The Cloud

Does IT Matter?

Packaged-enterprise applications may be popular, but a successful company will focus on its IT infrastructure.
Timothy ChouOctober 29, 2013

When Nicholas Carr wrote “IT Doesn’t Matter” for the Harvard Business Review 10 years ago, he may not have realized the far-reaching effects it would have on information technology. For many, it signaled a shift from focusing on compute, storage, data centers and networks to focusing on packaged-enterprise software applications.

Timothy-Chou_ColumnistIn most IT organizations, there are two kinds of applications: packaged enterprise applications and custom-built apps. Packaged-enterprise apps, whether on premises (SAP, Oracle, Microsoft) or delivered from the cloud (Salesforce, Concur, Workday Services) are less than 20 percent of the application footprint in most companies. Custom apps are the applications built by and for the business (e.g., fuel management at 7-Eleven) and include industry-specific apps.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

While attention to packaged apps is warranted, it has been largely to the exclusion of the fundamental computing infrastructure — the compute, storage, data center and networks. The results are starting to show. Costs are increasing, the ability to stay current is eroding and the foundation is becoming less secure.

Opinion_Bug8The true cost of compute and storage is not the computer and the storage. That may seem odd to say, but first, you need to add the underlying racks, power distribution, batteries, access-control hardware and all of the switches, routers and firewalls to interconnect inside and outside of the data center. Next, you need a software stack for network management, load balancing, intrusion detection, building-access control, power management, environmental control, server virtualization, configuration management and storage management. Finally, you need staff and more automation to manage the security, performance, availability and changes of the entire software stack.

For example, Moody’s Analytics, an independent provider of global economic analysis, runs its IT operations in two data centers with approximately 240 physical servers, 1,600 virtual servers and 175 terabytes (TBs) of storage. The cost to manage this is seven times the purchase price of the compute and storage hardware per year.

Furthermore, everything would indicate that the cost multiple for companies is increasing because the price of the hardware is decreasing and the complexity of the software stack is increasing. Consider the following thought experiment: One of the largest financial-services companies has 70,000 servers and 70,000 TBs of storage. Using today’s technology that footprint could be implemented in 150 racks in 10,000 square feet with 2.5 megawatts of power for $25 million. The current cost to manage the system is at least $800 million, which is 32 times more.

Additionally, innovation has not stalled in compute, storage, data centers and networks. The entire software stack is also changing. On average, a software product releases 60 changes per year. Assuming only 30 software products are part of the stack, that implies 1,800 changes per year.

But if you never change anything, you get really cheap computing, and it shows. For example, after the City of Los Angeles moved its email services to Google’s Gmail, the city management of San Jose, Calif., asked its chief information officer to do the same with its system. The CIO reviewed the email system and found switching to Gmail would be more expensive. Sounds odd, but not when you realize the City of San Jose was running 10-year-old software on a 15-year-old server and everyone had only 10 megabytes of email storage.

It’s not only about staying current. Older compute and storage software also are less secure. The backbone of any secure system is insuring you have a hardened system, which means there are no viruses and all security patches are applied. If you look at five software products in the past year, there were more than 135 security patches released along with them.

Your compute, storage, data center and network are the foundation of your “information house,” and you need to pay attention to your foundation as it’s getting more expensive, less agile and less secure. While enterprise apps are important, fundamental IT functions create the environment of success.

Timothy Chou teaches cloud computing at Stanford University. He is the former president of Oracle on Demand and the author of Cloud: Seven Clear Business Models.