BMC Says Enterprises Need Tools To Manage Multi-Cloud

BMC Software have announced a new tool called BMC Discovery for Multi-Cloud that, it says, “Empowers Enterprises to Successfully Manage Multi-Cloud Environments.”
Bad luck to all those enterprises who already thought they were being successful.

Apparently “with the shift from the on-prem to multi-cloud environments, companies are challenged with security, cost, compliance, and governance requirements.” As distinct from what challenged companies before the invention of cloud, or indeed computers.

Badly written press-releases aside, I spoke to BMC Software’s Vice President of Digital Innovation, Jason Frye, about what any of this really means.

“It helps organizations the cost implications of migrating to the cloud,” he said, “And allows them to model what a workload might cost if they were to run it on Amazon or Azure, or potentially keep it on-site.”

“Sometimes when we do those models, customers find out that the workload might be less expensive to run on-site than the cloud, or vice versa,” he said.

This sounds quite similar to what Densify showed me at VMworld last week, though I haven't dug into its ability to do asset discovery and service dependency mapping.

Frye mentioned a BMC customer had used this service dependency feature to help them understand their exposure to the WannaCry ransomware. They could figure out which servers had exposure to the bug that enabled WannaCry to infect them, and also understand which services depended on them. Shutting down those servers to patch them thus became a more managed process, rather than a panicked rush full of screaming and tearing out of hair.

This supply-chain understanding of IT systems is a relatively new idea in the IT world, even though the concept has been around for a long time in manufacturing. If there's a problem at the factory that is discovered after a product is already on the shelves (food contamination, manufacturing defect that managed to get past QA, etc.) you can only recall the product if there are records of which batches of product have the problem, and where they all are. This is a complex logistical challenge, yet it happens all the time. Just not in IT, which you would think is easier to keep track of than physical items.

While the multi-cloud cost modelling and capacity planning is what enterprise IT folk will find familiar and comforting, I think it's this supply-chain understanding of services that is going to gain traction as information security becomes more important at higher levels of organisations. With Equifax in the news this week—don't worry, there'll be another massive breach of someone else in a month or three—gradually we'll start to see pressure on IT organisations to be able to tell which bugs exist in which parts of their IT supply chain so they can either get replacement products or patch the bugs.

The software supply chain, regardless of physical presence—be it on-site, cloud, hybrid, edge, or whatever buzzword we come up with next—is the big challenge to solve here because it's such a new concept for those tasked with building the systems. The incessant drive to go faster and faster, to be more agile, more innovative, more disruptive than ever before! will need to be tempered with some good old-fashioned operations management.

I look forward to discovering who will be the Tylenol of the software supply-chain. Let's hope no one has to die before it happens.

This article first appeared in Forbes.com here.