Cloud architectures and remote workforces have effectively dissolved the network perimeter, the traditional line of defense for IT security. Lacking that decisive boundary, the work of security teams has changed. Now to guard against data breaches, ransomware, and other types of cyber threats, protecting network endpoints is more important than ever. 

But protecting endpoints is a priority with a massive scope. Endpoints encompass everything from employee laptops, desktops, and tablets to on-premises servers, containers, and applications running in the cloud. Endpoint security requires a comprehensive and flexible strategy that goes way beyond what security teams relied on a decade or more ago. Then IT assets were nearly all on-premises and protected by a firewall. Those days are over.

Ransomware continues to evolve

Ransomware continues to be a major threat to organizations of all sizes. After declining for a couple of years, ransomware attacks are on the rise again. They increased 23% from 2021 to 2022. 

Not only are attacks more frequent, they’re also more disruptive. In 2021, 26% of attacks led to disruptions that lasted a week or longer. In 2022, that number jumped to 43%.

On average, each of these attacks cost its victim $4.54 million, including ransom payments made as well as costs for remediation. As bad as these numbers are, they’re poised to get worse. That’s because in the past year, attackers have adopted new models for extorting money from victims.

Business email compromise attacks

Another prevalent form of attack is business email compromise (BEC), where criminals send an email impersonating a trusted business contact, such as a company CEO, an HR director, or a purchasing manager. The email, often written to convey a sense of urgency, instructs the recipient to pay an invoice, wire money, send W-2 information, send serial numbers of gift cards, or to take some other action that appears legitimate, even if unusual. If the recipient follows these instructions, the requested money or data is actually sent to the criminals, not the purported recipient.

Between June 2016 and December 2021, the FBI recorded over 240,000 national and international complaints about BEC attacks, which cumulatively resulted in losses of $43 billion. Ransomware might make more headlines, but BEC attacks are 64 times as costly. And they are becoming more frequent, increasing 65% between 2019 and 2021.

“Endpoint monitoring won’t stop a BEC attack,” explains Tim Morris, Chief Security Advisor, Americas at Tanium. “But it might tell you a little more about the person who opened the email and what they did with it. Context can give you the clues you need for determining whether the attack is part of a broader campaign, reaching other recipients with deceptive messages.”

Practical tips for endpoint management

How should CIOs and other IT leaders respond to these evolving threats? Here are five tips.

Treat endpoints as the new network edge.

With so many people working remotely and 48% of applications running in the cloud, it’s time to recognize that the new line of defense is around every endpoint, no matter where it is and what type of network connection—VPN or not—it’s operating with.

2. Identify all devices connecting to the network, even personal devices not officially authorized.

“You can’t secure what you can’t manage,” says Morris. “And you can’t manage what you don’t know.” Security Operations Centers (SOC) need to know all the endpoints they’re responsible for. Audits of enterprise networks routinely find endpoint management systems miss about 20 percent of endpoints. SOC teams should put tools and processes in place to ensure they have a complete inventory of endpoints and can monitor the status of endpoints in real time.

3. Patch continually.

Patching has always been important to ensure endpoints have access to the latest features and bug fixes. But now that software vulnerabilities have emerged as a major inroad for attackers, it’s critically important to ensure patches are applied promptly. Organizations can’t hope to respond to supply chain attacks like Log4j without putting in place automated solutions for software bills of materials and patching.

4. Drill.

Once you have a cybersecurity plan, a cybersecurity toolset, and a trained staff, it’s important to practice hunting for threats and responding to attacks of all kinds. It’s helpful to take a Red Team/Blue Team approach, assigning a team of security analysts to break into a network while another team tries to defend it. These drills almost always uncover gaps in security coverage. Drills also help teams build trust and work together more effectively.

5. Get endpoint context.

When attacks occur, it’s important to respond as quickly as possible. To respond effectively, security teams need to understand what’s happening on affected endpoints, no matter where they are. Which processes are running? What network traffic is taking place? What files have been recently downloaded? What’s the patch status?

Analysts often need answers in minutes from endpoints thousands of miles away. And they don’t have time to install new software or hope the remote user can help them set up a connection. Security teams need to have a system already in place for analyzing endpoints and collecting this data, so that when any type of attack occurs—even attacks like BEC attacks—they can collect the contextual information needed for understanding what happened and what threats remain active.

Cyber threats are becoming more prevalent, more sophisticated, and harder to identify and track. For more tips—five more in fact—on how to reduce the risk of cyberattacks and ensure that when attacks occur, they can be contained quickly and efficiently, check out this eBook.

Security

It’s time to get back to the basics of productivity. The IT pendulum is swinging back toward operational excellence as companies must now recover from a whirlwind of digital transformation investments made over the past three years. Today, CIOs need to operationalize new technologies and online business models. But with IT teams already overexerted, how can companies champion this new workload?

Expedited innovation has brought IT productivity concerns to the forefront:

Technology adoption has accelerated, leaving IT with more tools, services, and providers to manage.The cloud and network edge have expanded, forcing IT to accept broader responsibilities across distributed IT environments that make visibility difficult and control more time-consuming. Engineers are known to spend 50% of their time monitoring and troubleshooting the network.Today’s cybersecurity strategies require IT teams to make significant changes, updating systems and processes in response to new security frameworks. Staffing challenges slow operations with hiring, training, and learning curves. About 1 million people work in cybersecurity in the U.S., but there are nearly 600,000 unfilled positions.Fluctuating business needs and evolving security threats consistently keep teams in response mode, distracting them from continuous improvement.

When innovation multiplies functional tasks, it’s even more important to step up productivity. Here are the secret ingredients for keeping IT simple and speedy, so the business can perform faster, recognizing more value from newly adopted technologies.

Secrets to IT productivity: gathering momentum in teams, talents, and tasks

Operational vigor is necessary to ensure expedited innovation is working the way it should. At the heart of logistics are people and process management. Accelerating operations starts with assessing the three “Ts” of productivity: Teams, Talents, and Tasks.

Teams: Is the IT team and their priorities aligned to the business outcomes, and can the team see or understand how their joint contribution is driving corporate strategy? When IT is an ecosystem converging the network and security with every department and major initiative, is the team connected to each relevant business unit in ways that help it co-innovate and co-orchestrate success?

Management shapes team culture, and when teams feel connected to their work, their leaders, and each other, companies grow faster and more efficiently gaining 7.4% more revenue growth.

Talents: How are you making sure people have the right skills to operate at maximum capacity? Do you know what unlocks each person’s potential, and are you tailoring resources to their specific needs? When management styles and remote work policies impact the amount of energy employees can bring from their personal lives into the workplace, is your approach enhancing individual contributions?

Leaders focused on meeting the individual needs of their people are 1.2x more likely than their peers to achieve hypergrowth of 10% or more.  

Tasks: Has the IT team benchmarked the amount of time required to perform critical tasks? Are processes standardized and documented for repeatability and scalability? Are projects prioritized across the business units to produce timely results when and where they’re needed now? When priorities are always shifting, does your change management streamline communication and responsive action? Do you both think and act using agile best practices? Are projects and tasks visible? How have you explored new ways of working, reinventing processes to make things go faster?

Overconfidence slows performance

In poising IT for expansion, task management must be honed as a continuous process. Focusing on the three “Ts” of productivity can build capacity, but be careful not to get overconfident. Leaders tend to overestimate how connected teams are, how satisfied employees are, and how streamlined processes are, which explains why reassessment is necessary. Most importantly, don’t be afraid to shed legacy mindsets, inviting creative ideas and experimentation that foster an adaptive and resilient workforce.

Secrets to IT productivity: handling more of everything

Today there is vastly more for IT teams to manage: more technologies, more services, more providers, and more distributed environments—and all with more changes. It’s a bit like trying to manage the world’s oceans at once, keeping tabs on all the schools of fish.

So, the question at the center of productivity becomes: “How can we automate the management of it all?”

Sure, there are hundreds of service providers willing to work for you (and we’ll get to that later), but how do you really arrive at automated management? To get there, it helps to break down each functional area, defining what (and who) must be managed:

Network Management: Network connections – each with their services and providersSecurity Management: Security capabilities and applications – each with their services and providersCloud Management: Infrastructure and applications – each with their services and providersEndpoint Management: Mobile devices – each with their services, providers, and applications in use

Getting started: an approach to automated management

An automated approach to management starts with a computer-driven system collecting information across all the assets in all the oceans listed above. Next, it applies artificial intelligence (AI) and advanced analytics and leverages robotic process automation (RPA) as well as integration to accelerate management in three primary areas:

Vendor Management: API integration establishes an inventory of all current assets, creating an accurate catalog of services, providers, and users. Now, an automated system can be created to apply due diligence to the processes of vendor tracking, contract negotiations, anticipated upgrades, as this helps with economies of scale and efficiencies of scale.Service & Device Management: Advanced analytics recognize redundant, unused, or underutilized services and mobile devices. Now, an automated process can dissolve, consolidate, and reallocate assets to get more value out of existing investments. Likewise, you can automate service order approvals, device procurement, and service implementations.Billing Management: API integration collects all service invoices, making it easy to automate workflows to validate and pay invoices. Removing manual tasks also makes accounting and cost allocation more accurate. 

Productivity isn’t the only advantage. Automation helps with everything from IT budget forecasting to business continuity—when outages are avoided because services get paid on time.

But AI automation can also be used more broadly.

Secrets to IT productivity: gaining speed from AI-Powered automation

Competitive advantage today is defined by speed, and swift action is driven by digitized processes, advanced analytics, and hyper-automation built into the core of the IT organization.

Digitization makes the architectural building blocks of IT more nimble and responsive. By moving to the cloud and by switching from hardware to software, the network infrastructure establishes a foundation for acceleration. Modular architectures are virtual, allowing for extreme flexibility. This transition also makes data easy to access, which is fundamental in using advanced analytics.

When machine learning, behavioral analytics, and predictive analytics can observe the entire IT environment, Ieaders can make quick sense of IT complexity for faster, data-driven management. The key is to apply analytics holistically, breaking down data silos with a centralized platform serving as a single source of truth. This allows for overarching insights across the network, security, cloud, and endpoints.

Hyper-automation powers self-healing, autonomous IT systems

Advances in AI-powered automation are helping IT systems “heal themselves.” Using closed-loop automation, an AI engine can identify problems inside complex IT environments. Moreover, it can recommend repairs or solutions and then act on those recommendations itself —that is, once the administrator hits the approve button. Self-healing capabilities help leaders build reusable tools to automate manual, mundane, and highly repetitive IT tasks, and it has proven success, particularly in the areas of:

Security, reducing the amount of time and effort needed to identify and mitigate threats.Network performance optimization, predicting outages, and preventing connectivity issues. Gartner states, “automating 70% of network change activities will reduce the number of outages by at least 50% and deliver services to business constituents 50% faster.”IT asset management and service administration, diminishing the time it takes to responsibly manage sprawling tools and providers. One study shows companies see a 52% productivity boost from mobile device management automation and outsourced services.

When IT leaders invest in self-healing IT systems, they are making advances toward the fully autonomous IT environments of the future.

Balancing outsourcing with insourcing and knowing when to automate vs. outsource

Automation is an advanced field, and companies don’t always have the internal skillsets to go at it alone. Services and solutions like AI for IT Operations (AIOps) and IT Expense Management (ITEM) can help, but knowing where to draw the line between outsourcing and the work of your internal team is another critical decision point in maximizing productivity. Outsource too much, and you lose control. Insource too much and you will never get to the more meaningful work of driving innovation for the business.

Those who strike the right balance have an intimate understanding of:

The talents on their team, the cost or value of the work being performed, as well as when and where the day-to-day grind is pulling the internal team away from innovation.When to use automation versus outsourcing. Automation technologies are transformative and can have a meaningful impact on reducing costs and time. While outsourcing services can also free up time, it provides peace of mind during times of volatile change and uncertainty. Outsourcing is optimal for enabling talent scalability – automation is not.

In planning an automation partnership, there are ways to find a good middle ground. You can start a project entrenched with a partner, leaning on professional services to audit and more fully examine your IT environment, accelerating your end-to-end processes. This way, you start with a fully customized service before moving into maintenance mode.

Operationalizing innovation to deliver on the promise of digital transformation

Productivity is the secret to success in digital innovation, and while there is an abundance of advice on leadership strategies and techniques for using AI inside the IT infrastructure, there is far less guidance in helping IT teams solve the daily grind issue—handling the explosion of assets and services after expedited innovation. In order to improve performance, you have to also tackle productivity at the source–at the vendor management level.

To learn more about IT expense and asset management services, visit us here.  

Digital Transformation

Today’s digital era has triggered a mass modernization of corporate IT infrastructures. But in upgrading networks and security systems with technologies like SD-WAN and SASE, IT teams face a paradigm shift in managing a cacophony of new tools and service providers behind them.

SD-WAN and SASE: essential for secure innovation and remote work

Company leaders are feeling the pressure: Now is the time to modernize IT or risk losing the company’s competitive edge. Accelerated demands in digital transformation and remote work have forced companies to upgrade their legacy networks and security systems so they can adequately support online services, cloud innovation, and artificial intelligence.

Two technologies are key in making these foundational upgrades: Software-Defined Wide Area Networks (SD-WAN) and Secure Access Service Edge (SASE). The SASE market will exceed $13B by 2026, a figure unscathed by economic pressures, according to Dell’Oro Group.

These interrelated tools make it faster, easier, and more affordable for businesses to securely connect offices and remote users to the applications and information they need to get work done. Moreover, SASE solutions package SD-WAN with four security capabilities for protection across the network, the public internet, and cloud applications.

While SD-WAN and SASE are praised for revolutionizing IT infrastructures, deployments trigger a wake of changes compounding complexity without the right management strategies in place.

Modernization requires smarter management while keeping an eye on costs

Knowing how to respond to the demands of SD-WAN and SASE can be the difference between a successful modernization project and a digital transformation disaster.

SD-WAN Requirements: In-depth Intelligence about Apps, Workloads, and Assets

One of the key advantages of SD-WAN is its ability to allocate network resources to the applications most important to the business. By prioritizing bandwidth, SD-WAN ensures the most critical tools are always up and running because they “get fed first.” This feature is known as application-based routing, and establishing traffic steering policies is a primary step in designing how any SD-WAN solution will function.

But here lies the critical prerequisite: You can’t establish traffic steering policies if you don’t first have a prioritized list of all your applications ranked from highly critical to discretionary. This is key for SD-WAN readiness because it serves as the blueprint for solution design. Technologies make asset inventories easy. Software used for network workload analysis, expense management, and Shadow IT discovery can help build network maps and a centralized catalog of applications, services, and connected devices and users.

The risk of unnecessary complexity: more IT services to manage

SD-WAN and SASE can spur unforeseen management headaches, and given today’s staffing challenges, companies may not be prepared to take on the vast administrative responsibilities of handling increasingly distributed IT environments with more providers. Here are the primary sources of provider sprawl:

ISPs: Trading MPLS connectivity for broadband connectivity comes with the challenge of more internet service providers (ISPs), particularly for services across a wide geographical area. This can mean switching from one carrier to tens if not hundreds of ISPs.

Security & SASE: Every SD-WAN project should spur a security conversation, and converged SASE solutions make it easy to address network security. But this isn’t enough. Multi-layered security for the entire IT environment requires more tools and providers. Consider endpoint security, threat detection and response services, and comprehensive Zero Trust tools.

IaaS: Ancillary SD-WAN services include direct interconnections to cloud service providers, which is why companies use SD-WAN to migrate to the cloud. But again, cloud Infrastructure as a Service (IaaS) saddles IT teams with yet more distributed providers.

What’s at risk? Costs can get out of control. IT modernization generates a sprawling landscape and when not well managed, both hard and soft costs go unchecked. Cloud service overspending can be as high as 70%, according to Gartner.

SD-WAN & SASE: managing it all

Successful modernization strategies give equal weight to building the IT infrastructure as they do to building the support systems and operations teams necessary to champion SD-WAN and SASE after implementation. Responsible management focuses on key areas of focus:

Tactical management:

Inventories need to be maintained for network services, SaaS apps, users, and their mobile devices, and data cleanliness is of utmost importance.Network service quality should be managed; troubleshooting can be time-consuming.Invoices need to be collected, validated, and paid on time to avoid service disruptions.Credits should be collected when providers fail to meet service level agreements.Contracts and renewals need attention at the end of every lifecycle.

Strategic management:

Centralization brings aggregate benefits:Visibility into all assets and services in one dashboard.Integrations with global providers and internal IT ticketing systems.Advanced analytics evaluating complex data across many data streams.The IT ecosystem means synthesizing insights: There are manylinks in the IT ecosystem (it’s more than just SASE connecting the network with security) – for example, SD-WAN telecom services and corporate mobile devices go together and should therefore be managed together.Converged tools create converged teams: When network, security, and financial data come together, leadership should also bring together, like operational teams.Cost optimization: most companies overestimate their SaaS and IaaS needs, and the ability to correlate usage data with asset ownership helps shed waste by identifying redundant applications and underutilized resources.

Worried about management? Technologies and services can help

Software and services can help alleviate the manual work of management. When teams aren’t prepared to take a do-it-yourself approach, outsourcing can take the workload off internal teams. IT expense and asset management solutions address network services and cloud infrastructure and SaaS applications, as well as mobile devices, delivering benefits across broad areas:

Management: Automating the administration of IT services, mobile device lifecycles, and invoices.Cost Savings: Evaluating IT spending to cut costs and identify inefficiencies as well as unused resources.Consulting: Assisting with service contract negotiation and IT investment strategies that transform the business—rather than just help run the business.

Effective management avoids unnecessary complexity

Modernizing an IT infrastructure requires a constellation of tools and services—and the degree to which a company can effectively manage its assets, providers, and expenses—determines whether it can operationalize SD-WAN and SASE without adding unnecessary complexity.

Without effectively managing all that surrounds SD-WAN, it’s nearly impossible to understand the cost of, or guarantee the performance of—much less the security of—the business’s technology investment.

IT and procurement leaders find it helpful to take a centralized approach, administering all SD-WAN and SASE services and tools in one place with a keen eye on costs. With excellence in tactical and strategic management, it’s far easier to realize the full value of an IT modernization effort.

To learn more about network cost optimization, visit us here.  

Endpoint Protection, Master Data Management, Remote Access, Remote Access Security

The onset of the COVID-19 pandemic led many organizations to further adopt public clouds, and geopolitical conflicts have demonstrated the importance and need for sovereign clouds. Today, many organizations are already embracing or are moving to multi-cloud environments, but this multi-cloud reality does not come without its challenges.

As the nature of the cloud evolves, so does the strategy in which organizations must approach these challenges. What does remain the same is the cloud concerns the organization must manage, such as cost, performance, security, and app delivery.

Establishing a Cloud Center of Excellence is one way to ensure that these concerns are continuously and consistently managed, no matter where you are in your cloud transformation and as business needs evolve. More importantly, with the cloud underpinning modern organizations’ digital businesses, a Cloud Center of Excellence ensures that your cloud management strategy is in alignment with driving business outcomes.

1. Establish a Cloud Center of Excellence

While some organizations have already begun seeing success with multi-cloud strategies, having different business apps and services across different clouds can make it difficult for organizations to ensure approaches to processes and management concerns remain consistent.

To address cloud management concerns around cost, performance, security, and app delivery, many companies have established a Cloud Center of Excellence, a cross-functional team tasked with the responsibility of supporting and governing the execution of an organization’s cloud strategy. A Cloud Center of Excellence team would be responsible for establishing policies and guardrails, driving collaboration and adoption of best practices, and supporting the implementation of new and existing cloud technologies. Thus, enabling centralized management for a decentralized IT delivery model.

The Cloud Center of Excellence team will help identify who within the organization needs to be involved to ensure cloud objectives are well-defined and aligned with business goals. This group should include those responsible for managing cloud cost, cloud operations, security, application development, and enterprise architecture. Ultimately, a Cloud Center of Excellence is pivotal to driving collaboration and setting standards, policies, and best practices that ensure cloud operations are addressing ongoing management concerns across all clouds.

2. Empower Platform Teams by Simplifying Your Cloud Management Strategy

During VMware Explore Europe in Barcelona, VMware polled its audience in order to better understand their cloud management needs. The majority of audience members shared they felt it necessary to not only converge their tools but their teams as well. These same respondents also overwhelmingly indicated that if they could simplify their cloud management approach, it would help them achieve greater cost optimization results, more relevant business insights, and better guardrails around their cloud operations. Having different teams use multiple tools to manage their public and private clouds was an obvious pain point in their cloud management strategy.

Organizations can help meet the need for integrated teams and tools through platform teams. They not only build and run the platform that developers use to create new applications to drive business revenue, but they also serve as a channel between developer teams, operations teams, and security teams. The platform team provides a route for business leaders, security personnel, and the rest of the organization to communicate business needs and meet business challenges, including management concerns.

3. Empower Your Cloud Center of Excellence with Visibility

Without visibility of your cloud applications and their dependencies, it becomes impossible for the Cloud Center of Excellence team to achieve its objectives. Teams are unable to manage what they cannot see. Teams need visibility into the infrastructure to assess spending and application efficiency.

Visibility can be mutually beneficial if you provide your team access to a unified cloud management platform. Doing so enables teams to view factors such as cloud cost, resource utilization, and application performance by business groups across all clouds. A unified cloud management solution also helps teams proactively detect and remediate misconfigurations in your cloud environment. This saves time by not having to review data for violations that may not exist, leaving more time for the team to continue building out best practices.  

The main goal of cloud management is to correlate cloud decisions to business outcomes. Organizations that embrace a Cloud Center of Excellence will be able to pursue a cloud management strategy that’s in alignment with the goals of the business, while also remaining nimble to respond to challenges as the nature of the cloud evolves.

To learn more, visit us here.

Cloud Computing

For many of today’s global enterprises, it’s a struggle to adapt quickly to emerging challenges.

With supply chain issues and the impending recession, digital transformation remains a pressing strategic imperative. However, key digital transformation milestones remain out of reach for far too many teams. To make real strides in each of these areas, Value Stream Management (VSM) has emerged as an urgent demand.

Earlier this year, Broadcom commissioned extensive industry research to learn how VSM adoption is evolving and which key trends are emerging in 2023. Conducted by Dimensional Research, this survey polled more than 500 IT and business leaders. Respondents came from five continents and represented a wide range of industries.

The findings from this survey are now available in a report entitled “2023 Value Stream Management Trends.” We’ll offer critical insights from this report in the following sections.

#1. Enterprise leaders are more focused on the customer than ever

When asked about their top strategic business focus for 2023, 58% of respondents cited “increasing customer value,” the highest-rated response. This objective was ranked third in a similar survey conducted the previous year.

The report’s authors state, “It now seems companies are shifting focus from rushing products to market that risk decreasing customer value with defects, bugs, or quality problems to a clear focus on maximizing customer delight with value and quality.”

#2. A disconnect between business and IT is impeding the attainment of key objectives

As they look at their challenges heading into 2023, senior leaders can be forgiven for having a sense of déjà vu. More than two-thirds (68%) of respondents say their businesses continued to be plagued by a long-standing issue: the disconnect between software development and business strategy. An even higher percentage of technology teams, 72%, are frustrated by business leaders’ constant changing of business priorities.

Since the advent of the pandemic, supply chains have presented challenges for businesses in a range of industries—and supply chains remain the highest-ranked challenge as teams enter 2023. Forty-nine percent of respondents said ensuring their company has reliable supply chains is a top challenge.  

#3. VSM adoption is widespread and growing

Today, the consensus around VSM is nearly unanimous: 92% agree that VSM can help optimize the product lifecycle. Further, 86% have adopted VSM or plan to. By the end of 2023, 60% of organizations will be shipping products using VSM.

The survey also revealed that digital transformation initiatives are tightly aligned with VSM. Ninety-five percent of organizations currently pursuing VSM initiatives are also pursuing digital transformation.

#4. VSM is delivering significant benefits for digital transformation

For teams that have implemented VSM, a vast majority of respondents, 95%, report that VSM has helped deliver key benefits. When asked what benefits VSM has already shown, six responses were selected by one-third or more survey participants. Topping the list were increased transparency (42%), improved organizational alignment (39%), faster delivery of solutions to customers (38%), and enhanced data-driven decision-making (37%)—which can all be integral to advancing digital transformation.

The research shows that those building VSM capabilities are seeing an improved ability to measure and track customer value, which, as outlined earlier, is the top strategic imperative for leaders.

Conclusion

This recent survey offers some compelling proof points of the power of VSM. As we head into 2023, the businesses that have established VSM practices are better positioned to achieve their digital transformation objectives and deliver more value to customers. To learn more, download the report “2023 Value Stream Management Trends.”

______________________________________________________________

Explore ValueOps Value Stream Management, built to manage what you value most.

Digital Transformation

What is Six Sigma?

Six Sigma is a quality management methodology used to help businesses improve current processes, products, or services by discovering and eliminating defects. The goal is to streamline quality control in manufacturing or business processes so there is little to no variance throughout.

Six Sigma was trademarked by Motorola in 1993. The name references the Greek letter sigma, which is a statistical symbol that represents a standard deviation. Motorola used the term because a Six Sigma process is expected to be defect-free 99.99966% of the time — allowing for 3.4 defective features for every million opportunities. Motorola initially set this goal for its own manufacturing operations, but it quickly became a buzzword and widely adopted standard.

Six Sigma is specifically designed to help large organizations with quality management. In 1998, Jack Welch, CEO of GE, helped thrust Six Sigma into the limelight by donating upwards of $1 million as a thank you to the company, recognizing how Six Sigma positively impacted GE’s operations and promoting the process for large organizations. After that, Fortune 500 companies followed suit and Six Sigma has been popular with large organizations ever since.    

Six Sigma principles

The goal in any Six Sigma project is to identify and eliminate any defects that are causing variations in quality by defining a sequence of steps around a certain target. The most common examples you’ll find use the targets “smaller is better, larger is better, or nominal is best.”

Smaller is Better creates an “upper specification limit,” such as having a target of zero for defects or rejected parts.Larger is Better involves a “lower specification limit,” such as test scores — where the target is 100%.Nominal is Best looks at the middle ground — a customer service rep needs to spend enough time on the phone to troubleshoot a problem, but not so long that they lose productivity.

The process aims to bring data and statistics into the mesh to help objectively identify errors and defects that will impact quality. It’s designed to fit a variety of business goals, allowing organizations to define objectives around specific industry needs.

You’ll also find similar principles in Lean Six Sigma, which combines the principles of Six Sigma with the Lean methodology. Incorporating Lean into Six Sigma brings a heightened focus on reducing waste, defects, and variance, while also staying ahead of schedule and under budget. This lean methodology helps organizations stay more agile and flexible while also focusing on establishing long-term processes. Lean adds a stronger focus to defects, overproduction, waiting, nonutilized talent, transportation, inventory, motion, and extra-processing. The idea is that by solving these issues, companies can solve problems faster, improve efficiency, and boost productivity.

Six Sigma methodologies

In practice, Six Sigma follows one of two sub-methodologies: DMAIC and DMADV:

Six Sigma DMAIC: The Six Sigma DMAIC project methodology includes five phases, each represented as a letter in the DMAIC acronym. These include:

Define the problem, the customer, the project requirements, and the ultimate goals and expectations of the customer. During this phase, projects are selected, research is conducted to determine various opportunities and possibilities, and the scope of the project is established.Measure performance of the current process by establishing a data collection plan to determine defects and gather metrics. At this stage, it’s important to establish performance baselines, future goals, and how performance will be measured.Analyze the process to establish root cause of variations and defects to identify issues with the current strategy that stand in the way of the end goal. During the analyze phase, it’s important to use data to identify parameters and inputs that have the most significant impact on the final process.Improve the process by eliminating root causes of defects through innovative solutions. During the improve phase, the focus is on testing the best potential solutions identified in the earlier phases. It’s important to consider performance, cost, implementation demands, and risks or disruptions that may arise.Control the new process to avoid falling into old habits and to ensure it stays on track. During this final phase, all changes made to the process are documented, the root cause of every problem is explained, and a schedule is established for continued monitoring.

Six Sigma DMADV: The Six Sigma DMADV framework, also known as the Design For Six Sigma (DFSS), includes five stages:

Define realistic goals that suit customer requirements or the business strategy. In this stage, project goals are established, schedules and guidelines are drafted for review, and risks are identified. A clear plan for the project should emerge by the end of this stage, and the overall strategy should be aligned with customer expectations.Measure and identify the customer’s critical to quality (CTQ) requirements and translate these into project goals. During this stage, the team identifies requirements, market comparisons, key design elements, and any necessary design components for the project. By the end of this stage, it’s important to have a set of metrics for aligning with customer requirements and overall project goals.  Analyze multiple options and alternatives for the customer along with the estimated total life cycle of the project. This stage is all about building conceptual designs, identifying the best requirements and components, and determining the total cost of the project. The analyze stage is intended to set up the project with a defined design option that can be tested and prototyped.Design the process at a high level before moving onto a more detailed version that will become the prototype to identify errors and make modifications. During the design stage, the final details of the design are established, and a model is built that is one step away from a functioning prototype.Verify that the final iteration of the product or process is approved by all customers and clients — whether internal or external. The final design is presented to all the key stakeholders to ensure that it’s the right fit and that it will be effective in real-world use cases. This is the stage where you’ll document the process, all changes, and plans to implement the process so that it’s scalable and sustainable.

DMAIC vs. DMADV: The DMAIC and DMADV methodologies seem similar, but they have different use cases. The DMAIC methodology is designed for existing process or products that aren’t meeting customers’ needs or performing to standards. When a business needs to develop a product or process that doesn’t already exist or when a product has been optimized but still falls short, that’s when you want to use DMADV.

Determining a Six Sigma project

To find projects in your organization that would benefit from Six Sigma they need to fit some criteria:

Each project needs to have a clear process of inputs and outputs.Don’t go into the project with a pre-determined solution — that means you already know the fix.Focus on reducing “operation variation” to make it easier for untrained operators.Project needs to be approached with knowledge of variations in process inputs and how to control and eliminate defects.

iSixSigma offers the example of a “slow cycle time at Station 30” due to defective parts coming from “Station 20.” A “non-Six Sigma solution” would attempt to rebalance the assembly line, while re-doing the work, keeping cycle time low and not spending on labor. A Six Sigma solution would be to “investigate and control key inputs that contribute” to defective parts coming from Station 20 to keep it from happening again in the future. In this case, the Six Sigma approach focuses on proactively eliminating the defect, while a non-Six Sigma approach simply reacts to the problem without identifying the cause.   

For a closer look at where to apply Six Sigma, see “How to find the perfect project for Six Sigma success.”

Six Sigma implementation roles

A key concept in Six Sigma is the idea of establishing clear leadership roles and a hierarchy for quality management. The key roles for Six Sigma implementation include:

Executive leadership: This includes the CEO and other executive management who are charged with developing the vision for Six Sigma implementation. Leaders should also be responsible for encouraging new ideas and supplying the resources to act on innovation.Champions: Typically found in upper management, Champions are the people responsible for acting on executive leadership’s vision and acting as mentors to Black Belts.Master Black Belts: These workers spend all their time on Six Sigma methodology, either by guiding Black or Green Belts or helping Champions. They’re picked out by Champions and are tasked with ensuring consistency in the Six Sigma strategy.Black Belts: Working below Master Black Belts, Black Belts are responsible for executing on the Six Sigma strategy and typically act as leaders for specific tasks.Green Belts: Guided by Black Belts, Green Belts are new to the Six Sigma methodology and start learning it while maintaining their other job responsibilities.

You may find other belts — like White, Yellow, and Orange. These are adopted by organizations to represent employees with some Six Sigma training but aren’t involved in the overall project.

Six sigma certification and training

Typically, Six Sigma certification and training is offered directly by businesses, with GE and Motorola paving the way by being the first to develop Six Sigma certification programs to verify proficiency in the Six Sigma methodology. Large companies and universities soon followed suit, offering their own versions of a Six Sigma certification program.

However, there isn’t much oversight to what qualifies as Six Sigma certification and the criteria for Green Belt and Black Belt certifications can vary. Certification programs are offered through businesses, universities, professional associations, and for-profit training organizations. Some notable organizations include:

AccentureAmerican Society for QualityBoston UniversityCornell UniversityDartmouth CollegeGEIASSCMotorola SolutionsPurdue University

Some organizations offer Six Sigma accreditation. For example, the IASSC offers Lean Six Sigma credentialing and accredited training providers. The Council for Six Sigma Certification also offers a list of accredited Six Sigma providers. Ultimately, when choosing a Six Sigma certification or training program, it’s important to do your research to ensure the organization, university, or third-party vendor offers the right training for your needs and has the right qualifications.

For more IT management certifications, see “17 IT management certifications for IT leaders.”

More on Six Sigma:

How to find the perfect project for Six Sigma successSix Sigma for Better IT Operations and Customer SatisfactionLean Six Sigma: Process improvement with a purpose7 Reasons IT Organizations Should Adopt Six SigmaLean + Six Sigma: Process Improvement Needs to Know Its Place

Certifications, IT Governance Frameworks, IT Leadership, IT Skills, Project Management Tools

The need for efficient software development has taken on greater importance as enterprises introduce more and more digital services and add automation capabilities to enhance business processes. Managing software projects might not be at the top of CIOs’ priority lists, but it is something that IT leaders will have to master.

There are plenty of challenges involved in managing software projects, and IT executives who learn how to address these hurdles can help their organizations build better applications to drive business growth and enhance customer experience.

Here are some of the more likely challenges IT leaders and teams face with software projects, and how they can address them.

Delivering on time and on budget

Completing software projects in a timely manner while staying within

budget is a long-time challenge of software development. Any number of things can happen to cause delays and drive up costs.

One possible solution is to embrace the agile methodology of software development. Agile calls for collaboration among cross-functional teams as well as end users, and promotes adaptive planning, evolutionary development, continual improvement, flexibility in responding to changes in requirements and early delivery of products.

“Agile software development projects iterate the cycle of plan, do, check, adjust — and the end user or representative sponsoring [the project] is key in all these stages,” says Ola Chowning, a partner with global technology research and advisory firm ISG.

The waterfall method of gathering all the requirements, designing the entire software capability to meet all the requirements, building all the needed capabilities and reviewing and obtaining buy-in from end users is rarely used today, Chowning says. “This older method, by the way, is where on-time, on-budget challenges were the most onerous, because of the guessing game created when the software team had to estimate large bodies of work and assume some level of acceptance or rework by end users,” she says.

Agile enables the software team and end users to “collectively learn to plan better, work better and adjust more quickly, and outcomes become far more predictable as the way the team works becomes more predictable,” Chowning says. “On time and on budget are much easier to judge with the finger on the pulse of expectations of both the users and the developers.”

Creating and maintaining an agile culture

While adopting agile makes sense for software development at many organizations, it can come with hurdles. And many IT leaders who think their organizations have instituted agile practices fail to understand that what their teams are undertaking isn’t, in fact, agile.

“The intersection of agile software development practices and ‘traditional’ project management remains a challenge for many organizations,” Chowning says. “By now, you would think we would have cracked this nut, but it still seems to stymie many of our clients.”

Whereas software development is approached with a strictly agile way of working — repeated sprints, stories, and multiple releases that build up the end software product in an iterative manner — many organizations continue to struggle as they attempt to manage projects in a waterfall manner, Chowning says.

“This often begins during the project’s business case for funding, where we are typically asked to estimate the total outlay to be reported against in a traditional waterfall-phased framework of requirements, design, build, test and deploy,” Chowning says.

More mature organizations are turning to a project management approach that instead lays out the estimate of overall cost to overall value in a more steady approach across time, Chowning says. “Those who are using this agile project management approach are able to reap some of the real key benefits of agile, [but] it may require some adjustment of investment decisions or even financial practices in terms of project spend.”

A huge challenge for IT organizations is driving the agile model at the enterprise level, says Christian Kelly, managing director at technology consulting and services firm Accenture. “Agile at the team level is now widespread, but recent data suggest that it’s not going as well at the enterprise level, as most organizations struggle to connect strategies to the work their teams are doing,” he says.

This limits organizations’ ability to prioritize portfolios, plan for capacity, manage dependencies and connect goals to outcomes, Kelly says. “To deliver on the promise of agile, organizations need to implement the agile culture, systems, and best-in-class tools needed to better connect strategies to outcomes,” he says.

Aligning projects with overall organizational goals

“IT projects cannot be done in a bubble,” says Chetna Mahajan, chief digital and information officer at analytics platform provider Amplitude. “If your initiative is not aligned with business priorities, you are not set up for success from the outset and you will be swimming against the current at all times.”

To ensure business alignment and buy-in, all software projects should have a business executive sponsor, Mahajan says. When her previous company was implementing configure, price, quote (CPQ) software, the executive sponsors included Mahajan and the chief revenue office.

“This provided us with an escalation channel for both business and technical decisions and deliverables,” Mahajan says. “It was no longer perceived as a technology initiative and it got the visibility and attention it needed across the company. We not only came in under budget and on time, but also were able to increase automation 30% and reduce sales cycle by a couple weeks.”

Most technology projects fail because they lack concrete key performance indicators (KPIs), Mahajan says. “I categorize project metrics mainly into two buckets, one that monitors project execution and the other that measures business outcome,” she says. “What we can’t measure we can’t improve. While it is important to stay the course on budget, scope, and timeline, we must keep a constant eye on the business KPIs.”

The KPIs for a project should be specific and linked to company goals. “This not only helps create a culture of accountability, but also allows for companies to validate their business case to inform future investment decisions,” Mahajan says.

Winning over stakeholders and sponsors

Culture is often a key challenge in the ability to manage software projects in an agile fashion, Chowning says, because sponsors and key stakeholders of the project need to be comfortable and willing to work in the manner most suited to agile.

“Many may still want, instead, to try to work in a more traditional manner—build all requirements, design the entire end state, and only then build and deploy the entire end state,” Chowning says. “This can present a dilemma, as the software development practice and the project management practice try to proceed in two completely different and disconnected approaches.”

Educating the sponsors and key stakeholders in an agile project management approach, and helping them adjust behaviors, is key to managing expectations and enabling software development to proceed in the most effective and efficient manner, Chowning says.

It’s important to engage user representation up front and then continually throughout the iterations of the software development, regardless of the methodology being used, Chowning says.

“Gone are the days when it is sufficient to talk to users up front, and then not engage them again until some mystical user acceptance testing towards the end of the project,” Chowning says. “Users, or user representation [should] be engaged in all aspects of the software development and designs. Small feature developments, prototypes, trials and showcases are all useful means of ensuring users are both engaged and feedback is obtained constantly.”

Need for new development — and management — skills

“One of the biggest challenges we face [is] how to ensure we are continuously providing a strong developer experience and managing the ongoing upskilling of our employees as technologies evolve,” says Amit Sharma, CTO at financial technology company Broadridge Financial Solutions and former CIO at financial services provider Western Union.

“This means creating [automated] solutions, providing a secure, stable environment to develop and test, and equipping our developers with a suite of tools that facilitates a simple, manageable experience and alleviates the overhead and burden of heavy administration,” Sharma says.

With the rapid pace of change in software development, companies need to  train software engineers and others to adapt to new technologies, languages, and development processes. IT and product leaders need to acknowledge that there might be interruptions in projects because of the need to develop new skill sets, Sharma says. They also need to value the people involved in software development.

“It is critical that we recognize that our technology teams have built solutions over the course of many years, and as a result have become the subject matter experts not just of the system, but of the product as well,” Sharma says. “It is [vital] to bring them with us into the next generation of our product, no matter the technology it is founded on.”

In addition to the need for new developer skills, many IT leaders need to hone their own skills.

“Many IT leaders suffer from a massive talent gap in the ability to understand user needs, to create software roadmaps that meet business needs, to drive trade-offs against these roadmaps, and to move from process-based thinking to customer value and customer journey thinking,” Accenture’s Kelly says. “This is why concepts like value stream mapping, customer jobs/value propositions, and design thinking have become so important.”

Agile Development, Project Management, Software Development

Most people have probably broken their new year’s resolutions by now, but here’s one I plan to stick with: resetting my passwords and rethinking the strategy behind password management solutions. 

Here’s why. If you work in information security, you already know how severe the LastPass breach of security, announced in late December 2022, was. By at least one account in Wired, the LastPass hack was “actually a massive and concerning data breach that exposed encrypted password vaults—the crown jewels of any password manager—along with other user data.”  

The big problem for users is that, as Wired points out, changing the LastPass master password that protects the vault data won’t be able to protect the data that has already been stolen. And that’s a big issue.  

Over the past decade, we relied on LastPass (or alternatives like 1Password, or Apple’s iCloud Keychain) to keep our critical passwords accessible – and more importantly – safe. We were relieved that we could have the convenience of an automated solution that could also keep our passwords protected in an encrypted format. We assumed the security measures were foolproof. But with this latest LastPass breach, it’s time to rethink the password strategy.  

Password resolutions 

It’s a new year, so why not make a fresh start with your password security? Update and refresh your passwords, regardless of whether you think you’ve been compromised or have a chance of being compromised. This is critical, even if you don’t leverage a password manager, relying instead on a sheet of paper or dozens of sticky notes.  

With this latest breach and those earlier in 2022, it’s more than likely that your employees have at least one or more of their passwords sitting out there exposed in the wild. And it doesn’t matter whether you point the finger at LastPass or something else. If somebody has had a password that’s been live for more than a year, they’re probably putting themselves and the company at risk. 

It’s also time to rethink your use of password managers. Do you want to place that much trust with all your passwords in the hands of one vendor? There may have been a time about 5-7 years ago when it was super convenient and safer to use password managers. But the LastPass breach proved that even the most convenient and secure ‘foolproof systems’ have flaws and can be hacked as well.   

Managing employee access 

Taking it a step further, make it a point to do continuous employee training to help your teams avoid being duped by phishing and malware tactics. User behavior in organizations has proven over and over to be a significant vulnerability for organizations, often leading to exposed credentials. 

At least two studies on data breaches during 2022 found that employee errors or mistakes caused either 88% or 95% of data breaches. You choose which number you believe. In any case, that is too high of a percentage to ignore, and it’s likely going to grow unless organizations rethink how they provide and manage access to their critical systems. More often than not, too many employees have access to things that they don’t really need.   

What about cloud security? 

Organizations must also better understand who can access corporate assets in the cloud. In theory, cloud security should be stronger as some of the very best enterprise organizations manage it. But breaches can occur, even within those organizations, like one did in May 2022 at AWS.  

In your cloud environment, access monitoring should also be a priority. Managing permissions and levels of permission can get complicated with revolving contractors and provisioning issues, and potentially hundreds of layers of functionality, each with its own layer of permissioning. Limiting access is important not just for improved security, but also for cost reduction. Why pay for access for people who don’t need it or shouldn’t have it? 

Among my portfolio companies is an enterprise security company that’s helping to refine exactly how to automate access management for cloud environments and SaaS applications. Their MO is all about determining which employees or contractors have access to which systems and projects; and enabling the continuous provisioning and management of these. The solution can quickly prune employees who are no longer employees or contractors who are no longer on the project, which improves security and drives down costs. This is all done while ensuring that users only have the access they need to do their jobs. I’m confident that efforts in this direction will become more commonplace moving forward.  

Beyond limiting access, reducing human error will also lessen opportunities for a cybersecurity attack on your organization. This requires continuous training around phishing, password cycling, and web surfing behavior, among other topics. Taking these proactive precautions within your organization can reduce human mistakes leading to cybersecurity data breaches.  

Consolidation driving progress 

While it appeared that 2022 was going to have a pretty weak showing when it came to growth rounds and exits for cybersecurity firms, a late investment surge in Q4 led to a better-than-expected investment scenario, according to Momentum Cyber research.  

The year ahead could see consolidation among firms in cybersecurity and data management. As financial markets start to recover and larger companies gain more confidence, they may be more inclined to buy the advanced technology that the startup world provides, likely at lower multiples than what may have been previously achievable a few months ago. And with market consolidation, CISOs may see some relief as one-off relationships get tucked into one of the larger providers. This would be good for the startup world, and more so for security execs looking to drive down the number of vendor relationships to manage. 

The year ahead looks promising. By taking a proactive stance to resetting passwords, rethinking password management strategies, improving employee cybersecurity savvy, and limiting who has access to what and when – you may just be able to better safeguard against some of the nefarious attacks 2023 might have in store for us.   

Password Managers, Passwords, Security

Change and instability seem like the only constants for brands for over two years now. And while those conditions may have made for a rocky road, they also provided brands an opportunity to explore new ways to engage with customers regardless of where they were in their customer journey. Brands capitalized on this opportunity to expand and enhance the path to purchase – from content development and delivery to adapting to consumers’ constantly evolving digital behaviors.

These new behaviors prompted brand marketers to develop new types of content and delivery channels designed to meet customers in the moment. Consumers quickly adapted to a new content-rich environment that provided information curated for their needs with a single click or search, which pushed brands to produce more content to feed consumer appetites.

Creating, managing and delivering this content, from text to video to podcasts and more, has become increasingly challenging for brands. To help brands provide an enhanced customer experience, Sitecore has developed a comprehensive ecosystem of SaaS-based tools and services and a composable architecture to lower the dual challenges of servicing their traditional “dotcom” web presence and enabling them to deliver on-brand content across all digital channels and marketing touchpoints.

Enabling digitally savvy brands to innovate faster

In today’s world digital experience is the battlefield for brands – they need the agility to quickly launch new digital experiences to differentiate and compete. Many have developers on-hand to support business stakeholders in launching specialized campaign specific websites and functionally rich omnichannel experiences (think metaverse, voice, kiosk, IoT) that support evolving go-to-market strategies. To help these brands, Sitecore developed Content Hub One, an agile Headless CMS which is purpose-built for collaboration between marketers and developers to deliver differentiated digital experiences with ease.

Helping people find what they need, fast

As consumers look for new ways to quickly find information that’s catered to them, the power of search and discovery has never been more important. Facing a digital search transformation, especially with users evolving away from text to video and other rich media, marketers need an intelligent search capability. Sitecore Search was built for this transformative moment, offering marketers an intuitive system that serves hyper-relevant content through AI-powered search. It’s available to add on top of any website to power the search box with lightning-fast presentation of search results, surfacing content recommendations selected by AI or curated by marketers to drive engagement and conversion.

Taming MarTech ecosystem complexity

Today there are over 7,000 marketing technologies to choose from. Every brand faces the challenge of assembling a tech stack that meets the unique needs of their business model, market and customer base. To help Sitecore customers with this challenge we’ve launched Sitecore Connect – a low- /no-code solution, with a simple drag and drop UI, that allows brands to seamlessly connect Sitecore products to their unique ecosystem via thousands of out-of-the-box connectors and automation recipes.

To help brands of all sizes maximize their Martech investment, Sitecore offers a portfolio of tools and services to ensure the long-term success of their digital strategy. Its customer success program, Sitecore 360, spans the entire software implementation lifecycle, from tech training and adoption to professional services and customer support.

All these solutions complement XM Cloud, the modern, cloud-native enterprise CMS at the linchpin of the Sitecore ecosystem. We believe the content experience is the customer experience and brands need their experiences to be fast, relevant, and global. XM Cloud provides all the benefits of a leading digital experience platform that meets these needs without the overhead or hassle of maintaining supporting hardware infrastructure. This enables brands to quickly implement new customer experiences through simplified design and deployment. The cloud-native platform also ensures that marketing teams have the latest technology at their fingertips every time they log on – with new innovations being added all the time.

Over the past year, we’ve doubled down on delivering innovative, next-generation tools to support the entire content lifecycle – from strategy to delivery. It’s been rewarding to see how the industry has risen to the challenges of the rapid shift to digital and met the accelerated pace of customer expectations. It’s clear this shift will have a lasting impact on brands’ approaches to developing and delivering positive and engaging customer experiences, and Sitecore is committed to helping them accomplish their goals.  

To learn more about Sitecore’s content discovery and management tools, visit us here.

Digital Transformation

It feels like just yesterday that we were promised that cloud servers cost just pennies. You could rent a rack with the spare change behind the sofa cushions and have money left for an ice cream sandwich.

Those days are long gone. When the monthly cloud bill arrives, CFOs are hitting the roof. Developer teams are learning that the pennies add up, sometimes faster than expected, and it’s time for some discipline.

Cloud cost managers are the solution. They track all the bills, allocating them to the various teams responsible for their accumulation. That way the group that added too many fancy features that need too much storage and server time will have to account for their profligacy. The good programmers who don’t use too much RAM and disk space can be rewarded.

Smaller teams with simple configurations can probably get by with the stock services of the cloud companies. Cost containment is a big issue for many CIOs now and the cloud companies know it. They’ve started adding better accounting tools and alarms that are triggered before the bills reach the stratosphere. See Azure Cost Management, Google Cloud Cost Management, and AWS Cloud Financial Management tools for the big three clouds.

Once your cloud commitment gets bigger, independent cost management tools start to become attractive. They’re designed to work with multiple clouds and build reports that unify the data for easy consumption. Some even track the machines that run on premises so you can compare the cost of renting versus building out your own server room.

In many cases, cloud cost managers are part of a larger suite designed to not just watch the bottom line but also enforce other rules such as security. Some are not marketed directly as cloud control tools but have grown to help solve this problem. Some tools for surveying enterprise architectures or managing software governance now track costs at the same time. They can offer the same opportunities for savings that purpose-built cloud cost tools do — and they help with their other management chores as well.

What follows is an alphabetical list of the best cloud cost tracking tools. The area is rapidly expanding as enterprise managers recognize they need to get a grip on their cloud bills. All of them can help govern the burgeoning empire of server instances that may stretch around the world.

Anodot

The first job for Anodot’s collection of cloud monitoring tools is to track the flow of data through the various services and applications. If there’s an anomaly or hiccup that will affect users, it will raise a flag. Tracking the cost of instances and pods across your multiple clouds is part of this larger job. The dashboard produces a collection of infographics that make it possible to study each microservice or API and determine just how much it costs to keep it running in times of high demand and low. This granular detail gives you the ability to spot the expensive workloads and find a way to prune them.

Standout features:

Integrated with a broader monitoring system to deliver better customer experience at a reasonable priceAvailable as a white-label platform for integration and reselling

AppDynamics

Tracking and reining in containers in a Kubernetes environment is the goal for Cisco’s AppDynamics, formerly known as Replex. The tool is now part of a larger system that watches clusters in public clouds or running locally to ensure they are performing correctly. Tracking costs is just one small part of a system that is constantly gathering statistics and watching for anomalies. One important reporting process charges back costs to the teams responsible for them so everyone can understand what’s creating the monthly bill. AppDynamics also offers a proprietary machine learning engine to turn historical data into a plan for efficient deployment. A policy control layer offers granular restrictions to ensure teams have access to what they need but are locked out of what they don’t.

Standout features:

Integrates cost management with general application monitoringConnect user experiences and business results for every layer of the software stack

Apptio Cloudability

Apptio makes a large collection of tools for managing IT shops, and Cloudability is its tool for handling cloud costs. The tool breaks down the various cloud instances in use, allocating them to your teams for accounting purposes. Ideally, teams will be able to control their own costs and predict future usage with the reports and dashboards on offer. Cloudability’s True Cost Explorer, for instance, offers pivotable charts to switch between aggregated variables to establish accurate plans and predict future usage. Cloudability integrates with ticketing tools such as Jira for planning and with tracking tools such as PagerDuty or Datadog for monitoring.

Standout features:

Planning future purchasing of reserved instances to lock in savings for the constant demandAllocating upcoming workloads to available instances of the right capabilities

CloudAdmin

Dashboards created by CloudAdmin are simple and direct. The tool tracks cloud usage and offers suggestions for rightsizing your servers or converting them to reserved instances. Server instances can be allocated to teams and then tracked with a budget. If spending crosses a defined line, alerts are integrated with email or other common communication tools such as PagerDuty to notify personnel of the need for attention.

Standout features:

Carefully filtered data feeds extract the key details about spending to save time wading through too much informationAutomated alerts can stop runaway spending when it crosses thresholds

CloudCheckr

CloudCheckr focuses on controlling cloud costs and security. The tool is part of NetApp’s Spot constellation for cloud management and is responsible for cost management by tracking standard spending events, such as consumption, forecasting, and the rightsizing of instances. The tool supports reselling for companies that add their own layers to commodity cloud instances. A white label option makes it possible to pass through all the reporting and charts to help your customers understand their billing. There’s also a focus on supporting public clouds used by governments.

Standout features:

Monitor compliance with privacy regulations by tracking security configurationRightsize reserved instances by tracking baseline consumption

Datadog

Watching over cloud machines, networks, serverless platforms, and other applications is the first job for Datadog’s collection of tools. Tracking cloud costs is just one part of the workload. Its telemetry gathers data about performance and cost, and Datadog builds this into a dashboard to help organizations understand both application cost and performance. The goal is to facilitate decisions about application performance with an eye on the price of delivering it. Understanding the tradeoff can lead to cost savings.

Standout features:

Broad suite for infrastructure monitoring across multiple cloudsMonitoring of real users and simulated users make it easier to deliver a better user experience

Densify

Densify builds a collection of tools for managing cloud infrastructure by juggling containers and VMware instances. The best way to run your clusters, according to Densify, is to keep precise, meticulous records of load and then use this data to scale up and down quickly. Densify’s optimizers focus on cloud resources such as instances, Kubernetes clusters, and VMware machines. Densify suggests this approach improves scaling by 30%. Densify’s FinOps tool generates extensive reports to help keep application developers and bean counters happy.

Standout features:

Track loads on machines to ensure rightsized instance allocationBuild reports summarizing consumption to help developers rightsize hardware

Flexera One

The Flexera One cloud management suite tackles many cloud management tasks, such as tracking assets or organizing governance to orchestrate control. An important section of the suite is devoted to controlling the budget. The tool offers multicloud accounting for tracking spending with elaborate reporting broken down by team and project. Flexera One also offers suggestions for optimizing consumption by targeting wasteful allocations, and it provides automated systems to put these observations into practice. The tool also integrates machine learning and artificial intelligence to help analyze consumption patterns across multiple clouds.

Standout features:

Integrates reporting across multiple clouds to help business groups understand costsIdentifies options for rightsizing instances and eliminating wasteful spending

Harness

DevOps teams can use the CI/CD pipeline that’s the central part of Harness to automate deployment and then, once the code is running, track usage to keep budgets in line. Harness’s cost management features watch for anomalies compared to historic spending, generating alerts for teams. A feature for automatically stopping unused instances can work with spot machines, effectively unlocking their potential for cost savings while working around their ephemeral nature.

Standout features:

Deep integration with the development pipeline to make cost savings part of the software creation processAutomated compliance integrates cost management with regulatory and governance work

Kubecost

Teams that rely on Kubernetes to deploy pods of containers can install Kubecost to track spending. It will work across all major (and minor) clouds as well as pods hosted on premises. Costs are tracked as Kubernetes adjusts to handle loads and are presented in a unified set of reports. Large jumps or unexpected deployments can trigger alerts for human intervention.

Standout features:

Optimized for tracking how Kubernetes deployments affect costsDynamic recommendations track opportunities for lowering spending

ManageEngine

DevOps teams rely on ManageEngine to track a range of potential issues from security to API endpoint overload. Its CloudSpend tool will extract data from cloud spreadsheet bills and aggregate it to provide a useful, actionable level of understanding. Costs can be charged back to the specific teams, and ManageEngine’s predictive analytics will plan reserved instances based on historical data. Currently available for AWS and Azure.

Standout features:

Spend Analysis drills down deeply into the data to granular detailMulti-currency support for worldwide deployment

Nutanix Xi

Organizations with large multicloud deployments can use Nutanix Cost Management (formerly Beam) to track costs across a range of installations, including private cloud machines hosted on premises. The tool can be customized to generate accurate cost estimates of private installations by taking into account heating and cooling costs, hardware, and data center rent. This makes it easier to make accurate decisions about allocating workloads to the lowest-cost deployment. The process can be automated to simplify management and forward-planning for budgeting for reserved instances.

Standout features:

Metering of private clouds builds direct insight into the costs of on-prem hardwareBudget alerting and dynamic optimization help rightsize consumption to minimize costs

ServiceNow

Teams running extensive collections of microservices rely on ServiceNow to manage some of the stack. Many of the tools are customer-facing solutions like IT automation, but there are also more backend tools for optimizing IT operations by intelligently managing performance. Newer AIOps can deliver artificial intelligence solutions too.

Standout features:

Broad selection of tools for tracking and optimizing IT assetsRisk management well integrated with governance tools

Turbonomic

IBM relies on Turbonomic to deliver an AI-powered solution for managing deployment to match application demand with infrastructure. The tool will automatically start, stop, and move applications in response to demand. The data driving these decisions is stored in a warehouse to train the AI that will be making future decisions. The latest version includes a new dashboard and reporting framework based on Grafana.

Standout features:

Full-stack integrated graphics to understand demand and cost across an applicationDesigned to automate resource allocation to save engineering teams from the chore

VMware Aria CloudHealth

VMware built Aria Cost and Aria Automation under the CloudHealth brand to manage deployments across all major cloud platforms as well as hybrid clouds. The cost accounting module tracks spending, allocating it to business teams while optimizing deployments to minimize costs. The modeling layer can build out amortization and consumption schedules to forecast future demand. Financial managers and development teams can drill down into these forecasts to focus on specific applications or constellations of services. The larger product line integrates the cost management with automated deployment and security enforcement.

Standout features:

Spending governance ensures that teams are following individual budgets for resource consumptionIntegrate cloud costs with business metrics and key performance indicators to understand the connection between computational costs and the bottom line

Yotascale

Much of the responsibility for cloud costs comes from the engineers who write and deploy the code. They make the granular decisions to startup more instances and store more data. Yotascale wants to put more information in their hands to enable them to optimize their hardware consumption with tools designed to track machines and allocate their costs directly to the teams responsible. The forecasting tools can also spot anomalies, raising alerts to prevent any surprise bills at the end of the month.

Standout features:

Engineer-targeted tools deliver budget information directly to the teams building the software and starting up the machinesAutomated tracking delivers forecasts and flags problems and overconsumption

Zesty

While many cloud managers offer insights through sophisticated reports, Zesty is designed to automate the work of spinning up and shutting down extra instances. A key feature enables it to watch the spot market for deeply discounted instances with excess capacity on the cloud. It offers a tool informed by artificial intelligence algorithms that can work with AWS’s API to make decisions that keep just enough machines running to satisfy users without breaking the budget. The tool can even control the amount of disk space allocated to individual machines while buying and selling processor time on the spot from reserved instance marketplaces.

Standout features:

Deep management of details such as storage space allocation to minimize costsIntegration with spot market to take advantage of the lowest possible costs
Cloud Computing, Cloud Management