“enterprise” IT – out of touch and increasingly irrelevant?

So okay … I know it’s been asked before, but it’s not going to stop me asking it again anyway: is the traditional ‘enterprise’ IT department dead? And, if not, why not? What on earth is its purpose?

My recent CIO column “Whitehall zeros in on cost” touched upon the radical, and welcome, impact of zero organisational IT and user-centric computing services. I’m going to explore here what’s happening – and its implications – in a little more detail.

One of the key tenets of a CIO staying relevant to their organisation is knowing when to let go of old, outdated practices and to embrace the new and improved instead. It’s also about having the skills and experience to manage the transition from old state to new state. The role – perhaps now more than ever – is one of learn, adapt, reinvent, or succumb to built-in obsolescence and remain about as useful as yesterday’s gadget. So it’s a sad irony that some IT departments, once seen as the enablers of productivity and competitiveness, are now just as likely to be the direct cause of reduced productivity, inflated costs and complexity.

The contrast between the old and new worlds is telling. New organisations frequently set up with little if any in-house IT infrastructure, obtaining required capabilities from a range of commodity components – from utility end-user devices to cloud-based services. The starting point is a zero IT mindset, making smart re-use of existing devices and services wherever possible – with bespoke or niche requirements only acquired and implemented by exception. This approach is a direct inversion of the operating model of many existing organisations, who have grown up with the idea of the ‘enterprise’ IT department sitting like a plump spider at the centre of a web, acquiring and owning everything, either directly or via contractual arrangements with key systems integrators. The ‘one size fits all’ mindset of many enterprise IT departments was never sensible: today it’s an increasingly  expensive indulgence.

In the commercial world, businesses will either transition to this new model quickly and effectively, or find themselves up against competitors and new market entrants with operational costs as much as 80% lower than their own and with far higher productivity. Whilst these competitive dynamics are not directly mirrored in the public sector, the economic environment and the need to provide better public services at less cost provides an equally compelling driver of change.

This is not only a significant shift in the nature of devices and platforms that users utilise, but also the way they work. The prevailing model of the 1990’s and the last decade is rapidly becoming obsolete. Remember for example when users emailed documents around to each other for review? And each user then sent it back with their comments for the originator to assimilate into an updated version … which they then sent out for review and so on and so on? And each user had to have a PC with a local email client and a local word processing package to edit the document? How so very 1990s. And how terribly inefficient: it was an era that merely substituted a digital form of document exchange in place of the paper equivalent that previously existed: it was not a successful transformation of working practices.

Today’s commodity platform approach has transformed “documents” into online collaborative workspaces, where users simultaneously work on the same information. The “document” is no longer emailed around ad nauseum and hence no longer forks and chews up pointless cycles of in-box handling bandwidth and offline processing. Editing is done through generic end-user device tools, most frequently web browsers, enabling users to access and work on key information wherever they are and through a variety of devices, including their own. The need to move information around, with all that productivity-sucking impact, is rapidly reducing, as is the need for printing out ‘documents’. It’s a semi-realisation of Jaron Lanier‘s comment about Ted Nelson:

“… I think that Ted Nelson‘s first thought was a best thought … that there should only be one copy of a digital file, controlled by the owner”

albeit applied to the workplace rather than the consumer space.

We have passed through an era where the norm became the specification of particular products or service providers, with the ‘enterprise’ IT department acting in god mode and deciding which product or provider to select on behalf of all its users. All too often the IT department did so without any analysis or real understanding of the actual user requirement: ask many IT departments today as they are about to sign or renew a contract what user requirement the good/service meets and what alternative options have been evaluated, and I’m alarmed by how rarely the question can be convincingly answered. This out-dated approach – either automatically renewing incumbent products or service providers, or at best swapping them out to make a like-for-like substitution with self-similar products or suppliers – has become lazy business as usual, with inadequate thought given as to what capabilities are actually required and how those capabilities might best be provided.

Today the focus is swinging rapidly away from specifying products or suppliers in the arrogant belief that “One Size Fits All” to concentrate on user requirements. Where once only ‘enterprise’ features, under the monopoly control of IT departments and their select suppliers, provided the necessary capabilities, today consumer technology has commoditised important ‘enterprise’ requirements such as disk and folder encryption, the ability to remotely wipe a device, real-time device remote tracking and dual-factor authentication and revocation. The irony is that some major ‘enterprise’ product vendors, perhaps too busy cosying up to their favourite ‘enterprise’ IT departments, have completely missed this major gravitational shift. Such features remain notably absent from their own consumer offerings, leaving them badly placed to survive the current transition.

One of the biggest obstacles to genuinely user-centric and effective ways of working has always been the vexed issue of security. Yet this historic over-dependency on IT departments and expensive bespoke suppliers masked an essential reality: that security is not a function solely of technology, but one of people and HR and legal practices. It is the user who is ultimately accountable and responsible for adherence with organisational policies. Embedding such policies into user-hostile technology may have become an accepted way of working in many organisations, but it is not a solution in itself. Indeed, the experience of some organisations suggests that by making technology the main focus of ensuring the security of data and devices, users have abrogated their own responsibilities. “People, process and technology are all part of security” is the standard mantra. So let’s establish just such a balance instead of throwing technology at the problem.

In the early days of the internet there was often one touch-down machine in an office where the internet could be accessed. No other devices were allowed to connect to the new fangled interwebs. Now something similar is happening once again, but almost as the inverse of that earlier approach. For their routine needs, users are making use of commodity services and devices equipped with high quality consumer security. Yet when they need access to particularly secure material they can use a secure touch-down machine in the corner of the office. The era of commoditised, utility computing has inverted the security model. All those earlier unnecessary and expensive practices – such as buying top range new PCs and then sticking glue in their USB ports; or putting custom security software onto them that meant the PC took 20+ minutes to boot before it could be used; or tying users to particular locations and forcing them to work in specific, unproductive ways; or making users print out more secure documents and carry them around on paper; or {fill in your own example here} – are heading the way of the hay wain.

This emphasis on users in place of the ‘enterprise’ IT department is a belated recognition of the reality that most users have fairly lightweight routine needs that can be met by simple email and word processing facilities – and security requirements that can be met through the best of what the commodity world has to offer as standard features.

Apple Macs for example, if they are lost or stolen, can be remotely wiped of all their data and contents by their user, without requiring the insertion of an ‘enterprise’ IT department into the mix. Remotely wiping a Mac removes all data and also locks it down, making it unusable without a set passcode.

Device security itself is increasingly less of an issue anyway. Many business services are now accessed through web browsers with little if anything actually persisting on the device. A service such as Google Drive does not physically copy your docs to your device. Where secure on-device protection is required, whole drive encryption or selected folder encryption can be enabled all under the control of the user. In addition, standard features in hosted services such as Google Apps include two-factor authentication and the ability for a user to revoke a device’s access permissions in the event it is lost or stolen. The majority of software is now self-updating and self-correcting – making redundant yet another of the expensive roles once played by central IT departments and their suppliers. These modern, consumer-friendly tools are finally empowering the user rather than the IT department.

The move to devices making use of open standards is helping remove the previous ‘enterprise’ IT endorsed lock-in to specific products and technologies. By concentrating on the right standards for interoperability and a user-based definition of functionality, future moves between service providers become simpler and a huge swathe of costly and time-consuming infrastructure and bureaucracy can be removed.

For those who cannot or will not rise to the challenge, I’d advise them to read and consider the observations that the Leading Edge Forum made in its report “Preparing for a Post-PC World” (August 2011):

“It would be counter-productive, and even dangerous, for IT executives to deny what is happening and refuse to engage in these post-PC change debates. The inevitable result would be that employees saw enterprise IT and its policies as out of touch and increasingly irrelevant”

CIOs need to refocus on their role as the optimisers of business processes and information handling, and as effective agents of change. They need to demonstrate their capability to reduce costs and improve user satisfaction and productivity. Their biggest challenge is to lead this transition from old mode to new – or otherwise they’d best beware the LEF’s prescient warning above…


  1. IT needs to recognise how business really works? It is people that create all source information and this is where IT needs to focus. The big issue is in the software which has still to make what
    will be a very painful step change for vendors from complexity to simplicity. The “enterprise software” model as has evolved is just not sustainable. This is just a whole string of articles now concluding the obvious. Interesting perspective here http://social-biz.org/2012/07/21/bpmn-is-incompatible-with-acm/ Naomi Blooms blog hits the spot http://infullbloom.us/?p=3222.
    in UK a blog talks about “collaboration flows” http://confusedofcalcutta.com/2012/06/17/continuing-with-the-social-enterprise-and-flows/ and last but not least this from Forrester http://blogs.forrester.com/craig_le_clair/12-01-09-stuck_in_cement_when_packaged_apps_create_barriers_to_innovation#comment-18070 all with the same theme need to be user centric which by definition makes the old enterprise model no longer fit for purpose?
    We are a UK software technology company that recognised these problems in the 90s and with original thinking (and very little support from UK) we have that first step to commoditisation of software. My entry on the HMG Solutions Exchange see http://ictinnovators1.procurement.cabinetoffice.gov.uk/Page/ViewIdea?ideaid=247 explains how to tackle the move to sort out the legacy mess maybe even build a “dynamic benefit system” but of course ignored……We in UK need to realise that we have some real talent at R&D innovation but appalling support to commercialise we need to learn to help ourselves – US are masters at it!

  2. Been reading this article for last 28 years.My simple response throughout has been if you think that enterprise IT is irrelevant, shall we leave the data centre and power it all down right now?

    Where are all these mythical IT departments that haven’t advocated and embraced change throughout that time? In my experience others talk technological change, like they talk fast cars , but only enterprise IT has the nous to deliver it without destroying the business in the process. Throw away proven service management disciple at your peril; ask RBS!

    1. That all depends what the data centre is doing – many have indeed closed them down and adopted cloud-based alternatives, particularly for their commodity needs. Few new organisations need to acquire and run as much infrastructure as older organisations do for what are now utility and commodity services – so the issue is how well and quickly existing orgs with a complex legacy can transition to maintain their relevance, and competitiveness, whilst also meeting the organisation’s specific needs. To start by thinking about infrastructure, instead of user needs and the capabilities needed to meet them, is to start in the wrong place.

      As it comments above, “The starting point is a zero IT mindset, making smart re-use of existing devices and services wherever possible – with bespoke or niche requirements only acquired and implemented by exception.” Of course there are exceptions – the problem being too many ‘enterprise’ IT functions have thrown commodity and niche requirements into the same procurement bucket and treated them all the same way. That might be in the best (self) interest of an IT department, but it’s failing the organisation and its users. It’s always useful to ask the users (internal and external) how well they rate the services they receive: that’s the only real benchmark of whether an IT department is doing a good, indifferent or damaging job. The difference in perception can often be stark.

      Of course the best IT depts will innovate and remain relevant – even to the extent of innovating themselves out of existence when appropriate. The RBS point, as you imply, appeared to have nothing to do with technology per se: it was about governance and process (or the lack of). Good governance and process are required independent of the service-delivery model (from in-house infrastructure to service-based capability.)

      1. Dave’s comments likely represent most views where guidance and knowledge is sadly lacking. Jerry’s response is right on where commodity needs can be put in cloud but where and how does an organisation start to tackle the mission critical legacy to move forward as a sustainable and thus future proof investment. In my previous comment I listed other commentators all giving their perspective on putting users first. So let me put the “jigsaw” together.

        First the Forrester thinking “outside in” with people as drivers and that requires flexibility to allow innovation hence the comment on packaged apps as barriers. This opens the discussion to then “custom code” these front end requirements. The Bloom blog articulates that the vision she had in the 80s to remove coding is becoming a reality through Object Model Driven Development where there is no need for coding or code generation to build what is required. Confused of Calcutta adds the dimension of the need to recognise that old workflow thinking is quite deficient in handling the emerging need for social interaction in the enterprise and came up with the concept of “collaboration flows” which are detailed in his blog. What the social-biz input does is tackle how to deliver recognising the importance of setting out on this journey with the right attitude and framework that technology needs to support. “It will appear to be very loose, flexible, and unstructured. However, it will be such that every business user can read and understand without special skills, and it will be one that can be changed in any way”.

        All these views suggest a door opening to help Dave and his colleagues start the journey. It is not buying packaged apps nor is it coding it is a new capability embracing all the valid points raised in those disparate perspectives yet with the one common theme start with people and what it is you are trying to achieve. It is important to recognise everything else takes second place to this driver otherwise a new inflexible legacy may be created with associated high costs. Such tools are now available but not from the big vendors; so do your homework!

        It will be evolution not revolution but there are many who will resist such relative simplicity. The big vendors will fight back and internal IT who are wedded to their legacy in fear of any interference that might cause a failure (like RBS?) But change there must be as future generations look back and see not just what a mess “enterprise IT” created but judge on how managers reacted to fix with next generation technology becoming available.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.