Tuesday, November 29, 2011

Dell announces the open sourcing of multiple Hadoop Barclamps

Today, my team at Dell is very excited to announce that we have released several barclamps into the opensource community.

These barclamps are designed and build to enable Hadoop environments to be rapidly deployed using Dell Crowbar.

The barclamps can be found on github, along with the project wiki including build information, FAQs and other important links.

Folks on my team also created a variety of videos to help you get started in building Crowbar and setting up Hadoop environments using Crowbar:
We encourage you to download these barclamps, test them in your environment, and join the crowbar@dell.com community.

Tuesday, November 22, 2011

InformationWeek Hadoop Webinar

Last week I spoke at a webinar hosted by Information Week. The topic was deployment of Hadoop in your computing environments. I spoke about how Dell defines Big Data, what types of problems can be solved with a Hadoop solution and the components that Dell includes as part of the Hadoop solution.

The MP4 from the Webinar can be downloaded from here.

Monday, September 5, 2011

What is "Big Data"?

One of the most commonly used terms today is Big Data, it is regularly used in blogs, product launches, architecture documents and speeches just to name a few. Big Data is being used to describe products, capabilities, features and new ideas about how to build and manage many of today’s new applications and the data that drives them. The struggle is that Big Data has different meanings to different people, and there in lies the problem. For any technology to survive the test of time in IT, it must be understood and accepted by a large enough segment of the user and administration population that the term and associated products evolve into a self-sustaining ecosystem.

I want to outline what I see as Big Data and the common definition I use for people that are struggling with the problems that Big Data often includes and helps to address. The most common emerging definition of Big Data is one that includes one or more of these three parameters – Volume, Velocity and Variety. There are many different ways to define Big Data, but I believe that by using these three parameters, you can clearly define what problems fall into Big Data versus traditional data management and analysis.

  • Volume – Volume is the measure of how much data a company has under their management, operation and analysis. Volume is typically measured in Gigabytes, Terabytes or Petabytes. Volume is not only an absolute number of current capacity, it can be expressed in data growth over time. Defining what Big Data is takes an evaluation of the companies total data-assets and their growth over time.

  • Velocity – Velocity is the time that elapses from the time a company receives a new data point to the time they must act on it and make a decision. This decision could be to make changes to a stock portfolio, change the pricing for a product or trigger the staff to make a change to the environment. Big Data typically contains customers that have a velocity requirement of at or near-real time decision making every time new data is received.

  • Variety – The third parameter that defines Big Data is Variety. Variety defines the types of data a company utilizes within its analysis tools, its customer applications and its business-driven workloads. Big Data customers are typically characterized by a multitude of data including user information, movies, pictures, GPS data, log files, and sales information or. While storing these types of data is not new in IT, Big Data has brought about users that make connections between data that previously was left in islands to analyze, manage and manipulate.

Now that we have defined Big Data – one or more parameters of Volume, Velocity or Variety, we can look at how people are using Big Data in their environments to drive better decision making for a company, faster responses to customer demands and more accurate forecasting of possible business trends. There are a variety of common themes used in Big Data environments:

  • Related but Unstructured – Many Big Data environments have lots of related data, but that data is unstructured. These types of data could include movies, images, log files or users. While all this data has an association with one another, that association is constantly changing based on how each of these items changes over time and what questions people are trying to ontain from the data sets.

  • Traditional Tools Don't Scale – The Big Data ecosystem is evolving rapidly with new tools for storing data, managing data, analyzing data and finding new uses of that data. These new tools have come about because typical tools for data storage do not scale to support the volume, velocity and variety that are common for Big Data.

Now that we have looked at what defines Big Data, as well as what commonality can be found with Big Data, who are some of the common consumers and operators of Big Data? How are they using their Big Data environments?

  • Facebook – Facebook is the first name that comes to mind for a lot of people when talking about Big Data. Facebook has an example of all three parameters to Big Data. Their Volume of data is well into the Petabyes and growing daily. The Velocity at which they must receive a piece of information and make suggestions to others based on that information is measured in seconds and the Variety of data that Facebook stores includes movies, pictures, places, users, usage information, log files and suggestions just to name a few.

  • Amazon – Amazon has a Big Data environment, and one of the most well known features of Amazon driven by Big Data is it's recommendation engine. Every time you purchase an item from Amazon, a list of suggestions is made at near-real time of other items that may interest you based on previous users recommendations and purchases. This Big Data need is driven by the immediate need for recommendations, Amazon can not reasonable run batch queries and recommend other items an hour after you finished your previous purchase.

  • Linkedin – Linked in uses Big Data to make recommendations on both contacts that you may know, as well as jobs that you may be interested in. Both of these problems are solved through the analysis of large sets of data based on constantly changing relationships and associations.

By using a companies data to it's full advantage, companies can use Big Data to be more efficient at business operations, more connected to users needs and more rapid to respond then competitions. But the concept of Big Data is only so useful, to really exploit these capabilities there must be tools that allow companies to quickly store, analyze and utilize their growing data sets. Some of the most common tools for exploiting Big Data are:

  • Hadoop – Hadoop is an Apache project and one of the more commonly used tools by customers that have Big Data. Hadoop provides a framework for storing and analyze large data sets with no restrictions on what types of data can be stored and analyzed.

  • R – R from Revolution Analytics provides an extremely powerful set of libraries and capabilities for analyzing large data sets, finding data associations and creating applications that exploit Big Data.

  • Accumulo – Accumulo is a recently released tool of the United States Government for utilizing data stored in a Big Table format.

  • HPCC – HPCC is an open source tool from LexisNexis to enable companies to store and process large, complex data sets that typically required proprietary technology to analyze.

Big Data is a powerful new concept within today’s IT environments. Implemented through a variety of tools. Big Data solutions enable companies to analyze data in new ways, enabling new levels of productivity and response to customers in new, rapid methods.

Tuesday, July 5, 2011

Hadoop Whitepaper - Hadoop Business Cases

I have posted the third in a series of Hadoop Whitepapers I have written for Dell. The third can be downloaded here. The topic is Business Use Cases for Hadoop.

Saturday, June 25, 2011

A Blueprint for Cloud Security

Time and time again, the most common question regarding cloud computing is about security. The question comes in many forms including how do I ensure my data is secure? or how do I guarantee unauthorized people do not access my data? or even my processes are not set to accommodate servers we do not own? These questions and many more, all come from the same fear, a reluctance to make a major change in architecture and strategy because of a lack of understanding, lack of tools or lack of knowledge.

Security is a broad topic, it can encompass many components including the network layer, server location, data center access, data storage devices, application architecture, logging, authentication, monitoring, business process or compliance with regulations, just to name a few. The focus of this article is best practices for ensuring that a plan for security in a cloud environment is complete and well planned for.

First, what is cloud computing in the context of security? In this context cloud computing is the use of computing resources that are provided from shared servers, data centers and environments. Cloud computing in the sense of security blurs the lines that traditionally separated the physical components of one application or company from another. This shared aspect of cloud computing is important to planning security, because historically, many security policies assumed the server and data was physically located in a data center the company controlled. This is no longer the case, companies may have thousands of IT resources they will never physically touch or have control over more then a remote login and the use of the resource.

As with all discussions around security, we must make some assumptions, these set the base of our understanding and focus our later best practices within the context of security for cloud computing:

  • Assume elasticity – Cloud environments can scale up and down quickly, from a security perspective this means things are constantly changing and the security policies, models, processes and tools must automatically support this dynamic environment.

  • Shared physical locality – Through the use of cloud computing, you will inevitably have your application on a server that also has applications from other companies, these can be partners, competitors, aggressors, hackers, or customers. Security policies within a cloud environment should accommodate this proximity to possible threats.

  • Data will take one of three forms – at rest, in transit or in process – Security policies for cloud computing should accommodate data state and ensure that all states are adequately protected, and that data is passed securely between states.

  • Physical security can not be guaranteed – Many cloud providers have instituted physical security well beyond what was possible in a corporate managed data center. This does not mean that all is without risk. Any time a resource within a shared facility is being used, the potential for the equipment to be physically accessed is a possibility. Data, process and applications should be architected to accommodate this without risk of data being compromised or availability being impacted.

  • Assume the server could disappear – Expanding on the above assumption, cloud security solutions should assume the server housing the data could disappear without warning. There have been documented cases of servers that house multiple customers being seized as well as servers failing and not being returned to service. Security plans should ensure that should a server disappear, the risk of data loss is as low as possible.

  • There is no edge – There is no longer a distinct line that can be drawn for where people will access a cloud based environment or where it will be managed from. This lack of a clear boundary that once would accommodate a firewall, must now be guarded by policies, monitoring, intrusion detection and application penetration testing.

Now that we have reviewed the assumptions behind all cloud environments, we can list some of the best practices (In no particular order of priority) for managing security relating to data and application access within a cloud environment:

  • Centralized Authentication and Authorization – Any cloud based environment should use a single, centralized method for authentication and authorization. This ensures that any rogue accounts that are created can be quickly identified and accounts can be rapidly disabled for those that no longer need them. This single mechanism for authentication and authorization should cover both the staff that manage the application and data, as well as the users that access and consume the application and associated data.

  • Centralized Key Management – The use of encryption for data storage and validation should be employees across all cloud environments. These should be implemented via a centralized key management solution so that data access can be revoked if necessary. A central key management solution will enable staff to provide access to data to those that are authorized, and ensure that access is removed when warranted.

  • Encrypt all at rest and in transit data – All data, not actively being processed, should be encrypted. This includes system log files, databases, unstructured data and data the application generates while running. While this has a high overhead in CPU cycles and time, the risk of missing data that should be encrypted is often too great to ignore.

  • Security handle in process data – Any data actively being used by the application should be handled in a way that minimizes the risk of exposure between processes, applications, users, and virtual machines as well as to stored in a location that is persistent, and encrypted. Logging should be done in a way to minimize the exposure of user data to those that are troubleshooting the environment. All in process data should be handled as short a time as possible to minimize the risk of exposure.

  • Use of host-based firewalls – As with all traditional security best practices, going back many years, host based firewalls should be utilized on all systems regardless of internal or external access.

  • Regular penetration testing by outsiders – Any company providing a publicly available site, hosted via a cloud computing solution, should employ the services of an external firm to periodically execute a vulnerability assessments and complete penetration testing of the environment. This outside perspective is important to review and test the design and implementation of the application and data security controls.

  • Staff Training – Training is critical for all team members that are expanding into roles including cloud computing. All staff need to be educated on the new process requirements, the new rules for deployment and the methods in which cloud computing is being employeed. This training ensures staff are comfortable with this new technology and working from a common base of knowledge and experience.

  • Accountability – Staff should be held accountable for what and how they expand into the cloud. Risk assessments should be done prior to large, complex changes to ensure staff have adequately assessed the risks, planned for mitigation strategies and implemented safeguards. Staff should be empowered to suggest changes and make improvements.

  • Change Management – Automated solutions for change and configuration management should be utilized to ensure that all software and servers deployed meet the same baseline standards for configuration. Change and configuration management systems simplify deployments and minimize the change that an oversight leads to a vulnerability.

It is a new world out there, IT managers have more options then ever before when considering how to deploy and utilize new services. Cloud computing is an entirely new way of thinking for many people and creates many new opportunities for scale, efficiency and improved operational models. Despite all that, there are three truths that we must account for when deploying solutions in cloud environments:

  1. There is no edge any more, people consume and create resources from a multitude of places and from a variety of devices.

  2. There is no stable state, applications are elastic and change regularly, we simply can not have a security checklist for new servers any more, we must use process and automation to ensure compliance.

  3. Data is king, the amount being produced today is monumental, and it has huge corporate value. Data must be protected, regardless of state in a variety of circumstances that are no longer under the control of the companies data center manager.

Monday, June 6, 2011

Hadoop Whitepapers

Below are links to two whitepapers I recently wrote and published as part of my role at Dell.

Monday, April 18, 2011

Cloud Computing, what is it really?

I have been in a lot of discussions recently where Cloud Computing is being discussed more then before. I wanted to take a break from EITRP and talk about this term and it's increasing use. Most of the definitions of Cloud Computing include the following words in some order and combination: elastic computing, remotely delivered, associated with SLAs, end user platform independent delivery method, scalable, and billed by usage.

Essentially, most people look at Cloud Computing as a change in the delivery of an application from a company run data center to a managed, remote facility that provides SLAs for the application and bills for actual usage of the application and the amount of data being stored. Most definitions of Cloud Computing also speak to underlying technologies like virtualization, elastic scalability, or hyper-scale data centers.

I believe that Cloud Computing is less about the technology and delivery method, and more about how people think about their information technology (IT) needs and operate what would traditionally be their IT departments. Cloud Computing is more about efficiency, essentially reviewing all current application and data needs, and instead of modifying existing processes to fit changing needs, it is about creating new methods for application delivery. I look at Cloud Computing as the point in time that IT leadership stops using old ways of deploying servers, installing applications and defining the method folks will use those applications. Cloud Computing is about IT leadership embracing and creating new ways to be more efficient with service delivery and how that delivery spans business, process, technology and finance.

Physical Infrastructure

A lot of interpretations of Cloud Computing involve eliminating a company of it's server infrastructure and utilizing shared billable resources from companies like Rackspace, ServerPronto, Amazon, or 1&1 just to name a few. This is commonly called Infrastructure as a Service (IaaS).

Cloud does not mean you ditch all your servers and use Amazon for your core business operations, it means you throw out all your processes when designing new solutions and design solutions around modern delivery and operational processes and newer proven technologies. This is a difficult change for many organizations, IT has developed many habits over the years and other teams have come to expect things from IT done in a certain way.

Staff Infrastructure

There is a common perception within IT departments that staff can be cut back or eliminated by the use of Cloud Computing. This perception largely builds out of the expectation that Cloud Computing is the 100% use of hosted infrastructure, and enables a company to function without the traditional roles of System Administrator, Storage Engineer or Operations Staff.

This belief is often misplaced. By utilizing IT environments that are more automated and/or hosted at alternate locations, the need for IT staff does not diminish, the skill sets that are needed and the required expertise changes. Many IT organizations that are utilizing new methods for operations that are born out of Cloud Computing are finding that traditional IT operations roles are become more architectural in nature and the skill sets are more closely aligned with Software Engineers then system administration staff.

Traditional IT roles involved in deployment of servers will be more focused on capacity planning, knowledge transfer with the application development teams and strategy development for the use of new and emerging tools and technologies. Modern IT departments that have embraced these new engagement models, look to the other organizations to drive tools based on their business needs, while the IT organization provides thought leadership around implementation and strategy. IT staff can not longer be just technical experts, they must understand the business, the financials of the company, the organizational goals and how that relates to technology.

Cloud Computing is not about the use of some new modern technology, although that is a by-product. Cloud Computing is not about throwing away your servers and buying cycles from other companies, but that is often done as part of it. Cloud Computing is a new method of thinking about IT. It is about starting with the business requirements and needs of an organization and enabling those need through the most automated, efficient way possible. This will be a combination of new skills for staff, new use of technology and different models for procuring, using and retiring resources.

Most importantly, Cloud Computing is not a product to be bought. It is a set of items, methods and best practices for deploying the multitude of products, tools and solutions that IT has at it's disposal and utilizing new ones for efficiency when they become available. Cloud Computing is a mindset for efficiency that enables dynamic businesses.

Now I want to touch on Enterprise Information Technology Resource Planning (EITRP) before I close out this post and show how resource planning across an organization enables a more dynamic IT environment that is sensitive to the business's needs. EITRP enables organizations to map the organizational goals, processes, rules and resources that a company has at it's core. This mapping enables clear modeling and simulation of changes to the environment. Cloud Computing provides the operational model for implementing the resources documented within EITRP.

Sunday, March 13, 2011

Explanation and definition of EITRP Associations

This is my fourth posting in the series to introduce EITRP. This posting focuses on the concept of 'Associations' within EITRP.

Enterprise Information Technology Resource Planning (EITRP) is a new method for documenting and modeling the resources that contribute to the creation, operation and retirement of assets, policies and systems in modern Information Technology (IT) environments. EITRP enables organizations to clearly document the resources that contribute to and guide how an IT department implements and manages the necessary tools for a company to conduct business. IT departments can be represented and described in a similar way, EITRP exploits these similarities to provide a consistent method for documenting the life-cycle of an IT environment.

The core of EITRP representations of an organizations is the idea of 'Tiers.' 'Tiers' are representations of the common building blocks of all organizations, infrastructure and resources supporting that infrastructure. 'Tiers' ensure that any EITRP model can be referenced, simulated and documented in a consistent manner. Each 'Tier' is unique in the data is contains and provides for standards of documentation.

A 'View' is a subset of an EITRP model formatted and limited to the components necessary for a given role within the organization. A 'View' is a representation of what staff levels within an organization will own, manipulate and utilize the data contained in one or more 'Tiers.'

Building on the concepts of 'Tier's and 'Views' we add 'Associations' to our glossary for EITRP. An 'Association' is the documented relationship of a piece of information(an object) contained in one 'Tier' to it's corresponding information in another 'Tier'. 'Associations' define how a change to one 'Tiers' parameters will affect another 'Tiers' parameters.

'Associations' allow a 'Model' to be built for an organization that shows not only the present state of the organization, but the affect of changes within that 'Model.' 'Associations' allow EITRP to be used to document current information, future state information and what changes will occur as a migration or change between states occurs. 'Associations' are an important part of EITRP for documenting information including dependencies, costs, implications and resource needs.

There are three types of 'Associations' that can occur between objects in individual 'Tiers'. When referencing an 'Association' we always start with the lower 'Tier' in the relationship, moving to the higher 'Tier' in the relationship.

  • one-to-one (1t1) – A one-to-one 'Association' is defined as a link between two objects, each in a separate 'Tier'. Each object if manipulated, will only affect the other single object within the 'Association.'

  • one-to-many (1tM) - A one-to-many 'Association' is defined as a link between greater then two objects, one of which is in a lower 'Tier' and the remaining are contained in a higher 'Tier'. The only object will affect many if manipulated, where as the multiple objects, if any are changed, will affect the single object in the lower 'Tier.'

  • many-to-many (MtM) - A many-to-many 'Association' is defined as a link between greater then four objects, two or more of which are in a lower 'Tier' and the remaining are contained in a higher 'Tier.' The lower 'Tier' objects will affect multiple if manipulated, as well as the multiple higher 'Tier' objects, if any are changed, will affect the lower 'Tier' objects.

Above are two simple examples of a set of 'Tiers' within an EITRP environment, and the associated objects in those 'Tiers' and their 'Associations'. These 'Associations' are simple and only show the basic type of 'Association' but could also contain information about what a change to one component will do the other associated component.

The primary purpose behind 'Associations' is to enable EITRP models to be used for automation within an IT environment. As IT environments continue to grow, it will be more and more vital to automate as many processes, changes and evolutions of the environment as possible. EITRP enables the necessary information about the environment, it's resources and it's parameters to be documented in a way to allow for automation of changes over time.

Future postings will cover additional topics including:

  • 'Model' – The definition and uses of a 'Model', the overarching term for a complete set of data points across all tiers, including 'Associations' that provide for a representation of the organization and it's resources.

  • EITRP Data Standards - I will publish the initial version of the EITRP Data Standards, there are the methods for documenting information in a standard way within the EITRP 'Tiers' and 'Views' to allow that data to be referenced, manipulated and modeled for changes within the environment.

Thursday, March 3, 2011

Explanation and definition of EITRP Views

This is my third posting in the series to introduce EITRP. This posting focuses on the concept of 'Views' within EITRP.

Within Enterprise Information Technology Resource Planning (EITRP) 'Views' are a representation of the staff that will interact with each of the 'Tiers' and utilize the information they contain. A 'View' is a subset of an EITRP model formatted and limited to the components necessary for a given role within the organization. A 'View' is a representation of what staff levels within an organization will own, manipulate and utilize the data contained in one or more 'Tiers.'

The example 'Views' below are based on the most common job roles within an Information Technology (IT) department at a medium to large company. The actual defined 'Views' for a companies EITRP models will be specific to that organization and updated to reflect changes in the companies structure, management styles and organizational needs. The 'Views' represented below are meant as a guide for companies that are adopting EITRP and can be modified as needed over time.

The most common views that will be utilized in some form at most organizations are:

  • Chief Information Officer (CIO) – The CIO will most commonly be responsible for the process and associated data within an organization to execute on the companies core business requirements. This role will require the CIO to influence and drive components contained in the higher 'Tiers' related to company rules, process and policies.

  • Chief Technology Officer (CTO) – The CTO will expand on the CIO role, while influencing those policies and process, the CTO will also own and define the SLAs the IT organization will work towards at the need of the business and the services that will be delivered to the business for implementing the processes and policies above.

  • Architect – Architects within the context of IT are responsible for taking the defined SLAs and services from the CTO and turning them into a design that can be implemented across their organization or company wide. The Architect is responsible for managing the risk and reward tradeoff analysis of the possible solutions for a given need within the environment.

  • Administrator – The Administrator is the role most commonly associated with the implementation of the environment, based on the design from the Architects. The Administrators primary responsibility is to implement new designs and provide feedback to the Architects for use in future designs.

  • Operations – Operations staff are the first team to respond to abnormalities within the environment. Operations staff are responsible for monitoring for compliance with SLAs and taking prescribed action to remedy all non-compliance.

In larger organizations, it is possible that each 'View' will have multiple individuals that fill that role. Smaller companies could then have a situation where a single individual falls into multiple 'Views.' It is important that when a company is adopting and defining their EITRP 'Tiers' and 'Views' they account for the current structure and needs, but include provisions for the evolution of the company. This will allow the EITRP model to evolve over time and properly account for changes, growth or contraction within the organization and how that change affects the resources managed by the IT organization.

One core component of EITRP is to create a 'Model' that encompasses all resources within the IT environment and their associations. This concept of 'Views' is important for ensuring that as new 'Models' are created, the proper 'Associations' are in place for the evolution of the organization, allowing company leadership to better anticipate how changes will impact the organization.

Future postings will cover additional topics including:

  • 'Associations' – The relationship of a data point in one tier and how it relates to the data point in another tier.

  • 'Model' – The definition and uses of a 'Model', the overarching term for a complete set of data points across all tiers, including 'Associations' that provide for a representation of the organization and it's resources.

  • EITRP Data Standards - I will publish the initial version of the EITRP Data Standards, there are the methods for documenting information in a standard way within the EITRP 'Tiers' and 'Views' to allow that data to be referenced, manipulated and modeled for changes within the environment.

Saturday, February 19, 2011

Explanation and definition of EITRP Tiers

This is my second posting in the series to introduce EITRP. This posting focuses on the concept of 'Tiers' within EITRP.

Enterprise Information Technology Resource Planning (EITRP) is a new method for documenting and modeling the resources that contribute to the creation, operation and retirement of assets, policies and systems in modern Information Technology (IT) environments. EITRP enables organizations to clearly document the resources that contribute to and guide how an IT department implements and manages the necessary tools for a company to conduct business. The majority of the IT environments that are active today can be represented and described in a similar way, EITRP exploits those similarities to provide a consistent method for documenting the life cycle of an IT environment.

The core of EITRP representations of an organizations is the idea of 'Tiers.' 'Tiers' are representations of the common building blocks of all organizations, infrastructure and resources supporting that infrastructure. 'Tiers' ensure that any EITRP model can be referenced, simulated and documented in a consistent manner.

Each 'Tier' is unique in the data is contains and provides for standards of documentation. Every 'Tier' has relationships with one or more 'Tiers' for data dependency and references. These associations ensure that simulations can be done of environmental changes based on the data stored in an EITRP model and the necessary dependencies are properly referenced, updated and correlated. The following graphic and bullet points explain the tiers as they are contained in the EITRP model:

  • Company – The 'Company' tier is used to document details and information regarding the organization the EITRP model is being developed for. The syntax standards will include methods for documenting all legal entities of the company and subsidiaries. The company tier will also be used to document information about staff, and company locations.

  • Business Rules – 'Business Rules' are all policies for the company that influence how business is conducted. These rules will include hiring of staff, revenue recognition and financial reporting policies as well as industry specific policies regarding data retention, documentation, corporation governance as well as all associated business rules.

  • Business Process – The 'Business Process' tier is the location for documenting all work steps necessary to implement the controls and safeguards documented in the 'Business Rules' tier. This 'Business Process' tier is used to define all work flows within an environment for ensuring smooth operation of the business.

  • Policies – 'Policies' are derivatives of 'Business Rules'. 'Policies' are the rules that will be implemented within the technical environment to enforce the 'Business Rules'. These 'Policies' will be used within the EITRP model to validate that 'Business Process' are being followed and 'Business Rules' are properly implemented. 'Policies' will take the form of documenting who can do what, when and how they can do it.

  • Service Level Agreements (SLA) – 'Service Level Agreements' are the objectives the IT organization will use when defining all IT solutions. These will be used to determine technical measurements including response time, capacity, availability and scheduled downtime to name some of the measurements. This list will be used as the baseline for defining how the IT environment will be measured for success after each new evolution of the environment.

  • Services – The 'Services' tier is the documented list of applications and services that are exposed to the users within the 'Company.' 'Services' define how a specific application is accessed, what methods are available to access it, what that access provides and associates the 'Service' with the appropriate 'SLA' and 'Infrastructure.' Examples of 'Services' could be DNS, web sites, or APIs.

  • Infrastructure – The 'Infrastructure' tier is used to document the types, models, locations and configurations of all the supporting hardware and solutions for the 'Services' tier. This tier will include documentation of a companies servers, storage, data centers, network devices and the associated configuration parameters for those devices. All previous tiers have focused on definition of information and documentation of that information, this tier focuses on the design and documentation of physical components to support the higher tiers.

  • Data – The 'Data' tier is used to document the types of data a company creates, manages and requires and the associated parameters for that data. Parameters for the data could include how the data is used, access criteria, retention criteria and security policies. The 'Business Rules', 'Business Process', 'Policies' and 'SLA' tiers will influence the implementation and operation of the data represented by this tier.

Tiers are an important part of the developing EITRP framework. 'Tiers' allow a consistent representation of a corporation, documenting how the companies goals, policies and procedures are influenced by the IT environment and how the IT environment enables the companies goals and policies.

In my next post I will discuss 'Views.' 'Views' is a concept within EITRP that is for representing what staff have a primary and secondary role with each of the 'Tiers.' 'Views' define how an organization manages the IT environment and how policies go from being defined to being implemented. After discussing 'Views' we will continue with defining EITRP Associations and how each 'Tier' is influenced by each other and what dependencies are created and documented in each environment. These dependencies will then be used to implement the modeling capabilities for a company to understand how a change in one 'Tier' will affect change in a separate 'Tier.'

Sunday, February 13, 2011

An introduction to EITRP

Modern Information Technology (IT) departments create, consume and manage a variety of resources. These individually include data, people, processes and infrastructure; collectively this includes the connections between these individual components. IT today is primarily about enabling the core business of a company, be it manufacturing, software development, oil and gas exploration or car sales. Each IT organization at these various types of firms has the same primary focus of enabling the business and its leadership to be successful in how they lead, transform and delivery on their core business.

Enterprise Information Technology Resource Planning (EITRP) is a new paradigm within computing to enable all resources related to IT to be articulated, modeled and documented in a single, consistent syntax. This enables strategic planning within an IT department and its relationships with the business needs that it supports for the rest of the corporation. EITRP is a new set of standards being developed for the purpose of articulating the resources managed by an IT organization and how those relate to and affect the policies and processes critical to execution of a companies' core business function.

The potential for this consistent syntax is that IT organizations can standardize how they communicate information about all IT resources throughout the management chain. This standard method of communication will enable leaders at all levels to simulate changes to one portion of the environment or one resource and see how that change will affect the related components, resources and processes. This simulation and modeling capability will allow faster time to market and more rapid deployments within IT by fully understating how and change will ripple through and organization.

This is the first of multiple postings about EITRP. Future postings will outline the tiered structure of EITRP, the syntax for documenting a corporations' environments and the formulas for consistent calculation of costs, changes and modifications to the resources within an environment.