How ITSM Can Now Govern the Cloud

Governing the cloud
Share on facebook
Share on twitter
Share on linkedin

There has been a noticeable and problematic divide between IT service management (ITSM) – enterprise service management – and “the cloud.” In my experience, in many organizations across the world, IT service managers have been left out of the cloud explosion, the use of which has instead been dominated by developers and infrastructure staff.

This is problematic because the focus is thus all on security, cost, and speed – with governance and control taking a distant fourth or fifth place.

Help – for ITSM pros – is at hand though

The public cloud leader, Amazon Web Services (AWS), has been working to address this – and to bridge the gap – by creating frameworks that are actually useful to the intended consumers.

First, the Cloud Adoption Framework, is easily understandable by service managers, talking about six cloud management perspectives that need to be developed over time:

  1. Business
  2. People
  3. Governance
  4. Platform
  5. Security
  6. Operations.

Then AWS went a step further with another framework called the Well-Architected Framework. This has five pillars:

  1. Operational Excellence
  2. Security
  3. Reliability
  4. Performance Efficiency
  5. Cost Optimization.

When you put these two AWS frameworks together, you can see how a service manager is – at last – welcome to the party by virtue of both ITSM and cloud using the same terminology and similar perspectives (i.e. not bottom-up or technology-first).

These two powerful AWS frameworks address the people and process aspects of cloud service management, but there’s still a missing third wheel – the technology.

Further connecting the cloud and ITSM

AWS started to address the missing technology piece a while ago via a now long-standing cloud service called Service Catalog. The simplest way to describe this is as a directory of pre-created, approved cloud assets that a user can easily deploy.

These assets have been preconfigured to meet the governance standards of the enterprise, so it’s assured that when company staff consume cloud via the Service Catalog they’re doing so in an approved and governed manner. This is the opposite of letting users have direct access to the “raw” AWS Console where they could deploy any cloud service in an unassured and ungoverned manner.

While this is great, there is/was still a little bit of friction. Because users had to learn how to use yet another portal for the AWS Service Catalog.

Reducing ITSM friction by connecting AWS Service Catalog and your ITSM tool

Now AWS is eliminating that friction for ServiceNow customers – and I’m sure similar capabilities will be created for different cloud service, and ITSM tool, providers – with the release of the AWS Service Catalog Connector for ServiceNow.

What this does is let enterprise users consume the cloud (by deploying catalog items) via familiar request and approval processes, in this case via the familiar ServiceNow portal. It’s like stitching AWS into the enterprise ITSM governance processes so there’s no visible seam.

Without this stitching, there’s still a friction in consuming cloud. People generally don’t like friction and they’ll do anything to avoid it. And what this tends to mean is that people go-around governance, doing what is commonly called “Shadow IT.” This is commonly manifested in people paying for cloud resources on personal and company credit cards, with no cost management.

It’s also manifested in bypassing security policies, for instance just adding users manually (and forgetting to disable the accounts when the people leave). There are many downsides to people going-around ITSM practices because of such friction. Importantly, the answer isn’t “more governance.” The answer is “less friction.”

It’s a new world for ITSM

Hopefully service managers are waking up to the art of the cloud-management possible here. In the case of what’s already available for AWS and ServiceNow customers, they can:

  1. Create AWS Service Catalog entries that define the actual cloud resources that will be consumed (as opposed to letting everyone run anything anywhere).
  2. Get the AWS Connector for ServiceNow from the ServiceNow store.
  3. Configure the adaptor to wrap request and approval workflows around your AWS Service Catalog items.

The result is that your enterprise users can then consume the cloud without friction and with lots of (invisible) governance.

I and my Cloudsoft colleagues have been working hard with AWS and ServiceNow to make this a reality. We can also help you sew this all together, including integration with your enterprise Active Directory. It takes a few days of effort to get it all working to your satisfaction, but then you’ll be able to look after it yourself.

It’s finally time for ITSM pros to add their capabilities to the cloud management game.

Steve Chambers Photo
Steve Chambers
Director at

Steve Chambers generates real-time analysis on the topics of Cloud, DevOps, and ITSM. Steve helps organizations that range from global to local, commercial to public sector, and startup to enterprise. With these organizations, Steve operates at the conjunction of cloud service providers and organizations that consume their services, and analyzes and advises on the impact on their people, process, and technology.

Steve's career spans more than twenty years including banking, consulting engineer with Loudcloud, professional services and presales management at VMware, Cisco and VCE and executive CTO office at Atos Cloud, and numerous roles with startups in the cloud software business.

In addition to his day job, Steve is also an Associate Consultant at ITSM.tools.

More Topics to Explore

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *