A paradigm for unified delivery of IT services to the business demand, based on automated, policy-based management, and supported by the unification of heterogeneous multi-cloud multi-hybrid IT environments following a services-based approach.
Businesses need to reinvent themselves continually in the Digital Age. Every business is a Digital Business today, that needs to deliver and improve Digital Services that differentiate it from the competition. This requires an IT that is built to deliver to the business demand in an agile, yet secure and well-controlled manner.
This will work only when reducing the inherent complexity of today’s multi-cloud, multi-hybrid IT, which is here to stay. Part of reducing that complexity is the gradual shift to the cloud, following “cloud-first” strategies. But the recent advent of Edge Computing has demonstrated that parts of IT never will run in the cloud. Beyond that, there is not a single cloud, but many clouds, resulting in a multi-cloud, multi-hybrid IT.
Reduce Complexity by Unification and Automation
The complexity must be reduced by unification, wherever feasible, and by shifting to automated, policy-based management of IT across the “runtime” environments. The starting point is to focus on agile development, delivery, operations, and security of Digital Services, with a clear service focus. Services and the underlying resources are known, as are the users. Focusing on access of everyone (the users) and everything to these services and resources, is best achieved by treating everything as a service, and procuring, delivering, managing, and securing services in a consistent manner across all environments.
Fig. 1: The four main stages of the BASIS approach to plan, build, deliver and run Digital Services in an agile yet secure manner.
BASIS is a concept for delivering IT to meet the demand of the business in an agile, secure way, and with a unified perspective across all IT, be it on-premises, on the edge, or in some cloud. Services are treated in a unified manager, with policy-based automation being applied uniformly across the various environments, and across services.
Plan, Build, Deliver, and Run – The Essence of BASIS
The starting point for BASIS is a plan – build – deliver – run approach. It starts with the business demand and a re-defined IT strategy focused on efficient and agile delivery of IT services to business demands on time, and the IT organization that supports this. For the IT organization, the most important change is that there is no distinction between cloud and on-premises, as it is found in many organizations today, and that the focus is on development, delivery, operations of services, and security.
Build covers both the procurement and development of services, to which deployment model suits best. Cloud first strategies are a recommendation, but the reality is that, e.g., in hospitals or manufacturing, many services will continue to run on-premises. Additionally, software development takes a central role, with software being essential for differentiation of businesses in the Digital Age.
Application Delivery Necessitates Identity Management and Security Measures
These services need to be delivered, requiring the right setup of the infrastructure, e.g., Kubernetes instances in a public cloud or virtual machines in a private cloud environment, requiring delivery of the applications and services themselves, and the setup of adequate Identity Management and Security for all resources that come with these services and that are consumed by these services.
Once deployed, efficient execution of these services is required, from the cloud or the hybrid IT, thus still potentially involving Data Center operations, as Hybrid Cloud Operations from the edge to the public cloud. It requires Application Management and, last but not least, the IAM (Identity & Access Management) and Cybersecurity to operate these Digital Services securely.
Fig. 2: Key technologies involved in BASIS, integrating development, operations, and security by policy-based automation.
Building a BASIS Approach
It is apparent that not all parts of a multi-cloud, multi-hybrid IT environment are alike. Not everything in a multi-cloud, multi-hybrid environment can or should be managed in the same manner, starting with different provider and tenant responsibilities. However, what always is under tenant control, can be treated in a uniform manner, especially when internal IT or MSPs also deliver according to the service paradigm known from the cloud, with clearly defined tenant and provider responsibilities.
The essential building blocks for the BASIS approach on agile, secure IT and Digital Service delivery are:
- Enterprise Service Management for business service requests, managing services across the entire IT, and providing insight into the assets that must be managed and secured.
- DevOps for delivering services following agile software development paradigms, including automated testing and delivery into the operations environment of choice.
- These environments must be managed, across the entire multi-cloud, multi-hybrid IT environment. The depth and breadth of management required differs. In a public cloud, less management is required, but even there, several services must be managed and monitored.
- Policy Management & Enforcement is a central component, as the foundation for automating the management of service delivery.
- Identity & Access Management as well as Cybersecurity are essential for delivering services securely and managing everyone and everything that has access to services and the underlying resources.
All this must be well-integrated, being backed by access to information about the current state of IT across the multi-cloud, multi-hybrid environment.
Fig. 3: The key actions to take in delivering to the BASIS model.
Guiding Principles for BASIS
IT leaders must take various actions in each area to implement the BASIS approach for the agile delivery of IT services in a secure manner:
- Plan: The main focus is to shift IT consequently to a business service delivery organization, driven by business demand. This requires alignment of development, operations across the multi-cloud, multi-hybrid IT environment, Identity & Access Management for the Digital Identities of everything and everyone, and Cybersecurity. Responsibilities as well as interfaces between the various areas must be well-defined.
- Build: These interfaces include, at a technical level, Identity & Security API layers that allow developers to easily and efficiently consume identity and security services for the Digital Services they are creating. It also requires interfaces to all current IT states, across the entire multi-cloud, multi-hybrid IT, as well as to service requests and the state of IT services. Only when the applications, services, identities, and other elements are known and their state is accessible, a unified management can be applied.
- Deliver: Delivery starts with policies that form the foundation for automation. Policies are rather easy to describe. However, with a growing number of policies, support by technology, including AI/ML, will be required for proposing, analyzing and optimizing policies. Policies are best described at generic levels and then – by technology – translated into the concrete policies and measures for the various parts of the IT environment.
- Run: This starts with the enforcement of a consistent service request & delivery process and implementing and enforcing the policy-based automation approach. Last but not least, the identity and security models must be implemented and enforced, for consistent control of all the resources in today’s complex, heterogeneous IT environments.
Guiding principles for BASIS:
- Business requests IT Services, business demanding new or modified IT services, or initiates change
- Unified view on IT Services services as foundation – one IT, across the entire multi-hybrid, multi-cloud environments
- Policy-based automation instead of manual administration or coding
- Development is agile, consuming identity & security services via APIs, returning status/requirements as feedback, and as input to operations
- Automation of identity, security and infrastructure setup & management
Our recommendation is to revisit the IT organization according to BASIS, for delivering Digital Services successfully and at the speed of the business.