Beruflich Dokumente
Kultur Dokumente
0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 0 1 0 1 0 1 0 0 0 1 0 0 1 1 1 0 1 0 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 1 1 0 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 0 1 0 0 1 1 0 0 0 1 1 0 0 1 0 1 0 0 1 0 0 1 0 0 0 1 1 0 1 0 1 This white paper was made possible by SAP, a leader in the cloud.
Use of the cloud in our industry is an exception rather than the norm. I think a lot of companies in more traditional, mature industries like ours are missing out on a lot of opportunities to take advantage of what the cloud has to offer. I would encourage these companies to be open-minded and progressive and look at alternatives to traditional, client-server, on-premise systems. CEO, manufacturing company
Understanding the clouds power and potential is certainly important; but getting mentally ready to take the plunge can be a stumbling block. The underlying reasonsperceived or realare many: Fear of the unknown Fear of loss of control Fear of job loss Risk aversion Lack of tolerance for change Machiavelli said this about change more than 500 years ago:
There is nothing more difficult to take in hand, more perilous to conduct, or more uncertain in its success, than to take the lead in the introduction of a new order of things.
A companys top management should drive change in order to ultimately generate value for customers and shareholders. Transforming a companys business using cloud solutions is not just about technology adoption and implementation. It also involves broader business and operational changes in several areas including governance, budgeting, contracting, regulatory compliance, polices, people, and processes. Therefore, management needs to educate and convincingly explain to everyone in the company who will be impacted by the change what the company is doing and why the new approaches bring value to the company. Success in getting to the cloud depends on adapting to change.
Operational excellence: Investigate how cloud solutions can lead to improved availability, reliability, and lower total cost of ownership (TCO), facilitating investing the savings back into the business.
I have never established a cloud computing strategy or issued a mandate that everything needs to go off premise or move to some type of hosted model. The driver behind it is a business need and was defined and executed by line-of-business stakeholders. CIO, healthcare company
Like any other emerging technology, the fundamental decision to embrace cloud computing comes down to figuring out how the investment in the cloud will yield positive returns to the business at an acceptable risk level. If the company uses a public cloud for solving specific business problems, it also becomes an outsourcing decisionone where the company also looks for value in solutions that are less expensive, safer, and better than what it can create by itself. In the past few years, public cloud solutions have improved, becoming more robust and also more compelling in quality, stability, and overall cost-tobenefit ratio. Many commodity services (e-mail, backup, archival, collaboration, etc.) are now available as public cloud services. Commodity services now available in the cloud also include the following standard business processes: Customer relationship management (CRM) Expense management Accounting HR management Manufacturing, wholesale, and professional services components ERP (which is especially beneficial for fast-growth companies) For each business problem a company seeks to solve, it needs to look at a cloud solution and compare it with alternative solutions from both return on investment (ROI) and TCO perspectives.
Business goals and rewards Perceived or real risks Level of risk tolerance Value and sensitivity of information assets and data Regulatory concerns Sand Hills survey of IT executives found large enterprises were more concerned about data privacy, security, and governance issues than smaller companies (see Exhibit 1). Most of the small and midsize SME IT leaders were emphatic that a cloud vendors security processes must be superior to any that their own company could provide. The reason: small companies cost structures are such that they cannot afford to build secure infrastructures that match those of large enterprises or the leading cloud vendors.
Data privacy Governance (e.g., policies for control, security, monitoring and services) Developers/corporate culture Lack of practical experience with cloud computing Migration/interoperability Lack of standards Regulation Lack of development and monitoring of service-level agreements (SLAs) No barriers Dont know
Source: Sand Hill Group Cloud Computing Survey 2010
Large enterprises refer to companies with $20 billion or more in revenue. Small and midsize Enterprises includes companies with less than $500 million in revenue.
Among many examples of surveyed business executives from SME companies who were pleased with the security of their cloud vendors is the following statement from a SME manufacturing company executive:
We have been using SaaS applications for more than nine years, and we havent had a security breach so far. At the end of the day, we are very vigilant about security, including strong passwords and frequent password updates; and we audit usage patterns of our users to monitor for any untoward behavior. CEO, manufacturing company
However, vendors could fail, as was the case with Amazons high-profile failure in April 2011, which resulted from a configuration error. What would happen to a customers data in that case? Would the provider return the data, or would it be lost forever? The good news is that companies that properly understood their cloud vendors offering made sure they included data backups and redundancies in their applications. They also conducted due diligence to ensure they properly understood the vendors offerings, service level agreements (SLAs), and architecture. Such companies remained unscathed and ran their operations without any interruption during the Amazon outage. Many vendors are getting certified to security standards such as SAS 70. Even if a vendor is certified, the most important question to ask is: does the certification meet your specific security requirements? As one surveyed executive stated:
You should really ask for a security review, especially if you are a big company dealing with a smaller company and the risk to you is greater than the risk to them in case of a security breach. On the other hand, if you are a small or medium-sized business, your risk is much lower if you are dealing with a well-established large cloud vendor such as SAP , Salesforce, Amazon, or Microsoft, that is betting their business on their cloud services. Principal consultant, leading security firm
This analysis not only provides a snapshot of the companys current state of IT but also delivers crucial information to help fine-tune its business case based on the new architecture. Without doubt, the cloud deployment options in the architecture will drive down cost inefficiencies and improve agility and scalability, among other benefits. Analyzing an existing IT portfolio in this manner typically takes no longer than four to six weeks in a midsized company.
create significant business value. As a next step, they then select the lessvaluable and more risky systems that are still worth moving, and place them at the back end of the roadmap. Another consideration is to review the project portfolio and identify new and innovative revenue-generating projects that will benefit from a faster time-to-market advantage using cloud technologies. For each of the identified applications, companies need to evaluate the vendor capabilities and the risks associated with the security, data privacy, and governance with each vendor. Compare different cloud provider offerings. They also need to evaluate the offering of cloud vendors to ensure that it meets the security, scalability, reliability, and privacy needs of the enterprise and meets established security and compliance (SAS 70, FISMA, ISO/ IEC 27001, PCI, and HIPAA) standards. This evaluation includes: Review the vendors SLA provisions based on the companys specific business risks, risks that typically may not be covered in standard SLAs. Identify changes required in the vendors data compliance and security procedures (if any) to adapt to the companys risk, compliance, and business metrics. Identify interoperability, lock-in, and compatibilities issues and determine workarounds as applicable. Carry out a hands-on product and technology validation and evaluation against the above criteria. Assess the companys financial stability and longevity. Evaluate the companys commitment to innovating with its customers. Obtain examples of customers successes.
Conclusion
Transitioning to the cloud is similar to a major change initiative and needs top management support, clear vision, and careful planning. The eight steps presented here are sequenced in a logical order designed to yield maximum value. Typically, the more detailed activities of later steps provide additional information that helps companies fine-tune and refine the results of previous steps. In this sense, this is an iterative and cyclical process that companies can apply throughout the IT life cycle.
APPENDIX A
Overview of Sand Hill 2011 Cloud Survey
During January-February 2011, Sand Hill Group conducted a research study to gauge software vendors cloud outlook for the coming year and beyond. The study utilized an online survey to gather executives impressions on the direction of the cloud market, their cloud strategies, and customer readiness for adoption. A total of 100 software CEOs and senior executives responded to the 24-question survey and provided insight about their cloud revenues today and next year, customer attitudes and readiness, and which products and services are gaining traction. Thirty-two percent of the respondents identified themselves with titles of CEO/Presidents, and another 32 percent identified as Vice Presidents of sales/marketing/services. The study also identified the long-term trends including which layers of the cloud stack will take hold in the next three to five years. In addition, researchers conducted in-depth telephone interviews with some executives to gain more insight. Participants in the initial survey as well as the followup interviews were guaranteed that their identities would remain confidential in order to protect the strategic nature of the corporate information provided. A broad cross-section of software companies participated in the survey. Nearly three-quarters of the respondents were from product companies. The executives represented primarily midsize and small companies. Thirtyseven percent were from companies with less than $10 million in revenues, and 28 percent have revenue of at least $10 million but less than $250 million. About 18 percent of the respondents were companies with greater than $1 billion in revenues. The findings of this study are intended to give software companies directional insight as they make business decisions. Although efforts were taken to survey a wide variety of software companies, the study is not necessarily a representative sample of U.S. software companies.
APPENDIX B
Overview of Sand Hill 2010 Cloud Research Study
In 2010, Sand Hill Group released a landmark research study identifying the business value realized by companies deploying cloud-computing initiatives today. A two-phase interview study design uncovered both the in-depth insight of specific customers and vendor experiences, and a quantitative market survey provided a snapshot of cloud initiatives and priorities at a variety of companies. The interviews and survey questioned respondents about their current cloud initiatives, current and planned use of specific cloud models, business benefits, organizational and technical challenges, and details of specific use cases.
In-depth Interviews
In order to gain an understanding of the cloud experience at a variety of types of companies, Sand Hill conducted a total of 40 one-hour, in-depth interviews. Twenty-two interviews involved CIOs, VPs of IT, systems architects, and technology directors at small, midsize, and large companies. This group of executives represented a variety of industries, including insurance and finance, energy, telecom, manufacturing, healthcare, media, and technology. To gain insight from leading software vendors, Sand Hill conducted eight interviews with executive-level individuals who were responsible for cloud strategy and products within their organizations. Again, a mixture of representatives from large and small software companies was included.
Quantitative Survey
As part of the study, Sand Hill Group conducted two Web-based quantitative surveys in collaboration with McKinsey & Co. and Tech-Web. These surveys received a total of 511 qualified responses. Most respondents were CEOs, CIOs, or other senior IT executives at their companies, which ranged in size from small businesses to global corporations. The combination of qualitative interviews and quantitative surveys present first-hand accounts on the current state of cloud computing initiatives from an impressive cross-section of enterprises. However, the results may not be reliably projectable across the universe of American businesses. Therefore, the findings and implications in this report are intended to provide directional guidance during product development.
10
11