WHITE PAPER

Outcome-based delivery success criteria for managed services

Business mandates to A managed provider’s These are the success improve the client experience, ability to support their clients factors NTT uses, both in the combined with rapid in meeting these objectives is development of our Managed technology change, are dependent on several Services Platform and the leading many companies key capabilities: operation of our Managed to rethink the role of their • Reducing the complexity and Services. Our Managed internal IT . risk in managing a hybrid Services Platform is the Technology changes and IT landscape. foundation upon which we the integration of legacy and deliver our Managed Services • Employing automation to cloud-based infrastructure and the operational outcomes accelerate time to value brings complexity in terms our clients expect. with new digital of interoperability and transformation initiatives It is a combination of our . Our research and technology deployment. global tools, processes, indicates that 60% of all technology, and intellectual companies engage in digital • Integrating seamlessly into the client’s existing property, with capabilities transformation through that are ITIL aligned, vendor- and partnering. processes and in-place technology investments. independent, and delivered Managed service providers consistently around the world. can de-risk transformational • Demonstrating the security change and deliver a and data privacy in their more efficient operating development and operational environment that enables IT processes and practices. leaders to turn more of their • Offering ongoing innovation focus on driving that is transferred to transformation. their clients.

hello.global.ntt white paper | Outcome-based delivery success criteria for managed services

Table of Contents

Managing a hybrid IT landscape 03 Employing automation to accelerate time to value 04 Integrating seamlessly into processes and in-place technology investments 04 Demonstrating security and data privacy in development and operational management processes and practices 05 Offering ongoing innovation that is transferred to their client base 06 Overview of NTT’s Managed Service Platform 06

hello.global.ntt white paper | Outcome-based delivery success criteria for managed services

Managing a hybrid IT A managed service provider must be An architecture built on microservices landscape able to efficiently manage and improve that can be used repetitively, as needed, the client’s operational environment eliminates the duplication of complex Today, the IT landscape throughout all across this diverse landscape. A tasks across workloads and reduces companies has become significantly managed service provider should human error. Our reusable components more complex. Non-programmable demonstrate the capability to enable enable us to configure our Managed infrastructure (e.g. physical network their clients’ workloads (all the individual Services to improve client outcomes. routers, switches, and physical servers) capabilities and units of work that make Our objective is to deliver sustainable continues to operate, along with cloud- up a discrete application – inclusive of improvement to our clients’ IT operations, based and programmable infrastructure software and the virtual and physical supporting their technology, process (e.g. SDWAN applications, cloud control infrastructure required to run the innovation, workload migration, and wireless access, voice applications). application as expected) in the cloud, on- systems integration. Heterogenous and distributed endpoints premises, or in a hybrid IT environment. will continue to proliferate. More and We offer a unique architectural approach more data is being gathered and often to workload and IT operational task analysed at the edge, closer to the automation and management to reduce clients and end-users. Workloads are complexity by decoupling the workload often required to run across different from the underlying IT operation and infrastructure platforms to improve leveraging reusable micro-service redundancy, aid in migration and/or to capabilities to accelerate time to value in reduce cost. workload deployment.

Microservices approach VS Traditional approach Microservices approach A Traditional application App 1 App 2 App 1 segregates functionality (Web app or large service) into small autonomous usually has most of its services, and scales out by functionality within a single deploying independently and process (usually internally replicating these services/ layered), and scales by VMs/containers. cloning the whole app on multiple servers/VMs/ containers

hello.global.ntt white paper | Outcome-based delivery success criteria for managed services

Another essential element of reducing Operational automation capabilities Integrating seamlessly into complexity in a hybrid environment is span diagnosis, remediation, and service processes and in-place by providing a window into the client’s operations. We leverage machine learning IT landscape, so that they have readily to continuously improve our capabilities technology investments accessible views of the health and to automate, diagnosis and restore. The ability to integrate into the client’s existing processes and in- status of their environment and can call Diagnosis capabilities include place technology investments is a key up detailed service and asset lifecycle eliminating noise to reduce the number dependency in reducing complexity, reports on demand. This gives clients of false positives and facilitating improving overall IT operational the self- service ability they require to diagnosis by enriching the incident efficiency, and securing the overall IT improve their IT decision making and information with contextual information. environment. Given the dynamics and access real-time visualization of key Restoration is automated where speed of change required by client performance indicators. feasible. It is invoked for many MACD organizations, service integration Our Manage Center interface provides a changes and to validate the health of capabilities should be made available window into the health and performance IT infrastructure components through through the universal language of of our clients’ IT operating environment proactive testing. We use multiple open APIs (application programming and the self-service capabilities needed sources of data to predict capacity and interfaces), so they can be used by to interact with us. Its award-winning service degradation. This allows us to different workloads, on different kinds design enhances the user experience. take preventative actions, anticipating of infrastructure. This self- service interface provides outages and proactively taking action to management dashboards, along with prevent them. Points of integration should include the following: drill down capabilities that provide a Automation can be used to monitor the real-time, highly transparent view on the end-user experience. An example of this • Integration of status, health and performance of their might be a point of sale system, where processes between the client, the environment at any time. we would test every system remotely managed service provider and The Manage Center enables real- every morning to make sure they are technology vendors. time, self- help services to clients. able to perform a transaction. If there • Event integration to manage and For example, as the client describes a is an issue, the root cause can then be distribute inbound and outbound situation, we can read this information determined, and the appropriate steps events and support third in real-time, and with this visibility and taken to resolve it - sometimes with no party integration. intelligence the system can serve up human interaction necessary. • Allowing for operators to easily appropriate knowledge articles that are Automation at the workload level is enable services for newly onboarded directly related to the situation described, used to spin up a machine, back it up, configuration items. to provide the client with self- help and complete user administration, assistance when they require it. • Invoking automation from any capable making life- cycle management of these platform and capture output. environments more efficient. Employing automation to • Data replication to support accelerate time to value With our Managed Services Platform, a synchronization between master and standardized reference architecture can transactional data. Fast-moving business and the need for be deployed for an entire workload on • Integration with client monitoring tools. rapid deployment of new technology premise, in a private enterprise cloud, necessitates speed. Additionally, given or in a hyper cloud environment like Within our Managed Services Platform, the critical IT skill shortage faced by Amazon or Microsoft Azure. A reference the Service Integration Layer decouples most IT organizations, supplementing in- architecture provides the ability to take workloads from the underlying IT house capabilities is critical in outcome- a client infrastructure function - like operations. The Service Integration based delivery. voice communications - and transform Layer enables all the complex functions common to workloads to be provided as Process automation not only reduces it onto a best practice configuration and a service. When an application requires a cost but improves availability and the infrastructure that is vendor certified, specific function, it leverages the micro- overall quality of service delivery. Manual scalable and standardized, to allow for service that represents that function provisioning and patching processes a high degree of automation in the build eliminating duplication of complex tasks. introduce costly errors, impact availability and configuration. Our Service Integration Layer works and delay implementation. Automation Adopting a reference architecture in conjunction with the infrastructure improves governance, simplifies accelerates delivery and time to value, and workload processes and improves availability. providing a sound basis for governance components to enable automation and Embedded within our Managed Services that simplifies hybrid management integration with client systems, and third- Platform are the automated processes across multiple environments. It can party systems for both service processes and tools that support service level reduce outages, improve administrative and transactional data. management, service activation, incident responsiveness, and improve resilience management, release management, for our clients. vendor management, , and . hello.global.ntt white paper | Outcome-based delivery success criteria for managed services

Demonstrating security and We recommend inspection within the many fail to ask the right security following areas: data privacy in development questions around software development. IEEE Software Magazine reported that and operational management • security practices and standards embedded within the provider’s system although the best commercial software processes and practices development processes companies remove about 95 percent Fundamental to the success of managed • industry certifications and standards of all known defects before releasing services providers and essential in software to the customer, the industry • privacy and data sovereignty practices a client’s selection of a provider are average is less than 85 percent. the management practices used in • privileged access management software, offering development and • vendor management their ongoing service operations, which Although clients inquire and inspect ensure that data is secure and data operational security processes for privacy requirements are maintained. prospective managed service providers,

Build Code DevSecOps (Development Security Operations)

Test Security must be planned and managed at every stage of the software Plan development life cycle to protect sensitive information and ensure that the application is devoid of viruses, trojan horses, logic bombs, worms, Monitor agents, applets, and any other malicious code. Security activities that include static analysis, code review, and architecture design review are Package critical within software security assurance processes. Operate Deploy

These security activities are required to Security certifications - and the use of Questions to be answered by the provider find and eliminate: recognized industry best practices - are should include: Who has access to • web application security risks and other criterion that are used to evaluate what data and when? How and when common security weaknesses and select managed service providers. is personal data protected? What The following certifications and best access control and audit processes are • design and or logic issues practices should be required by deployed? The ability to integrate into • any issues associated with your provider: the clients’ enterprise identity access authentication, credential management, • ISO/IEC 27001 management systems is also key to privacy, logging, and firewalls ensuring consistency of permissions • ISO/IEC 27018 It is also important to ensure that any and assignments. • SSAE-16 third- party products used to deliver a service are secure and are • CSA STAR implemented securely. Managed service providers privacy and Prior to and after deployment, data sovereignty practices are now penetration testing or ‘white hat’ hacking more critical than ever to maintain needs to be employed to find any compliance with regional and national security vulnerabilities that an attacker requirements for protecting personal could exploit. data and abiding by applicable laws that define who has control over and access to cloud-stored data.

hello.global.ntt white paper | Outcome-based delivery success criteria for managed services

Is privileged access management in Offering ongoing innovation It enables us to proactively and place? Privileged access management that is transferred to their cost-effectively manage our clients’ uses a secure repository that requires collaboration, productivity, contact authentication to isolate the use of client base center and cloud workloads, as well privileged accounts (typically admin Clients should require continuous as the programmable platforms, accounts) and reduce the risk of these innovation from their managed service programmable infrastructure and credentials being stolen. provider. Questions regarding the service non-programmable infrastructure development process and approach to Logging and monitoring is maintained that underpin these workloads. It also ongoing development and innovation for these privileged accounts. Operator provides our clients with visibility into should be posed to prospective providers. access to client devices needs to be their operating environments. Our recorded and the recordings available Our approach to development is to create Managed Services, delivered via our to the client. Multifactor authentication an intelligent core and an intelligent Managed Service Platform, allows us to should also be required on all edge. The core is where we build scale support organizations in improving the administration accounts. and functional capabilities that are control of their hybrid IT environments common among all our clients. The and automate key processes. Just as these practices are critical to edge is where we cater for the unique be in place with the managed service Key capabilities of the Managed Services requirements of each client. As unique provider, it is equally important that the Platform are summarized in the functionality is found to benefit many provider’s vendor management process diagram below. clients, we can capture this and integrate use these criterions in their selection The platform: into the intelligent core easily with the of the technology and software they underlying microservices architecture. • Enables the automation of operational deploy as integral components of their tasks to accelerate change and resolve We’ve adopted the Scaled Agile service offering. issues faster. Framework (SAFe) as our development Your provider should be able to methodology – the way we develop our • Provides capabilities needed to simplify demonstrate that they have a mature services and bring them to market. This the management of complex hybrid and information security practice, with process enables us to focus development multi-cloud IT operating environments. broad threat monitoring and established on the right market requirements, control • Seamlessly integrates programmable . A good indicator change, make modifications quickly when platforms, programmable infrastructure, of how a service provider will secure a required, and bring new capabilities to and non-programmable infrastructure. client is how they secure themselves. market quickly. • Supports faster deployment of new With our platform, we support all of technology and workloads. these practices. Additionally, with Overview of NTT’s Managed • Improves service quality improvement our microservices approach we Services Platform through process automation, can decouple authentication from preemptive and proactive support. authorization adding yet another The Managed Services Platform provides security layer. Our user directory the capability to integrate, automate, • Delivers near real-time visualization of microservice can be integrated with manage, and optimize operations in a key performance indicators. our clients’ active directory. Sensitive vendor-independent fashion within a information is always protected using hybrid IT landscape at scale, globally, permissions, encryption, and masking. and consistently to deliver substantiated SLA-based outcomes.

ITIL-aligned automated Self-service insight into the status, health, processes and tools. performance of your environment.

Automated remediation, support for Automation and service assurance operational workload tasks; automating processes and tools enabling remote deployment of optimal reference architecture infrastructure management and proactive for specific workloads and applications. and predictive monitoring. Open API framework enables our Managed Abstraction decouples workloads Services to be tailored to your specific needs. and IT operations from the underlying Supporting integration to your systems and infrastructure delivering common tools and third-party systems. services to enable rapid integration, more automation, and analytics.

hello.global.ntt white paper | Outcome-based delivery success criteria for managed services

Conclusion Automation, tools, and platforms provide Managed service providers can de- risk transformational change and deliver a efficiency, scale, consistency, risk mitigation, more efficient operating environment. To be successful in achieving these uptime, and insight into software, hardware, objectives, the provider should be and systems. IDC believes the increased able to demonstrate their capabilities to: manage a hybrid landscape; use use of automation will be transformative automation to enable efficiency, time to to the way that services will be delivered value and reduce human error; integrate with the client’s IT systems; use and consumed as a result of integrating security practices in both development automation into service delivery as it will and operations; and, deliver ongoing innovation to their clients. impact people and process, and the Our Managed Service Platform that value that enterprises derive from their IT forms the foundation for our services enables these capabilities. investments.’ – Leslie Rosenberg, Research Director, Network Life-Cycle Services Industry analysts indicate that we offer a unique architectural approach IDC, Future of Services Delivery to workload and IT operational task automation by decoupling the workload from the underlying IT operation and developing reusable micro-service capabilities to accelerate time to value in workload deployment. We demonstrate innovation in the use of abstraction, micro-service capabilities, and container technology. Our Managed Services Platform, combined with our experience, differentiates us from our competition.

Disclaimer: The work described in this thought leadership was performed while the company was known as . hello.global.ntt