Beruflich Dokumente
Kultur Dokumente
Elements of an Effective
Enterprise Cloud Computing Strategy
Guy B. Sereff
16 July 2014
About The Presenter
Guy B. Sereff
• Author, Speaker and Technology Practitioner
• Vice President / Enterprise Architecture
• Technology Industry Experience
• Application Research & Development (12 years)
• Large-Scale Technology Management (8 years)
• Global Enterprise Architecture (8 years)
• Enterprise Architecture Domain Experience
• Business Architecture
• Information Architecture
• Application Architecture
• Solution Architecture
• Architecture Governance http://www.linkedin.com/in/guysereff
• Pragmatic Blend of Strategy and Tactical Execution
16 July 2014 2
Agenda
Cloud Computing Concepts and Characteristics
• Definitions
• Conceptual Cloud Computing Reference Model Social
• Common Characteristics
• Cloud Service Models
• Cloud Deployment Models
16 July 2014 3
Cloud Computing Defined
Common Themes Merriam-Webster Gartner
Cloud Computing: the practice of Gartner defines Cloud Computing
• A pool of compute, network and storage storing regularly used computer as a style of computing in which
resources and services that are made available data on multiple servers that can scalable and elastic IT-enabled
by one party for consumption by another party be accessed through the Internet. capabilities are delivered as a
First known use of the term Cloud service using Internet
• Elastic scalability is provided and driven by Computing: 1996. technologies.
consumptive demand U.S. NIST Forrester
Cloud Computing is a model for Cloud Computing: A standardized
• Rapid resource provisioning and release
enabling ubiquitous, convenient, IT capability (services, software,
capabilities are required on-demand network access to a or infrastructure) delivered via
shared pool of configurable Internet technologies in a pay-
• Resources are made available through a computing resources (e.g., per-use, self-service way.
network-based service, typically in a networks, servers, storage,
provider/subscriber model over an internet-like applications, and services) that
communication channel can be rapidly provisioned and
released with minimal
management effort or service
provider interaction.
16 July 2014 4
NIST Cloud Computing Conceptual Reference Model
Provides cloud services to Cloud Consumers, either as a third-
party service provider or as an internal service organization
Acquires and consumes cloud
services from a Cloud
(Service) Provider through
some form of a business or
professional relationship
Manages the
relationship between
Cloud Providers and
Cloud Consumers,
focusing on service
intermediation,
Conducts independent aggregation and
assessments of the Cloud arbitrage
Computing ecosystem on
behalf of all parties to
validate that committed
performance, security
and privacy service levels
are being met
Intermediary communications
provider between the
participating cloud parties
16 July 2014 5
Three Pillars of Cloud Computing
16 July 2014 6
Common Characteristics
On-Demand • The ability of a Cloud Service Consumer to request services from the Cloud Service Provider as needed
Self-Service without requiring the participation of an intermediary party
Broad Network • The ability of a Cloud Service Consumer to reach the Cloud Computing resources of a Cloud Service
Access Provider through widely available network solutions based on Internet connectivity
• The ability of a Cloud Service Provider to support the processing needs of multiple Cloud Service
Resource Pooling Consumers across the provider’s collection of physical computing, storage and network resources
• The ability of a Cloud Service Provider to quickly scale Cloud Computing resources up or down to meet
Rapid Elasticity Cloud Service Consumers’ capacity demands with minimal latency and negligible manual intervention
• The ability of a Cloud Service Provider to maintain and produce accurate metrics regarding Cloud Service
Measured Service Consumer capacity utilization for the purpose of environmental control, resource optimization and billing
16 July 2014 7
Cloud Service Models
16 July 2014 8
‘...as a Service’ Branding is Getting out of Hand
Some of the more interesting (or
questionable) capabilities tagged with the
‘as a Service’ distinction discovered online,
either describing a true (or narrowing)
variation of Cloud Computing or looking
more like an exaggerated designation BaaS: Backend-as-a-Service MaaS: Monitoring-as-a-Service
BPaaS: Business-Process-as-a-Service PaaS: Presto-as-a-Service
intended to be perceived as being
CaaS: Communication-as-a-Service RaaS: [Disaster] Recovery-as-a-Service
‘cloud-oriented’
CaaS: Cognition-as-a-Service RaaS: Registration-as-a-Service
DaaS: Desktop-as-a-Service SaaSS: Service-as-a-Software-Substitute
DaaS: Display-as-a-Service SaaS: Security-as-a-Service
DBaaS: Data-Base-as-a-Service SaaS: Selection-as-a-Service
DIGIPASSaaS: DIGIPASS-as-a-Service SaaS: Storage-as-a-Service
EaaS: Email-as-a-Service TaaS: Terminology-as-a-Service
EaaS: Everything-as-a-Service WaaS: Windows-as-a-Service
HaaS: Hive-as-a-Service WaaS: Workspace-as-a-Service
ITaaS: IT-as-a-Service XaaS: X-as-a-Service [X = ‘Anything’]
16 July 2014 9
Cloud Deployment Models
• Four Common Deployment Models
• Public
• Private
• Community
• Hybrid
• Primary Distinctions
• Connectivity
(i.e. public versus private network connectivity)
• User Community Exclusivity
(i.e. non-restrictive versus highly restrictive)
16 July 2014 10
Public Clouds / Private Clouds
Public Cloud: Cloud resources made available to the general public Private Cloud: Cloud resources made exclusively to members
through public network access, typically providing services to a within the cloud service consumer’s organization.
diverse population of end users. • Cloud infrastructure is provisioned for private use
• Cloud infrastructure is provisioned for open use by the general public
• May be hosted either on or off premise
• Typically located on the cloud provider’s premises
• Access is open or registered with limited credential validation • Access is controlled within the organization entity
16 July 2014 11
Community Clouds / Hybrid Clouds
Community Cloud: Access is granted to a collection of private Hybrid Cloud: Employs two or more cloud deployment models on
clouds to a select group of members from the cloud service behalf of the cloud service consumer.
consuming organizations. • Composite deployment pattern
• Cloud infrastructure is provisioned for private community use
• Leverage unique properties of other deployment models
• Typically located at multiple physical sites
• Access is controlled but spans multiple organizations • Access control is dependent on the cloud models deployed
16 July 2014 12
Enterprise Cloud Computing Strategy
What are my options for Which of my mission- How do I procure for the
adopting Cloud Computing? critical applications are cloud?
candidates for cloud?
16 July 2014 13
Business-Oriented Strategic Elements
• Need to identify and quantify what strategic
The important lesson for CIOs is that IT, or the cloud, by
business outcomes will be realized through the
itself, may not accomplish very much. It is important to
introduction of Cloud Computing
determine how cloud adoption aligns with the strategy of
• Cost Savings from Cloud Computing are often the business and its Web of relationships and complements
compelling, but savings alone may not be enough other changes to products, process, people, and partners.
to make a sufficient business case
Different firms will find different opportunities to leverage
the cloud...reducing costs within the IT function via the
One of the biggest misguided perceptions of Cloud cloud is beneficial but not [necessarily] strategic.
Computing is that cloud initiatives will greatly reduce ...If IT costs are an average of 4% of revenues, and the cloud
the cost of doing business. That may be true for some could [hypothetically] reduce IT costs by 25%, the net impact
initiatives, but not for all of them; after all, cost is not to the corporation is only 1%, or perhaps a few percent of its
the only reason to leverage the cloud...Not every cost structure, [which is] hardly compelling for a cost-
problem is one that needs to be solved by Cloud leadership strategy.
Computing.
- Weinman, Cloudonomics
- Kavis, Architecting the Cloud
16 July 2014 14
The Open Group Cloud Computing ROI Model
Cloud Computing ROI Models Cloud Computing KPIs
Optimizing Workload –
Speed of Availability vs. Workload – Capex vs. Opex
Reduction
Time to Deliver TIME Recovery SLA
Predictable
Variable Costs Costs
/ Execution Costs
Optimizing
Speed of Optimizing Workload vs. Workload Type Instance to Ecosystem -
Reduction
Cost of
Capacity
Ownership Use COST Utilization % Allocations Asset Ratio Optionality
Optimizing
Green Costs of SLA Response Intelligent
Cost to Deliver
/ Execution
Cloud Quality Experiential
Error Rate Automation
Market
Optimizing Revenue
Margin Margin Efficiencies
Disruption
Rate
16 July 2014 15
Strategic Pace of Adoption
Gartner’s Hype Cycle
• Ease of implementing an off-premise for Emerging Trends, 2013
public cloud offerings encourage
‘grassroots’ introduction of Cloud
Computing, often outside the purview Cloud
of the IT organization Computing
16
16 July 2014
Strategic Pace of Adoption
Adopter Categories as defined
PaaS
in Diffusion of Innovation:
17
16 July 2014
Available Cloud Computing Patterns
Sample from cloudpatterns.org
Audit Monitor Ready-Made Environment
• Mechanisms
Automated Scaling Listener Remote Administration
Technology mechanisms represent well-defined IT
System
artifacts that are established within an IT industry Billing Management System
and commonly distinct to a certain computing Resource Cluster
Cloud Storage Device
model or platform. Resource Management
Cloud Usage Monitor System
• Design Patterns
The simplest way to describe a [design] pattern is Failover System Resource Replication
that it provides a proven solution to a common Hypervisor
problem individually documented in a consistent SLA Management System
format and usually as part of a larger collection. Load Balancer SLA Monitor
• Compound Patterns Logical Network Perimeter State Management Database
A coarse-grained pattern comprised of a set of Multi-Device Broker Virtual Server
finer-grained patterns.
Pay-Per-Use Monitor
Cloud Mechanisms – cloudpatterns.org
16 July 2014 18
Cloud Pattern Sample – Automated Administration
Details
Relationships
Nearly 60
Design Patterns
Conceptual
Schematics
16 July 2014 19
Cloud Implementation Patterns – Mechanism/Pattern Matrix
• Build a simple matrix to map Cloud
Mechanisms to Cloud Design
Patterns
16 July 2014 20
Cloud Implementation Patterns – Compound Pattern Matrix
• 39 of the Cloud Patterns can be
combined into 13 Compound
Patterns
– R = Required Pattern
– O = Optional Pattern
16 July 2014 21
Establish a Cloud Computing Reference Architecture
• Leverage the enterprise reference
architecture practice already in
• Same level of granularity
• Apply existing governance policies and
procedures
• Establish roadmaps to realign non-strategic
Cloud Computing already in place
16 July 2014 22
Information Security Considerations
• Understand and account for the
security needs of the planned Cloud
Computing environment
– Internal or External Cloud Service
Provider
– On-Premise or Off-Premise
deployment
• Determine how much risk can / should
be shouldered by the Cloud Services
Provider
– Financial Loss
– Data Loss
– Availability of Critical Functions
– Reputation Loss
• Carefully weigh multi-tenancy policy
controls, segregation and governance Copyright © 2011 Cloud Security Alliance
16 July 2014 23
Information Security Considerations
11
Cloud Security Alliance (CSA) - Cloud Control Matrix Domains
Data Human Information
Compliance Facility Security Legal
Governance Resources Security
• Audit Planning • Ownership / • Policy • Background • Management • Non-Disclosure
• Independent Stewardship • User Access Screenings Program Agreements
Audits • Classification • Employment • Policy • Third Party
• Controlled
• Third Party • Retention Policy Access Points Agreements Enforcement Agreements
Audits • Employment • Segregation of
Controls Mapped to Termination Duties
Industry Standards
Operations Risk Release Security
• COBIT Management Resiliency
Management Management Architecture
• HIPAA
• ISO/IEC•27001-2005
Policy • Program • New • Management • Customer Access
• NISTP800-53
• Documentation • Assessments Development / Program Requirements
• PCI DSS• Capacity / Acquisition • Impact Analysis • User ID
• Mitigation /
Resource Acceptance • Production • Business Credentials
Planning Changes Continuity • Data Security /
• Quality Testing 98 Controls
Planning Integrity
16 July 2014 24
Recommended Next Steps
Establish (or refresh) the Enterprise Cloud Computing Cloud Computing Strategy Tips
Strategy, including key business, technical and
operational elements • Plan for a hybrid cloud/non-cloud operating environment
as enterprise-grade cloud capabilities continue to mature
Assess the current and impending Cloud Computing
landscape across your organization • Reorganize and align IT to support greater business agility
through cloud technology
Determine the delta between the ‘as is’ and ‘to be’
state of Cloud Computing within the organization • Recruit, train and retain top cloud talent now
Monitor for potential benefits: • Track and publish financial contributions from cloud
• Aligned with the broader Enterprise Strategy implementations
• Providing clear cloud engineering guidance • Establish a SaaS Application Review Framework with
• Assess, challenge and evaluate Cloud Service vendor performance monitoring and accountability
Providers
• Create a Cloud Decision Framework aligned to business
• Readily available Reference Architecture strategies
definitions and images
• Strategic Cloud Computing convergence roadmaps • Design security management at the cloud platform level
Forbes Tech: First Steps to Creating a Cloud Computing Strategy for 2013
16 July 2014 25
Any Questions?
16 July 2014 26