Discover entry point: One powerful way to begin service management implementations

Service management has become increasingly successful as a business philosophy. As organizations strive to bring the services they provide into the closest possible alignment with the services their customers, clients and business partners require, service management becomes an ideal mechanism of change, helping them to obtain the best return on existing assets, integrate acquired assets, gain and maintain customers and, in short, grow the business bottom line.

However, getting started with service management can be a complex process. Each organization has its own unique context; implementing service management ideals based on that context requires carefully considering many variables in many dimensions—IT solutions, business processes, best practices, cost controls, performance tracking and visibility and many others. For this reason, determining how to move forward with a service management implementation can be difficult.

To help, IBM unveiled at Pulse 2008 a clear, straightforward model many organizations can use in establishing what service management can do for them—and how to get started. This model, based on five different entry points, is modular; an organization can choose any entry point that pairs well with its own requirements.

These five entry points are as follows: Discover, Monitor, Protect, Integrate, and Industrialize. Each entry point addresses different points of operational improvement, and each is divided into projects; they, too, are modular, providing the extra granularity organizations need to achieve a custom fit as they go about implementing service management. For an overview on each entry point, see: Achieve service management liftoff with IBM: Five entry points to success.

Which entry points and projects should be pursued first? That depends entirely on organizational needs. Both the entry points and projects can be pursued in any sequence, though best results will often come from picking “low-hanging fruit” – that is, pursuing the entry points and projects likely to generate the fastest improvements in any given case.

Here, we discuss the Discover entry point. Future articles will explore the other entry point options.

Discover: Determining, assessing, and refining resources

For many organizations, the Discover entry point might be a logical place to start. Discover is designed to help companies determine and assess the resources they have by establishing how they're deployed, whom they serve, how they interrelate, how secure they are and how they fulfill (or do not fulfill) business goals in an optimal manner. Achieving high service levels means understanding, in detail, how IT services work and which assets are involved; the Discover entry point is specifically designed to help organizations establish exactly that.

Discover is comprised of three relevant projects: Infrastructure Discovery and Mapping, Assessing Security Controls Effectiveness and Business Resilience Planning.

Infrastructure Discovery and Mapping, at a fundamental level, revolves around assessment. Here, the goal is to understand, map and control all hardware and software resources, as well as the services they enable, thus achieving a holistic visibility from end to end. As such, this entry point is well suited for organizations that require improved understanding of the relationship between their services and their infrastructure in order to establish the business consequences of technical changes and maximize service levels.

Compliance also comes into play in this context. Increasingly, organizations are required to comply with government regulations specifying how organizations are to monitor and manage sensitive data—as well as demonstrate that compliance on demand, quickly and comprehensively, in the event of an audit. Cost controls are an important third issue. In a challenging business climate, it's more important than ever before to minimize operations overhead where possible by improving the efficiency and business value of IT domains, such as change and configuration management, service release and IT asset management.

The Infrastructure Discovery and Mapping project helps organizations to address these various issues via clear, straightforward methods. For example, improved service visibility can be obtained through the use of a tool which provides automated discovery and mapping of multi-tier applications, as well as their dependencies, helping managers to know exactly which assets are involved in the execution of complex composite applications. Process improvement spanning both IT development and IT operations is also possible through solutions designed to orchestrate change and configuration, release, IT asset management and incident and problem management. Other anticipated business benefits include increased accountability, decreased costs and minimized risks.

Toward these ends, IBM offers many powerful solutions and services. IBM Tivoli Application Dependency Discovery Manager, for instance, delivers best-in-class discovery of composite application dependency chains, and improved application availability, via its agentless, credential-free capabilities. IBM Tivoli Change and Configuration Management Database, driven by proven best practices, serves as a repository for deep technical data pertaining to IT assets wherever they may be deployed. The IBM Rational software development portfolio includes such tools as Rational ClearCase, which delivers complete software configuration management and version control; and Rational BuildForge, to automate build tasks, reduce costs and minimize the possibility of inadvertent human error.

Furthermore, IBM services are available to help organizations pursue this project as well; these include both IBM QuickStart Services for Tivoli Application Dependency Discovery Manager (PDF, 111KB) and IBM Global Technology Services focusing on change and configuration management.

Protect assets and business processes through careful analysis

The second project within the Discover entry point, Assessing Security Controls Effectiveness, zeroes in on organizational security. This is an increasingly important point in today's world of complex security challenges. Yesterday's hackers, working alone and motivated by curiosity, now sometimes work for criminal organizations and are motivated by profit. Malware, too, is increasingly sophisticated, and can even modify itself to escape detection in some cases. Perhaps the largest potential threat, however, comes from within; trusted insiders with extra privileges may choose to abuse those privileges by accessing, changing or copying data inappropriately. The potential business risks to organizations through security breaches along these lines can be staggering.

Mitigating such risks requires taking a holistic look at how security operates and how it can be improved. For example, many organizations would benefit by reviewing their IT security processes and documentation, analyzing information obtained from managers and process owners and generating reports designed to illustrate both security strengths and weaknesses—as well as suggest logical changes designed to drive security. In this way, it becomes possible to understand how effective security controls may be, ensure risk exposure falls within acceptable limits and develop remediation plans to replace ineffective controls—in short, protect the business from security threats great and small, wherever they may occur.

Here, too, IBM's Global Technology Services can play a key role for organizations wishing to move forward. Internet Security Systems Services, for example, are available to protect the business from the security perimeter all the way to the core—a particularly challenging goal at a time when many IT services are being delivered over the Internet to create or extend business relationships. Data Security services help shield core data from all threats, external and internal, also facilitating compliance initiatives.

And for organizations in the market for security-centric IT solutions, IBM offers a range. These include IBM Tivoli Identity Manager, a policy-based tool designed to automate and fortify controls pertaining to user access rights; IBM Tivoli Security Information and Event Manager, which centralizes security logs generated by different security assets, correlates security events via analysis, and drives compliance through a policy dashboard and reporting engine; and IBM Vulnerability Management solutions, which reduce exposure to security threats by unifying vulnerability assessment with preemptive blocking techniques.

Maximize business resilience through enhanced service uptime

Finally, the third and final project within the Discover entry point is Business Resilience Planning. If you acknowledge that for most organizations, IT is the underlying service that enables all other services and the central nervous system on which business services increasingly depend, it quickly follows that maximizing IT service uptime translates directly into an improved business bottom line. However, many challenges make that goal difficult to fulfill.

These challenges, for instance, include a commonplace failure to comprehend exactly how business tasks are carried out via technological assets, as well as how to prioritize technical services to fulfill business goals. As IT infrastructures grow in complexity and sophistication, it becomes more critical than ever, but also more difficult, to track technical problems efficiently and accurately to root causes. Then, too, core business data used to drive organizational decisions at all levels can unfortunately become corrupted or even destroyed in many different ways, ranging from simple hardware failure to conflicting business processes to natural disasters. Shielding that data through optimized storage management can play a key role in enhancing overall business resilience and continuity.

For these reasons, it's essential that organizations strive to improve their understanding of how to mitigate resiliency risks capable of threatening all aspects of a business, including fiscal considerations, brand strength, customer satisfaction and supplier relations.

For organizations interested in pursuing the Business Resilience Planning project, IBM offers many powerful solutions and services directly on point. The aforementioned IBM Tivoli Change and Configuration Management Database, for instance, conveys many direct resiliency benefits to organizations which deploy it, such as improved visibility of configuration parameters and, as a result, the enhanced isolation of technical problems to recent changes in the infrastructure. IBM Tivoli Change and Configuration Management Database also integrates with other tools on the IT development side, such as IBM Rational Asset Manager, to help optimize information flow between domains, ensuring that new software releases are supported by appropriately configured systems and other assets.

Toward protecting data through optimized backup, archiving and restoration, the IBM Tivoli Storage Manager suite of solutions delivers a best-in-class array of features and functions designed to keep business data safeguarded against all threats, minimizing the business impact of data backup through exceptionally efficient asset utilization. And the IBM Tivoli Storage Productivity Center helps to centralize and simplify all aspects of the storage management strategy, spanning tasks associated with storage systems, storage networks, replication services and capacity management.

Finally, IBM Global Technology Services are available to help organizations achieve rapid progress with this project as well. IBM Information Protection Services, for instance, deliver key expertise in categories from remote and onsite data protection to email management and data continuity architecture. Also relevant here is the IBM Resilient Enterprise Blueprint, which can be used to analyze business process dependencies in IT, and uncover the root causes of IT risks to business activity in three stages, as well as to provide key intelligence to minimize those risks.

In all cases, Global Technology Services will work with organizations to develop a plan designed to support business growth, capitalize on opportunities, and achieve a holistic perspective of the many IT-centric risks to business activity.

• Service Management – Entry Points overview
• Service Management – Entry Points: Discover
• IBM Tivoli Application Dependency Discovery Manager
• IBM Tivoli Change and Configuration Management Database
• IBM Rational ClearCase
• IBM Rational BuildForge
• IBM Global Technology Services
• IBM Tivoli Identity Manager
• IBM Tivoli Security Information and Event Manager
• IBM Vulnerability Management Solutions
• IBM Tivoli Storage Manager family
• IBM Tivoli Storage Productivity Center

Recent Articles

• Accelerate OS provisioning to virtual servers

  Sep 30

• Maximize composite application business value

  Sep 23

• IBM TUAM drives energy management strategies through granular cost-tracking

  Sep 16

• Seamlessly link IT development and operations

  Sep 09

• Seamlessly link service desks, IT asset management and change management

  Sep 02

• Controlling the information explosion: IBM Information Infrastructure Initiative

  Aug 26

• Pulse 2008: Blockbuster event spotlights innovation and service management vision

  Aug 12

• Flash demo: Watch the IBM TotalStorage Productivity Suite in action!

  Aug 05

• Get swift, comprehensive data protection with IBM Tivoli Storage Manager FastBack

  Jul 29

• Unified, interoperable storage management with Aperi Storage Resource Manager

  Jul 22

• Catalog approach can enhance IT service management while reducing costs

  Jul 15

• Lock down unstructured data with IBM

  Jul 08

• Web Replay delivers next-generation automation for TPM customers

  Jul 01

• How to achieve comprehensive, accelerated data protection and recovery

  Jun 24

• Propel IT operations efficiency with IBM Tivoli Service Request Manager 7.1

  Jun 17

• Browse full Tivoli Beat archive