Shane Creech, Director of Infrastructure and Cloud Services, Information Services, New Hanover Regional Medical Center
Cloud technologies continue to evolve and are as stirring buzzwords today as they were about five years ago. Of course, the application areas and functionalities have broadened. Cloud, today, is nothing short of an umbrella term. In light of his rich experience in the space, Creech shares his thoughts and insights on the present-day cloud demographics.
What are the current market trends you see shaping the Cloudspace?
What I’ve seen over the last two years specifically has been a tidal shift in organizational views towards the cloud and cloud services in general. Where it used to be typical to be asking vendors if we could take our servers hosting their applications to a cloud infrastructure service provider, we are increasingly seeing vendors realize the value in creating an alternative offering where the business can consume their software service offering in a modern IT utility model. This is causing disruption in the software services space as vendors whom are still stuck in the software only paradigm are quickly being overtaken by more nimble solutions who offer their services in a consumption model allowing the business to stay focused on what really drives their core mission.
Healthcare providers will have to have the skills to be able to configure, manage and support HIPAA compliant IT cloud infrastructure. What are your views on this trend?
Healthcare providers will certainly have to develop the skills to effectively configure and consume cloud infrastructures, but more so, these providers will be shifting or letting go of some notions of responsibility demarcation as those become real responsibilities that shift to contractual obligations as defined in a business associates agreement. Contracting and vendor management become paramount disciplines in any regulated industry space, not just healthcare and HIPAA. Having a clear understanding of whom is responsible for what aspects of compliance and shifting to verification those aspects are being delivered will become a new way of managing compliance.
Now that more organizations are embracing the idea of hybrid and multi-cloud, agnostic toolsets are quickly emerging to further reduce the vendor specific knowledge gaps that one may have
Support also shifts significantly as managers will lose direct control over traditional levers of influence they’ve come to exercise in delivering their services.
To these ends, it starts to paint a picture that when I give up the physical server or virtualization layers that exist in my data center today, I’m giving up direct control of compliance to my vendor partner providing the infrastructure service. Where I had traditionally had skills and expertise to manage firmware and hardware updates in response to compliance, these are assumed responsibilities of the service provider. My assumption is guaranteed in the form of contractual obligations to maintain these compliance tasks.
Please elaborate on the challenges that the organizations will need to address related to Cloudspace.
As indicated above, an initial challenge will be to gain real discipline in vendor management with respect to contracts and SLAs. When you give up direct control, you’re levers of influence become what is or isn’t written in the contract and defined in the SLA.
Another fundamental shift is gaining IT service cost transparency. A lack of fully understanding the fully loaded costs of an IT service on-prem often leads to uninformed decisions that may have a lasting impact on your service consumers.
This shift of course necessitates the need for the creation, growth and maturity in a FinOps model focused on IT service delivery where understanding both the delivery and consumption demand are clear and transparent to decision makers.
Finally, I often relay to others who are beginning a cloud journey that the IT organization processes we operate under today will need to change, or the cloud will likely cost considerably more to operate than estimates show. The rigid command and control processes that keep the IT organization on track in the data center will derail the highly agile cloud train and any potential savings will quickly evaporate as the organization tries to reinforce traditional processes. This ultimately leads to bloat on the business process side, or even worse, adds time to innovation and service provisioning which defeats a core argument for cloud-based services.
What are the major tasks for organizational CIOs at this point in time? Is there any unmet need in terms of Cloudspace that is yet to be leveraged from the vendors?
The most important task for a CIO is to assess organizational risk tolerance and get a gauge on risk readiness. Never-fail IT was a pipedream that most organizations could never afford to achieve, so most organizations are living in a sense of security bubble that is likely more fragile than those outside of IT believe. Cloud vendors need to be able to help CIOs have risk-based discussions concerning the service and culture transition with the business. The cloud offers more organizations a chance at gaining the resiliency they really desire, but rearchitecting IT services is going to come with some learning and failure along the journey. This needs to be clearly articulated to the business in risk terms that support the typical ROI proposalsvendors are delivering.