An IT strategy is necessary for companies today. But, the ask—detailing where you want to go and how you’ll get there—can be overwhelming. That’s why we’ve put together this introduction to IT strategy.
When creating or changing your IT strategy, you must consider and account for these eight components. Without them, your strategy will be incomplete. Let’s take a look.
What is an IT strategy?
A component of IT capability, your strategy is a vital document that lays out your organization’s ability to create value using IT business assets and technological know-how. A business document, not a technical one, your IT strategy should be readable by any employee.
There are countless reasons your company needs an IT strategy: meeting organizational needs, improving business processes, and providing maintenance, support, and right staffing for IT systems. The main purpose of an IT strategy, though, is simple. Clarifying and communicating your long-term goals becomes your framework for decisions and actions you’ll execute over the short- and medium-term.
IT strategy: from vision to action
I’ve developed a step-by-step template for writing your IT strategy, which outlines a variety of information your IT strategy needs, including:
Figure 1: A simple template for an IT strategy
That template can be roughly be divided into two sections:
- Organization-specific items (the first six sections): Items that are specific to your business, including organizational goals, IT vision, assumptions, limitations, requirements, critical projects, and timelines. These items are the heart and brains of an IT strategy. These items define where you want to
- Infrastructure and management items (the last four sections): Items needed to implement your IT strategy, including the necessary resources, processes, technologies, infrastructure, and management items. These are the arms, legs, and muscles of your IT strategy. They define how you will get where you want to go.
Organization-specific items are unique to your organization. In contrast, infrastructure and management items possess a commonality between organizations that make them easier to define. Both sets need to be included in your IT strategy to make it work.
8 infrastructure and management items
Today, let’s concentrate on the last four sections—the common infrastructure and management items you will need to flesh out your IT strategy. Remember, these eight components will define how you achieve your vision. These items include:
- IT asset inventory
- Desired IT site environment
- Security and Governance requirements
- Servers, devices, and storage
- Customer, user, and IOT interfaces
- Transport and delivery
- IT personnel and management
- Cost and budget
I’ll explain each item and how it fits into an IT strategy, aligning with the above IT strategy template.
1. IT asset inventory
An IT asset inventory defines your current infrastructure and management state. The inventory helps you understand what assets can be used or reused for your strategy, and what existing items need to be incorporated or replaced when fulfilling that strategy. Common elements of an IT asset inventory include:
- A listing of physical and virtual data centers, computer rooms, and their locations, including physical computer rooms, IDFs, DMARCs, computer closets for smaller locations, hosted data centers, and cloud environments.
- All utility equipment, including power supplies, generators, transfer switches, and electrical supplies for your locations
- All telecommunications lines and accompanying hardware
- All infrastructure equipment, including servers, storage area networks (SANs), routers, firewalls, switches, wireless access points, modems, SD WAN devices, etc.
- All networking and server software, including operating system licenses, server operating system software, server third-party software, and custom written software
- All contracts, leases, and agreements for existing hardware, software, and services
- All licenses along with hardware and software maintenance contracts
- All current IT personnel, their roles, and their current skill sets
As you perform your asset inventory, also research and collect your current costs and budget associated with each item. You will need the costs as well as the inventory for your strategy.
Where to include this component: An asset inventory can be used as reference material or included as an Appendix in your plan.
2. Desired IT site environment
Define where your IT site environment will live. This component is second because many other IT infrastructure and management aspects will flow from this decision. IT site environments can live in multiple locations, including:
- On-premises (on-prem) in a traditional on-site Computer Room/Data Center at a company location
- Off-premises (off-prem) hosted at a managed service provider (MSP) data center at a specific location
- In an MSP cloud environment
- A hybrid set up consisting of two or more of these options
Hosting IT equipment on-prem or in a hosted environment generally requires more investments in physical assets (racks, servers, power supplies, infrastructure and telecom equipment, etc.), while hosting in the cloud requires more investment in contracts and services as cloud providers supply the equipment for you.
Traditional environments also require a staff or services to maintain these items. Hosted and cloud environments will provide support assets and personnel as part of your contract.
Where to include this component: The desired IT environment can be included as part of Section 7 (Necessary Resources) or Section 8 (Significant processes, technologies, and infrastructure needed) of your IT Strategy.
3. Security and governance requirements
Every IT environment needs, at a minimum, standard firewall security and anti-virus/anti-malware security. Most environments need more. The amount and type of security needed is, in many respects, dependent on your governance requirements. Review what compliance standards you fall under (national, state, local, industry, etc.) and use them to determine how this will affect your IT strategy.
Some examples of security and governance requirements affecting IT strategy include:
- Perimeter networks (DMZs) for exposing external-facing services
- Anti-Virus and anti-malware programs
- Firewalls
- Encryption storage and masking techniques
- Multi-factor authentication
- Automated password resets
- Security Information and Event Management (SIEM) collection and reporting
- Regulatory security capabilities for standards such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCIDSS), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA)
- Intrusion detection and protection systems
- Disaster recovery, high availability, and business continuity requirements
- Financial auditing requirements
Where to include this component: Security and governance requirements would be included in Section 8 (Significant processes, technologies, and infrastructure needed) of your IT Strategy.
4. Servers, devices, and storage
Existing infrastructure servers and application servers need to be included in your IT strategy document. This is where your IT asset inventory comes in handy, as it will show you all the critical servers that need to be accounted for.
Servers can be hosted locally, in a managed data center, or in the cloud. Some of the necessary servers you might need to list in your IT strategy include:
- Application servers such as SAP servers, ERP servers, mobile app servers, Web servers
- Database servers
- Email servers
- File and print servers
- FTP servers
- Time-tracking servers
- HR servers
- Service Desk servers
- Special purpose servers
Specific types of servers and operating systems should also be considered, whether they are HP, Dell, Oracle, IBM, or other server brands.
Don’t forget about any devices you may need to implement your strategy. Some examples of devices you may include are:
- Updated computing devices such as laptops and desktop computers (ex., Windows 7 computer upgrades to Windows 10)
- Warehouse equipment, such as scanners, bar-code printers, terminals, shipping printers
- Cell phones and tablets
- Peripherals that are needed to execute elements of your strategy
- Video equipment, including camera systems and large screen displays
- BYOD devices
- New IoT devices or equipment needed for IoT devices
Where to include this component: List existing infrastructure servers and application servers in section 7 (necessary resources) of your IT strategy document. List any necessary devices in section 8 (Significant processes, technologies, and infrastructure needed). Any new servers or server consolidation should also be listed in section 8.
5. Customer, user, and IoT interfaces
How will users, services, and IoT devices access data, content, and applications? There are many ways that users can access content—plan for them in your strategy. Some of the interfaces you will need to consider using in your IT strategy include:
- Web interfaces
- Mobile interfaces
- Terminal interfaces, such as 3250, 3270, and non-graphical interfaces used in legacy IBM, HP, and Unix systems
- FTP and secured FTP access
- TCP interfaces
- Audio and video interfaces
- IT portals for customer access
- PC application interfaces, including Windows, Apple i operating systems, Linux
- IoT interfaces for communicating between machines
Interface definition is critical because it defines how and where your customers experience your applications. In most instances, multiple interfaces will be used for customer and user access.
Take an ERP system, for example. Warehouse users may access ERP data through a 5250 green-screen terminal. Office users may update and retrieve data through a Web interface, Microsoft Excel, or client-side applications. Customers may browse your catalog and buy products through one or more Web browsers (Chrome, Internet Explorer, Firefox, Safari) or through a mobile app on a cell phone or tablet.
Where to include this component: Interface selection is all important—include it in section 7 or 8 of your IT strategy.
6. Transport and delivery
Data and application transport and delivery is also all important. While item 5 defined how users will experience your content, transport and delivery items define what protocol and telecommunications pathways customers and users travel to reach your content. This step covers what key communications infrastructure will be needed for all intended users (customers, employees, business partners, vendors) to reach and experience your content. These critical elements are the road your users, outside users, and partner machines use to access your applications.
Some of the necessary resources and technologies that should be included in your IT strategy include:
- Your Internet telecommunications system including ISP lines, Ethernet, MPLS lines, wireless services, DSL lines, and any other types of communications lines that your data and applications travel over
- Telephone system lines and equipment, including standard POTS lines, 800-#s, fax lines, SIP lines, and your telephone switch and servers
- Network cabling inside all your locations
- Network switches, firewalls, routers, edge servers, and other networking equipment
- Wireless access networks inside all of your locations
- Virtual Private Networks (VPNs) and site-to-site VPNs to allow employees and outside entities to log in to your network
- SD-WAN devices that simplify network management and allow for redundant communications lines that reroute data to secondary circuits when a primary circuit goes down
- Any older technologies like coaxial cabling that you may need to access and control old equipment
Where to include this component: List your critical transport and delivery items in sections 7 and 8 in the IT strategy template.
7. IT personnel and management
Your IT strategy also needs an understanding of what IT and non-IT personnel will be needed to implement your IT vision. You cannot achieve digital transformation without reviewing and revising what your personnel structure looks like.
Your vision may require IT operations personnel to start taking on DevOps duties, handling issues that previously were handled by programmers. Programmers may transition into Agile, LEAN, or other new technologies. Your Help Desk may have to reconfigure itself as a Service Desk. Line of business personnel may start managing IT resources as they create new digital products.
Your new IT vision may require you to reimagine IT and non-IT staffing. These changes will need to be incorporated, explained, and signed off on in your IT strategy.
Where to include this component: Include your new staffing structure in section 9 (the business of IT: how IT will be managed).
8. Costs and budget
You will need to define your expected IT strategy costs for organizational-specific items (sections 1-6 of the IT strategy template) and infrastructure and management costs (sections 7-10 of the template).
Here are some costs you will need to include for management and infrastructure items.
- Site costs for your selected IT environments (on-prem, off-prem, or cloud)
- Equipment costs for buying or leasing equipment
- Software maintenance costs for any software you use in fulfilling your strategy
- Hardware maintenance costs for infrastructure hardware
- Licensing costs for any software or device you will be using
- Leasing costs for any leased items. This is especially important in a cloud environment, where your leasing costs will be higher than your capital costs
- Telecommunications costs
- Customer device costs
- IT and non-IT personnel costs
- Existing costs that will be carried forward in your new strategy
Putting it all together
An IT strategy defines your IT vision and provides a roadmap for using IT to create organizational value. Your infrastructure and management components are a key part of that roadmap. Make sure to define these items correctly in your environments, as your IT vision and strategy will depend upon them.
Additional resources
To learn more about creating the right IT strategy, check out these BMC Blogs:
- Creating an IT Strategy Communications Plan: 5 Keys to Success
- IT Governance vs IT Management: Mastering the Differences
- Getting Started With a Multi-Cloud Strategy
- IT Recruiting: Strategy and Tips for Success
These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.
See an error or have a suggestion? Please let us know by emailing blogs@bmc.com.