SaaS: Who needs release management?

Google shows us the importance of release management:

Google Docs users are having trouble printing, exporting, and importing files, following a recent update to the alleged Microsoft killer.

As reported by the IDG News Service, a Google employee has acknowledged the problems with a pair of posts to the company’s Google Docs Help discussion forum. “We’re currently looking into this issue,” said a Google person identifying herself only as Marie. “Thanks a lot for your patience. I’ll be providing any relevant updates.”

…

Google acknowledged problems with a suite a day after it battled serious delays in the delivery of business email on its Postini message security and anti-spam system, and over the past several months, Google has taken more than a little heat over outages on its Gmail and News services. ®

What businesses are slowly finding is that giving up control over updates and patches isn’t necessarily a good thing.

While SaaS/cloud computing/outsourcing allows businesses to leverage economies of scale, it leads to problems when the vendor’s objectives don’t necessarily align with the customer’s. In this case, an unannounced patch broke the service for a number of businesses.

Software deployment is a difficult thing to manage. IT departments are constantly faced with this problem whether they’re working on server-side or client-side software. But regardless of what’s being deployed, most organizations with heavy investments in IT infrastructure go through great pains to ensure that new rollouts align with business objectives. On the client side, this means that new versions of the software are tested, heavily QAed, and documented before anything is pushed into production. Desktop support should be familiar with the new version of the software, especially when major interface changes occur (a la Office 2003 to 2007). On the server side, it means rigidly enforcing change control practices so that, for example, no email system maintenance occurs on the day that executives are closing a big deal with a major business partner.

Outsourcing critical infrastructure services and applications may gain you the ability to offload your IT support to people who focus on a single core competency, a single set of applications. Theoretically, this should increase your availability, as people specialize in making this one system work as smoothly as possible. This allows amateur maintenance mistakes to be avoided, and the technical staff end up possessing a much greater understanding of the platform they support.

The cloud availability argument is a fallacy because not all availability is equal. Some periods are more important than others. It’s why IT systems have maintenance windows. When you know something especially important is happening from a business perspective, you don’t roll out new changes.

When switching to the cloud, you lose all of your release management capability. It’s the vendor’s responsibility to bring your IT staff up to speed on changes being made to a product so they can be prepared and ready. It’s the vendor’s responsibility to ensure that your services are not touched during periods of peak or critical usage. When possible, it’s the vendor’s responsibility to allow you to push out changes incrementally to groups of users. It’s the vendor’s responsibility to let you back out of an upgrade if something is wrong, no questions asked, and preferably without any manual intervention required.

The vendors all suck at this. They all know how to run a platform. They don’t know how to run someone else’s business, a business that uses technology as a tool instead of a core competency. And from the looks of cloud computing at the end of the year 2009, they don’t care.

Hopefully 2010 looks better. I’ll trust this cloud computing thing a lot more when they start treating businesses like businesses.