IT Operations Management (ITOM)

7 Resolutions for Becoming a Cloud Service Broker in 2014

7 Resolutions for Becoming a Cloud Service Broker in 2014


With written contribution by Andrew Wahl


As IT leaders gear up for 2014, topping their New Years resolutions lists will be making the most of cloud-based technologies and services. The cloud offers the potential to significantly transform IT organizations with a new operating model, and for many enterprises, this will be an important year for taking steps toward becoming a broker of cloud services.


Delivering IT in a way that allows end-users to easily self-serve application, platform and infrastructure services clearly offers the potential for dramatic gains in efficiency, reliability and agility. But becoming a cloud service broker for line of business (LOB) takes more than procuring and deploying an intuitive self-service subscriber platform.


Now is the time, before the daily and weekly tasks begin to pile up, to consider what you need to do in 2014 and beyond to successfully embrace a future as a cloud service broker. Here are seven resolutions to make:


CSB_1.png1. Map out a strategy for 2014 and beyond


Resolutions must be realistic. You will need a practical vision for how IT can evolve to serve the business, and there’s no one-size-fits-all approach. Your cloud strategy should align to overall IT objectives, addressing areas such as business service management, security intelligence and risk management.


 Carefully consider your environments’ specific requirements—the platforms you use now and in the future, what kind of integrations your strategy will demand. Your enterprise will more than likely require a mix of traditional IT, private and public cloud environments, and depending on the performance and quality standards your business demands, it may even require multiples of each type. IT will need to find effective ways to blend public cloud services with internal services and manage them in a way that meets LOBs’ performance or availability requirements.


A clear cloud strategy will let your organization gradually evolve at a pace that works for the business and avoid unnecessarily high up-front or hidden costs. Better to start small with a foundation that lets you to scale over time, towards a bigger vision.



CSB_2.png2. Build on a Foundation of Automation


To the business user, a cloud service brokerage is the portal where they can order IT services. But this is an abstraction layer—it’s on the backend where a lot of the magic really takes place. And that “magic” is really automation.



Where services are automatically provisioned, applications are automatically set up, changes get made automatically and when the business user no longer needs the service, it’s all automatically shut down. However, implementing that much automation does not happen overnight, and your strategic plan needs to incorporate a roadmap.


Start with task-based automation projects — Routine manual tasks such as provisioning network ports, servers and storage will inhibit your IT teams’ ability to scale with cloud services unless they are automated. It’s essential that lifecycle management is performed in a highly repeatable and consistent fashion.


Automate tasks as process workflows — Remediation, compliance, change management and application deployment are typically good targets to automate next, so an administrator only has to monitor these processes.



CSB_3.png3. Decide what services should move to the cloud


Not all services will go to the cloud, so you will need to select what your organization should move there. Many companies start with Infrastructure as a Service (IaaS), typically Virtual Machines used in dev/test environments, but some enterprises are also delivering databases, Disaster Recovery and middleware as cloud services.


It’s important to get alignment between applications and the right type of cloud. This will require a detailed review or audit of applications, how they are used by the business and requirements for performance and availability. Your IT organization will likely need to deal with multiple types of clouds and services. Even with IaaS, there are a lot of variations in services (in addition to the differences between public, private and hybrid).



CSB_4.png 4. Closely monitor the SLAs of public cloud services


By becoming a broker of cloud services, your IT organization will have to be in a position to assess whether its roster of cloud service providers can offer the kind of performance and availability standards its business needs—and that they can, in fact, achieve those operational standards.


IT organizations need to have mechanisms in place that help manage the many Service Level Agreements (SLAs) of multiple cloud service providers for a range of cloud services. This wide variety of contractual terms and conditions of cloud services must be carefully examined and then closely monitored. This information can then help guide how those services are used as building blocks in architecting services for the business, and how you may need to augment them with other services for a more complete cloud architecture.



CSB_5.png5. Secure IT for the cloud era


There are unique security implications for private vs. public cloud services, so if you don’t have one in place yet, you should develop a risk-based security strategy. No single technology will be sufficient to protect dynamic cloud environment like that of the cloud. Your strategy should reflect an approach that secures each layer of architecture, and then integrate them as part of a comprehensive cloud management platform.


Part of this strategy needs to be a plan for access rights, so you can restrict which business users and various IT roles can access data and modify cloud services. Working with a cloud management platform that clearly defines variations in user and administrator roles through the existing enterprise directory and LDAP DN structure can simplify how you authorize new users and control access to the platform.


But the most important thing to remember is this: Whether cloud services are private, public or a hybrid of the two, your organization needs to be in a position to take responsibility for their security. In practical terms, securing cloud services is a shared responsibility. Public cloud service providers may deliver some capabilities—like perimeter security or antivirus protection—but not all will, and ultimately it is your IT organization that must work with what it is given to achieve the levels of security the business requires.



CSB_6.png6. Protect the bottom line


IT projects must either save money or help make money. Take fiscal responsibility as a cloud service broker means first understanding how much each cloud service costs to operate. Administrators must have a complete view of what IT assets are being used and how much, including servers, storage networks and applications. Managing software license compliance is one important aspect of this. Although asset management of public cloud services is an operating expenditure, you still need to manage them as if you own them.


Having complete fiscal visibility ensures that internal cloud services are run economically compared with external cloud service providers, and lets you evaluate the range of options for external cloud services, such as purchasing on-demand versus reserving instances in advance and the costs and benefits of purchasing at different scales.


Once you know how much cloud services cost, you can also charge for consumption based on actual usage. Instituting chargeback and showback policies provide personalized cost control at the departmental or individual level, allowing them to assess the value of using certain cloud services. Instituting detailed billing, reconciliation and reporting is essential to managing the financial success of IT under the  cloud service broker model.



CSB_7.png7.  Take steps to avoid cloud vendor lock-in


For IT leaders transforming their operational model into a cloud services broker, it’s essential to stay flexible and agile in order to meet quickly changing business needs. The technology decisions they make in 2014 must protect the long-term heterogeneity and extensibility of their cloud environments.


Cloud service brokers need the ability to mix and match with any cloud resource or service provider or internal virtualized environment, including multiple types of clouds from different vendors and service providers. Your cloud management platform should have an open architecture that can not only supports multiple technology standards now and into the future, but will be able to stitch these multiple internal and external cloud services into a cohesive, flexible whole.



Starting the journey on the right foot

As you prepare in 2014 to transform your IT organization into a cloud services broker, you will of course examine your specific business needs. Each organization is different, with unique priorities for optimizing cost, agility or performance.


Your cloud management platform should help you prepare, with the right security, asset management and financial reporting your cloud services strategy needs, but also let you adjust your strategy as business demands shift. Embracing an approach of technology heterogeneity with open source vendors will offer greater choice in the long run, ensuring that your organization’s journey follows a path best able to achieve its goals.



Learn more about HP Cloud Management

Find out how HP Hybrid Cloud Management provides an open and extensible platform for becoming a successful, agile and cost-effective cloud service broker, with support for application, platform and infrastructure services. Visit



Making Cloud Simple
  • cloud management
About the Author


Lending 20 years of IT market expertise across 5 continents, for defining moments as an innovation adoption change agent.

//Add this to "OnDomLoad" event