Facilitator: Dr. Tushar K. Hazra Speakers: Marc Crudgington, Nikita Reva,
& Michael Bennett
The Business of Cloud Computing 2012:From Transformation to SustainabilityMay 21 – 22, 2012
THE BUSINESS CLOUD WORKSHOP: A Roadmap to The What, Why and How
AgendaAn Overview
Workshop Topic and FormatIntroduction of SpeakersUnderstanding Attendee Interests
Part I: IntroductionSetting the Stage for the Workshop
Part II: Cloud Computing as EnablerMaking Cloud Work for You
Part III: Cloud Decisions for Your EnterpriseBuilding on Clouds – what You Should or Must Consider
Part IV: Roundtable DiscussionsSharing Thoughts, Observations, and Lessons Learned
2
An OverviewWorkshop Topic and Format
Foundation to PracticeDifferent PerspectivesSharing Knowledge and Experience
Introduction of SpeakersTushar K. HazraMarc CrudgingtonNikita RevaMichael Bennett
Understanding Attendee Interests
3
Part I: Introduction
4
Setting the StageFoundationDefinitions
What, How, and WhyPublic, Private, Community, and Hybrid
Benefits and LimitationsKey Areas for You to Consider
Cloud ArchitectureCloud StrategyCloud Architecture GovernanceCloud Security
Business of The Cloud – Few QuestionsAre You Using Cloud Computing?
If Yes, Why?If Not, Why Not?
What Type of Cloud are You Using?Public, Private, Community or Hybrid
What has been your experience like so far?What are some of the lessons you have learned?
5
Business of The Cloud – FoundationFundamentals & Recapitulation
What is Cloud Computing?Shift in Computing Paradigms
Components of Cloud ComputingLayered ArchitectureService Models
Cloud Architecture for EnterpriseCloud StrategyCloud Architecture Governance
6
Fundamentals• What is Cloud Computing?
As NIST defines – “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
7
FundamentalsWhat is Cloud Computing?Five Key Characteristics
On-demand self serviceUbiquitous network accessLocation-independent resource poolingRapid elasticityPay per use
8
Fundamentals• What is Cloud Computing?
9
Application
Platform Architecture
Virtualized Infrastructure
Hardware
Facility
Consumer
SaaS
PaaS
IaaS
Co L
o
Provider
SaaSPa
aSIaaSCo
Lo
Adapted from NIST Model
FundamentalsWhat Cloud Computing is NOT…
Cloud computing is NOT an alternative to your internal IT• Don’t forget to manage your key IT resources
Cloud computing is NOT another form of outsourcing• SLAs with your cloud providers require clear and
transparent oversight
Cloud computing is NOT same as Web services• Cloud computing and SOA has a relationship
10
Recapitulation – Shift in Computing Paradigms
11
Mainframe Computing
PCComputing
NetworkComputing
Internet Computing
Grid Computing
CloudComputing
Six Computing Paradigms
Recapitulation – Six Computing Paradigms
12
• Evolution
1. Mainframe Computing
User Terminal Mainframe
User PC
2. PC Computing
User PCServer
Server3. Network Computing
Recapitulation – Six Computing Paradigms
13
• Evolution (Continued)
User PC
Server
Server
4. Internet Computing
Internet
User PC
5. Grid Computing Grid
User PC
6. Cloud ComputingCloud
Components of Cloud Computing
14
A Big Picture View…
Components of Cloud Computing
15
• Layers and Service ModelsApplication
SaaS
PlatformPaaS
InfrastructureIaaS
Virtualization
Servers & StoragedSaaS
Development Resources – development platform, software components, design tools, compilers, testing suites
Application Resources – typically delivered over the platform of the Web – application components at enterprise level
Infrastructure Resources – servers, disks, machines, CPU – also network, routers and switches
Cloud Computing for Enterprise
16
Common Types of CloudsPublic – Cloud infrastructure is owned by one provider
Providing services to large industry group or public
Private – Cloud infrastructure is owned or leased by one organization
Services are consumed by the same organization
Hybrid – Cloud infrastructure is combination of two or more cloudsCommunity – cloud infrastructure is shared by several organizations with shared concerns such as mission, security requirements, policy and compliance considerations
Cloud Architecture for Enterprise
17
Best Practices to Follow before Considering Cloud Computing for Your Enterprise
Assess the business situation firstUnderstand and never underestimate the risksConsider safety measures in the use of cloud computingRecognize the connection of cloud computing with other Web technologies
Cloud Architecture for Enterprise
18
Enterprise Architecture Measurement & Maturity
BusinessStrategy
ITStrategy
BusinessArchitecture
ITArchitecture
EnterpriseArchitecture
EnterpriseStrategy
Information(Data)
Architecture
TechnologyArchitecture
(Infrastructure)
Application(SOA)
Architecture
drives
drives
influences
influencesguid
es
ArchitectureDomains
Operations/Execution
BusinessPortfolio
Transition &Operations
Support
ProgramManagement
BusinessDrivers
Enterprise Architecture Governance
Focus Shifts From Strategy Formulation to Solution Deployment
Business Value
Delivery
supports
Create Cloud Value Proposition
Formulate Cloud Strategy
Supports
Facilitate Cloud Planning
Support Cloud
Deployment
Strategic Planning Solution Delivery
Cloud Architecture for Enterprise
19
Steps to Offer Architectural Support to Your Enterprise for Cloud Computing
Create Cloud Value Proposition – work closely with business organizations to make a business caseFormulate Cloud Strategy – recognize the scope, limitations, benefits and risks associated with potential cloudsFacilitate Cloud Planning – ready business and IT organizations to embrace cloud computing – prepare a roadmap for cloud transitionSupport Cloud Deployment – identify, evaluate and select right cloud provider(s)
Cloud Computing for Enterprise
20
BenefitsCostOptimal Network UsageInnovativeExpandabilitySpeed to implementation or deploymentGood for environment
LimitationsSecurity concernsControl delegationReturn on investment on existing IT assetsOpennessComplianceService level agreements
21
BREAK
Part II: Cloud Computing as Enabler
22
Making Cloud Work for YouInnovation and Cloud
When Can an Enterprise Leverage them?What are the Risks, Issues, and Concerns?
Cloud and Mobile Computing – The ConnectionWhat Effect They May Have on Each OtherWhat you must be aware of?
Cloud, Big Data and the EnterpriseWhat are the key challengesWhat works and what doesn’t??
Part II: Cloud Computing as Enabler
23
Innovation and Cloud: When Can an Enterprise Leverage them?
New Business Enablement (division, acquisition, spin-off)Transitioning Applications (new implementation, changing vendors, new version)Company Culture Shift (legacy mindset to cutting edge)Small Business/Start-upThe Business Demands Cloud (internal/client)IT Fails To Meet Needs
MC
Part II: Cloud Computing as Enabler
24
• Innovation and Cloud – What are the Risks, Issues, and Concerns?
Unmet financial objectives (think short-term and long-term)Lack of Service Orientation (processes, interfaces, applications)Legal, Contractual, Compliance (force majeure, privacy, regs.)Cultural Fit (within IT, within the enterprise, customer/clients)Provider Quality (not meeting SLA’s, bandwidth, existence)Security (not insecure just adapt to cloud, internal concerns)
There is no such thing as AaaS (Accountability as a Service)
MC
Cloud and Mobile Computing – The Connection
25
What effect they have on each otherCloud enables delivery of very rich applications to a mobile workforce. (expansion of capabilities). Mobile devices enable ubiquitous connectivity to these capabilities. Any device, Any time, Any where.Introduces new risks of data loss and threats. Increased threat of IP theft.The consumerization trend had added BYOD to the mix.Connect personal devices to company clouds.Segregate personal and company data on mobile devices.
NR
Cloud and Mobile Computing – The Connection
26
What you must be aware ofYour cloud can walk away in your former employees pocketCannot avoid this disruptive trend.Employees are trying to access corporate systems and cloud from their mobile devices. Security and compliance requirements apply to mobile devices.Must assess the risk and devise a strategy.Strike a balance between security and productivity
NR
Part II: Cloud Computing as Enabler
27
Cloud, Big Data and the Enterprise: What are the key challenges?
Volume, velocity, variety, valueData growth (over 2220 petabytes/day, 1 petabyte = 1000 terabytes, 1 terabyte = 1000 gigabytes)Technical Talent (data architects, data scientists)Business value (transferring data to ROI, revenue, profit)Focus regarding current issues
MC
Part II: Cloud Computing as Enabler
28
Cloud, Big Data and the Enterprise – What works and what doesn’t
Plan for all dimensions of data (strategic value, future needs, operational effectiveness, regulations, redundant data, ROI Data patterns for better decision makingBig Data to specific business goalsCreate a Center of Excellence (knowledge transfer)Plan for PerformanceUtilize governance to overcome lack of skillsCloud: DaaS (try before buy, lead with data not apps, internal, quality focus, training, measure results
MC
Business of The Cloud – Questions for Attendees
29
Innovation and Cloud What are some ways your Enterprise has utilized cloud?Have you experienced the business going around IT to implement cloud solutions?Has anyone had an issue with a vendor that caused the relationship to end or was a major disruption?Are there risks/concerns not mentioned or what do you view as the greatest risk/concern? Why?
MC
30
BREAK
Part III: Cloud Decisions for Your Enterprise
31
Building on Clouds: What You Should or Must Consider Business and IT AlignmentThe Role of a CIO• Responsibilities and Accountabilities• An Action Plan – What, How, When, Why
Building a Right Team• Who is on Your Team?• Who Should be on the Table? And, Why?
Law and Order in CloudsWhat Goes in Cloud SLA?What is Cloud Governance? Who is in it???
Building on Clouds
32
What You Should or Must Consider in Business and IT Alignment
Variable vs. fixed (flexible, deliver value, development)Time-to-Benefit reduced (user base, IT responsive) Refocus IT resources (technologists/operators to strategist/architects) Information assets vs. hardware assets– Data management (contents, business rules, processes,
quality)
IT Center of Excellence– ROI focus, project management, business partner, imbed IT
MC
Building on Clouds
33
The Role of a CIOResponsibilities and Accountabilities
Business acumen (change agent, value delivery, partner)Technologist to Strategist (articulate value, identify needs, revenue streams, Chief Risk Officer)IT operations (manage staff, reallocate/retrain, relationships)Business (educator, business optimizer, governance)
MC
Part III: Cloud Decisions for Your Enterprise
34
Building on Clouds: An Action Plan – What, How, When, Why
Vision (benefits, how it will transpire, end goal)Link to Business (operational value, cost savings, segment vision into action items)Portfolio Analysis (cloud ready, cloud future, not cloud, benefits for each)Materialize Strategy (how it will enable business, value delivery, why or why not cloud)Road Map Creation (financial analysis, technology change, IT personnel assessment, types of cloud/s, vendor, meet goals)
MC
Part III: Cloud Decisions for Your Enterprise
35
Building on Clouds: An Action Plan – What, How, When, Why (Continued)
Contingency Plan (plan for change, plan for resistance, plan for roadblocks, plan for failure)Execute Plan (IT staff changes, IT/business interaction, vendor management, start simple/small)Training (end user training, vendor/IT relationship building, executive briefings)Metrics (progress of implementation, value achieved, cost savings, stakeholder value) Re-assess (to improve, to avoid, what was missed)
MC
Part III: Cloud Decisions for Your Enterprise
36
Building the right teamWho is on your team? Who should be at the table?Avoid redundant solutions and ‘Cloud Creep’. – Business
• Key business stakeholders.
– IT• Account Management-Face of IT to the business• Commercial-Vendor mgmt• Legal-Contractual agreements• Executive Steering Body-Risk council• Senior Mgmt-Leadership• Enterprise Architecture-Solution Feasibility and Integration• Security Specialists-Assess Security
Engage others as necessaryNR
Part III: Cloud Decisions for Your Enterprise
37
Building the right processWhat should be the process?Establish gates to assess Cloud
GOVERNANCE GATE
Top 3 Boxes Green
FEASIBILITY GATENone of 12 Boxes Red
PROJECT CLOSE GATE
All 12 Boxes Green
Sponsorship Benefits Case Business StrategyFunctionality Usability and Access Solution MaturityScalability/Flexibilty Support and
StandardizationInteroperability
Security and Compliance
Information Management
Performance
NR
Part III: Cloud Decisions for Your Enterprise
38
Security in the CloudWhy traditional security does not work?• Traditional Information Security focuses on protecting
your moat.• The cloud is not a moat. The cloud is ubiquitous.
How to define a strategy for assessing Cloud.• Avoid the rain. Build a strategic Cloud Assessment
Program.• Do not reinvent the wheel. Leverage industry
recognized Guidance.
Industry Best Practices Enterprise Gap Analysis
Strategic Cloud Assessment Program
NR
Business of The Cloud – Questions for Attendees
39
• Building on Clouds: What You Should or Must Consider
• Has your business experience better alignment through cloud implementation?
• How have you seen the role of the CIO/IT change since adapting cloud strategies?
• What are some best practices you can share for adopting cloud?
• Building the right team • Have you found it challenging to define a strategy?• Once you have defined a strategy, have you found it challenging
to engage the right people?• Do you feel your organization has a mature understanding of
the cloud?
Business of The Cloud – Questions for Attendees
40
• Building the right process• Do you have a process for assessing cloud solutions, if so
what does it look like?• What are some of the best practices you can share?
• Security in the Cloud• What are you biggest concerns with Cloud Security?• How does your organization assess Cloud Security?• Some organizations feel the cost and efficiency savings
outweigh security concerns. What is your stance?• Do you implicitly trust the big players (Google,
Microsoft)?
Law and Order in Clouds
Transparency– Geographic Concerns– Processes– Data Security
Practices
41
Data Security–Audit Rights–Confirmation
MB
Law and Order in the Cloud: Security
HIPAAHITECH ActGLBFederal Financial Institutions Examination Council RegulationsPIPEDASOX
FTCStored Communications ActElectronic Communications Privacy ActPCI
42MB
Law and Order in the Cloud: SLAsUptime
“Planned” vs. “Emergency” DowntimeReporting Measurement ToolsRemedy vs. Focusing ToolReporting PeriodTiming of MaintenancePersistent DowntimeDisastrous Downtime
Other SLAsBreak/FixHelpdeskBPO - ResponsivenessProcessingDisaster Recovery
What Happens After SLA Triggered?
43MB
Law and Order in the CloudWarranties
Functionality/Lack of DescriptionChanging FunctionalityServicesNo Price Guarantees
DisclaimersLimitations of LiabilityIndemnitySubpoenas, Litigation Holds, Legal Process
44MB
Law and Order in the Cloud
External GovernanceReturn of DataSuspensionLeverageMulti-tenancyPublic/Private HybridPublic Sources of Information
Internal GovernanceUnderstand DataBackup/DR PlansBreach Notification PlanTransition PlanPrivacy Pre-AuditData MapCreate Awareness
45MB
Governance, Does it Exist?
46
BREAK
Part IV: Roundtable Discussions
47
• Sharing Thoughts, Observations, and Lessons Learned– Suggested Topics
Part IV: Roundtable Discussions
48
• Managing Cloud Computing at Your Enterprise– What is the due diligence process for evaluating
cloud providers?• Independent Evaluation• Internal Assessment• Incorporation of Industry best practice
– What & how Cloud Service is being Managed?• Recognition of cloud management capabilities• Consistency of the management with target
usage and users
Part IV: Roundtable Discussions
49
• Managing Cloud Computing at Your Enterprise – Few other areas of discussion– How are heterogeneous systems supported?– How are availability commitments ensured?– How is system integration enabled?– What is integrated within services management?– How is regulatory compliance accommodated?– How is security management implemented?
50
Thank you for your time!!
Tushar K. Hazra, PhDChief Technology Offi cer & [email protected] . (443)540-2230
Marc [email protected]. (832)592-3854Nikita RevaNikita.Reva@eff em.comTel. (312)391-8825Michael BennettMbennett @edwardswildman.comTel. (312)201-2679
Top Related