Components of an IS

A computerized IS consists of six interacting components. Regardless of type and where and by whom they are used within an organization, the components of an IS must be carefully managed to provide maximum benefit to an organization (see Figure 2.3).

1. Hardware Any physical device used in a computerized IS. Examples include central processing unit (CPU), sound card, video card, network card, hard drive, display, keyboard, motherboard, processor, power supply, modem, mouse, and printer.
2. Software A set of machine-readable instructions (code) that makes up a computer application that directs a computer’s processor to perform specific operations. Computer software is nontangible, contrasted with system hardware, which is the physical component of an IS. Examples include Internet browser, operating system (OS), Microsoft Office, Skype, and so on.
3. People Any person involved in using an IS. Examples include programmers, operators help desk, and end-users.
4. Procedures Documentation containing directions on how to use the other components of an IS. Examples include operational manual and user manual.
5. Network A combination of lines, wires, and physical devices connected to each other to create a telecommunications network. In computer networks, networked computing devices exchange data with each other using a data link. The connections between nodes are established using either cable media or wireless media. Networks can be internal or external. If they are available only internally within an organization, they are called “intranets.” If they are available externally, they are called “internets.” The best-known example of a computer network is the World Wide Web.
6. Data Raw or unorganized facts and figures (such as invoices, orders, payments, customer details, product numbers, product prices) that describe conditions, ideas, or objects.

Data, Information, Knowledge, and Wisdom

As you can see in Figure 2.3, data is the central component of any information system. Without data, an IS would have no purpose and companies would unable to conduct business. Generally speaking, ISs process data into meaningful information that produces corporate knowledge and ultimately creates wisdom that fuels corporate strategy.

Data are the raw material from which information is produced; the quality, reliability, and integrity of the data must be maintained for the information to be useful. Data are the raw facts and figures that are not organized in any way. Examples are the number of hours an employee worked in a certain week or the number of new Ford vehicles sold from the first quarter (Q1) of 2015 through the second quarter (Q2) of 2017 (Figure 2.4).

Information is an organization’s most important asset, second only to people. Information provides the “who,” “what,” “where,” and “when” of data in a given context. For example, summarizing the quarterly sales of new Ford vehicles from Q1 2015 through Q2 2017 provides information that shows sales have steadily decreased from Q2 2016.

Knowledge is used to answer the question “how.” In our example, it would involve determining how the trend can be reversed, for example, customer satisfaction can be improved, new features can be added, and pricing can be adjusted.

Wisdom is more abstract than data and information (that can be harnessed) and knowledge (that can be shared). Wisdom adds value and increases effectiveness. It answers the “why” in a given situation. In the Ford example, wisdom would be corporate strategists evaluating the various reasons for the sales drop, creatively analyzing the situation as a whole, and developing innovative policies and procedures to reverse the recent downward trend in new vehicle sales.

ISs collect or input and process data to create and distribute reports or other outputs based on information gleaned from the raw data to support decision-making and business processes that, in turn, produce corporate knowledge that can be stored for future use. Figure 2.5 shows the input-processing-output-storage (IPOS) cycle.

Types of ISs

An IS may be as simple as a single computer and a printer used by one person, or as complex as several thousand computers of various types (tablets, desktops, laptops, mainframes) with hundreds of printers, scanners, and other devices connected through an elaborate network used by thousands of geographically dispersed employees. Functional ISs that support business analysts and other departmental employees range from simple to complex, depending on the type of employees supported. The following examples show the support that IT provides to major functional areas.

1. Marketing Utilizing IBM software, Bolsa de Comercio de Santiago, a large stock exchange in Chile, is able to process its ever-increasing, high-volume trading in microseconds. The Chilean stock exchange system can do the detective work of analyzing current and past transactions and market information, learning, and adapting to market trends and connecting its traders to business information in real time. Immediate throughput in combination with analytics allows traders to make more accurate decisions.
2. Sales According to the New England Journal of Medicine, one in five patients suffers from preventable readmissions, which cost taxpayers over $17 billion a year. In the past, hospitals have been penalized for high readmission rates with cuts to the payments they receive from the government (Zuckerman et al., 2016). Using effective management information systems (MISs), the health-care industry can leverage unstructured information in ways not possible before, according to Matt McClelland, manager of information governance for Blue Cross Blue Shield of North Carolina. “With proper support, information governance can bridge the gaps among the need to address regulation and litigation risk, the need to generate increased sales and revenue, and the need to cut costs and become more efficient. When done right, information governance positively impacts every facet of the business,” McClelland said in the Information Governance Initiative (Jarousse, 2016).

Figure 2.6 illustrates the classification of the different types of ISs used in organizations, the typical level of workers who use them and the types of input/output (I/O) produced by each of the ISs. At the operational level of the organization, line workers use transaction processing systems (TPSs) to capture raw data and pass it along (output) to middle managers. The raw data is then input into office automation (OA) and MISs by middle managers to produce information for use by senior managers. Next, information is input into decision support systems (DSSs) for processing into explicit knowledge that will be used by senior managers to direct current corporate strategy. Finally, corporate executives input the explicit knowledge provided by the DSSs into executive information systems (EISs) and apply their experience, expertise, and skills to create wisdom that will lead to new corporate strategies.

Transaction Processing System (TPS)

A TPS is designed to process specific types of data input from ongoing transactions. TPSs can be manual, as when data are typed into a form on a screen, or automated by using scanners or sensors to capture barcodes or other data (Figure 2.7). TPSs are usually operated directly by frontline workers and provide the key data required to support the management of operations.

Organizational data are processed by a TPS, for example, sales orders, reservations, stock control, and payments by payroll, accounting, financial, marketing, purchasing, inventory control, and other functional departments. The data are usually obtained through the automated or semiautomated tracking of low-level activities and basic transactions. Transactions are either:

• internal transactions that originate within the organization or that occur within the organization, for example, payroll, purchases, budget transfers, and payments (in accounting terms, they are referred to as accounts payable); or
• external transactions that originate from outside the organization, for example, from customers, suppliers, regulators, distributors, and financing institutions.

TPSs are essential systems. Transactions that are not captured can result in lost sales, dissatisfied customers, unrecorded payments, and many other types of data errors with financial impacts. For example, if the accounting department issued a check to pay an invoice (bill) and it was cashed by the recipient, but information about that transaction was not captured, then two things happen. First, the amount of cash listed on the company’s financial statements is incorrect because no deduction was made for the amount of the check. Second, the accounts payable (A/P) system will continue to show the invoice as unpaid, so the accounting department might pay it a second time. Likewise, if services are provided, but the transactions are not recorded, the company will not bill for them and thus lose service revenue.

Management Information System (MIS)

An MIS is built on the data provided by TPS. MISs are management-level systems that are used by middle managers to help ensure the smooth running of an organization in the short to medium term. The highly structured information provided by these systems allows managers to evaluate an organization’s performance by comparing current with previous outputs. Functional areas or departments―accounting, finance, production/operations, marketing and sales, human resources, and engineering and design―are supported by ISs designed for their particular reporting needs. General-purpose reporting systems are referred to as management information systems (MISs). Their objective is to provide reports to managers for tracking operations, monitoring, and control.

Typically, a functional system provides reports about such topics as operational efficiency, effectiveness, and productivity by extracting information from databases and processing it according to the needs of the user. Types of reports include the following:

• Periodic These reports are created or run according to a pre-set schedule. Examples are daily, weekly, and quarterly. Reports are easily distributed via e-mail, blogs, internal websites (called intranets), or other electronic media. Periodic reports are also easily ignored if workers do not find them worth the time to review.
• Exception Exception reports are generated only when something is outside the norm, either higher or lower than expected. Sales in hardware stores prior to a hurricane may be much higher than the norm. Or sales of fresh produce may drop during a food contamination crisis. Exception reports are more likely to be read because workers know that some unusual event or deviation has occurred.
• Ad hoc, or on demand Ad hoc reports are unplanned reports. They are generated to a mobile device or computer on demand as needed. They are generated on request to learn more about a situation, problem, or opportunity.

Reports typically include interactive data visualizations, such as column and pie charts, as shown in Figure 2.8.

Decision Support System (DSS)

A DSS is a knowledge-based system used by senior managers to facilitate the creation of knowledge and allow its integration into the organization. More specifically, a DSS is an interactive application that supports decision-making by manipulating and building upon the information from an MIS and/or a TPS to generate insights and new information.

Configurations of a DSS range from relatively simple applications that support a single user to complex enterprisewide systems. A DSS can support the analysis and solution of a specific problem, evaluate a strategic opportunity, or support ongoing operations. These systems support unstructured and semistructured decisions, such as make-or-buy-or-outsource decisions, or what products to develop and introduce into existing markets.

Executive Information System (EIS)

EISs are strategic-level information systems that help executives and senior managers analyze the environment in which the organization exists. They typically are used to identify long-term trends and to plan appropriate courses of action. The information in such systems is often weakly structured and comes from both internal and external sources. EISs are designed to be operated directly by executives without the need for intermediaries and easily tailored to the preferences of the individual using them. An EIS organizes and presents data and information from both external data sources and internal MIS or TPS in an easy-to-use dashboard format to support and extend the inherent capabilities of senior executives.

Initially, EISs were custom-made for an individual executive. However, a number of off-the-shelf EIS packages now exist and some enterprise-level systems offer a customizable EIS module.

The ways in which the different characteristics of the various types of ISs are classified is shown in Table 2.2.

Here’s an example of how these ISs are used together to add value in an organization. Day-to-day transaction data collected by the TPS are converted into prescheduled summarized reports by middle managers using an MIS. The findings in these reports are then analyzed by senior managers who use a DSS to support their semistructured or unstructured decision-making. DSSs contain models that consist of a set of formulas and functions, such as statistical, financial, optimization, and/or simulation models. Corporations, government agencies, the military, health care, medical research, major league sports, and nonprofits depend on their DSSs to answer what-if questions to help reduce waste in production operations, improve inventory management, support investment decisions, and predict demand and help sustain a competitive edge.

Customer data, sales, and other critical data produced by the DSS are then selected for further analysis, such as trend analysis or forecasting demand and are input into an EIS for use by top level management, who add their experience and expertise to make unstructured decisions that will affect the future of the business.

Figure 2.9 shows how the major types of ISs relate to one another and how data flow among them. In this example,

1. Data from online purchases are captured and processed by the TPS and then stored in the transactional database.
2. Data needed for reporting purposes are extracted from the database and used by the MIS to create periodic, ad hoc, or other types of reports.
3. Data are output to a DSS where they are analyzed using formulas, financial ratios, or models.

ISs Exist within Corporate Culture

It is important to remember that ISs do not exist in isolation. They have a purpose and a social (organizational) context. A common purpose is to provide a solution to a business problem. The social context of the system consists of the values and beliefs that determine what is admissible and possible within the culture of the organization and among the people involved. For example, a company may believe that superb customer service and on-time delivery are critical success factors. This belief system influences IT investments, among other factors.

The business value of IT is determined by the people who use them, the business processes they support, and the culture of the organization. That is, IS value is determined by the relationships among ISs, people, and business processes―all of which are influenced strongly by organizational culture.

In an organization, there may be a culture of distrust between the technology and business employees. No enterprise IT architecture methodology or data governance can bridge this divide unless there is a genuine commitment to change. That commitment must come from the highest level of the organization―senior management. Methodologies cannot solve people problems; they can only provide a framework in which those problems can be solved.

Concept Check 2.1

EA Helps to Maintain Sustainability

As you read in Chapter 1, the volume, variety, and speed of data being collected or generated have increased dramatically over the past decade. As enterprise ISs become more complex, long-range IT planning is critical. Companies cannot simply add storage, new apps, or data analytics on an as-needed basis and expect those additional IT assets to work with existing systems.

The relationship between complexity and planning for the future is easier to see in physical things such as buildings and transportation systems. For example, if you are constructing a simple holiday cabin in a remote area, there is no need to create a detailed plan for future expansion. On the other hand, if you are building a large commercial development in a highly populated area, you’re not likely to succeed without a detailed project plan. Relating this to the case of enterprise ISs, if you are building a simple, single-user, nondistributed system, you would not need to develop a well-thought-out growth plan. However, this approach would not be feasible to enable you to successfully manage big data, copious content from mobiles and social networks, and data in the cloud. Instead, you would need a well-designed set of plans, or blueprints, provided by an EA to align IT with business objectives by guiding and controlling hardware acquisition, software add-ons and upgrades, system changes, network upgrades, choice of cloud services, and other digital technology investments that you will need to make your business sustainable.

There are two specific strategic issues that the EA is designed to address:

1. IT systems’ complexity IT systems have become unmanageably complex and expensive to maintain.
2. Poor business alignment Organizations find it difficult to keep their increasingly expensive IT systems aligned with business needs.

Developing an Enterprise Architecture (EA)

Developing an EA starts with the organization’s goals, for example, where does it want to be in three years? and identifies the strategic direction in which it is heading and the business drivers to which it is responding. The goal is to make sure that everyone understands and shares a single vision. As soon as managers have defined this single shared vision of the future, they then consider the impact this vision will have on the business, technical, information, and solutions architectures of the enterprise. This shared vision of the future will dictate changes in all these architectures, assign priorities to those changes, and keep those changes grounded in business value.

According to Microsoft, the EA should include the four different perspectives shown in Table 2.3.

It is important to recognize that the EA must be dynamic, not static. To sustain its effectiveness, it should be an ongoing process of aligning the creation, operation, and maintenance of IT across the organization with the ever-changing business objectives. As business needs change, so must the EA, as demonstrated in IT at Work 2.2.

Concept Check 2.2

Information Management Harnesses Scattered Data

Business information is generally scattered throughout an enterprise, stored in separate systems dedicated to specific purposes, such as operations, supply chain management, or customer relationship management. Major organizations have over 100 data repositories (storage areas). In many companies, the integration of these disparate systems is limited―as is users’ ability to access all the information they need. As a result, despite all the information flowing through companies, executives, managers, and workers often struggle to find the information they need to make sound decisions or do their jobs. The overall goal of information management is to eliminate that struggle through the design and implementation of a sound data governance program and a well-planned EA.

Providing easy access to large volumes of information is just one of the challenges facing organizations. The days of simply managing structured data are over. Now, organizations must manage semistructured and unstructured content from social and mobile sources even though that data may be of questionable quality.

Information management is critical to data security and compliance with continually evolving regulatory requirements, such as the Sarbanes-Oxley Act, Basel III, the Computer Fraud and Abuse Act (CFAA), the USA PATRIOT Act, and the Health Insurance Portability and Accountability Act (HIPAA).

Issues of information access, management, and security must also deal with information degradation and disorder―where people do not understand what data mean or how the data can be useful.

Reasons for Information Deficiencies

Organizational information and decision support technologies have developed over many decades. During that time management teams’ priorities have changed along with their understanding of the role of IT within the organization; technology has advanced in unforeseeable ways, and IT investments have been increased or decreased based on competing demands on the budget. Other common reasons why information deficiencies are still a problem include:

1. Data silos Information can be trapped in departmental data silos (also called information silos), such as marketing or production databases. Data silos are illustrated in Figure 2.14. Since silos are unable to share or exchange data, they cannot consistently be updated. When data are inconsistent across multiple enterprise applications, data quality cannot (and should not) be trusted without extensive verification. Data silos exist when there is no overall IT architecture to guide IT investments, data coordination, and communication. Data silos support a single function and, as a result, do not support an organization’s cross-functional needs.

   For example, most health-care organizations are drowning in data, yet they cannot get reliable, actionable insights from these data. Physician notes, registration forms, discharge summaries, documents, and more are doubling every five years. Unlike structured machine-ready data, these are messy data that take too much time and effort for health-care providers to include in their business analysis. So, valuable messy data are routinely left out. Millions of insightful patient notes and records sit inaccessible or unavailable in separate clinical data silos because historically there has been no easy way to analyze the information they contain.

2. Lost or bypassed data Data can get lost in transit from one system to another. Or, data might never get captured because of inadequately tuned data collection systems, such as those that rely on sensors or scanners. Or, the data may not get captured in sufficient detail, as described in Tech Note 2.2.
3. Poorly designed interfaces Despite all the talk about user-friendly interfaces, some ISs are horrible to deal with. Poorly designed interfaces or formats that require extra time and effort to figure out increase the risk of errors from misunderstanding the data or ignoring them.
4. Nonstandardized data formats When users are presented with data in inconsistent or nonstandardized formats, errors increase. Attempts to compare or analyze data are more difficult and take more time. For example, if the Northeast division reports weekly gross sales revenues per product line and the Southwest division reports monthly net sales per product, you cannot compare their performance without converting the data to a common format. Consider the extra effort needed to compare temperature-related sales, such as air conditioners, when some temperatures are expressed in degrees Fahrenheit and others in Centigrade.
5. Difficult to hit moving targets The information that decision-makers want keeps changing―and changes faster than ISs can respond to because of the first four reasons in this list. Tracking tweets, YouTube hits, and other unstructured content requires expensive investments―which managers find risky in an economic downturn.

These are the data challenges managers have to face when there is little or no information management. Companies undergoing fast growth or merger activity or those with decentralized systems (each division or business unit manages its own IT) will end up with a patchwork of reporting processes. As you would expect, patchwork systems are more complicated to modify, too rigid to support an agile business, and more expensive to maintain.

Factors Driving the Shift from Silos to Sharing and Collaboration

Senior executives and managers are aware of the problems associated with their data silos and information management problems, but they also know about the huge cost and disruption associated with converting to newer IT architectures. The “silo effect” occurs when different departments of an organization do not share data and/or communicate effectively enough to maintain productivity. Surprisingly, 75% of employers believe team work and collaboration are essential, but only 18% of employees receive communication evaluations during performance critiques (Marchese, 2016). In the new age of efficiency of service, many companies like Formaspace, an industrial manufacturing and service corporation, must work toward complete cloud integration of old silos to increase customer service and generate more revenue. Enabling applications to interact with one another in an automated fashion to gain better access to data increases meaningful productivity and decreases time and effort spent in manual collaboration efforts. In an illustration of how silo integration is essential for a modern corporation, IT technician at Formaspace, Loddie Alspach, claims that in 2015, the company managed to increase revenues by 20% using Amazon-based cloud technology (Shore, 2015). However, companies are struggling to integrate thousands of siloed global applications, while aligning them to business operations. To remain competitive, they must be able to analyze and adapt their business processes quickly, efficiently, and without disruption.

Greater investments in collaboration technologies have been reported by the research firm Forrester (Keitt, 2014). A recent study identified four main factors that have influenced the increased use of cloud technologies, as shown in Table 2.4 (Rai et al., 2015).

Business Benefits of Information Management

Based on the examples you have read, the obvious benefits of information management are:

1. Improves decision quality Decision quality depends on accurate and complete data.
2. Improves the accuracy and reliability of management predictions It is essential for managers to be able to predict sales, product demand, opportunities, and competitive threats. Management predictions focus on “what is going to happen” as opposed to financial reporting on “what has happened.”
3. Reduces the risk of noncompliance Government regulations and compliance requirements have increased significantly in the past decade. Companies that fail to comply with laws on privacy, fraud, anti-money laundering, cybersecurity, occupational safety, and so on face harsh penalties.
4. Reduces the time and cost of locating and integrating relevant information.

Data Governance: Maintaining Data Quality and Cost Control

The success of every data-driven strategy or marketing effort depends on data governance. Data governance policies must address structured, semistructured, and unstructured data (discussed in Section 2.3) to ensure that insights can be trusted.

Concept Check 2.3

Data Centers

Traditionally, data and database technologies were kept in data centers that were typically run by an in-house IT department (Figure 2.15) and consisted of on-premises hardware and equipment that store data within an organization’s local area network.

Today, companies may own and manage their own on-premises data centers or pay for the use of their vendors’ data centers, such as in cloud computing, virtualization, and software-as-a-service arrangements (Figure 2.16).

In an on-premises data center connected to a local area network, it is easier to restrict access to applications and information to authorized, company-approved people and equipment. In the cloud, the management of updates, security, and ongoing maintenance are outsourced to a third-party cloud provider where data is accessible to anyone with the proper credentials and Internet connection. This arrangement can make a company more vulnerable since it increases exposure of company data at many more entry and exit points. Here are some examples of data centers.

• National Climatic Data Center The National Climatic Data Center is an example of a public data center that stores and manages the world’s largest archive of weather data.
• U.S. National Security Agency The National Security Agency’s (NSA) data center, shown in Figure 2.17 is located in Bluffdale, UT. It is the largest spy data center for the NSA. People who think their correspondence and postings through sites like Google, Facebook, and Apple are safe from prying eyes should rethink that belief. You will read more about reports exposing government data collection programs in Chapter 5.
• Apple Apple has a 500,000-square-foot data center in Maiden, NC, that houses servers for various iCloud and iTunes services. The center plays a vital role in the company’s back-end IT infrastructure. In 2014 Apple expanded this center with a new, smaller 14,250-square-foot tactical data center that also includes office space, meeting areas, and breakrooms.

Since only the company owns the infrastructure, a data center is more suitable for organizations that run many different types of applications and have complex workloads. A data center, like a factory, has limited capacity. Once it is built, the amount of storage and the workload the center can handle does not change without purchasing and installing more equipment.

Integrating Data to Combat Data Chaos

An enterprise’s data are stored in many different or remote locations―creating data chaos at times. And some data may be duplicated so that they are available in multiple locations that need a quick response. Therefore, the data needed for planning, decision-making, operations, queries, and reporting are scattered or duplicated across numerous servers, data centers, devices, and cloud services. Disparate data must be unified or integrated in order for the organization to function.

Software-Defined Data Center

Data virtualization has led to the latest development in data centers—the software-defined data center (SDDC). An SDDC facilitates the integration of the various infrastructures of the SDDC silos within organizations and optimizes the use of resources, balances workloads, and maximizes operational efficiency by dynamically distributing workloads and provisioning networks. The goal of the SDDC is to decrease costs and increase agility, policy compliance, and security by deploying, operating, managing, and maintaining applications. In addition, by providing organizations with their own private cloud, SDDCs provide greater flexibility by allowing organizations to have on-demand access to their data instead of having to request permission from their cloud provider (see Figure 2.18).

The base resources for the SDDC are computation, storage, networking, and security. Typically, the SDDC includes limited functionality of service portals, applications, OSs, VM hardware, hypervisors, physical hardware, software-defined networking, software-defined storage, a security layer, automation and management layers, catalogs, a gateway interface module, and third-party plug-ins (Figure 2.19).

It is estimated that the market share for SDDCs will grow from the current level of $22 billion to more than $77 billion in the next five years. As the use of SDDCs grows at this extraordinary rate, data center managers will be called upon to scale their data centers exponentially at a moment’s notice. Unfortunately, this is impossible to achieve using the traditional data center infrastructure. In the SDDC, software placement and optimization decisions are based on business logic, not technical provisioning directives. This requires changes in culture, processes, structure, and technology. The SDDC isolates the application layer from the physical infrastructure layer to facilitate faster and more effective deployment, management, and monitoring of diverse applications. This is achieved by finding each enterprise application an optimal home in a public or private cloud environment or draw from a diverse collection of resources.

From a business perspective moving to a SDDC is motivated by the need to improve security, increase alignment of the IT infrastructure with business objectives and provision of applications more quickly.

Traditional data centers had dedicated, isolated hardware that results in poor utilization of resources and very limited flexibility. Second-generation virtualization data cases improved resource use by consolidating virtualized servers. By reducing the steps needed to decrease the time it takes to deploy workloads, facilitating the definition of applications and resource needs, the SDDC creates an even more flexible environment in which enterprise applications can be quickly reconfigured and supported to provide infrastructure-as a service (IaaS). Transitioning to an SDDC enables an organization to optimize its resource usage, provide capacity on demand, improve business-IT alignment, improve agility and flexibility of operations, and save money (Figure 2.20).

Cloud Computing

In a business world where first movers gain the advantage, IT responsiveness and agility provide a competitive edge and lead to sustainable business practices. Yet, many IT infrastructures are extremely expensive to manage and too complex to easily adapt. A common solution is cloud computing. Cloud computing is the general term for infrastructures that use the Internet and private networks to access, share, and deliver computing resources. More specifically, IBM defines cloud computing as “the delivery of on-demand computing resources—everything from applications to data centers—over the Internet on a pay-for-use basis” (IBM, 2016).

Cloud computing is the delivery of computing and storage resources as a service to end-users over a network. Cloud systems are scalable. That is, they can be adjusted to meet changes in business needs. At the extreme, the cloud’s capacity is unlimited depending on the vendor’s offerings and service plans. A drawback of the cloud is control because a third party manages it. Unless the company uses a private cloud within its network, it shares computing and storage resources with other cloud users in the vendor’s public cloud. Public clouds allow multiple clients to access the same virtualized services and utilize the same pool of servers across a public network. In contrast, private clouds are single-tenant environments with stronger security and control for regulated industries and critical data. In effect, private clouds retain all the IT security and control provided by traditional IT infrastructures with the added advantages of cloud computing.

Selecting a Cloud Vendor

Because cloud is still a relatively new and evolving business model, the decision to select a cloud service provider should be approached with even greater diligence than other IT decisions. As cloud computing becomes an increasingly important part of the IT delivery model, assessing and selecting the right cloud provider also become the most strategic decisions that business leaders undertake. Providers are not created equally, so it is important to investigate each provider’s offerings prior to subscribing. When selecting and investing in cloud services, there are several service factors a vendor needs to address. These evaluation factors are listed in Table 2.6.

Cloud Infrastructure

The cloud has greatly expanded the options for enterprise IT infrastructures because any device that accesses the Internet can access, share, and deliver data. Cloud computing is a valuable infrastructure because:

1. It is dynamic, not static and provides a way to make applications and computing power available on demand. Applications and power are available on demand because they are provided as a service. For example, any software that is provided on demand is referred to as software as a service (SaaS). Typical SaaS products are Google Apps and www.Salesforce.com. Section 2.5 discusses SaaS and other cloud services.
2. Helps companies become more agile and responsive while significantly reducing IT costs and complexity through improved workload optimization and service delivery.

Issues in Moving Workloads from the Enterprise to the Cloud

Building a cloud strategy is a challenge, and moving existing applications to the cloud is stressful. Despite the business and technical benefits, the risk exists of disrupting operations or customers in the process. With the cloud, the network and WAN (wide area network) become an even more critical part of the IT infrastructure. Greater network bandwidth is needed to support the increase in network traffic. And, putting part of the IT architecture or workload into the cloud requires different management approaches, different IT skills, and knowing how to manage vendor relationships and contracts.

Concept Check 2.4

Anything as a Service (XAAS) Models

The cloud computing model for on-demand delivery of and access to various types of computing resources also extends to the development of business apps. Figure 2.21 shows four “as a service” (XaaS) solutions based on the concept that the resource―software, platform, infrastructure, or data—can be provided on demand regardless of geolocation. As these as service solutions develop, the focus is changing from massive technology implementation costs to business-reengineering programs that enable XaaS platforms (Fresht, 2014).

Cloud services are services made available to users on demand via the Internet from a cloud computing provider’s servers instead of being accessed through an organization’s on-premises servers. Cloud services are designed to provide easy, scalable access to applications, resources, and services, and are fully managed by a cloud services provider.

Cloud computing is often referred to as a “stack” or broad range of services built on top of each other under the name cloud. These cloud services can be defined as follows:

• Software as a service (SaaS) is a widely used model in which software is available to users from a service provider as needed. A provider licenses a SaaS application to customers as an on-demand service, through a subscription, a pay-as-you-go model, or free of charge (where revenue can be generated by other means, such as through sale of advertisements).
• Platform as a service (PaaS) is a computing platform that enables the quick and easy creation, testing, and deployment of web applications without the necessity of buying and maintaining the software and infrastructure underneath it. It is a set of tools and services that make coding and deploying these applications faster and more efficient.
• Infrastructure as a service (IaaS) is a way of delivering servers, storage, networks, workload balancers, and OSs as an on-demand service.
• Data as a service (DaaS) is an information provision and distribution model in which data files (including text, images, sounds, and videos) are made available to customers over a network by a service provider.

Going Cloud

Cloud services can advance the core business of delivering superior services to optimize business performance. Cloud can cut costs and add flexibility to the performance of critical business apps. And, it can improve responsiveness to end-consumers, application developers, and business organizations. But to achieve these benefits, there must be IT, legal, and senior management oversight because a company still must meet its legal obligations and responsibilities to employees, customers, investors, business partners, and society.

Virtualization and Virtual Machines

There are many types of virtualization, such as virtual storage devices, virtual desktops, virtual OSs, and virtual servers for network virtualization. You can think of virtualization as a model for a physical component that is built into computer code, to create a software program that acts in the same way as the physical component it is modeling. For example, a virtual machine is a software representation of a computer, rather than an actual computer and a virtual server sends and receives signals just like a physical one, even though it doesn’t have its own circuitry and other physical components.

You might ask why organizations want to virtualize their physical computing and networking devices. The answer is a gross underutilization of inefficient use of resources. Computer hardware had been designed to run a single OS and a single app, which leaves most computers vastly underutilized. Virtualization is a technique that creates a virtual (i.e., nonphysical) layer and multiple virtual machines (VMs) to run on a single physical machine. The virtual (or virtualization) layer makes it possible for each VM to share the resources of the hardware. Figure 2.22 shows the relationship among the VMs and physical hardware.

Concept Check 2.5