How to turn application spaghetti into tasty IT services

Unscramble your systems


The promise of IT service management is to deliver services that make sense to their business users. To do that, though, IT departments must be able to untangle their own internal resources.

IT services must be accessible in one place so that users can find them easily and administrators can manage them. And the back-end applications that support those services must themselves be easy to manage and clearly identifiable.

Sounds simple enough, right? Unfortunately, that is not the situation facing many IT departments today.

Employees can access services via a bewildering array of touchpoints, and admins are grappling with a spaghetti mix of applications at the back end. Both of these layers of complexity makes it difficult to offer the streamlined services that users are looking for.

How did we get here, and how can we change it?

Consolidating front-end services can help an IT department to present a more uniform experience to business users.

Consolidate, consolidate

Service desks are one example. They can develop independently, sprouting up alongside application projects and IT service lines, having been developed by different teams.

The result can be confusing for end-users and create problems at the IT level. The IT department can haemorrhage budgets as service desks have to spend on extra staff to duplicate functions and multiple software licences.

Fragmented service desks can also hamper a department’s ability to deliver quality services for employees, especially when information about services needs to be shared.

It can also be difficult for service desk staff who don’t have a full view of all the back-end IT systems and processes to understand what may be causing a particular problem.

IT departments may find it more appropriate to consolidate service desks, providing a single one-stop shop across different products and service lines, no matter what business function or IT product they are related to.

Technical teams can contribute to a single knowledge base, rather than forcing users into a lucky dip of help areas

Consolidation means technical teams can contribute to a single, searchable knowledge base, rather than forcing users into a lucky dip of help areas, in which service staff may have created different workarounds for the same issues.

Ostensibly, this might seem to be a simple case of exporting service tickets and knowledge base data into a common repository, and then using only as many employees as necessary to staff it. In practice, though, there are more considerations.

Process consolidation is a case in point. Many processes distributed around the different service desks may duplicate each other and be handled differently. This is the time to rationalise them, producing a single, integrated approach.

Many manual processes can be automated to reduce the workload for staff and produce a consistent, error-free experience for end-users. Many of the steps underpinning a service upgrade, for example, can be handled without human intervention.

Integrating the service desk with other IT processes is crucial. IT departments should integrate service desk software with systems handling change and configuration management so that a series of events can be triggered via a command from the service desk agent.

Run book automation (RBA) can be a useful way to condense process consolidation and automation into a single system. IT staff can code service processes directly into workflows in a RBA system.

Zip it

All this consolidation of end-user services will get an IT department only so far, though. It will drive efficiencies for sure, but an IT department will experience problems if it tries to layer a service-based culture on top of a pieced-together set of IT systems.

Just like a zipper, the whole infrastructure hangs together more tightly the more you pull it together.

IT departments grow organically over time. Different teams and political regimes implement different applications, and all too often they don't communicate with each other.

These applications can overlap each other's functions and end up running on different hardware and operating system configurations. This leads to several problems.

The obvious one is cost. Maintaining a broad array of back-end systems without standardisation can be a drain on budget, especially as those systems begin to age and support becomes harder to find.

Staff can find themselves spending more time on massaging legacy software to keep it functional than they do working on IT innovations to make the department more efficient.

Legacy hardware and software also tend to be fairly rigid. Older applications may not be customisable and are unlikely to support modern computing concepts such as mobility, open APIs for data exchange and the like.

Those responsible for developing or configuring them may have long since left, making the legacy systems, and the services they support, difficult to improve.

How can you best consolidate these systems to create a more streamlined set of IT resources to support services for your end-users? We can break it into three broad steps: analysis, retirement and rationalisation.

Portfolio perusal

Start by baselining what you already have. Assess your portfolio to understand which category each piece of software is in – whether it is commercial, off the shelf or custom software.

A critical facet of your back-end software is its business value. Describe what the software does by detailing the business processes it supports. Develop categories under which different applications of similar functionality can be grouped.

What is the return on investment from this software today, and what would it be if it were modernised?

On the flip side, consider the cost of the application as it stands, pre-consolidation. How much does it cost to maintain and operate? What are the licensing fees for the application?

How much could be saved it if was replaced with something new, running on modern operating systems and hardware? How much could it contribute to hardware savings if it was virtualised, and is that possible in its current form?

Does the application as it stands prevent you from enhancing a business process in ways that would tangibly benefit the departments that rely upon that process?

During this phase, you can also examine the risk of consolidating the application. If it forms part of a mission-critical set of resources, then aspects such as the size and complexity of the code may be important.

Quantifying the likelihood of service disruptions and their impact on the business can help you when considering the consolidation of particular software assets.

In or out?

Armed with this information, the IT department can make smarter decisions about which applications to retire and which to keep. This is a good time to explore different application categories.

Will all applications in a particular category be replaced by a single, newer one? Will some applications remain and must they be reconfigured in any way?

At this point, it is also worth considering application integration. Which applications should integrate with each other and how? Is there an opportunity to break down silos and share information to make IT services more effective for end-users?

Then comes the consolidation process. Planners can develop a roadmap for each application in each category, so that implementation teams know what will be affected at various stages of the process.

The end result should be a single service desk that can serve different types of users, both internal and external. It should be able to trigger events across a smaller, streamlined portfolio of applications that have been brought together with business-facing IT services in mind.

It all sounds great in HTML format, but naturally it will be harder to do in practice. This is likely to be one of those IT projects that happens incrementally.

But the more resources can be consolidated, the less burdensome the back-end application architecture will be and the more focused the IT services culture can become. ®


Other stories you might like

  • NASA's InSight doomed as Mars dust coats solar panels
    The little lander that couldn't (any longer)

    The Martian InSight lander will no longer be able to function within months as dust continues to pile up on its solar panels, starving it of energy, NASA reported on Tuesday.

    Launched from Earth in 2018, the six-metre-wide machine's mission was sent to study the Red Planet below its surface. InSight is armed with a range of instruments, including a robotic arm, seismometer, and a soil temperature sensor. Astronomers figured the data would help them understand how the rocky cores of planets in the Solar System formed and evolved over time.

    "InSight has transformed our understanding of the interiors of rocky planets and set the stage for future missions," Lori Glaze, director of NASA's Planetary Science Division, said in a statement. "We can apply what we've learned about Mars' inner structure to Earth, the Moon, Venus, and even rocky planets in other solar systems."

    Continue reading
  • The ‘substantial contributions’ Intel has promised to boost RISC-V adoption
    With the benefit of maybe revitalizing the x86 giant’s foundry business

    Analysis Here's something that would have seemed outlandish only a few years ago: to help fuel Intel's future growth, the x86 giant has vowed to do what it can to make the open-source RISC-V ISA worthy of widespread adoption.

    In a presentation, an Intel representative shared some details of how the chipmaker plans to contribute to RISC-V as part of its bet that the instruction set architecture will fuel growth for its revitalized contract chip manufacturing business.

    While Intel invested in RISC-V chip designer SiFive in 2018, the semiconductor titan's intentions with RISC-V evolved last year when it revealed that the contract manufacturing business key to its comeback, Intel Foundry Services, would be willing to make chips compatible with x86, Arm, and RISC-V ISAs. The chipmaker then announced in February it joined RISC-V International, the ISA's governing body, and launched a $1 billion innovation fund that will support chip designers, including those making RISC-V components.

    Continue reading
  • FBI warns of North Korean cyberspies posing as foreign IT workers
    Looking for tech talent? Kim Jong-un's friendly freelancers, at your service

    Pay close attention to that resume before offering that work contract.

    The FBI, in a joint advisory with the US government Departments of State and Treasury, has warned that North Korea's cyberspies are posing as non-North-Korean IT workers to bag Western jobs to advance Kim Jong-un's nefarious pursuits.

    In guidance [PDF] issued this week, the Feds warned that these techies often use fake IDs and other documents to pose as non-North-Korean nationals to gain freelance employment in North America, Europe, and east Asia. Additionally, North Korean IT workers may accept foreign contracts and then outsource those projects to non-North-Korean folks.

    Continue reading
  • Google opens the pod doors on Bay View campus
    A futuristic design won't make people want to come back – just ask Apple

    After nearly a decade of planning and five years of construction, Google is cutting the ribbon on its Bay View campus, the first that Google itself designed.

    The Bay View campus in Mountain View – slated to open this week – consists of two office buildings (one of which, Charleston East, is still under construction), 20 acres of open space, a 1,000-person event center and 240 short-term accommodations for Google employees. The search giant said the buildings at Bay View total 1.1 million square feet. For reference, that's less than half the size of Apple's spaceship. 

    The roofs on the two main buildings, which look like pavilions roofed in sails, were designed that way for a purpose: They're a network of 90,000 scale-like solar panels nicknamed "dragonscales" for their layout and shimmer. By scaling the tiles, Google said the design minimises damage from wind, rain and snow, and the sloped pavilion-like roof improves solar capture by adding additional curves in the roof. 

    Continue reading
  • Pentester pops open Tesla Model 3 using low-cost Bluetooth module
    Anything that uses proximity-based BLE is vulnerable, claim researchers

    Tesla Model 3 and Y owners, beware: the passive entry feature on your vehicle could potentially be hoodwinked by a relay attack, leading to the theft of the flash motor.

    Discovered and demonstrated by researchers at NCC Group, the technique involves relaying the Bluetooth Low Energy (BLE) signals from a smartphone that has been paired with a Tesla back to the vehicle. Far from simply unlocking the door, this hack lets a miscreant start the car and drive away, too.

    Essentially, what happens is this: the paired smartphone should be physically close by the Tesla to unlock it. NCC's technique involves one gadget near the paired phone, and another gadget near the car. The phone-side gadget relays signals from the phone to the car-side gadget, which forwards them to the vehicle to unlock and start it. This shouldn't normally happen because the phone and car are so far apart. The car has a defense mechanism – based on measuring transmission latency to detect that a paired device is too far away – that ideally prevents relayed signals from working, though this can be defeated by simply cutting the latency of the relay process.

    Continue reading
  • Google assuring open-source code to secure software supply chains
    Java and Python packages are the first on the list

    Google has a plan — and a new product plus a partnership with developer-focused security shop Snyk — that attempts to make it easier for enterprises to secure their open source software dependencies.

    The new service, announced today at the Google Cloud Security Summit, is called Assured Open Source Software. We're told it will initially focus on some Java and Python packages that Google's own developers prioritize in their workflows. 

    These two programming languages have "particularly high-risk profiles," Google Cloud Cloud VP and GM Sunil Potti said in response to The Register's questions. "Remember Log4j?" Yes, quite vividly.

    Continue reading
  • Rocket Lab is taking NASA's CAPSTONE to the Moon
    Mission to lunar orbit is further than any Photon satellite bus has gone before

    Rocket Lab has taken delivery of NASA's CAPSTONE spacecraft at its New Zealand launch pad ahead of a mission to the Moon.

    It's been quite a journey for CAPSTONE [Cislunar Autonomous Positioning System Technology Operations and Navigation Experiment], which was originally supposed to launch from Rocket Lab's US launchpad at Wallops Island in Virginia.

    The pad, Launch Complex 2, has been completed for a while now. However, delays in certifying Rocket Lab's Autonomous Flight Termination System (AFTS) pushed the move to Launch Complex 1 in Mahia, New Zealand.

    Continue reading
  • Alibaba Cloud adds third datacenter in Germany
    More Euro-presence than any other Chinese company, but still nowhere near Google or AWS

    Alibaba has pulled ahead of its Chinese rivals in Europe with the opening of a third datacenter in Germany.

    The company said the Frankfurt datacenter serves cloud computing products to Europe and "adheres to the highest security standards and the strict compliance regulations set out in the Cloud Computing Compliance Controls Catalog (C5) in Germany."

    The addition brings Alibaba Cloud to a network of 84 availability zones in 27 regions worldwide. The company's first European cloud center arrived in Frankfurt in 2016.

    Continue reading

Biting the hand that feeds IT © 1998–2022