Here’s the story of how one company revamped its outsourcing strategy for business expansion and the era of cloud computing.
When we spoke to (let’s call her) Maria, as part of our research for the Cloud bound study, she started off by telling us her company was “all in” when it came to outsourcing. If you outsource IT, her story may have similarities to the one you’re currently living.
The majority of IT support at Maria’s company was outsourced – and had been for many years. As she looked to the future though, this senior IT Director just wasn’t convinced that her current vendor could take their company where it wanted to go. The enterprise was expanding internationally and was eager to expand further into cloud as well.
Unfortunately, the incumbent outsourcing vendor specialized in staff augmentation. It didn’t really have the capabilities to plan and manage a global migration or advise on transitioning applications and services to the cloud.
But neither did Maria.
Because IT was so heavily outsourced, her in-house resources were stretched to the max just covering their current scope of work. As she put it, “it was important to find a provider that’s been there, done that – a mature one that can bring us some best practices.”
Job 1: Buy experience
Maria opted to pursue two new outsourcing contracts – one for applications, one for infrastructure. “We didn’t want to shoehorn it all into one if we felt a particular provider was stronger in a specific area,” she explained.
From the outset, she focused on full-service outsourcers. She wanted a provider to guide and help determine what made sense in their company’s particular situation. For her, the decision wasn’t just about the cloud-based services themselves; she also weighed compliance and service integration factors. Some smaller providers fell out simply because they couldn’t commit to the indemnification clauses her company demanded – an incident would have put them out of business.
Most of all, she wanted experience. “From a selection standpoint, we weren’t looking to be the pioneers,” she said. “We didn’t want to be a vendor’s first dance.”
So she insisted that potential providers prove theirs was a mature model. Her team not only evaluated providers’ capabilities, but also met with their reference clients in the life sciences industry. They were able to learn about hurdles their peers had overcome, study the way their services were architected and ask why they were handling things certain ways.
Wrestle security concerns to the ground
The pharmaceutical industry is highly regulated. And Maria described her company as extremely “gun shy” about cloud computing. Initially, the security guys didn’t want anything to go to the cloud. Nothing. Everything had to be in house. But Maria threw down the gauntlet. “Cloud isn’t going away,” she said. “So how do we make sure we’re protected? Rather than putting up walls, be part of the solution.”
Before she could sign at the x, she had to get everyone’s heads nodding up and down. To do that, she constructed a detailed list of all their concerns. Then, she turned those over to the prospective services provider.
The outsourcer brought in a SWAT team of experts to host a security workshop. Her plan was to “lock everyone in a room” until they resolved every issue. “We got all the architectural diagrams on how it was all going to get played out,” she described. “The security guys got kind of excited as they started seeing how things would work.” Based on those discussions, the team tweaked a couple of things in the solution. And this workshop proved to be the turning point in obliterating the security hurdles.
Learn to live in a hybrid state
Going forward, Maria’s approach is to look at cloud solutions opportunistically – as business drivers and new opportunities emerge. The intent is not to move everything to the cloud at once. “We’ll stay in this hybrid mode,” she explained. “For anything new, we’ll look at a cloud-based solution. With existing stuff, as it starts to expire or need upgrades, we’ll start to roll to more of a cloud-based approach.” To facilitate this, the company has established guidelines and a process to evaluate situations on a case-by-case basis.
Her team is also finding that cloud-based solutions are not always purely public or private, but rather a combination. For example, a new predictive analytics solution they’re launching is “broken up into layers.” There’s a private piece where most of their data resides – and a public layer that’s shared with other clients.
Tip of the iceberg
Cloud computing requires a “different way of thinking, and we’re still laying out the processes,” Maria said. She and her team are spending significant time educating their business colleagues and establishing guidelines and policies. But it’s worth it. “We know we’re not done,” she explained. “We’re going to be doing more of this going forward. So let’s start building.”
Stay tuned for more #CloudBound stories on the Center’s blog and check out the study, “Cloud bound: Advice from organizations in outsourcing relationships.”