Cisco Blogs


Cisco Blog > Data Center

Active SLAs – New Approach for Multi-sourcing Governance

Last month, I attended the International Association of Outsourcing Professionals (IAOP) Outourcing World Summit in Phoenix, Arizona. I had the chance to glean fresh insights from industry-leading practitioners and get a global view from sourcing executives.

Though there has been an evolution in the outsourcing industry, one thing has not changed: outsourcing is a winning strategy. In the recent study from IAOP & Information Services Group (ISG) Annual State of the Industry 1 presented at the event, it stated that Multi-sourcing as an outsourcing approach increased by 75% from last year’s percentage”. The predictions for 2015 also show continued growth: “51 percent of respondents in the survey said they expect to pursue more outsourcing opportunities during the year”.2

Multi-sourcing – where a customer uses several service providers to provide a single scope of outsourced services, is now the new norm in outsourcing. In today’s organizations, outsourcing is increasing and each additional outsourcing agreement makes it more difficult to holistically manage IT service & support.

A new way of thinking about SLA’s is required to make multi-sourcing effective

Service-level agreement (SLA) management is the process of negotiating, defining and managing the levels of IT service. SLA management is a key challenge that organizations face as part of outsourcing and it is becoming increasingly difficult with multi-sourcing.

Most organizations invest heavily to define SLAs. If you talk to the service tower owners themselves, fewer than half have know what SLA’s are actually in the contract. They also cannot recall all of the specific details that the increasing numbers of the agreements contain. So, there is a lot of work that goes into developing these structures but there is no framework established on how to govern them in an automated way.

As a result, most SLA management is reactive. Periodic reviews between buyer and vendors are based on summary performance data from the prior period. Data from vendors is typically inconsistent and inaccurate. I was speaking with a sourcing executive at a large financial services company a couple of months ago, and she reported that half of the meeting time spent with vendors on performance was used just to agree on what an accurate view of the data was. This hardly aligns to the dynamic nature of business today.

New Paradigm on Thinking about SLA’s

Imagine the ability to manage SLA’s with each of your providers in real-time with one service integration framework. In a workshop we held in New York with a number of large buyers and providers late last year, they highlighted that this would not only move the service management model from reactive to proactive, but would also enable a more collaborative working model – moving away from the “us vs. them” paradigm. In one multi-sourced organization we’ve implemented this model in, it has completely eliminated after-hours escalation calls and dramatically reduced resolution times. With an active SLA capability you can manage all of the multi-sourcing relationships from one “pane of glass” and get accurate service information in real-time, such as:

  • Overview of all your open cases per provider
  • Cases trending towards SLA violation that you can proactively take action on
  • Actual violations that require immediate attention

To be effective, this solution would need to be very easy to consume, showing only what really matters up front. Front-line managers don’t have time to browse hundreds of tickets when only looking for one affecting the SLA. This all sound promising but is it possible to achieve?

Transforming multi-sourcing with active SLA’s

We are pleased to announce the availability of Active SLA Management in the 7.0 release of Cisco ServiceGrid. With a highly innovative user experiences via a centralized dashboard and reporting capability for the connected multi-sourced ecosystem, you will gain real-time visibility & drill-down functionality for events trending toward or violating SLAs to enable a more proactive, end-to-end vendor management capability.

If you would like to know more, feel free to browse:

 

Join the Conversation:

 

Sources:

  1. Annual State of the Industry Jagdish R. Dalal, IAOP
  2. Outsourcing 2015: Changing in a Good Way – Contributor: ISG Research, February 2015

 

Tags: , , , , , ,

Cisco Releases Tenth Annual CSR Report

I am pleased to announce that Cisco has released its tenth annual Corporate Social Responsibility (CSR) Report. The 2014 Cisco CSR Report outlines our strategy to use our expertise, technology, and partnerships for social, environmental, and business impact.

Each day, people around the world face many challenges: access to quality education, unemployment, poverty, and climate change, to name a few. We’ve learned that when we bring people together, they find innovative solutions to address these problems. And when you add technology to the mix, we can multiply our impact and uncover even greater opportunities.

For example, in France, a team of Cisco Networking Academy students used the connections between people, process, data, and things to create a networked walking stick for the blind. Watch this video to learn more:

Our CSR Report contains many more examples like this, organized according to five pillars:

  1. Governance and Ethics: Promoting responsible business practices at every level—with employees, suppliers, distributors, and partners
  2. Supply Chain: Working closely with our 600 global suppliers to maintain our high standards for ethics, labor rights, health, safety, and the environment
  3. Our People: Attracting, retaining, and developing talented people through an inspiring workplace, engaged management, and flexibility
  4. Society: Combining technology and human creativity to solve social issues and help communities thrive.
  5. Environment: Creating new business value for our customers using sustainable Cisco technologies, products, and solutions

Here are just a few highlights from our 2014 CSR Report:

  • We updated our Human Rights Roadmap to align with the United Nations (UN) Guiding Principles on Business and Human Rights, and we launched an online human rights training program for our employees.
  • 58% of our key suppliers set goals to cut their greenhouse gas emissions — up from 45% in 2013.
  • We ranked number 55 on the Fortune “100 Best Companies to Work For” list.
  • We made $275 million in cash and in-kind contributions to community organizations worldwide; and our employees volunteered 136,000 hours to support organizations in their own communities.
  • Employee-led “Pack It Green” projects saved approximately 888 metric tonne of packaging material and are expected to save over $6 million annually through material and freight cost reductions.
  • 97% of Networking Academy students who participate in a selective internship program with local IT companies in Italy get jobs; the partnership is creating a pipeline of tech talent while combatting a youth unemployment rate over 40%.

Read More »

Tags: , , , , , ,

Securing Cloud Transformation through Cisco Domain Ten Framework v2.0

Businesses of all sizes are looking for Cloud solutions to solve some of their biggest business and technology challenges—reducing costs, creating new levels of efficiency, transform to create agile environment and facilitate innovative business models. Along with the promise of Cloud comes top concern for Security. With rise of applications, transactions and data in the Cloud, business are losing control and have less visibility on who and what is moving in and out of the business boundaries. 

Any  transformation initiative with Cloud, whether a private, hybrid or public, with early focus on security from architecture, governance, risks, threats and compliance perspective can enable the business with a compelling return on investment with a faster time to business value – regardless of geographic, industry vertical, operational diversity or regulatory needs.

Here, I would like to bring to your attention on Cisco Domain Ten framework v2.0 and my blog on What’s New in Cisco Domain Ten Framework 2.0 that is born from Cisco’s hard won experience of deploying both private, hybrid and public Cloud environments, Cisco has developed the Cisco Domain Ten framework and capabilities to help customers accelerate IT transformation.

The Cisco Domain Ten does not prescribe that customers must build each domain into their strategy – rather it provides guidance on what aspects should be considered, what impacts should be identified, and what relationships exist between domains.  Cisco Domain Ten framework 2.0, we can establish the foundation of a true IT transformation and the factors you need to consider for success. Key is to identify, establish and track strategic, operational and technological outcomes for IT transformation initiates. A major thrust of the Cisco Domain Ten is to help customers strategize for transformation vision, standardize their technology components and operational procedures, and automate their management challenges, to deliver on the potential of IT Transformation– covering Internet, Branch, Campus and Data Center environments.

Security consistently tops CIO’s list of cloud concerns. The security domain highlights identification of security and compliance requirements, along with an assessment of current vulnerabilities and deviations from security best practices for multisite, multitenant physical and virtual environments for one’s IT transformation vision.

Security should be a major consideration in any IT transformation strategy. The architecture should be designed and developed with security for applications, network, mobile devices, data, and transactions across on-premise and off-premise solutions. Moreover, security considerations for people, process, tools, and compliance needs should be assessed by experts who understand how to incorporate security and compliance safeguards into complex IT transformation initiatives.

Security is an integral part of the Cisco Domain Ten framework, applies to all ten domains, and provides guidance to customers on all security aspects that they needs. Our Senior Architect from Security Practice – Ahmed Abro articulates well in Figure – 1 Cisco Domain Ten Framework with Security Overlay that there are security considerations for all ten domains for Cloud solutions.

 d10secoverlay

Figure – 1 Cisco Domain Ten with Security Overlay

Now that we understand how Cisco’s Domain Ten Overlay approach that helps one to discuss security for each domain of Cisco Domain Ten Framework, let’s now talk about the how Cisco Domain Ten aligns with Cloud Security Alliance’s (CSA) Cloud Control Matrix to discuss the completeness and depth of the approach.

CSA Cloud Control Matrix Alignment with Cisco Domain Ten

Application & Interface Security

  • D-8 – Application

Audit Assurance & Compliance

  • D-10 – Organization, Governance, processes

Business Continuity Mgmt & Op Resilience

  • D10 – Organization, Governance, processes

Change Control & Configuration Management

  • D10 – Organization, Governance, processes and
  • D-3 – Automation

Data Security & Information Lifecycle Mgmt

  • D-9 – Security and Compliance

Datacenter Security Encryption & Key Management

  • D-9 – Security and Compliance and
  • D-1 – Infrastructure

Governance & Risk Management

  • D10 – Organization, Governance, processes

Human Resources Security

  • D10 – Organization, Governance, processes

Identity & Access Management

  • D-4 – Customer Interface

Infrastructure & Virtualization

  • D-1 – Infrastructure and Environment and
  • D-2 – Abstraction and Virtualization

Interoperability & Portability

  • D-7 – Platform and
  • D-8 – Application

Mobile Security

  • D-8 – Application and
  • D-1 – Infrastructure and Environment

Sec. Incident Mgmt , E-Disc & Cloud Forensics

  • D-9 – Security and Compliance and
  • D10 – Organization, Governance, processes

Supply Chain Mgmt, Transparency & Accountability

  • D10 – Organization, Governance, processes
Threat & Vulnerability Management
  • D-9 – Security and Compliance

 Table – 1 CSA Cloud Control Matrix Alignment

with Cisco Domain Ten Framework

From above table, one can see that Cloud Security Alliance Cloud Control Matrix and Cisco Domain Ten aligns well and it also highlights key facts that many areas such as Mobile security requires one to focus on Application and Infrastructure (network, virtual servers), etc to address security needs. One should also note that Cisco Domain Ten’s focus on Catalog (Domain 5) & Financials (Domain 6) that highlights security specific SLA and assurance discussions for security controls.

Now that that we discussed, Cisco Domain Ten approach for Security, In the next blog, I would try to discuss how Cisco Service’s focus on the strategy, structure, people, process, and system requirements for Security can help business address an increasingly hostile threat environment and help successful migration to Secure Cloud based transformation. We will also discuss current questions in business asks or should ask to understand security and privacy in the vendor’s agreements.

 

Tags: , , , , , , , , , , , , , , , , , , , , , ,

What’s New in Cisco Domain Ten Framework 2.0

 Earlier this week, we announced the Cisco Domain Ten framework 2.0, enhanced by great input from customers, partners, and Cisco’s well-earned experience of strategizing and executing IT transformation.

The enhanced Cisco Domain Ten framework helps customers drive better strategic decisions, providing greater focus on business outcomes, providing deeper analysis of hybrid cloud implications, and extending the framework beyond data center and cloud to include all IT transformation initiatives.

You may have read Stephen Speirs earlier blogs about Cisco Domain Ten for cloud transformation. Today, let’s look at key changes in the Cisco Domain Ten framework 2.0 from the original version. These changes have been adopted to enhance discussions on three themes:

  1. Highlight importance of public clouds as part of IT transformation and solutions using IaaS, PaaS, and SaaS within the data center and across the entire business.
  2. Addition of “Organization” in Domain 10 to bring together the business and technology focus for strategy discussions.
  3. Name changes for some domains to facilitate ease of alignment and discussion on overall IT transformation across multiple architectures and technology solutions such as ITaaS, collaboration, mobility, video, etc. for both enterprise and provider perspectives.

Read More »

Tags: , , , , , , , , , , , , , , , , , , ,

Unleash your Automation for Cloud (Easier than you Think)

In about 2 weeks there will be a great webinar panel discussion on the business and technology architecture concerns in automating your cloud and how to measure the value.   Unleashing automation solutions to do what they do best may make or break a company’s IT strategy over the next few quarters as those cloud journeys begin.

The webinar, IT Automation Unplugged, a panel discussion moderated by Glenn O’Donnell of Forrester will indeed be a cool event to listen in to.  Not only has Glenn followed this space for many years but he also has some really insightful perspectives on the Journey to Cloud.  This webinar has the potential to highlight some really pointed dialog between myself and Brad Adams of rPath, Nand Mulchandani of ScaleXtreme, and Luke Kanies of Puppetlabs.  I bet the sparks might fly as we trade our perspectives on the huge demand for private and public clouds and need for enterprises to show value quickly.

This brings me to a great phrase I heard this week from one of our customers.  It was used in the context of their employees using their company’s private cloud.   It was “High Governance”.  It was seriously lacking in their current solution which highly leveraged their virtualization vendor’s software.  I probed them on what they meant by “High Governance”.  It was mostly around ensuring that individuals that provision services would get  access to only the services, cloud data center locations, and specific providers that they are entitled to.   While this is not a new concept, the element that grabbed my attention was that IT shops have a strong need for different sourcing strategies based upon end user role, organization,  location, and any number of policy settings in their Active Directory or LDAP.

“High Governance” means ensuring that your cloud users get ONLY what they are entitled to in your IT policy.   No more generic UIs for generic users or uber UIs for unknown hypothetical users.  The cloud is now a strongly governed personal experience, what a novel concept.

I wonder what the panel will think about this.  Please attend if you get a chance.

Tags: , , , ,