IT consolidation: a simpler system or a costly trap?

Consolidating IT vendors promises fewer contracts, integrations, and costs. In practice, however, it can turn hundreds of minor operational issues into a single strategic problem: a vendor that’s difficult to leave. Therefore, the true test of simplification is not the number of applications decommissioned, but whether the company retains control over its data, business continuity, and the cost of switching platforms.

11 Min Read
konsolidacja IT zarzadzanie cio

Companies are reducing the number of applications, contracts and suppliers because fragmented IT environments have become difficult to manage. Consolidation can simplify the day-to-day work of IT teams, but it does not eliminate complexity — it often shifts it to contracts, data and dependencies on a single platform.

For businesses, the difference is fundamental. Fewer consoles and invoices may reduce operating costs, but at the same time increase the cost of future technology changes. Therefore, the success of consolidation should not be measured by the number of applications decommissioned, but by whether the company retains the ability to replace a supplier without disrupting operations.

Companies have good reason to simplify their environments

The average large organisation today uses hundreds of SaaS applications. Each one involves a separate procurement process, authorisation system, integration, security policy and licence renewal date. The cost of such an environment is not limited to the invoices issued by vendors. It also includes the time spent by IT, procurement, finance and cybersecurity teams.

Consolidation therefore addresses a real problem. A shared platform can reduce the number of integrations, standardise identity management and improve visibility of events. Instead of analysing an incident across several systems, a company can use a single dataset and a single permissions model.

The greatest benefits arise in standard areas that do not contribute to a competitive advantage. Basic communication, device management and certain security functions can operate more efficiently when they utilise shared administrative mechanisms.

This does not, however, mean that every function should be integrated into a single platform. A solution that works well for email and devices may not be the best place for critical data, sales processes or AI models. Simplifying the environment only makes sense if a company knows which functions it can standardise and which should remain independent.

The market is consolidating not only products, but also control

The largest IT manufacturers are building ever-broader platforms. Cisco has merged its networking and security offerings with Splunk, Broadcom has acquired VMware, and cloud providers are expanding their services to include cybersecurity, data analytics, developer tools and artificial intelligence.

From the customer’s perspective, this means the ability to purchase a larger part of their environment through a single relationship. From the manufacturer’s perspective, it means control over successive layers of the customer’s operations: infrastructure, data, identity, telemetry and automation.

This shift has practical implications. The more components operating within a single ecosystem, the more difficult it is to replace an individual product. Migrating an identity system affects all related applications. Changing the data platform requires a re-engineering of reporting and automation. Moving applications to a different cloud may mean changing security tools, operational processes and staff skills.

The customer therefore gains simpler operation but loses some freedom. This interdependence no longer applies solely to licences. It encompasses system design, data structure, team training and security procedures.

This is why the number of suppliers is becoming an increasingly less useful indicator of complexity. A company may work with a single provider yet remain dependent on dozens of its services. What matters more is whether individual components can be replaced without having to overhaul the entire environment.

A discount on a package may be the start of a more costly relationship

Consolidation often begins with an attractive offer. The supplier bundles several products into a single package, simplifies the contract and offers a discount for discontinuing the use of competing tools. In the first year, the calculation may seem straightforward: fewer licences, fewer integrations and lower administrative costs.

However, the economics change after migration. Once data, processes and users have been moved into a single ecosystem, the scope for negotiating terms diminishes. The supplier knows that switching platforms requires time, new skills and operational risk.

At that point, the price is no longer simply a result of competition. The customer may be forced to accept new licensing terms, broader packages or additional charges for AI features, data processing and infrastructure usage.

Changes to VMware’s offering following its acquisition by Broadcom illustrate this mechanism well. Simplifying the portfolio may be beneficial for the vendor, but for the customer it may mean having to purchase a larger set of features than they actually need.

Management should therefore look beyond the savings in the initial contract period. More important are the costs of subsequent renewals, anticipated price increases and the cost of exiting the platform. A cheap initial contract can lead to costly dependency if the company does not retain a viable alternative.

Multi-cloud can provide a false sense of security

Many organisations try to limit their dependence by using several clouds. However, the mere presence of a second provider does not mean that the company is prepared for a failure or the need to migrate.

An analysis of the UK cloud market has shown that even customers using several platforms still concentrate the majority of their spending with a single main provider. The second cloud often supports individual applications, testing or less critical processes.

This has limited value in terms of business continuity. If core data, applications and capabilities remain on a single platform, an alternative provider cannot quickly take over operations.

The true test of diversification is therefore not the number of supplier logos on a presentation. It is the answer to the question of whether a key process can be run in a different environment within a timeframe acceptable to the business.

If the migration were to take several months, the company would have no operational alternative. It would merely have a second supplier.

Fewer tools can mean a wider scope of failure

Consolidation can improve security. Shared telemetry data makes it easier to detect incidents, whilst uniform policies reduce the number of configuration errors. The security team does not have to piece together a threat picture from multiple unconnected systems.

At the same time, a platform managing email, identities, devices and data becomes a major single point of failure. An update error, a compromise of an administrative account or a problem with the supplier could affect a significant part of the organisation.

IBM data shows that incidents involving providers and the supply chain are among the most costly and difficult to manage. For senior management, this means that an analysis of consolidation cannot be limited to the probability of an event occurring. It must also take into account the potential scope of its consequences.

Not all redundancy is therefore inefficiency. An independent copy of data, an alternative authentication method or a second supplier in a critical process may increase costs, but can limit losses should the primary platform fail.

The contract has become part of the architecture

The Data Act and DORA demonstrate that dependence on suppliers is no longer solely a procurement issue. The Data Act is designed to facilitate a switch between data processing service providers, whilst DORA requires the financial sector to assess the concentration of ICT services and put in place appropriate contractual safeguards.

Regulations may reduce some barriers, but they will not eliminate the most significant migration costs. The ability to download data does not mean that applications will automatically start working in a different environment. Exporting data is no substitute for integration, expertise and testing.

Therefore, exit terms must be designed before the contract is signed. The contract should specify the data export format, the scope of migration support, pricing rules, notice periods for service withdrawal, and the obligations of subcontractors.

The contract is no longer merely an add-on to the architecture, but influences the resilience and flexibility of the environment just as much as technical decisions.

Consolidation needs boundaries

The best approach is neither to maintain hundreds of tools nor to hand over the entire environment to a single platform. A company should consolidate standard functions, but retain independence where technology controls critical data, processes and the organisation’s ability to operate.

The CIO should not only measure the number of suppliers and the value of discounts. They also need information on migration times, exit costs, a single vendor’s share of critical processes, and the availability of alternative expertise.

The board, for its part, should treat supplier concentration in the same way as other business risks. Before approving a major platform contract, it is worth checking what would happen in the event of a prolonged outage, a breach of the supplier’s systems or a sudden change to the licensing model.

If a company is unable to address these scenarios, it does not know the full cost of consolidation. It only sees the savings set out in the contract.

It is worth consolidating tools, but not control over data, business continuity and the ability to change suppliers.

Share This Article