The hidden dangers of IT-standards: Why following them blindly can get you into trouble
In the modern world of information technology standards are crucial. They form the backbone of our digital infrastructure en bring us interoperability, safety and consistency. But is it always wise to stricly follow these standards? What happens if we need to be flexible in specific situations?
Half as fast and in the end much more expensive
One of our customers implemented a new system on blades. The advice of the system's supplier was not to virtualize. But ... because it was the standard all servers were virtualized anyway. Detail: on each blade only a single virtual machine (VM) was placed that had the entire blade allocated to it. This left no room for the underlying hypervisor to do it's job, which led to each blade running the hypervisor half of the tiome and the virtual server the other half of the time. Long story short, the virtual server did not get the whole, but only half of the blade and performance was only half of what it should have been. Even shorter: the wrong choice and a very expensive one to boot.
The most important argument to virtualize was the ability to move a virtual machine quickly in case of hardware failure. But a blade center also offers you the flexibility to move a server to another blade, including the entire identity of the original blade. And boith solutions force you to buy an extra blade to replace the failing hardware.
This customer solved the issue by replacing the CPU's on the blades with CPU's that had 50% more cores, so the hypervisor could run on the extra cores. An expensive operation and the only gain they got is making a different system administrator responsible for handling hardware failure. By now the hardware has been completely replaced, without any blade failures happening ever. The only ones that had an advantage from this solution were the hardware supplier and the supplier of the virtualization software.
And that's only the start. Just think of the 10%-15% virtualization performance penalty and lets not forget the extra aysadmin complexity it adds.
The advantages ... and disadvantages of IT standards
We have IT standards so everyone knows what guidelines and specifications have been accepted by organizations, to make sure that different systems, networks and applications are deployed and work in the same way. These standards contain a wide range of disciplines, such as hard- and software choices, file and data formats, security rules and programming languages. Examples are WIndows as operating system, SQL Server as database and storage on a Storage Area Network (SAN).
The Advantages of IT-standards
- Consistency: Standards take care of consistency in the way technology is developed and implemented. This facilitates maintenance, support en training of personnel, because everyone follows the same basic rules.
- Security: IT standards offer guidelines for security measures, such as encryption protocols and authentication methods. This helps in creating a safer digital ecosystem where data protection and privacy privacy are guaranteed.
- Best practices: Standards ensure that best practices are always followed. Using standards your employees cannot forget to actually implement certain best practices.
- Cost savings: By retaining standards organizations can save cost in many cases. Hardware and licenses can be bought in volume. Many suppliers give significant discounts on volume purchases.
The Disadvantages of IT-standards
Retaining IT-standards brings a number of perilous disadvantages, especially in specific use cases.
- Performance problems: In some case standards can lead to performance problems. The standard prevents efficient use of resources, the standard causes extra delays or the solution has resource needs the standard cannot provide.
- Limiting innovation: Standards can hinder innovation. Companies that stick to standards rigidly can have difficulty developing unique, groundbreaking solutions that don't fit within the existing guidelines.
- Complexity: IT-standards can be complex and difficult to implement. This can lead to extra cost and effort for companies that want to comply with these standards.
- Rigidity: Clinging to standards can lead to a lack of flexibility. Companies can experience difficulties in responding to changing markets or technological developments when their held to strict standards.
Use standards, unless
In 90%-95% of the cases standards are effective and offer more advantages than disadvantages. It's not an issue to take a slightly elliptic peg and make it fit a round hole. But in the other 5%-10% it's unwise to use a sledge hammer to force a square or triangular peg into the round hole. You won't jus destroy the peg, you risk wrecking the entire peg board. So what to do?
- Choose a different solution: If a solution, like a software package, really doesn't fit within your standards, you should check if an alternative is available that is a good, or at least better, fit for your standards.
- Deviate from the standards: If you really want to or must have that one solution, don't bne afraid to deviate from your standards for that solution. Make a good decision of the advantages of the solution compared to the advantages of the standards.
- Decide consciously: A deviation from the standards may only be made based on a conscious decision. That decision must be made on the right level of the organization. Involve all the stakeholders when making the decision.
- Communicate: A support base for the decision is created by communicating the decision and it's motivation clearly to your organization.
- Document: Document the deviation, it's motivation and it's impact. Make sure all information systems related to the deviation, like your CMDB at least have a reference to this documentation.
- Evaluate: The word changes. It's possible that technical or other developments make a deviation obsolete after a period of time. In such a case consider undoing the deviation.
Conclusion
Blindly sticking to IT standards can cost you much more than you gain in certain cases. Of course you need to have IT standards and enforce them, but a policy that is too rigid can cause you serious issues. Costs are an important factor, but certainly not the only risk if you enforce your standards too harshly. My advice is, maintain a "standards, unless" policy - that helps youreach an optimal result for your organization.
SO now you want to know if your IT standards are hindering your organization? Plan a 15 minute appointment with me and I'll tell you exactly what you need to know.