What is ITIL?
ITIL stands for Information Technology Infrastructure Library. It is a framework of best practices to manage IT operations and services as defined in the mid-1980s by the Government of Commerce, UK. The technical description is, as quoted from the ITIL website, “ITIL is the most widely adopted approach for IT Service Management in the world. It provides a practical, no-nonsense framework for identifying, planning, delivering and supporting IT services to the business.”
ITIL was not written for the Managed Services Provider IT environment or even with it in mind as ITIL preceded the common-era MSP by close to 20 years if not more. ITIL is, however, readily applicable and scalable to the MSP industry and environment we have all come to know and love.
In business terms, it is a set of best practices for IT Service Management that focusses on the alignment of IT Service Management with the needs of the client’s business. In the simplest form, these best practices help you define your standardized workflows and policies for Helpdesk, Incident Response, Problem Resolution, Change Management, Device Management and Reporting.
ITIL means creating order out of chaos and forcing continuous improvement through ownership of process. It lends itself to all the key tools we use in process control (six sigma or otherwise), such as feedback loops, metrics to know when something is out of alignment, and a structure for review and correction. One way to think of it is this: ITIL is the baseline set of best practices for our industry that we all should have been using since the beginning of the IT MSP boom, but did not.
Where does ITIL fit in?
Note: I don’t mean, “Where does ITIL fit in with my MSP software vendor’s system?” What I mean is, “Where in my company does ITIL fit into the big picture?” In the simpler sense, you may already be on the ITIL road because your RMM or CRM vendors have implemented ITIL principles internally and champion them in the training they provide to your team for use of their products. I am, however, referring to how ITIL fits in for an MSP, VAR, consulting company, or even as the manager of an internal IT department who is forward looking and intends to continue to be relevant in IT management tomorrow.
First off, trying to get ISO Certification for your company or sending a manager or engineer off to get ITIL certified does not make sense unless your company has at least five working IT staff, you have a clear design on how you will use or leverage it, and you have both the time and money to do so. It’s not that you would not benefit from it, it’s about the ROI. Below a certain level of revenue and manpower, you’d be better off waiting and watching things unfold in the MSP industry instead of buying into something that’s not really actually ripe yet. Read on and I believe things will become clearer.
If ITIL is a solution you’re going to pursue, then it should be something your company chooses to become adept at, the same as you choose to become a Microsoft or Cisco Certified Partner. It is a long road and requires dedication of time, people and money. It is something you send engineers and managers to training for, get them certified in, and then begin revamping your processes, procedures and systems to reflect. ITIL should guide your systems to the most efficient and best methods possible for managing time, people and tasks company-wide over time.
You start out by learning ITIL best practices and methods, then you move to implementing them in your systems and in the systems of your clients. Your clients become involved because you manage their systems and both of you want the most logical, efficient systems you can build for all the same reasons.
Many providers of MSP products today are boasting that their software or services are ITIL friendly, ITIL ready or follow the ITIL Best Practices. Unfortunately, it’s not so easy to just seek out these companies and ask them if they follow, use or implement ITIL principles as a core methodology in their solutions. What you may likely get is that company’s version of what ITIL means to them and what (potentially) small piece they actually understand and have implemented thus far.
Is ITIL for me or my company?
This is a little more challenging question. The short answer is, “Yes!” One way or another, if you are in the IT management industry, then ITIL should be important to you. If you’re an individual, you will benefit from ITIL training and certification because companies cannot become ITIL certified, only people can, i.e. demand for ITIL certified people. IT management companies will be seeking either a relevant certification based on ITIL (see the reference to the ISO standard later in this article), or will be turning to ITIL as a methodology to drive their systems of tomorrow.
For your company, your biggest drive toward ITIL may likely come from your clients. Standards drive efficiency, and if your client is in an industry that has ever-improving standards, one of the most powerful ways to differentiate competitors or vet suppliers is to hold them to a level of expectation. That level of expectation can be as simple as requiring that the IT service provider or management company adopt ITIL as its guiding framework for its operations.
Someday you may even get a push from your vendors to implement ITIL principles. There are some pretty big companies that attribute their high quality of service to supporting ITIL, including IBM, Telefonica, HP and British Telecom.
How do I get started?
Whether you’re an individual or company looking to learn more, you should start with the ITIL official site: http://www.itil-officialsite.com. Once you have decided it is the right thing for you and/or your company, you set a budget, find training and get to work. Depending on your need, you may even hire a certified ITIL consultant. Do not rely exclusively on your MSP product vendor or anyone who is not ITIL certified when it comes to making big company plans. Do your own homework.
ITIL Certification and Training for individuals
ITIL accredited training, leading to certification, is available online or in person and also in a “blended” format, meaning some in-class and some online. The training and certification structure starts with what is called the Foundation and progresses upward to a top level of ITIL Master. My word of advice is to do your homework before you sign up for your first class. First, find out for certain if this is for you or your career path, because there is not only a very large amount of information to learn to get to Master, the cost is also significant. And second, verify any course you plan to take so that your hard-earned certifications are legitimate. My suspicion is that, in time, there will be more than a fair share of scams based on the ITL accredited courses and certifications.
ITIL Certification or Compliance for your company
Since ITIL is not a standard but a framework of best practices, the only course for your company (besides getting key people trained and certified) is to pursue the ISO/IEC 20000 certification. This is an international standard associated with service management and underpinned by ITIL best practices. You should be able to find more information about ISO/IEC 20000 at the International Organization for Standardization web site: http://www.iso.org.
The big question: “Why should I care about ITIL for tomorrow?”
One of the most important principles of ITIL for MSPs is still very publicly unknown and undeveloped, but is also the key to truly changing your service system from being reactive to being proactive. From a conversation I had recently with Jon Sastre of Conquest Technology Services, our own Foundation Certified Wizard of ITIL down here in South Florida, it may be the most important yet lagging piece.
In our conversation, he discussed how one of the key elements of making ITIL work for MSPs is the presence of what is called a Service Catalog. Note: This catalog is unique to the business, as opposed to a single catalog you use for multiple clients (although you may have a template). It is more than your line card or list of common tech services, it is a full-blown electronic list of every service that IT, as a function, provides to that business. This means User Add, Move, Change, Onboarding, Firewall Install, Virus Removal, Server Build, software product such as QuickBooks or Quicken, etc. Everything!
I know you may think this sounds familiar, but there is more to the Service Catalog as outlined in ITIL. The Service Catalog also includes the SLA for that service or device. No more all-encompassing SLA for the entire network or company. It’s an SLA about a critical app or device that calls out the specifics about how you will manage that service or device. So imagine each and every service has its own SLA and history in the system. The intention is that once the catalog is populated and you do work of any kind, there is a Change History to the service or device, and metrics on every important aspect of every item in the Service Catalog. One way that may bring it into focus would be to see it as Active Directory for your Service and Device Management.
This catalog is intended to tie-in to many other functions and processes inside your CRM and RMM construct, but everything starts with the Service Catalog because it is where you determine the SLA and what is covered and not covered.
Conversation with Jon Sastre regarding ITIL
Here are some important excerpts from my conversation with Jon on ITIL, with specific emphasis on the Service Catalog.
Jon Sastre: “ITIL has been long overdue. ITIL is going to actually help (MSPs) become more proactive. First it starts with a Service Catalog, where you actually start off by documenting every service that IT as a function provides to the business, and saying, ‘These are the things that are in, these are the things that are out. This is how we paid for it, this is how long it’s warrantied for, and this is who owns it on the business side. This is who I go to when we’ve got to talk about anything that has to do with email, the accounting software, whatever particular component of an IT service that is being delivered to the business.’ Now you update the SLA in the Service Catalog, because the Service Catalog is where you write and dictate the real SLA. Not the SLA from AT&T that all of us have tossed around as sales buzzwords. The SLA, the real agreement that you, whether it’s a handshake or whatever, are telling the customer, ‘I’m going to make sure your data doesn’t get erased. I’m going to make sure you have email. I’m going to make sure we pick up the phone.’ Those are the things that inside each one of those elements of the Service Catalog, you say, ‘If your email is down, if you can’t run payroll (because payroll is in the Service Catalog as a service that IT is providing to the business), I’m going to pick up your phone call. I’m going to stop what I’m doing and put that at the top of the list.’ And then on a more proactive basis, you start saying, ‘On your QuickBooks’ server, I’m going to check space 24/7 to make sure it doesn’t run out of disk space. I’m going to run patches on a weekly basis. I’m going to have backups done.’
“So the introduction of the Service Catalog gives you the canopy of everything you have to do. But then you have to do financial management around every element of the Service Catalog, monetizing every component. What are the recurring revenues and expenses to the customer and to the business unit from IT associated with keeping this service going? How long do you keep a service going? Can you retire services because you’re not using them anymore? Then when you sit down with the client and their quarterly reports, you discuss things like: What are the recurring revenues and expenses to the customer and to the business unit, from IT, associated with keeping this service going? How long do you keep a service going? Now you’re having business discussions with the customer, and as an MSP, having those discussions sounds a lot more like a businessman than a technical person or a geek.”
Manuel Palachuk: “So you have these SLAs and an individual catalog for each IT entity, whether it’s a company or multiple companies. Then, because it’s incrementally monetized based on each of the SLAs in the catalog, you get different recurring revenue from each different client. But it’s based on what they use, what they need, and how important it is to them, right?”
JS: “Yeah, and at that point, you truly are the internal IT department.”
MP: “You are their internal IT, and you have repeatability and reproducibility across all of your clients.”
ITIL is not just about the best practices and structure that the IT service industry will benefit from, but it starts there. Implementing ITIL is about building a sustainable and efficient model for managing and maintaining IT in alignment with the needs of the client’s business. The difference being, ITIL driven service delivery is keyed into what the company uses and needs, not just what either the MSP or client thinks they need. And it is right-priced based on those needs.
The client would no longer pay for uptime on a firewall that doesn’t even have a hot connection or an R&D server that can be reloaded in 30 minutes by the team who uses it. Instead, they would pay for real manageable uptime on the prime services such as their accounting package and their SQL database. It can go a long way toward putting an end to ridiculous conversations about what gets serviced first: the missing icon on Tony’s desktop or the memory leak on the SBS server.
I hope that, for the ITIL savvy readers, I have not over simplified things. I do know that by focusing a large part of my discussion on the Service Catalog, I may be misleading some people into thinking this is the only part of ITIL they need to be concerned about; quite the opposite. What the Service Catalog represents is one of the major payoffs in building a system that is based on ITIL best practices. For those of you who are just hearing or beginning to come up to speed on ITIL, I hope this piques your interest and acts as a simple primer to ITIL.
ITIL is driving the MSP, RMM and CRM solutions of tomorrow, and if you look around right now, you will see it happening. It’s driving them today to build the solution for tomorrow that fully supports ITIL best practices. Unfortunately for most MSPs and VARs, this lag between acceptance of ITIL and full implementation will appear as a wrinkle for some time to come. If you find you can’t wait until your current CRM and RMM can both feed and work from a true, fully ITIL defined Service Catalog, your only choice may be to change solutions. So in the meantime, get educated on ITIL, figure out where it fits into your system and start budgeting for training and certification.
A quick note about Jon Sastre:
Jon is a true entrepreneur and the CEO of Conquest Technology Services, a Microsoft Gold Certified Partner in South Florida.
His accreditations and certifications include: MS(MIS), BBA, MCT, MCSE, MCDBA, MCSD, MCITP, ITIL
Organization associations –
- Coral Gables Bar Association Member
- BNI Success Link Chapter Member
- IAMCP President & Director, South Florida Chapter
- IAMCP Board Member, United States National Board
Can you find this on Google?