing all the time. So we cannot reliably say that the behavior we saw last week will be the same this week.
Not only that, but the fact that network capacity and CPU peaks correlated last week were coincident with an Incident does not mean that they will be the same this week. Ben Bernanke gave a speech last week and at the moment, we’re not able to factor that in!!!
The fact is, these tools do not have any understanding of real fault conditions because they do not work with fault data.
The algorithm these tools use (ask Netuitive) have their roots in Seismic Survey data analysis. The first generation use case for Big Data analytics and where it all started.
The idea goes that when you set off an explosive charge at the top of a rock formation, each of the layers will return a different ‘performance signal’. Correlating certain performance signals together allows you to look for certain patterns (what I referred to as an Anomaly above). In the case of seismic analysis, a certain pattern will correspond to what we already know is the pattern for a hydrocarbon deposit…so we drill there to see if its true.
Now, I may be simple and not have a degree. After all, I came from punch-card entry, but, rock formations do not change in millions of years and the pattern of the hydrocarbon deposit therefore will not have changed in that time, so looking to correlate that pattern is really a numbers and coverage game – how much land area can I test?
However, our IT infrastructures can change monthly (or in some of our cases, weekly), and the load characteristics can change daily when you have a business like ours.
My point? There is never a consistent “Truth” Anomaly pattern to look for. The Anomaly patterns must be constantly changing. How can their model ever be useful, accurate or right?
So, vendor TLA came in. They didn’t talk Seismic, they talked “Facial Recognition”. They talked about how faces change, men grow beards, their hair recedes. Women (few grow moustaches) change their hair, make-up, etc. Their algorithms still work.
We were all taken in. Then some bright spark in the room said “but actually, although the adornment of a face changes, the key features and positions of the eyes, nose, ears, and mouth do not change and that’s how forensic scientists are able to scaffold skeletons to recreate life-like realistic faces, and that’s how facial recognition software works. The algorithms are the same as seismic pattern detection algorithms.
Then another bright spark asked “what about fault events”? Well that just about threw them.
We walked out of the room massively disappointed. After all, we are all to wall with their stuff. Disapointed in that they have no new thinking. They’ve simply followed, ten years late, where Netuitive, BMC ProactiveNet and Integrien have already trodden and we are not taken in.
The audacity of it all though is that none of them seem to get the real problem of Incident Management. WE WANT TO KNOW WHEN OUR CUSTOMERS ARE IMPACTED SO THAT WE CAN TALK TO THEM AND MAKE THEM FEEL GOOD ABOUT US!!!
Give us working BSM please. Stop trying to give us prediction when we really don’t have the processes to react in time and the prediction doesn’t show us what the cause is!
Oh it is so good to vent.
We’ve just added further debate over at ITSkeptic which will of course cause further steam to be expelled (http://www.itskeptic.org/organisations-have-failed-their-it-bad-parents#comment-9213)
But this article over at Forbes rather brings home to roost our point of view:
With specific reference to this paragraph in the article:
“Part of that new mission means figuring out what it means to be an IT department at a time of DIY technology, when everyone and anyone can purchase and use their own devices or online services.”
We have made this comment over at the ITSkeptic:
There is no point moaning or taking a shot at the business for making use of readily available technology. Afterall, we in IT within the firewall are simply a provider of service which sustains our business, just like outsourcers and providers of cloud facilities.
The fact that Cloud is unmanaged or outsourcers charge for every change or that we appear to lack cost efficiency to our customers in the business is our problem.
We in IT Service Management and IT Operations need to grow up. We should be offering fit for purpose solutions to our customers, then we would not risk being outsourced or, compete with the Cloud.
If the business needs a new service rapidly, and are prepared to do without end-to-end management security, then we should be capable of offering that to them instead of them going to the Cloud.
We should not bemoan the fact that our customer is always asking for more, we should recognise that this is the nature of business today. Remain competitive or die. Die means eithe the company fails or the company goes around us. Either way we lose our jobs.
It is we in IT who need to grow up.
Our business should not be expected go govern IT. If we employ someone to do a job, we do not then expect to have to micro-manage them over their shoulders to make sure they are doing their job properly. We have employed them because they are capable of doing that job.
We do however have a responsibility to inform the employee that we have changed our strategy for which they “may” need to change what they do.
Conversely, the employee we have hired has a responsibility to make sure that they are in tune with what we’re doing.
Simple example: We employ a gardener to mow the lawn and tend my existing flower garden. We then decide that we want to transform a section of the lawn into a vegetable patch.
We would approach our gardener and present our plan. We would expect our gardener to tell us that they could do the work and let us know if there is any additional cost (investment) and resources required (from additional FTE hours to seeds). If they were incapable of performing the work themselves (lack of expertise) we would also expect them to tell us that they needed to hire specialist FTEs to delivery the work to plan.
We see IT as no different to the above. You say “Failure to govern IT. It is like a wayward unsupervised teenager.”
IT is not run by junior people. IT needs to take responsibility as a service provider and effectively maintain its provisions to the business requirements, especially when they require rapid change.
You say: Failure to take responsibility for activities that aren’t IT’s job.
We say, we do not know about Gardening. We employ the gardener to know about gardening. If we want certain quantities of vegetables, we are not equipped to write the design, change, release and project plan for how to garden to that requirement.
We give the gardener our requirement and the gardener should design his plan. Clearly if we do not tell the gardener that we need the Potatoes in the Northern Hemisphere in January, then producing potatoes under Glass with Heaters will not be in his plan. So that is our bad. However collaborative discussion with an expert in their field (a gardener would know that some people like veg throughout the year) should elicit that information.
One doesn’t simply dump a requirement over the fence and then expect it to be delivered. We’re all mature folk, surely we should receive a requirement and then brainstorm that we have understood the requirements correctly (Oh, you want it by Friday and you have colorblind users, need double-byte , and need multiple timezone support!).
Get a grip. We bring you back to our original point: IT is/are not children. IT is a professional service provider. IT should act like a professional service provider.
When you talk about a “Failure to Respect IT”, listen to yourself a moment…do you respect anyone who doesn’t listen to you or argues against you and your requirements when you are the person with the money?
Think of a car salesman – you are going to buy a car and you want the car tomorrow. You agree a spec with the salesman but the salesman then tells you that you can’t have the new car today because the car takes 3 months to deliver. Now, you want the car tomorrow because your old car has died, but the salesman has not asked you why you want the car tomorrow. Whether he asked you why you want the car tomorrow or not, if you say you want the car tomorrow, he should be saying “3 months to order to your specific spec or I can give you this similar car off the Lot today. It doesn’t have the spec you want or the warranty or whatever…but you can have it today, your choice”
And that is the point with delivering IT services. The customer asks for a service. They will have a reason for needing that service. It is our role to do what we can to facilitate that service, not be a problem.
We lose the respect of our business quite rightly when we do not react to their requests or, worse, put up roadblocks as to why we cannot do what they want, when they can walk into any consumer store and get for their own personal use exactly what we tell them we cannot deliver.
You say “Non-IT people can never expect to understand the complexities of enterprise IT”. YES!!! That’s why they employ us. To know how to garden for them so they don’t have to. We are “the Fixers”.
To our original perspective on IT and ITIL, ITIL assumes that people do not know what they are doing. People, we in IT should know what we are doing.
When one is employed, one is employed because (a) one is allegedly capable of executing the role we have been employed for and (b) one will be a responsible corporate citizen, acting on the best interests of and additive to the business.
We are not employed as controlled drones, we are employed as human expertise. ITIL creates and demands drones. Drones cannot react to change, they need controllers who program them for the change.
Layers of mediocre management in IT hiding behind their ITIL maturity is the problem, and has led to the lack of value from our management tools and the outsourcing of our resources and the move of the business to adopt the relative freedom of cloud to support the continued innovation of the business.
The Business is not the problem, We in IT are the problem. We are our worst enemy, not because we are teenagers but because we act like teenagers.
We hope this engages debate with you. Tell us how ITIL and Governance and the over Procification of IT helps businesses? Tell us how it encourages entrepreneurialism and creativity in IT people to go that extra mile for the business that feeds them and their families?
Tell us how ITIL is part of the solution and not part of the problem.
We spent an enjoyable evening (if you enjoy pulling the fingernails from consultants!) at our local bar last night.
It’s convenient, close to the office, cheap (so full of the kind of clientelle who turn the other way when the pliers come out) and has a back door exit with no cameras so that when the paramedics and law enforcement are eventually called, ones compatriots and oneself can slip away before the music starts. (Apparently fingernails do grow back!).
Anyway, to the point of this post…we have a consortium of vagrants on site currently implementing a proof of concept for an asset discovery, CMDB and BSM “service”. I’m sure you can work out the types: pin stripes from ACME Consultants and TwoOrThreeLetterAcronym Vendor who appear irregularly and talk to our management and tell them how nice their new clothes are looking, and then the boiler suited, green behind the ears, newly College Badged workers (interspersed with some nice folks from a sub-Continent).
Well, our senior management have signed up to this very cool deal…let Vendor/Consulting Consortium demonstrate their wares. On our dime and our time. (Yes, our dime…we are paying for the software and the proof of concept).
Now, guess what the bright sparks of our Senior IT Management have set as the “acceptance” and “success” criteria which “automatically” triggers the “full deployment”? Now, if you think there is any acceptance criteria, or ROI, or value proposition, then you are thinking way way way harder than anyone in our Senior IT Management. There is no value proposition to prove, no ROI, no nothing. They are just “implementing” it!
Now, when we read things like this http://www.itskeptic.org/organisations-have-failed-their-it-bad-parents#comment-9190 then you begin to realise why ITIL consultants love senior IT managers – because they have the run of them.
Anyway, we digress.
There we were into the 6 beer (each) which our “guests” were buying for us (to befriend the natives), and which they will then subsequently charge back to our company (with margin!), which will come off our company IT Budget and bottom line reduce our meager end of year bonus as mere IT people. We began to ask the interesting questions (we’d gone past “do you come here often”, “where are you from”, “do you like our local sausages” and had begun to run out of civil conversation) about the project.
We asked a very naiive question: Which other companies have you delivered this solution to? (lots of looking at each other and general blankness. Seems they have done bits but not all before).
So we asked another question: How long will it take to implement in a multi-national the size of ours? (hmmm, this is now getting scary – they could not answer that).
OK, the innevitable: What kind of return on investment will we realise? (well that just about blew their own fingernails off. Apparently ROIs are not measured…)
Folks – we are a multinational corporation. We are being sold on the promise of the fully integrated automatic asset discovery, CMDB maintenance and BSM solution.
Each of us involved in this collective have been in IT for more than 15 years and have not seen a working CMDB / BSM implementation in that time.
ITSkeptic (how can he be an IT Skeptic, it pays his wages!!!) says we’re negative because we dis his process mandates. He delivers a paper saying IT people are the problem. The problem is non-IT people in senior IT management roles, over their heads, promising the earth without consultation with the experts, leading to the experts being sidelined.
The sidelining of the experts leads to IT Management engaging the employment of consultants who are straight out of college, who do not have to take on the responsibility of the actual day to day work running the (so called) solutions they are promoting.
Now tell us ITIL folks, if rigid processes, scaffolded in place by ineffective and maintenance heavy technology are our future, how are we to react to the very real demands of our customers.
Who are we to tell them that they cannot adapt their business in time with their market demand. We are their servants.
ITSkeptic has it all wrong. IT people are not the problem. We are servants and simply want to do the right thing for our customers. It’s the privilege of working with your ITIL governance that causes us to be incapable of serving our masters.
Get the accountants and vultures out of IT and we’ll be able to start supporting our customers effectively again.
The ITSkeptic and his “Sensationalism” is Anti-IT workers
We thank you for telling us we are immature and like Children.
Oh we wait for your ITIL inspired guidance. Show us how to put lipstick on a pig to make ourselves look perfect with our stratospheric level of ITIL Maturity, enabling us to point our fingers at the mere plebeian users and customers.
Then, when we’re done as you advocate, watch us get outsourced or bypassed as our customers finally see right through us, having followed the course you mandated for us.
IT people, don’t adapt, don’t change, stick to rigid ITIL inspired processes and procedures which must be right because IBM, HP, BMC, CA, Accenture, Capgemini, PinkElephant (in the room!)…and all the other rag bag of consultancies who never actually manage IT but feel righteous enough to tell us how we should be doing it (or our mediocre management who have never managed an IT network, server or application in their lives – great Degree in Procurement or Accounting though!) who accept all that the external consultant (carrying a bag of worthless tools) has to offer.
Don’t you love the way the ITIL industry has it all, Consulting, Tools and finally, the kicker End Game, Outsourcing…Inbreds.
ITSkeptic, your name says it all: you are a sceptic about Information Technology. You are so wrong. You should be sceptical about the sham and shameful industry that has grown up around an original set of process guidelines for managing Government Mainframes. The Words Government, Managing and Mainframe should ring all the warning bells. When has a government been able to afford quality people? Never. So, keep it simple stupid principles rein. The operative word should be “Guidelines”.
Until vendors start producing fit for purpose IT Service Management tools. Tools that support us rather than becoming an industry in a box or back door for consultants, we in the IT industry will not be able to truly manage our infrastructure or our customers service demands.
So, in short, we at ITILosaurus advocate embracing a little anarchy. Let’s drop the process and change walls and allow our customers (internal in the Enterprise I am talking about) to propose new approaches, and let’s take on those approaches, delivering a “best attempt” level of service. Let’s get rid of our customer help desks and use social chat networks to interface directly with our customers. We will make our customers happy because we will be instantly reactive to their Change requirements, and if there are problems, we’ll be reactive to their calls (just like those web sites which offer you the opportunity to chat with a representative). In fact, thinking about it, let’s invest in chatbots to handle the first level for us.
Good bye ITIL, Hello Customer Satisfaction!!! Good bye Consultants and Outsourcers and Not Fit For Purpose Software Vendors, Hello Modern Infrastructure Services and On Demand Cloud Services.
We just made this comment at the ITSkeptic, where there is another interesting thread covering “Transformational Technologies”
They come from the usual ITIL perspective of “You Need Us”. Our view (as you will read below) is that ITIL procrastinators are more interested in ITIL compliance (an oxymoron if ever there was one) than doing the right thing for the business.
“the fact that some users now talk to each other on a forum to get mis-information instead of getting it from some underpaid hack on the service desk”
Shame! There is a really good and vibrant source of knowledge on the Internet regarding the resolution of the specific problems that may have impacted normal operations.
The beauty of the Internet “crowd” resource as opposed to our “Helpdesk” is that the crowd resource are technologically skilled enthusiasts who have taken the time out of their very busy day jobs to share some knowledge and insight with their community. To denigrate this resource is shameful.
“Another issue is that cloud services and virtualisation are transforming how we manage IT infrastructure…Most of them are hopelessly underskilled for this. We have a people problem in IT ops.”
Damn right. And the Sad thing about this is that it is ITIL the Root-Cause which has led us into this situation.
ITIL exists purely to enable people wholly unqualified and lacking core skills in Information Technology to oversee IT Management practice. (In other-words, letting the mediocre out of their cage. And what happens when you let the mediocre out of their cage? They bring in other mediocre resources so that their authority cannot be challenged, they purge the knowledgeable who can see that the emperor is not wearing any clothes, and they create pin badges [Maturity etcetera] that proclaim their relative merit and position in the land of the blind).
Now, calling the Cloud transformational is a little bit of a stretch from where we sit. The Cloud is simply Outsourcing with no Service Level commitments, measurements and no fault or performance management information.
What is transformational (as you point out) is the use of the Cloud by lines of business and departments who have a business need to be agile and react to the markets they trade in, having to deal with either restrictive “just say no” ITIL practices, or outsourced service providers who require a 6 month service definition and contract negotiation before provisioning of the new service can even begin!
The Cloud puts the power over IT back into the hands of the business and away from the protectionists. Has any one noticed that IT departments (including outsourcers) that pray to the God of ITIL have become the modern equivalent of the Print Workers, Miners and the other closed shop, core trades that stymied innovation? It’s time for us to fight back against these commercially limiting practices.
Just like those Dinosaurs, the bi-product of empowering protectionist practices is that they fail to reward innovation, change and difference. Standardization kills progress and stifles the ability to capitalize business opportunity and competitive advantage.
James Finister made some great points (below) and here is our perspective on those great points:
– Does ITIL process definition only become universally valid at a level of abstraction that is of little practical use?
We give an emphatic “Yes!!!”. ITIL process should give guidance – afterall, specific processes will be different in every case, and procedures will be fundamentally different. Frankly we’ve always been concerned with the fact that ITIL ignores procedure totally. If it offered guidance at the procedural level, with best practices that could be shared between organizations when dealing with specific types of equipment or scenarios, then that would be useful.
– Do the ITIL process definitions provide us with guidance that can be applied across a very complex multi channel supply/value network
No, of course not. The Dinosaur really has not woken up yet. If it had, it would have guidance for how to work with managed and unmanaged Outsourcing (oops, we mean “Cloud”).
– Is the ITIL process ontology actually right? Has Incident Management: The Process always been a red herring?
Well, when you look at it, the only important process is Incident Management, because it is the only process that can offer meaningful measurement and “operations staff” performance profiling.
– Does ITIL try and give closed world answers to open world questions? (Thanks to Charlie Betz for that one)
ITIL gives NO answers at all. It was originally a set of guidelines defined so that non-IT literate UK Government resources could understand what is required in the management of their IT Infrastructures to ensure that their squeaky bottoms were not exposed.
ITIL has always been about cover my a&$s and not about effective management. What’s insidious is how the vendor community has used ITIL as a method to generate ever increasing revenues without introducing effective new technology, and has used the increases in the costs of managing IT as a business case for Accountants to be hoodwinked into IT Service Management Outsourcing contracts which are detrimental to all stakeholders involved.
– Does ITIL presume, in reality, that 99% of the process lies within the direct control of the internal IT department?
Clearly it has to. Afterall, ITIL is only concerned with the management of IT and not the management of the business.
Wake up people. Our specialists are being de-sexed, our jobs are being degraded and our businesses are rendered unable to react to their market opportunities by an ITIL culture, fighting to protect itself from exposure by not reacting to business demand and not embracing on-demand IT capacity, thereby pushing the excluded together.
(You’ll notice though that the sneaky TLA [two- and three- letter acronym] companies are waking up to the gulf between the business and the ITIL run IT department as an opportunity to market “Managed Cloud” to the business through the IT department…slap me…isn’t that Outsourcing with a different name?).
Interestingly though, a number of our ITILosaurus collective members have discussed that their companies are now building their own internal Clouds, where they can turn on capacity on demand. They report though that there is a gap in Incident and Configuration Management technology able to offer effective fault isolation and ‘rolled up’ service configuration management.
Isn’t it funny how we don’t talk any more.
Having discussed this with others in the collective, we share this recurring issue, so i’m sure this could be the status quo.
The people doing our event management have no relationship with our applications owners or our end-users. We’ve outsourced our event management. They receive our events (network, systems, applications, storage, databases, you name it) and they are then supposed to tell us when there is an event we need to go work on by creating a trouble ticket.
Yes, like all the other Collective members, we have significant rules and filtering in our event correlation platform.
Even so, how do these people know what is important to us. I raise this because I am seeing a significant increase in triage tickets being escalated to my people. It is frustrating because it is impacting my teams ability to improve services. They are mired in incidents which most of the time are not real, just symptoms of other underlying issues, but our fantastic fault producing agents are eroneously blaming us.
How can we better inform our Event Watchers when to raise tickets for us and when not to?