I recently read on TechRepublic’s UK website the article “Developers are turning the public cloud into a massive piggybank” by Matt Asay and found myself at severe odds with the thrust of his argument as well as the title of his piece. There were many points that I disagreed with although found some truths in others. I have been in the IT industry for the last 30 years, working in many of the standard (and some not so standard) roles in the IT department (including developer, support, trainer, administrator, business analyst, even consultant) before becoming an IT manager. In more recent years I was a CIO in a FTSE 250 company with a development team, some of whom the moniker “maverick” would have been well suited. But to suggest that even such developers could have such powers of ownership and budget spend, jarred with what I know of running an IT team within an established stock market traded business.
My colleague Clive Howard, a practitioner analyst at CIC with many years of experience as a software developer, development team lead, and software development consultancy owner was incredulous at the idea too. Clearly a missed opportunity if it ever existed, resulting him taking a lie down to reflect on the budgets he supposedly didn’t realise he controlled.
Who is spending on Cloud in the public sector and how much are they actually spending?
The article pointed out that no one seems to be able to forecast the amount of public spending in the cloud. Statements from various recognised analyst companies are used to justify this but the analysts are not even comparing the same figures.
As Asay states, no one can accurately predict the future of public spending in the cloud. One of the problems is that the definition of cloud is evolving every year and it even differs between two of the chosen analyst firms. If it was possible to accurately predict the amount that Public sector cloud services would grow (Gartner) or Public Sector IT cloud services would grow (IDC) then they could probably earn more money as a hedge fund manager. The point on which I agree with Asay and the other analyst firms is that public sector spending will grow on Cloud services. What would be a more interesting statistic is where will spending be reduced as a result of this increase. Public sector spending tends to be finite.
He continues by inferring that the public sector don’t know how much they are spending on the cloud, justifying the statement with a casual reference to an Environmental Protection Agency report published in July. The reference is ambiguous and at first glance appears completely incorrect as the one thing the report is clear on is the financial impact of the services taken on. What Matt later explains is that the very criteria used by the audit team were flawed (in the same way that the analysts’ figures differ).
The auditors blame the recipients as they found that the “Survey data was completed by performing a search for the word ‘cloud’ in the procurement description.” Blaming this entirely on the recipients seems a bit harsh, part of the theory around surveys is that the questions are prescriptive and without any guidance the survey was doomed to failure in my opinion. In part what this merely highlights is the flawed procurement process and the onerous burden of records management on the public sector.
This is not an easy issue to solve, but perhaps placing the onus on vendors might be better. After all, the public sector has data on all its contracts and someone somewhere knows what those contracts are for. Although a Freedom of Information (FoI) request will deliver the documents, it may actually be easier to request the relevant information from suppliers as an annual supplier report rather than locate the public sector technical expert internally.
The investigative challenge: sifting out the known knowns on spend
In most well run corporates the accountants are able to pull out IT spend no matter where it occurs, be that in shadow IT or not. What accountants are not good at is telling the difference between the different types of IT. I normally had a monthly meeting with accountants to explain what the items approved for purchase had actually been and whether they were new assets, or incremented existing asset values.
There are greater concerns in my mind and Asay alludes to these as well. The respondents clearly have no process to discover how much of the services are in use and whether they are value for money. The problem again though is that without an auditor actually questioning the right people in the organisation the auditor really has no idea either.
Asay’s next statement contains a piece of rather stretched logic: “As David Linthicum rightly calls out, “Most IT leaders don’t have a real understanding of how many cloud computing (or other technology) resources are being used — and to what extent — right under their noses.” I saw this happen for years with open source, and now with cloud computing.”
The two are completely different. Linthicum’s point is, however, quite correct but he is not referring to IT functions but to the wider business. The cloud has enabled shadow IT in a massive way. Any manager can purchase a cloud-based business solution with his own budget and authorisation. Some salesmen have been known to purchase Salesforce on their credit cards and then claim it back as expenses. If they hit their targets few would question the expense.
While it is true that some business people understood and took advantage of open source this was limited and it was normally IT departments who did this, or who quickly became aware of the issue.
Spotlight on the budgetary ownership of most developers
How Asay gets from that statement to “Developers increasingly define how and which software is adopted within large and small organizations.”, defies belief (and was the main cause of my colleague’s incredulity). Like him, it is certainly not something I would recognise. I would listen to developers, but more likely an architect or head of development than allow the grass roots to start buying and using anything they wanted. I am not naive enough to believe that developers don’t go out and look at neat new stuff, a developer happy and content to just do maintenance on existing software is a rare commodity indeed. Developers may have introduced some tools such as Git, Github, JIRA and Jenkins but these will at some point still require some level of management buy in and approval , nor do they affect the company wide license expenditure.
In closing Asay again weaves truths with a fantasy. Developers are important, they do create but letting developers set the agenda for a business (or even IT departments) expenditure seems a little far-fetched. I am not aware of many developers who will pay for Cloud Services out of their own pocket for their company if they were sure of recompense in their expenses.
In order for a developer to sign up to a public cloud service any even remotely competent compliance driven department will ensure there is a process for approval for the spend which would include justification. If the initial spend is approved then there is a risk that a developer might be naive in his usage of the cloud environment and start moving data around or investing in massive amounts of computing power. This would normally be caught at a monthly bill cycle by any diligent IT manager/Director. If not then the finance team would certainly pick up on the unusual spend.
In closing I would like to think that these statements are merely Asay getting carried away in his own headlines. While there is a lot of insight in the article, Asay does seem to be approaching many of his points with a flawed logic.