What Transitioning to the Cloud Means for IT Organisational Structures

I’ve produced this post as response to one in the Microsoft Tech Community titled “What Transitioning to the Cloud Means for IT Organizational Structures (And why you should pay attention)”. It’s worth looking at the Tech Community post and adding your contributions. I agree with the themes of decentralisation, customer centricity and the need for a strategic steering arm described in the post. My response is more around the overall experience and observations.

Observations of a Civil Engineer

In a prior post, “It’s not an Oscar but…” I describe how I made the relatively late career transition to IT.  With hindsight, I believe that I joined IT at a significant point in the transformation of the industry. 4 or so years ago, the “cloud” was a relatively immature proposition (some may say it still is). Services like Office 365, G Suite, and AWS where starting to gain traction with early adopters. Products like Slack and Workplace by Facebook where still twinkles in the eyes of their developers. At the time the talk was of how the cloud would be transformational but it lacked real use cases or substance. Fast forward 1-year: the use cases started to emerge and as growth in the cloud really started to pick up (as an aside check out this SlideShare for an insight in how the numbers changed). Soon after more conservative organisations started making and executing plans to “get to the cloud”. Returning to the present day and the cloud is well established and the numbers tell a compelling story.

There is now an almost relentless push towards the cloud. Vendors are describing themselves as “mobile first, cloud first” and their on-premises applications as “legacy”. As a relative newcomer to the industry I can see the challenges this presents and in particular in the organisational structures of IT services. IT is a relatively immature industry – it’s only been about 75 years since the first commercial computer was developed. Its immaturity is compounded as the rate of change and demands placed upon it can only be measured with exponential curves or theory’s like Moore’s law. With exponential growth, there is limited opportunity to pause, reflect and mature. Exponential growth promotes a reactionary mindset.

Reactionary environments are difficult for organisations to sustain (IT is not an emergency service!). IT’s struggles with this can be seen in the waves of offshoring, outsourcing, nearshoring, and insourcing undertaken by many organisations was well as the constant flux and application of new process models. A move to the cloud creates a new sourcing model which resembles a mash up of offshoring, outsourcing, nearshoring, insourcing and traditional. The model is heavily influenced by new requirements that have emerged specifically in reaction to the cloud e.g. data residency, sovereignty, and privacy. The mashup presents a fresh challenge to the IT organisation and the process models they operate. However, this challenge need not be hard if the IT organisation looks beyond its industry and peer groups for answers.

An IT organisations move to the cloud should be easy, liberating and empowering. From a civil engineering perspective, it is like building a skyscraper but you only need to worry about the planning and transportation to it. It is the cloud service provider who provides a turnkey service, sinking its foundations, building the skyscraper, installing, and maintaining its services, and extending it when you run out of room. Your staff become customers and consumers who occupy and work in it. Once built the IT organisations responsibilities shift to efficiently and securely transporting their customers to the building, empowering them so they can operate the lifts, know what is available on each floor and how to use what they find. When constructing the skyscraper, the cloud service provider would have installed flexible floor layouts and from time to time they’ll rearrange them, introduce a new bits of furniture or even take them out of use. The IT organisations role is to be aware of these changes and communicate them to their customers.

The transition to the cloud requires a change in mindset and organisational structure. The cloud opens doors to a building full of ever changing possibilities. The IT organisation is no longer in complete control and needs to trust others when it comes to security and availability. Change occurs on a schedule defined by the cloud service provider. The IT organisation takes on the role of Foreman training staff under their supervision, ensuring the appropriate use of equipment, communicating, changing schedules based on availability and maintaining safety and access to the worksite. As Foreman, they will also develop, evaluate and support plans for each item of work to be carried out by their staff.

Sticking with the engineering analogy, in the construction industry we have procurement and delivery mechanism called DBFO. It stands for Design, Build, Finance and Operate. Naturally there are variations on the theme and DevOps can be seen as one of those variations. I think the modes that DBFO represent are really useful as a frame for the organisational structure to provided by IT when it comes to transitioning to the cloud.

Design

In the skyscraper analogy, design is about planning and transportation.

When making the move to the cloud the design team will be focussed upon unpicking the legacy e.g. hub and spoke network models, on premises servers and services and migrating key infrastructure like Active Directory to the cloud. This does not need an IT organisation to change as they normally have people in place to maintain those services. They do need some education and support around security, comparable cloud workloads etc. and that is where a cloud partner can help. Like any good mechanic as they know how the service works they should be able to take it apart and reassemble elsewhere.

Thereafter design for the cloud is all about enablement, user experience and usability. It’s about enabling your staff unfettered access from anywhere, at anytime, on any device. User experience and usability is not about the cloud services themselves as the cloud service provider will have that covered. It is about how your customers interact with the services in the context of your organisation, apply organisation specific use cases and as well as the “what to use and when” whilst satisfying the “what’s in it for me”.

With perhaps the exception of the infrastructure needed to connect to the internet it is not about physical hardware. It is about knowing how and when to use, say, a virtual machine, Docker container or blob storage. Design is focused upon providing on-ramps to cloud services, security, data models and configurable solutions that can be handed to customers. Designs need to be applied in a more holistic way as every organisation is becoming a digital organisation where their knowledge, content and networks are their unique selling point.

In order to support the production of designs and react to changes the IT organisation needs to take a new approach to servicing design and in doing so look to change its mindset. A mindset of “that’s how we’ve always done it” will become a barrier as the solutions and services offered by the cloud are in a constant state of flux. Designers need to be holistic, open-minded and up to date. Their designs need to be lighter, faster to implement and ideally based around configuration rather than bespoke code. Given the pace of change IT projects cannot afford to run for many months or worse still a year or more as solutions designed now and implemented next year may find that the code has changed or worse still deprecated for the latest shiny new toy. The shiny new toy will become the designers friend and enemy… Finally designs need to be integrated holistically so that the user experience and usability of the entire set of IT services is coherent, frictionless, and accessible.

Build

It is the cloud service provider who actually builds and provides the services for you to consume. Therefore, in the move to the cloud, the focus of building shifts away from hardware and services to consistency, configuration, and applications. Crucially cloud services are designed to shift the focus away from IT and empower the end user to build through configuration and no-code solutions. Building is also about allowing staff to exploit knowledge, content, and networks to increase their speed to market, ability to deliver and innovate at their pace.

Empowering staff to undertake their own builds requires empowerment, not just through permissions but knowledge. This requires the IT organisation to change its approach to permissions, trust, and knowledge sharing. It also means that they need methods to ensure consistency in configuration and the ability to industrialise a configured solution so it can be deployed many times e.g. as a containerised app in Azure or a site template in SharePoint.

I find the skyscraper analogy useful as it highlights the role of IT organisation to transport their customers to the building. An example of transportation is that customers should not need to know how to set up the Engineering Simulation service in Azure. I believe it is the role of the IT organisation to have the set up ready (a clear path to the service, firewall exceptions etc. in place) and waiting so that all the customer has to do is add their content.

Finally, by empowering through configuration and transportation routes requires the IT organisation to take more of a continuous delivery approach. This changes roles in an IT organisation as staff become more customer facing and responsible for the design, build and operation.

Finance

Finance is an area that is already changing in IT organisations through a shift from perpetual licenses to subscription models. A transition to the cloud introduces another set of subscriptions to manage as well as on demand charging and app stores. On demand charging is likely to be an area that is new to the IT organisation and one that they may be uncomfortable with. The discomfort arises as to the predictability and scale of the likely charges. Hard work then follows in the process to recover the costs from the appropriate internal cost centre.

In making the transition to the cloud an IT organisation can expect the teams responsible for Software Asset Management (SAM) and Governance to grow as their scope increases. A move to a cloud service like Office 365 can introduce a dozen or more licenses to manage. Services like Azure and it’s ability to support applications in virtualised environments will challenge the SAM team in areas like knowing what software has been used, whether it is permissible to run the application in a virtualised environment, how to provision a packaged application into a virtual environment etc.

The availability of apps through an app store stoked by the familiarity of customers with consumer app stores increases the scope and demands upon the IT organisation. App stores empower and encourage devolved purchasing. However, customers are unlikely to check the terms and conditions of the app or calculate the financial impact, you can imagine the conversation “But it was only £9 to install”, “But that’s £9 per person per month and you’ve opened it up to 1000 people”. IT organisations need to be wise to this and scale their SAM, Governance, and Finance teams accordingly with staff who are comfortable face-to-face contact and with backup from their legal or purchasing experts (to wade through items like Terms and Conditions).

Operate

My observation is that IT used to be good at operations and in particular keeping the lights on. It’s a mode that IT have successfully delivered since the first machines. However, the move to the cloud has instigated a change in the operational model and mind set. The result is that career IT Pro’s are struggling to catch up or adjust.

The struggle arises through the change in expectations set by the cloud. Moving to the cloud opens possibilities of services on any device, anytime, anywhere. That shifts operational support to helping users with their own devices, safeguarding and securing data across an infinite range of devices, reacting to tickets outside of office hours etc.

Our personal consumption of high availability services like Facebook and Twitter has raised our expectations of operational performance when we are at work. Our customers want internet connectivity that matches or betters what they can get at home or on a 4G device. This places an operational strain as corporate networks are typically hub and spoke with internet breakouts located at the hub. The hub and spoke model worked well a couple of years ago, when the majority of traffic would remain within the organisation. With the shift to the cloud we are seeing total inversions of traffic flow with the majority of traffic now needing to leave the confines of the wide area network. We are also seeing increased volumes of data being transferred as the digital organisation emerges. This increases the operational pressure at pinch points like Datacentre breakouts and firewalls. In turn this places pressure on IT to change the topology, which is easier typed than done! Our consumer based expectation is that this is a quick process. Anyone in IT who has had to unpick a network, convert it to using local internet breakouts and right sizing those connections knows that it is not an overnight task. The delay merely ramps the pressure up on the operational team.

Once converted a new challenge emerges in that staff who are used to maintaining a network that they had complete operational control over no longer have that control. Their network is now in the hands of the local ISPs etc. and they are limited to what they can do. In one respect this helps as it delivers an operational cost saving as there are fewer flashing lights and wires to maintain. However the shift is more profound as their operational focus is now relationship management with their consumers and ISPs. This may need a different type of person.

Opening more doorways to the internet also means opening more doors to bad people. The effect is that the IT organisation needs to develop, and develop quickly, increased capacity in the dark arts of cyber security. Operationally this is challenging given the pace of change and shortage of skilled staff.

Operational challenges do not stop at the network. Operate largely becomes the challenge for the cloud service provider. It’s the cloud service provider’s role to keep the service secure, the servers up, the data flowing etc. As mentioned earlier in the skyscraper analogy the operational role of IT shifts to a mode of empowerment and enablement. Operationally this means keeping a finger on the evergreen pulse of the cloud services and supporting customers in understanding the capability and appropriate use cases for different solutions.

Operations will be a long-term partnership between the IT organisation and the cloud service. If the relationship is not managed like partnership, then it will fail. The partnership may include a third party cloud services partner to whom you may outsource a number of activities (even if it is to get you over the initial transition).

Summary

In my opinion what transitioning to the cloud means for IT organisational structures is a change in mindset and approach. The cloud is not a static environment where the focus is simply keeping the lights on. I think IT organisations can improve their chances of success by looking beyond its industry and peer groups for answers and staff.

I think every IT organisation should pay attention as every company is becoming a digital organisation. The cloud is the construct that will truly enable the digital transformation. Organisational structures need to change as your companies staff become your customers. Your customers become information managers, digital curators, and configurators. IT becomes an enabler, a guide, a guard, and a teacher. Every member of the IT organisation becomes customer facing and takes responsibility for services from their design through to operations.

In changing the organisational structure of IT to align more with the continuous cycle of design, build, finance and operate you are building the foundations that enable your company to reach for the clouds.

I thought I’d end this post with some strategic thoughts and a concept for an organisational structure.

This slideshow requires JavaScript.

Post script

Konrad Zuse, the inventor of world’s first programmable computer, was also Civil Engineer.

I’m not “Doughboy”, I’m a real person (and it’s not Yammer’s fault)

There have been several threads emerging regarding missing profile images in the Office 365 Suite Bar (example thread). The problem seems to centre around the fact that, whilst users add their picture to Office 365, it fails to appear when using services like Yammer or Planner.

To illustrate:

sharepoint
SharePoint

Based on the code, my picture is being obtained using the email variable from:

https://outlook.office365.com/owa/service.svc/s/GetPersonaPhoto?email=
yammer
Yammer

It’s the same in Yammer. In fact it’s using the same chunk of code.

planner1
Planner (Suite Bar)

Hmm… I’m “Doughboy” in Planner yet my avatar just below the Suite Bar shows me.

planner3
Planner (Avatar)

Interestingly the code is obtaining my avatar from a different location to the one used by SharePoint and Yammer:

 /.onmicrosoft.com/Groups/GetUserPhoto/?userId=
powerbi
Power BI

From watching the page load using Edge Developer tools, it’s my interpretation that Power BI is obtaining my picture from another location:

https://wabi-north-europe-redirect.analysis.windows.net/powerbi/resource/userPhoto/?huid=1083448852
home
Office 365 Home

Finally, I’m “Doughboy” in Office 365 Home. 😦

doughboy

To me the appearance of “Doughboy” and variable end points is a sign that there is an inconsistency in the Suite Bar wiring.

In some of the threads on the subject, Yammer has unfairly taken the blame for the appearance of “Doughboy”. I believe it is not a Yammer issue and it is all about the wiring behind the scenes. In addition to the examples at the start of my post I’ve seen other mismatches – my current profile image in Office 2016 Apps, with the exception of Outlook, is different to the one in the Office 365 Suite Bar *but* Office 365 ProPlus should be wired up via Azure AD.

word
Word 2016
outlook
Outlook 2016

I guess to some of you reading this you might be wondering why the fuss in the first place, it’s just a picture after all. My argument is that we all readily identify with our own image. Its appearance shows that this is our instance of SharePoint, or Yammer post. It helps us, probably at a subconscious level, to make a personal connection. It also seems a feature of human nature that little inconsistencies, especially in our appearance, can really make us question what is going on. When we are trying to get people to adopt Office 365 we tell them about the behind the scenes magic that wires content to people, people to content and it is a consistent experience on any device, anytime, anywhere. Variability in the profile picture, and the presentation of the Suite Bar for that matter, undermines the consistency point and leads people to question the wiring.

In producing this post, I conducted some research into how it should work. The Suite Bar *should* be getting your profile picture from the Office 365 Directory Service, which in turn goes out to Exchange Online to get it, as that is where the image is stored when you upload it [1]. Once in Exchange, your image is pushed down to SharePoint for use there [2]. SharePoint can use one of three renditions of the image based on the component that needs it. The examples from the start of my post show that the services then call differing end points which in turn *should* all lead back to the image in Exchange Online.

In the case of Yammer, it gets its profile information from the Office 365 Directory Service but it only takes the User items [3] e.g. Name. Avatars work in Yammer, whilst perhaps “Doughboy” might be in Suite Bar as:

“If a user’s Yammer profile does not include a picture, the profile will be updated with the user’s Office 365 profile picture. This update is initiated when the user logs in to Yammer and will be reflected in the Yammer profile within few hours. If the user later updates his or her Office 365 profile picture, the Yammer profile picture will also update after the user logs into Yammer.” [4]

As a side note, I’d definitely raise a support ticket with Microsoft if your Yammer avatars do not have pictures. In this situation, something is blocking the pull down of the Office 365 profile picture. It could be something as simple as deleting profile images in Yammer, waiting a few hours and it should push them back down but best if Microsoft look into it for you.

In my opinion the current architecture does not make sense as your profile image should sit outside Exchange Online or SharePoint Online i.e. treated like the other core Active Directory properties and independent of the service that consumes it. I understand that changes would need to occur if Active Directory where to be used as there is anecdotal evidence of a 100kB file limit. Great for avatars rubbish for Delve, Skype etc. where high definition images are required. Hence SharePoint has a 5MB limit and another end point for those images. Having a single endpoint would help developers and companies who do not want to lead with Exchange Online first etc.

I hope Microsoft can review and revise the wiring.


[1] The image is stored in Exchange – https://support.office.com/en-us/article/Add-your-user-photo-to-Office-365-2eaf93fd-b3f1-43b9-9cdc-bdcd548435b7 – It can be manipulated by the Set-UserPhoto (which is an Exchange commandlet). It is also why (regrettably) people still need to lead with Exchange Online, or at least license users for it, if they want the most cohesive onboarding experience into the other workloads. Without an Exchange Online license, there is no Exchange account to hold the profile picture. This can be worked around for SharePoint by uploading images directly into its User Profile Service.[back to article]

[2] I’m not aware that the actual sync interval is published by Microsoft but authors of articles like this one https://spbreed.wordpress.com/2015/11/06/demystifying-user-profile-picture-sync-in-office365/ go into the details of the inner workings. In SharePoint, images can be stored in – https://msdn.microsoft.com/en-us/library/office/microsoft.sharepoint.client.userprofiles.peoplemanager.setmyprofilepicture.aspx [back to article]

[3] This article has a useful table with the attributes passed through to the various services in Office 365. For Yammer (see the Third Party section) https://docs.microsoft.com/en-gb/azure/active-directory/connect/active-directory-aadconnectsync-attributes-synchronized [back to article]

[4] Taken from the FAQ in this article https://support.office.com/en-us/article/Manage-Yammer-users-across-their-life-cycle-from-Office-365-6c4c8fff-6444-404a-bffc-f9da0bcc3039 [back to article]

The Office 365 Network is born

Ensure that every escape route and exit is still clearly visible when the lights go out

I know some of you use the Yammer Office 365 Network to seek answers and to discover new knowledge. Microsoft, in their infinite wisdom, have decided to close that network. The closure is described in this article: Announcing the public preview of the new Office 365 Network online community . It is being replaced with a new publically accessible forum Office 365 Network . The forum is not built on Yammer and its usability is questionable at best though they do say they are working on that…

This is not a vote of no confidence in Yammer or a #yamexit. It is Yammer’s strength that has forced this move. By design, Yammer is not publically indexable by the likes of Google and Bing. The lack of unauthenticated discovery allows people to converse and collaborate in confidence, safe in the knowledge that their contributions will not surface in unexpected locations, be used out of context etc. There are those in Microsoft who feel that the lack of discoverability through search by non-authenticated users is a barrier that needs to be removed.

The shift to a new publically accessible platform will cause a change in the conversational dynamics. Whilst the platform is not intended for ‘break-fix’, they still want people to use the likes of Microsoft | Community (aka Microsoft Answers) for that, it is built on forum technology which, by design, lends itself to Q&A rather than collaborative discussion. Only time will tell if Microsoft manage to keep a lid on the ‘break-fix’ and are able to foster a sense of community. Another change in this area is that Microsoft will control the creation of groups. Inevitably this will keep the focus on the products rather than the wider issues and thinking that directly influences the usage and adoption of the products.

The platform also includes gamification and you can expect to be awarded badges for almost every action. Some will find this immensely irritating and others will revel in it. The value gamification brings to building a community is questionable but it’s one of the hooks Microsoft feel they need to get people to take part.

The question remains ‘how does this affect you?’

  • You have between now and the 1st of September to make the move to the new network
  • Conversations in the new network are public and you have reduced control over any content you share
  • Any member of your staff can participate, they do not need a work account (this has benefits as well as risks)
  • It’s up to you to preserve or migrate content from the Yammer Office 365 Network. Any knowledge that you wish to retain after 1st September needs to be copied out and be aware that Microsoft will not be providing tools to help you
  • The vast majority of groups will not be migrated so if you have one for collaboration, say with your Microsoft account team or a group of like minded individuals, you’ll need to find a new home for those conversations.
    • Now could be the time to switch on external access for Yammer in your home network and invite your partners to join you there
  • You should consider communicating to staff the presence of the new network and what it is intended to be used for. You could use the opportunity to reinforce desired behaviours e.g.
    • something is broken – raise a ticket
    • want something changed – raise a request
    • not sure or want to ask – use a Group in your own Yammer network
    • have something broken on a personal device – use answers.microsoft.com
    • want to request a new feature (in a Microsoft product) – use UserVoice : Customer Feedback for Microsoft Office 365
    • want to take part in the product conversations – use Office 365 Network

You may be interested in the perspectives of others on this subject:

 

It will be interesting to watch how this venture unfolds.


Quote and sign credited to Seton and in particular their Luminous Exit and Path Marker Signs – Door Exit Route (Right)

 

The perfect serve of Yammer?

Recently, I’ve been wondering whether Yammer is being developed like ‘medicine’ or ‘Coca Cola’? I’ve been typing, deleting, typing, deleting and in the process I’ve started to challenge my own thinking. I feel that I’m going a little crazy with the thought process so I felt I’d throw the concepts out there.

  • Medicine – developed through thousands of hours of research and testing. Typically, highly consistent product that should only be consumed in the way it is intended.
  • Coca Cola – developed to a level of product consistency such that each one tastes the same wherever it is consumed but it can be consumed in a multitude of ways. You don’t find ice cream floating in medicine, or use it as cooking liquor to make a ham but you can still taste the Coke in both.

My thinking is that Yammer is not medicine which you have to consume as per the instructions. Yammer makes helpful suggestions in how it should be consumed, just like a Coke bottle has best served cold on it. Items like the Discovery feed are just that, helpful suggestions to how it should be consumed. Intended to guide you to an outcome.

Yammer is part of an ecosystem that is founded upon choice and interconnectivity. The risk is that Yammer ignores the choice and interconnectivity and positions itself as medicine. For example, connectors or shared storage using OneDrive would help with the choice and interconnectivity and just like Coke they will enable Yammer to be consumed in a multitude of ways. Conversely if Yammer where medicine you’d be forced to consume it in the browser or app with a propriety file management solution.

Then again Coca-Cola did start out as medicine

 

Search refiners are yesterday’s algorithm

A while ago I came to the conclusion that Delve is definitely the future of search in Office 365. Delve is great for the targeted, individual relevant search, connecting people to content and content to people through the Office Graph. I believe it is the future but it is not quite there yet. The missing component from an organisational perspective is the search view and experience that the organisation wants you to have – connecting you to content that it believes is relevant to you. Currently this is possible in Search using items like Promoted Results and Result Blocks? I know it is possible today, if you want to get your coding hands dirty and you implement your own take on the Office Graph, but hands up who wants to build their own version of Delve? It’s way too much work if you ask me!

Ok I hear you say, but what about refiners. Delve does not offer many of them. But then again what do refiners really do… Refiners are yesterday’s algorithm.