Under any of the operations professions, the most fundamental role of the operations person is to deliver services to a set of customers. To build upon this further, the operations person maintains existing IT infrastructures, translates customer requirements into tangible and actionable solutions, assists in the protection of customer information and services, and advises stakeholders on application of technology under existing limitations of time, money, or capabilities.
By thinking of operations as a business unit instead of a forgotten office within the organization, the operations engineer is already thinking at the correct level to assess how to support the needs of the organization.
Understand how the organization competes within its industry. Commercial entities, non-profits, educational institutions, government agencies all measure success in some way. For commerce, it will be sales and profit. For educational institutions, it might be numbers of incoming students and retention rate of students. For a non-profit it might be the number of people willing to give to support the work of the organization and the number of people who use its services.
All of this leads to correct positioning of operations within the organization.
-
What are the core competencies of operations and how do they serve the internal business units and the organization as a whole?
-
What core competencies should operations develop in order to better support the organization’s mission?
Maintaining Existing IT Infrastructures
The most visible role of Operations is to maintain the status quo. For the system administrator this means maintaining servers and processes such as logging, monitoring, backups, authentication, or naming services. For the network administrator it means maintaining routers, switches, the edge network, gateways, or the relationship with the corporate Internet Service Provider (ISP). A security engineer might be responsible for maintaining a vulnerability scanning capability, incident response policy and processes, intrusion detection systems, firewalls, and a customer security awareness training program. Operations may also be responsible for maintaining access to internal services (e.g. financial systems, corporate content management systems, procurement systems, etc.) that may impact the various business units within the organization. These roles are distinct but there is sometimes overlap between them in smaller organizations where fewer people serve in multiple roles.
Translating Customer Requirements
Operations roles are customer service positions. These careers require a level of customer interaction because the services delivered by the Operations professional must be driven by customer needs. In this case, customer is used to mean the business, organization, or other entity that is employing the Operations professional. Some questions to ask to help the Operations person understand requirements from the customer perspective:
-
What is the core mission of this organization?
-
How does Operations support, hinder, or allow the organization to innovate for the mission?
-
Who are the core customers (internal, external, or both)?
-
What does the organization need from the Operations professionals?
-
Why should this organization come to these Operations people for this service or solution? What is the value proposition for Operations within this organization?
-
How could Operations provide more value: higher level of competitiveness, faster service delivery, stronger security, or other benefit that aligns with the mission?
Translating customer requirements is key to focusing the efforts of Operations. Operations work can be a slippery slope where the professionals are spreading themselves too thin on projects and deliverables that do not serve the organization’s mission. One way to focus the efforts of Operations is to answer these questions and to ensure that the Operations organization, whether insourced or outsourced, is delivering services that provide the most value.
Protection of Information and Services
Often the Operations professionals in an organization are the people who most completely understand the technical risk to organizational assets from an IT perspective. Senior management within an organization will usually understand risks related to financials, competition, manufacturing, etc. but they often do not understand IT enough to make an informed decision. Operations professionals are the ones with the deep technical expertise required to comprehend risks, threats, vulnerabilities, and countermeasures. They use this expertise to express their concerns in a way suitable for senior management. This is another area where the Operations professional is communicating with the organization’s leaders to advise on appropriate actions to address IT security where it makes sense for the organization.
Areas where organizations need the Operations professional to advise on IT security could include threats to data from internal and external sources, hardware failure, site availability or resilience, data preservation, and information integrity. Again, these areas are dependent on the organization’s mission.
For example: an ecommerce organization will most likely want strong site availability and protection of customer personal information. The operations professionals might build a site with high resilience and availability including use of Content Delivery Networks (CDNs); strong encryption (not only for the ecommerce session but also data at rest); role-based access for internal employees accessing customer information, to reduce access to only those people who need it. Organizational leaders often do not understand how these solutions are implemented so it is up to the Operations professional to communicate the threat, solution, cost, impact to the organization of implementing the solution.
Advising within Current Limitations
The Operations professional who advises an organization must also consider limitations that impact the potential solution. Cost, timing, expertise within the organization, available time of the people who would implement the solution, or IT security issues may be considerations. For example, decision makers within the organization will need to know what is possible and at what cost so they can decide how to spend the organization’s money. Good, fast, or cheap (pick two). It may be the operations professional’s responsibility to explain this concept from an IT perspective.