One IT – 4

I will try to walk through a possible scenario for the working of One IT using a case that i worked in recently. to be fair, at that point in time, I didn’t have much clarity on One IT so didn’t apply the framework while responding to the customer requirement.

as an after thought I am trying to see if this concept of One IT would be of any benefit to the customer…be open to critique the same ;-). i can’t state the exact details of the customer due to confidentiality reasons but will try my best to walk the reader through the case.

the environment

the organization (lets say xyz) was manufacturer of IT hardware. there was a corporate office with corporate IT and applications.

the organization had numerous (5 or so) operating companies each with their own IT teams and localized applications. each organization had similar business units (about 8 in each)

between the 5 operating companies, they had 3 vendors for end user laptops & desktops.

the total number of users is around 25,000 user s. the users were required to access the local applications as well as the few corporate applications like SAP and eMail.

Challenge – the users in the organization used to travel across the operating companies and it was a challenge to provide IT support and streamline their experience in using IT services.

One IT approach

identity framework – as i mentioned, identity will be the cornerstone of the One IT framework, hence for this case also, it would have to start with the identity framework.

the possible approach was to have a virtual directory based identity management solution ( i wont go into the debate of virtual directory over meta directory based IDM solutions. the objective is to have an  identity management solution to start with). the virtual directory based solution ensured that there was a seamless way of managing identity of users both for corporate and local operating company based applications based on the roles of the employees. we are still not talking about the access rights yet, just the identity part.

the identity repository ensured that we have a list of attributes that can now be manipulated to associate the IT experience for the employees. attributes that defined the type of user, the role of the user, the parent operating company, type of hardware allocated, SLA category etc can all be now linked with the identity of the employee.

this data is also made available to the IT helpdesk so that when the IT user calls the IT helpdesk, the helpdesk analyst is clear about the response time that this user has been committed and works accordingly.

user categorization – along with identifying and cleaning up the roles of  the employee in the organization (a prelude to setting up identity and access management framework), the IT users can also be categorized based on their IT usage into one of the three categories:-

  • Power IT users
  • Medium IT users
  • Average IT users

hardware allocation strategy – based on this categorization, the hardware allocation strategy can also formulated to ensure that right computing resources were allocated for the right type of IT usage and not on designation of the employee. hence the user who is a power IT user in operating company A and operating company B have same type of computing resources (like ram, hard disk, cpu etc) allocated to them but yes of-course, the brands of the laptops/desktops will depend on their vendor management strategy.

seamless provisioning of user into  IT environment – using the identity framework, the provisioning of either a new user or managing an existing user in his lifecycle in an enterprise. using the IdM framework, the moment a user joins the organization, a process can trigger provisioning his identity in the IdM framework and hence into the corporate and local applications based on his role as defined by HR. also the moment the role of the user is defined and approved by the manager, necessary access right will also be allocated to the users digital identity. the manager can also define or change the “type of user” which triggers a workflow to provision the right computing resources to the employee along with utility and application packages which are defined by the “role” attribute in the identity structure.

if you extend the identity framework to admin department, they can also ensure that the necessary workspace is allocated to the user hence not having to chase multiple departments for rudimentary things 😉

utility software and application packages – based on the type of hardware and the models of laptop/desktop, necessary os images with utility software packs can be developed for each operating company.

Depending upon the number of business units and unique application requirement for each role, necessary application packages can also be then developed and rolled out.

The advantage would be that in case a user moves from one role to another role which requires additional application access etc, only the application package will be required to be installed.

helpdesk alignment- helpdesk is another important player in ensuring a seamless IT experience as it is usually the first line of interface a user has with the IT team. in the above scenario, the helpdesk needs to be realigned to respond to the user issues based on the SLA committed to the user.

now what happens if an IT user from one operating company is visiting another operating company and faces an IT issue – say application issue or a hardware issue. The user calls the IT helpdesk and reports the problem. the helpdesk looks up the profile of the user in the Identity store and becomes aware of the role of the users, type of user, hardware allocated and application access rights, base operating company to which the user belongs, and more important committed SLA response. based on these attributes, the helpdesk & IT support team can then start to respond to the issue

but then, what happens when the IT support teams are not consolidated into one IT support team?

in that case, the helpdesk/IT support team of operating company where the user is visiting, has an internal OLA with the helpdesk/IT support team of another operating company. in case the IT support team of the visiting operating company is not able to solve the issue within the necessary time (cause it is a hardware specific issue or parent operating company’s local application issue etc), the call is then shifted to the IT support team of the parent operating company to which the user belongs without the knowledge or action by the user.

in case any hands and feet are required to solve the issue, the visiting operating company’s IT team provides the same and works under the guidance of whichever IT support team is working on the case.

service catalogthe service catalog will the be established based on IT services offered to the employees based on their role of user type. the service catalog will not be a flat structure but will have SLA and response time along with type of user etc.

i guess i will leave the post on topic of One IT open as it will continue to evolve as other than making One IT seamless for IT users, it may touch upon internal nuances of IT like configuration management etc……


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: