ID202: What You Shouldn’t
Care About With Cloud, But
Do Anyway
Marshall Lamb, IBM

© 2014 IBM Corporation
Please Note
IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notic...
Security & Privacy - concerns
 Where is the data?
 What’s being done with it?
 Who has access to it?
– “On-premise” is ...
Security & Privacy in the cloud
 Multi-tenant, so security and privacy are paramount
 Logical data isolation, not physic...
Archiving and e-discovery
 Industry regulation or internal security policies may require
archiving of collaboration data
...
Customization and integration – building the perfect solution
 Most on-premise solutions are heavily customized
 Custom ...
Customization in the cloud – good enough?
 SaaS providers won’t run your custom applications, and won’t fully
customize t...
Hybrid cases – SmartCloud for Social Business
 On-premise Domino application and directory integration with SmartCloud fo...
Enterprise maintenance and update schedule woes
 On premise, you are in control of software update schedules
– Change fre...
In cloud, what does “version” mean?
 Cloud in general, and SaaS in particular, is all about continuous
evolution
– IBM up...
On-premise network advantages
 Solutions can be co-located with its users for optimized delivery
– Headquarter data cente...
Cloud network challenges
 Data centers in major geographic regions, but not everywhere
 Leverages content delivery netwo...
 Access Connect Online to complete your session surveys using any:
– Web or mobile browser
– Connect Online kiosk onsite
...
Acknowledgements and Disclaimers
Availability. References in this presentation to IBM products, programs, or services do n...
Upcoming SlideShare
Loading in …5
×

Tip from IBM Connect 2014: What You Shouldn't Care About With Cloud, But Do Anyway

952 views
838 views

Published on

Marshall Lamb covers areas of concern for companies moving to the cloud including security and privacy, archiving and e-discovery, customization and integration, maintenance and update schedules, and networks.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
952
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Tip from IBM Connect 2014: What You Shouldn't Care About With Cloud, But Do Anyway

  1. 1. ID202: What You Shouldn’t Care About With Cloud, But Do Anyway Marshall Lamb, IBM © 2014 IBM Corporation
  2. 2. Please Note IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here. 2
  3. 3. Security & Privacy - concerns  Where is the data?  What’s being done with it?  Who has access to it? – “On-premise” is not the panacea – Governments’ rights to data  Separation from other customer data – Inter-company, and intra-company  Industry regulation requirements – FISMA, HIPAA, etc
  4. 4. Security & Privacy in the cloud  Multi-tenant, so security and privacy are paramount  Logical data isolation, not physical – Exception being regulated data  Depending on vendor, and licensing option, data may not be private – IBM maintains a strict privacy policy on customer data  Government rights to data includes on-premise as well as cloud providers operating in that country – US PATRIOT Act – Canadian Anti-Terrorism Act – EU Schengen Information System (SIS) II  Quality-oriented industry attestations and compliances are common in public clouds – SSAE 16, ISO 27001, STAR, etc  Security and privacy regulatory compliances require specialized clouds and higher price points – FISMA, HIPAA, BAFIN, etc  SmartCloud for Social Business will recertify to SSAE 16 SOC 2 and is pursuing other certifications – Its internal IBM security practices are based on the ISO 27001 standard  SSL yes, VPN no
  5. 5. Archiving and e-discovery  Industry regulation or internal security policies may require archiving of collaboration data – Email is a standard requirement – Could include instant messaging and file data as well  Data retention policies differ by company  Data archive unaffected by user action or status  Used for legal/compliance reasons, not for data backup/restore  IBM SmartCloud™ for Social Business provides archiving and e-discovery for IBM SmartCloud Notes – Policies set by organization
  6. 6. Customization and integration – building the perfect solution  Most on-premise solutions are heavily customized  Custom applications  Themes, skins, pages  Mobile apps  Specific use cases and metaphors  Enterprise data integration  Metrics and analytics
  7. 7. Customization in the cloud – good enough?  SaaS providers won’t run your custom applications, and won’t fully customize their solution to your needs  Defined points of variability – Branding and color schemes – Feature enablement  Extending cloud capabilities with partner apps and extension points  On-premise apps to consume SaaS APIs – Adoption of OAuth and/or Open ID as an authentication standard  SmartCloud for Social Business provides a rich set of extension points and APIs – Social Business Toolkit (social.ibmcloud.com/toolkit) – Consume SaaS as a service, not just a UI  But is it good enough? black box
  8. 8. Hybrid cases – SmartCloud for Social Business  On-premise Domino application and directory integration with SmartCloud for Social Business – Directory sync – Mail routing – Common ID  Sametime Instant Messaging Communities  Rich client and plugin access  Desktop file access  Portlet integration (WebSphere Portal)  Mobile access – Sametime IM – Sametime Meetings
  9. 9. Enterprise maintenance and update schedule woes  On premise, you are in control of software update schedules – Change freezes – Retraining and documentation updates  Typically, the rule is, only update software if: – Existing level is going out of service – Something is broken that the new level fixes – Some other software or development effort requires the upgrade  Update cycles are infrequent (every 2 to 3 years) and are costly, disruptive, and big! – Typically try to coordinate updates to multiple parts of the infrastructure  Then there are the prolific security patches!  Fosters “Change is bad!” mentality  Constantly behind, at risk, and uncompetitive v6.1 v2.3a v5.1.2 v2.0.2 …
  10. 10. In cloud, what does “version” mean?  Cloud in general, and SaaS in particular, is all about continuous evolution – IBM updates SmartCloud for Social Business every week!  There is no such thing as “software versions”  Customers get the benefit of fixes, security patches, and major updates with minimal to no disruption  Most major vendors employ “progressive disclosure” to govern who sees new features and when – Customer “opt in” – Percentage exposure with temporary “opt out” – Policy-based feature enablement – IBM will too!  But in general, customers don’t have a say in when change happens – it happens constantly – Frequent small changes are safer and have less impact that infrequent massive changes
  11. 11. On-premise network advantages  Solutions can be co-located with its users for optimized delivery – Headquarter data centers – Branch office hubs and network entry points  Often require VPN access for remote employees  Try to minimize the “last mile” problem  Firewall rules for authorized outbound Internet access  Private network and bandwidth control
  12. 12. Cloud network challenges  Data centers in major geographic regions, but not everywhere  Leverages content delivery networks (CDNs) and network path optimization to bridge the last mile – Akamai® – IBM SoftLayer® CDN (Edgecast®)  Constantly optimizing content for speedy delivery Resolved PoP  Requires predictable IP address ranges and bandwidth allocations for Internet access C:>nslookup apps.na.collabserv.com Server: bol-dns-vip1.boulder.ibm.com Address: 9.0.128.50 CNAME for Non-authoritative answer: *edgekey.net Name: e425.b.akamaiedge.net Address: 23.12.241.213 Aliases: apps.na.collabserv.com engage.lotuslive.com.edgekey.net The “Last Mile” Resolves PoP based on location
  13. 13.  Access Connect Online to complete your session surveys using any: – Web or mobile browser – Connect Online kiosk onsite 29
  14. 14. Acknowledgements and Disclaimers Availability. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. The workshops, sessions and materials have been prepared by IBM or the session speakers and reflect their own views. They are provided for informational purposes only, and are neither intended to, nor shall have the effect of being, legal or other guidance or advice to any participant. While efforts were made to verify the completeness and accuracy of the information contained in this presentation, it is provided AS-IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this presentation or any other materials. Nothing contained in this presentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results. © Copyright IBM Corporation 2014. All rights reserved.  U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.  IBM, the IBM logo, ibm.com, SoftLayer, IBM SmartCloud, IBM SmartCloud Notes and IBM SmartCloud for Social Business are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml Akamai is a registered trademark of Akamai Technologies. Other company, product, or service names may be trademarks or service marks of others. 30

×