Why IT Outsourcing demands a human-centric approach?

Hyper automation, the hybrid cloud, and new approaches to cybersecurity and governance are defining a more humancentric approach to enterprise IT outsourcing.

In this insights report we explore how 3 key IT trends; Hyper automation, Hybrid Cloud, and Governance, Risk mitigation, and Compliance management are at the forefront of IT outsourcing models, which are enabling organisations to implement modern and innovative IT solutions that automate unwanted tasks, improve system flexibility, provide a robust GRC framework.

This frees up IT teams to focus on strategic initiatives, and increasing staff satisfaction levels, and brand confidence in the market. Read on to explore how your organisation can make the shift to a human-centric approach to IT.

Introduction – building systems that work for people

Throughout history, commercial and public sector organisations have invested in enterprise IT to gain access to new capabilities and increase productivity, liberate people from repetitive or low-value tasks, and improve data and systems security.

Things don’t always work out as planned, as over time organisations have seemingly neglected the people aspect, which is core to their business success and can translate into wasted time for employees, high staff turnover and customer dissatisfaction.

Thankfully, the opportunity exists to change this situation. With many Australian organisations choosing to outsource some or all their IT to a secure cloud Managed Service Provider (MSP), this allows them to benefit from modern and innovative IT outsourcing models that deliver a range of services that can automate unwanted tasks, improve systems flexibility, and provide a more comprehensive approach to governance, risk, and compliance (GRC). This frees up employees to be more productive, enables the organisation to adapt more readily to changing market conditions, and ensures leaders can feel confident about security and regulatory compliance.

This new, human-centric approach to IT outsourcing begins by considering the work that will add the most value for the organisation, and then utilises technology to ensure people are free to focus on these tasks. The MSP can then manage or automate everything else.

The result is an organisation that is more efficient and flexible, with a greater sense of confidence that new decisions will uphold standards for governance, compliance, and security. Employees are more productive and engaged, the organisation can respond faster to changing market conditions, and technology-related risks are reduced.

The gift of time

The starting point for this approach is to ensure that people can focus on doing the things that add the most value for their organisation.

It is unlikely that the working day can be made much longer – and according to the payroll specialists ADP, the average Australian worker is already performing 7 hours of unpaid overtime each week. But there is much that can be done to ensure people get the most out of their working hours.

Most modern organisations are riddled with processes that were created with the best intentions but are time-consuming or frustrating for the people using them. For example, a simple process such as onboarding new employees can require dozens
of individual actions, from providing them with equipment and secure access, to registering them for payroll and employee benefits. Often the new employee must self-navigate through these steps – a tedious and time-consuming process. Research
from the recruitment firm Robert Half found 59% of Australian managers reported that an employee had resigned during their probation period due to poor onboarding processes.

Today however, it is possible to cut many steps in the onboarding process, by partnering with a secure cloud MSP that delivers AIpowered automation technologies that carry out actions on the employee’s behalf. This improves their experience while reducing the workload for service staff. This same capability can be used to automate off-boarding when it comes time for that employee to leave. In both instances security is enhanced by ensuring the creation or cancelling of credentials are carried out automatically.

This same process of automation can be applied across many commonly executed operations, including IT service procedures such as provisioning new cloud computing environments or commissioning network end points. Automation can also be applied outside of IT, with the McKinsey Global Institute report A Future that Works: Automation, Employment, and Productivity finding 60% of all occupations had at least 30% of constituent activities that could be automated.

Automation can also be used to find patterns of events that point to potential problems. One example is in storage systems, where an automated agent can automatically delete unnecessary files before limits are reached. The same technology can also be used to monitor workloads and automatically provision new virtual machines to handle spikes in demand.

Automation can also be used to find patterns of events that point to potential problems. One example is in storage systems, where an automated agent can automatically delete unnecessary files before limits are reached. The same technology can also be used to monitor workloads and automatically provision new virtual machines to handle spikes in demand.

When partnering with a modern MSP that utilises hyper automation in their approach to managing customers’ IT environments, you typically see a direct correlation in both high employee and customer satisfaction.

Stephen Dangerfield, Chief Technology Officer, Brennan

Maximum flexibility for unlimited possibilities

A second part of this new approach to humancentric IT outsourcing is to ensure the organisation has the IT flexibility it needs to respond quickly to market changes and take advantage of new opportunities.

Traditionally, every new on-premises IT investment has faced limits in terms of performance, cost, and capacity. These constraints were somewhat alleviated with the emergence of the public cloud. But while the cloud promised to make computing and storage resources available to customers on demand, it also often brought higher costs, reduced performance, and added security concerns, leading to the repatriation of some workloads back out of public cloud.

This experience hasn’t stopped leaders from seeking new ways to gain enhanced flexibility without compromising user experience, security considerations, and their budgets. And it turns out that the answer is indeed cloud – although not in its traditional sense.

Secure cloud MSPs can deliver cloud environments that offer the best of both on-premise and offpremise cloud computing using a mixture of public and private cloud models. This concept is often referred to as Hybrid Cloud, and its popularity is growing. According to IDC’s CloudPulse Survey 2020, while the use of public cloud globally will grow from 25% of applications today to 30% in the future, the use of private clouds will increase from 40% today to 43%, suggesting organisations will invest in a mixture of cloud models for the foreseeable future.

To make the most of this model, Gartner has suggested organisations need to become cloudsmart. This means IT leaders have the information necessary to decide on the needs of applications and their users across their organisation, and have the flexibility to provision appropriate cloud services.

Customers should look to a secure cloud MSP,that overcomes this challenge by giving customers
an advanced platform that provides oversight of their entire cloud environment, down to each
individual workload.

Chris Mackenzie, Head of Cloud, Brennan

There are three pillars that support a cloudsmart strategy:

1. A strong foundation of private cloud infrastructure services, delivered onpremise or in off-premise private cloud environments, usually managed by a secure cloud MSP. Utilising private cloud services can enhance the cloud’s security profile and ensure GRC requirements are met, especially those relating to data sovereignty.

2. The ability to choose from a variety of public cloud services, depending on the specific needs of each workload. This means users can take advantage of specific services within each cloud, including managed private environments, ensuring they avoid compromising on functionality.

3. A capability in application modernisation to deliver access to the full benefit of cloud-native technologies which significantly increase the returns from their cloud migration.

According to Brennan’s Head of Cloud Chris Mackenzie, “The cloud-smart approach is based on the idea that no single environment can deliver everything that an organisation requires. However, cloud environments that incorporate multiple suppliers and platforms inevitably bring a higher level of complexity, which can hinder manageability and raise costs.

Customers should look to a secure MSP, that overcomes this challenge by giving customers an advanced management platform that provides oversight of their entire cloud environment, down to each individual workload. The management platform should deliver full application-level performance monitoring and cost management, ensuring customers have the information they need to properly plan out their environment with complete flexibility”.

Modern GRC frameworks represent the realisation that security and governance are not blockers to an organisation’s ambitions, but instead enable it to make decisions faster by providing greater confidence that new actions are taken on top of solid foundations. Organisations can explore new markets or launch new offerings and capabilities with the knowledge they are secure by design from the outset.

Daniel Hayes, Head of Cybersecurity, Brennan

A secure framework that builds confidence

The third component of this human-centric approach to IT outsourcing is to adopt a more comprehensive view of governance, risk, and compliance (GRC) across the entire organisation, beyond just cybersecurity. This enables technology decision makers to drive business strategy, react quickly to market demands, and improve process efficiency against a known and accepted risk framework. With the right GRC framework ensuring alignment of information security strategy, IT and business strategy, people within the organisation can feel more confident when making decisions.

Providing this confidence starts with a series of discovery exercises that create an inventory of all assets and processes that contribute to an organisation’s security and governance procedures, and records how they align to the strategy and feed into the risk management plan. Assets include people, data, and intellectual property – each of which is a potential risk, as well as an enabler for a business.

Once this process has taken place, it becomes possible to use the asset and risk register to build a roadmap of activities. These will fall into two broad sections.

The first of these is remediation and mitigation tasks, to address identified risks. The second is to compare the organisation’s current state to its desired state, which provides a well-qualified and quantified set of requirements, opportunities for improvement, and future initiatives.

Organisations worldwide recognise the need for an improved approach to GRC. In the US, IDC expects spending will rise from US$11.3 billion in 2020 to US$15.2 billion by 2025. When Gartner surveyed more than 200 US organisations it found almost two thirds were already using multiple GRC solutions, with IT & Security Risk Management solutions, a key component of a comprehensive GRC strategy, being among the most common.

Domestically, in January 2021 the NSW Standards Harmonisation Taskforce called on governments across Australia to adopt internationally recognised ISO and/or IEC standards as a baseline requirement for information security.

These frameworks are proving critical for building confidence in the modern era. Not only do they provide strong guidance regarding how organisations can best invest in security and compliance for their own protection, but they can also form a key component and differentiator of an organisation’s ‘ticket to play’ in certain markets, in terms of meeting the expectations of regulators, partners, and customers.

According to Brennan’s Head of Cybersecurity, Daniel Hayes, organisations of all sizes, across all sectors and industries are looking to set (and meet) information security benchmarks against domestically and internationally defined frameworks, most notably the Australian Signals Directorate’s Essential Eight mitigation strategies, ISO27001 information security framework, and the United States government’s NIST cybersecurity models. Therefore choosing an MSP that understands, adopts and implements these frameworks is critical in protecting your organisation and your people.

Time, flexibility, and confidence – a powerful combination

Modern organisations face unprecedented pressures from their people and their customers, with a need to show that they can rapidly adapt to changing market conditions and manage unforeseeable external forces -alleviating risk, minimising business disruptions and instilling brand confidence.

In partnering with a secure cloud MSP that adopts the use of hyper automation, cloud-smart solutions, and a holistic view of governance, risk, and compliance (GRC), the MSP becomes an extension of your IT team, taking on many of those mundane tasks and ensuring organisations can focus on what’s important. When an MSP takes a human-centric approach to enterprise IT outsourcing, an organisation can take a step closer to fulfilling its ambition of truly putting its people first.

Join us on social

Get in touch

Tell us what you need help with, and we’ll send the right expert your way.