Spring Cleaning the Tech Stack
Business transformation typically requires new or better technology and is forcing companies to regularly evaluate and clean their technology stacks with an eye toward nimbleness.
With demands to cut spend across the board, many IT leaders are being tasked with finding operational efficiencies and ways to control costs.
Legacy systems and outdated or redundant technology stacks are an increasing challenge for companies to evolve at speed. Actively managing the portfolio of applications and technologies allows businesses to better manage critical items and get ahead of updates and migrations.
Cleaning the tech stack can help purge many redundant and non-utilized or underutilized applications, which continue to cost the company money in subscriptions and create operational inefficiencies.
As a company matures, part of the natural process is accumulating a plethora of applications along the way, which then requires IT to routinely evaluate to eliminate waste.
Richard Capatosto, IT manager at Backblaze, explains IT spends a lot of time and energy tracking down, identifying, and operationalizing these “rogue” applications.
“They are typically very inefficient to support for several reasons,” he says. “First, they are sometimes one-off apps which were purchased outside of our enterprise applications stack and may not have enterprise-level security.”
Usually in those instances, they’ve been purchased outside of normal processes (e.g., on credit cards), which creates further downline work.
“Second, these applications often do not support enterprise SSO and provisioning, which is key to maintaining efficient and secure IT operations,” he says.
Eliminating or upgrading these applications reduces unnecessary spend, conforms to security best practices, and lets the IT team provide guidance about better tech-based workflows based on existing and potential applications.
A Cleaning Process With Many Stakeholders
Brian Contos, CSO at Sevco Security, says organizations must first understand their critical assets at a much more granular level.
“What kept us secure for the last two decades no longer works in today’s complex and heterogeneous environments with on-premises IT, work-from-home devices, cloud, SaaS, IoT, and related assets,” he says.
That means organizations should know -- in near real-time -- their assets, what software they’re running, who’s accessing them, and how they are being maintained and secured.
“This level of asset intelligence is essential for IT operations, security, and addressing regulatory mandates, but it’s also foundational to all other business processes that sit atop these assets,” he says.
Contos adds as part of this cleaning, organizations may discover unnecessary solutions, solutions that are end of life, and others that need to be more secure.
“This process must be understood across all leaders of the company,” says Lloyd Adams, president of SAP North America. “Business and IT leaders’ goal should be to reduce the number of applications and technologies in play. Over time, this approach inherently reduces complexity and time to value.”
He says while it's easy to lay the responsibility with corporate IT, it is an incomplete approach to ensure success.
“A company’s enterprise architecture team should take an end-to-end approach to review the tech stacks against the needs of the business,” he explains.
Business process owners must be a part of this process to align on priorities, projects, how and when new capabilities will be rolled out, and, most importantly, the change management required to ensure successful adoption of new technologies and the retirement of old ones.
“Lack of follow-through on the decommissioning of applications makes it more challenging to drive adoption of new solutions and realization of the value,” Adams adds.
Getting a Handle on Shadow IT
Pavel Despot, senior product manager at Akamai, notes businesses crammed a decade of digital transformation into just a few years, which was bound to have unintended consequences.
“It’s never too late to reexamine those rushed decisions,” he says. “IT leaders can avoid future tech stack sprawl by regularly conducting audits of the stack and taking a cloud-native, best fit approach to building their applications and deploying their workloads.”
Despot says cloud is one layer of the tech stack that companies are beginning to look more closely at.
“For many, it’s one of the largest components of their overall IT spend,” he explains. “Looking for waste or areas where workloads can be deployed more efficiently helps them get the most from a tighter budget. Unlike even a few years ago, today there are many providers they can shop those workloads with.”
Andi Grabner, DevOps activist and CNCF Ambassador at Dynatrace, explains unauthorized tools introduced by users, or shadow IT, can also exacerbate clutter within an organization’s tech stack.
“Shadow IT can waste valuable resources and introduce security risks,” he says. “It’s crucial for teams to work together to identify and prioritize the solutions that meet their needs to reduce technical debt.”
Adams agrees, noting shadow IT sprawl due to unmet needs or lack of governance and transparency tends to make the tech stack clutter problem worse, while increasing costs and risk.
“The key to success is sharing the end-to-end view of the business and aligning strategy and principles across all teams that provide IT services,” he says. “Companies should issue a clear mandate to reduce tech stack clutter and converge on a well-managed enterprise architecture.”
Colleen Yap, IT director at Backblaze, says legacy IT needs to absorb and operationalize much of what shadow IT has already put forth into the firm’s tech stack.
“It’s an arduous process of discovery, analysis, and determining business use cases for the apps that constitute the clutter,” she says.
She adds that to avoid SaaS sprawl in the future, implementing stricter controls on how colleagues request applications is key, while assessing and meeting colleagues’ needs earlier in the process can help eliminate SaaS sprawl before it happens.
“All of these practices depend heavily on e-staff alignment and support for both IT’s objectives and the processes involved,” Yap notes.
What to Read Next:
The Future of Cyber: Perfect the Present, Focus on the Future
About the Author
You May Also Like