Your SlideShare is downloading. ×
0
Getting Your Head in the Clouds


Andrew S. Townley
Founder & Managing Director
Archistry Limited
22 September 2009




  ...
Introductions

                                                  2008

                      Symposium 2007
              ...
Agenda

    s   What is cloud computing?
    s   What matters to your organisation?
    s   What value can you realise fro...
Agenda

    s   What is cloud computing?
    s   What matters to your organisation?
    s   What value can you realise fro...
Cloud Computing is...


Applications Delivered
as Services


                                             via the
        ...
But, isn't that...
                                          PaaS
                          Application
                  ...
But, isn't that...
                                                 PaaS
                          Application
           ...
Not completely...

    s   Organisational DNA changes required
    s   Not just an IT issue:
          q    Legal
        ...
What's the Point?

    s   IT as a utility:
          q    Inexpensive
          q    Pay-as-you-go
          q    Scalabl...
Why Now?

     1     Illusion of on-demand, infinite resources
           eliminates the need for long-term resource plann...
Alphabet Soup

 s   SaaS – software as a service

 s   PaaS – platform as a service

 s   IaaS – infrastructure as a servi...
Cloud Models




Image source: MWD Advisors, http://www.mwdadvisors.com/blog/2009/07/seven-elements-of-cloud-value-public-...
Cloud Models




                            Hybrid clouds blend both models to
                              meet specifi...
Cloud Caveats




                          Our definition




         Is a “Private Cloud” really a cloud at all?

14   ...
Agenda

 s   What is cloud computing?
 s   What matters to your organisation?
 s   What value can you realise from the clo...
Profitability




                                                              PRICES
                                   ...
Value Disciplines




           Operational                                                              Customer        ...
Value Disciplines




                                 You've gotta do them all, but you
                                 ...
The CEO's Agenda
          Operations                                  Customers                                  Innovati...
Your Execution Approach




20   Public Information   Copyright 2009 Archistry Limited. All Rights Reserved.
Your EA Maturity Level

            Business Silos

    Local investments                                                ...
Agenda

 s   What is cloud computing?
 s   What matters to your organisation?
 s   What value can you realise from the clo...
It Depends on Who You Are



                                                                             vs.


          ...
SME Adoption Drivers

 s   Cashflow and survival
       q    Manage utilities and facilities costs
       q    Economies o...
Enterprise – Costs

                                    Internal IT                          Cloud

     Human cost per se...
Enterprise – Productivity

 s   On-demand compute resources
       q    Eli Lilly able to parallelize ~20M compute tasks/m...
Mapping Value Disciplines

                          Operational   Streamlined & shared processes
                        ...
Agenda

 s   What is cloud computing?
 s   What matters to your organisation?
 s   What value can you realise from the clo...
The Cloud Reality




                             70% of IT execs rated cloud
                           security risks “...
BCCIA Analysis Framework

 s   Business Execution

 s   Compliance

 s   Confidentiality

 s   Integrity

 s   Availabilit...
Business Execution Risks

 s   Who guarantees the SLAs?
 s   Will a “one size fits all” SLA work for me?
 s   What happens...
Compliance Risks

 s   Where in the world is my app and data?
 s   Can I limit sharing/scalability to certain localities?
...
Confidentiality Risks

 s   What other apps and orgs share infrastructure?
 s   What transmission & storage controls possi...
Data Integrity Risks

 s   What's my archive/restore plan?
 s   How many copies of data will we have?
 s   Where is the “m...
Availability Risks

 s   What happens in DoS/DDoS at vendor?
 s   Do I know how much I can actually consume?
 s   What iso...
What Can You Do?

 s   Policies are key
       q    Services tied to classification levels
       q    Integrate business ...
What Can You Do?

 s   Policies are key
       q    Services tied to classification levels
       q    Integrate business ...
Agenda

 s   What is cloud computing?
 s   What matters to your organisation?
 s   What value can you realise from the clo...
Start Now!

 s   What can you move in 3-6 months?
       q    Understand what you have now
       q    Identify what commo...
References
 s   Armbrust, M, et al., Above the Clouds: A Berkeley View of Cloud Computing,
     http://d1smfj0g31qzek.clou...
Archistry Limited
                                                          3 Lombard Street East
                        ...
Upcoming SlideShare
Loading in...5
×

Getting Your Head in the Clouds

1,798

Published on

This is my presentation at the 2009 COSAC Security Conference on Cloud Computing. Here is the abstract:

One way or another, cloud computing seems determined to be on your radar. Whether it's your CXO, your customers or even your staff, someone is either going to be asking you about it, doing it, or trying to keep you from knowing they're doing it. You can't afford not to be prepared and understand not only the fundamentals and current definitions of cloud computing, but you also need to be able to get beyond the buzzwords, the hype and the fear, uncertainty and doubt (FUD) presented everwhere from the Wall Street Journal to trade magazines to vendor brochures.

This session will provide a brief overview of the current cloud computing landscape, including:

* The different definitions and approaches
* The claimed business benefits and opportunities
* The most touted security issues and risks

Following this introduction, we will examine the potential business value, opportunities and risks in more detail to identify the ones that are likely to have a real impact on your organisation. After this session, you should be able to understand:

* The relationship between cloud computing, virtualisation, Software as a Service (SaaS), SOA and other types of outsourced services
* Whether cloud computing is a real option for your organisation
* The unique information assurance and security challenges posed by cloud computing
* What you can do to prepare yourself and your organisation for evaluating, deploying and leveraging cloud computing services

Published in: Technology, News & Politics
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,798
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
67
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Transcript of "Getting Your Head in the Clouds"

  1. 1. Getting Your Head in the Clouds Andrew S. Townley Founder & Managing Director Archistry Limited 22 September 2009 Copyright 2009 Archistry Limited. All Rights Reserved.
  2. 2. Introductions 2008 Symposium 2007 2007 Adoption Forum 2006 SOA for E-Government 2006 2006 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  3. 3. Agenda s What is cloud computing? s What matters to your organisation? s What value can you realise from the cloud? s What are the risks and challenges of the cloud? s How can you get into the cloud? 3 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  4. 4. Agenda s What is cloud computing? s What matters to your organisation? s What value can you realise from the cloud? s What are the risks and challenges of the cloud? s How can you get into the cloud? 4 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  5. 5. Cloud Computing is... Applications Delivered as Services via the Internet + Accessed anytime, anywhere & on-demand Datacentre Hardware & Systems Software 5 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  6. 6. But, isn't that... PaaS Application Service Service Providers Oriented IaaS Architecture SaaS Service Outsourcing Commerce Internet Platform Integration Managed Services 6 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  7. 7. But, isn't that... PaaS Application Service Service Providers Oriented IaaS Architecture SaaS Service Outsourcing Oh, Hell... Commerce It's a technology thing, isn't it? Internet Platform Integration Managed Services 7 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  8. 8. Not completely... s Organisational DNA changes required s Not just an IT issue: q Legal q Human Resources q Marketing & Sales q Research & Development q ...etc. s How you work with others Oh, and that technology thing too... 8 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  9. 9. What's the Point? s IT as a utility: q Inexpensive q Pay-as-you-go q Scalable availability q Self-service access q Ubiquitous access q Reliability s Capabilities & relationships Focus on the core business 9 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  10. 10. Why Now? 1 Illusion of on-demand, infinite resources eliminates the need for long-term resource planning 2 No up-front commitments start small and increase consumption as necessary 3 Pay-per-use for short-term needs drives efficiency and conservation of resources 10 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  11. 11. Alphabet Soup s SaaS – software as a service s PaaS – platform as a service s IaaS – infrastructure as a service q Software infrastructure q Hardware infrastructure 11 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  12. 12. Cloud Models Image source: MWD Advisors, http://www.mwdadvisors.com/blog/2009/07/seven-elements-of-cloud-value-public-vs.html 12 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  13. 13. Cloud Models Hybrid clouds blend both models to meet specific business needs Image source: MWD Advisors, http://www.mwdadvisors.com/blog/2009/07/seven-elements-of-cloud-value-public-vs.html 13 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  14. 14. Cloud Caveats Our definition Is a “Private Cloud” really a cloud at all? 14 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  15. 15. Agenda s What is cloud computing? s What matters to your organisation? s What value can you realise from the cloud? s What are the risks and challenges of the cloud? s How can you get into the cloud? 15 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  16. 16. Profitability PRICES PRICES PRODUCTION PRODUCTION COST COST 16 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  17. 17. Value Disciplines Operational Customer Product / Service Excellence Intimacy Leadership Adapted from “Customer Intimacy and Other Value Disciplines”, Harvard Business Review, Jan/Feb 1993 by Treacy and Wiersema 17 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  18. 18. Value Disciplines You've gotta do them all, but you can only focus on one! Operational Customer Product / Service Excellence Intimacy Leadership Adapted from “Customer Intimacy and Other Value Disciplines”, Harvard Business Review, Jan/Feb 1993 by Treacy and Wiersema 18 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  19. 19. The CEO's Agenda Operations Customers Innovation 2007 Survey 2008 Survey 1 Excellence in execution Excellence in execution 2 Sustained top-line growth Consistent strategy execution 3 Consistent strategy execution Speed, flexibility & adaptability 4 Profit growth Global economic performance 5 Talent management Financial risk (incl. liquidity) 6 Customer loyalty & retention Sustained top-line growth 7 Speed, flexibility & adaptability Customer loyalty & retention 8 Corporate reputation Improving productivity 9 Innovation & creativity Business confidence 10 Speed to market Profit growth Excerpted from The Conference Board's CEO Challenge 2007: Top 10 Challenges (http://www.conference-board.org/publications/describe.cfm?id=1362) Excerpted from The Conference Board's CEO Challenge 2008: Top 10 Challenges (http://www.conference-board.org/publications/describe.cfm?id=1569) 19 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  20. 20. Your Execution Approach 20 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  21. 21. Your EA Maturity Level Business Silos  Local investments SOA  Local structures Standardized  Local processes Technology Cloud  Basic IT  Local IT automation automation  High costs  Start shared Optimized Core infrastructure  Enterprise view  Start platform reduction  Centralized data  Technology &  Standardized Business Modularity delivery interfaces standards  Extends Stage 3  Reusable  Lower costs processes  Business services  Enterprise  IT innovation systems  IT/Business feedback loop Based on research from MIT Sloan School’s Center for Information Research and IMD involving nearly 500 companies from 1995-2005 21 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  22. 22. Agenda s What is cloud computing? s What matters to your organisation? s What value can you realise from the cloud? s What are the risks and challenges of the cloud? s How can you get into the cloud? 22 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  23. 23. It Depends on Who You Are vs. SME = 99.9% ( > 16M ) of EU businesses LE = 0.1 % (~17,000) of EU businesses Yearly technology spend: Yearly technology spend: ~ $100,000 - $400,000 ~ $2M - $50M+ Figures from ENSI - The European Network for SME Research (1994), European Observatory for SMEs: Second Annual Report, ENSI authors and publishers. The Netherlands. 23 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  24. 24. SME Adoption Drivers s Cashflow and survival q Manage utilities and facilities costs q Economies of scale q Pay-as-you-go pricing s Avoid Microsoft licensing fees s “One stop shop” approach s Exposure as end-users 24 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  25. 25. Enterprise – Costs Internal IT Cloud Human cost per server €500/yr €0.25/yr ~100 servers / admin ~200,000 servers / admin Network bandwidth costs $500/Mb $12/Mb Storage costs $3.75/GB $0.10/GB CAPEX investment for 18 $4.3M $0 extra months of IT capacity 25 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  26. 26. Enterprise – Productivity s On-demand compute resources q Eli Lilly able to parallelize ~20M compute tasks/month q Significant decrease in cycle times to get results s Dynamic collaboration environments q Support “anytime, anywhere” access q Multi-user, realtime co-creation of deliverables q No internal IT set-up time or cost 26 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  27. 27. Mapping Value Disciplines Operational Streamlined & shared processes Excellence Cost reductions Significant cost reductions Customer Application consolidation Intimacy Mature sales & marketing vendors Product / Easier & quicker collaboration Service Supports more open innovation Leadership Reduced time to market 27 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  28. 28. Agenda s What is cloud computing? s What matters to your organisation? s What value can you realise from the cloud? s What are the risks and challenges of the cloud? s How can you get into the cloud? 28 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  29. 29. The Cloud Reality 70% of IT execs rated cloud security risks “very significant” Your Apps @ time t + n 29 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  30. 30. BCCIA Analysis Framework s Business Execution s Compliance s Confidentiality s Integrity s Availability 30 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  31. 31. Business Execution Risks s Who guarantees the SLAs? s Will a “one size fits all” SLA work for me? s What happens if we don't pay our bill? s How much risk transparency provided? s Do we really own our data? s Will it be practical to switch providers? s Can I set maximum spend limits? 31 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  32. 32. Compliance Risks s Where in the world is my app and data? s Can I limit sharing/scalability to certain localities? s What legal jurisdictions apply to my data? s Are we still compliant with all software licenses? s What happens when the vendor gets sued? s What does PCI in the cloud really mean? s What about HIPPA, SOX, BASEL II, etc.? 32 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  33. 33. Confidentiality Risks s What other apps and orgs share infrastructure? s What transmission & storage controls possible? s Is my data classified appropriately for the cloud? s In what cases can the vendor share data? s Do the terms change after acquisition? s What happens if vendor goes bust? 33 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  34. 34. Data Integrity Risks s What's my archive/restore plan? s How many copies of data will we have? s Where is the “master” data now? s Can we map all of the new data flows? s Will we know if cloud data has been modified? s What gets added to our data by the vendor? 34 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  35. 35. Availability Risks s What happens in DoS/DDoS at vendor? s Do I know how much I can actually consume? s What isolation exists between customers? s How & when do upgrades/maintenance happen? s How do I measure/manage/throttle use? s Is the data model available? s Is it cost-prohibitive to get my data? 35 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  36. 36. What Can You Do? s Policies are key q Services tied to classification levels q Integrate business & security planning s Vendor management q Be explicit in the details q Have a clear exit strategy q Understand liability s Incidents not just about you s Have a strong federated IdM story 36 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  37. 37. What Can You Do? s Policies are key q Services tied to classification levels q Integrate business & security planning s Vendor management Above all: be flexible and prepared q Be explicit in the details to adapt to new ways of thinking! q Have a clear exit strategy q Understand liability s Incidents not just about you s Have a strong federated IdM story 37 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  38. 38. Agenda s What is cloud computing? s What matters to your organisation? s What value can you realise from the cloud? s What are the risks and challenges of the cloud? s How can you get into the cloud? 38 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  39. 39. Start Now! s What can you move in 3-6 months? q Understand what you have now q Identify what commodity services you have q Identify the services that add real business value s How can you leverage the cloud to innovate? q Examine the existing organizational structures q Plan to build future applications differently q Identify what can get you closer to your customers s How much altitude can you actually manage? 39 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  40. 40. References s Armbrust, M, et al., Above the Clouds: A Berkeley View of Cloud Computing, http://d1smfj0g31qzek.cloudfront.net/abovetheclouds.pdf s Burton Group, Catalyst 2009 North America, Cloud Computing track, 2009-06-29. s Knorr, E, et al., “What cloud computing really means”, InfoWorld, 2008-04-07, http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031 s New Zealand Ministry of Economic Development, SMEs Internationally, Last update: 2007-07-30, http://www.med.govt.nz/templates/MultipageDocumentPage____3118.aspx s Preston, R., “Down to Business: Customers Fire A Few Shots at Cloud Computing”, Information Week, 2008- 06-14, http://www.informationweek.com/news/services/data/showArticle.jhtml?articleID=208403766&pgno=2&queryText=&isP = s Ross, J.W., P. Weill, and D. C. Robertson. Enterprise Architecture as Strategy -- Creating a Foundation for Business Execution. Harvard Business School Press, Boston, MA, 2006. s Treacy, M., F. Wiersema, “Customer Intimacy and Other Value Disciplines,” Harvard Business Review, January/ February 1993, pp. 84-93. s Urquhart, J., “The three routes to cloud computing's future”, cnet news, 2009-03-16, http://news.cnet.com/8301-19413_3-10196722-240.html s Weill, P., J.W. Ross. IT Governance: How Top Performers Manage IT Decision Rights for Superior Results. Harvard Business School Press, Boston, MA, 2004. 40 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  41. 41. Archistry Limited 3 Lombard Street East Suite 115 Dublin 2, Ireland www.archistry.com Phone +353 1 293 2998 Fax +353 1 293 2999 Email info@archistry.com The art of effectively structuring collaboration to inspire business innovation™
  42. 42. Enterprise – Price Increases s On-demand compute resources q Eli Lilly able to parallelize ~20M compute tasks/month q Significant decrease in cycle times to get results s Dynamic collaboration environments q Support “anytime, anywhere” access q Multi-user, realtime co-creation of deliverables q No internal IT set-up time or cost 42 Public Information Copyright 2009 Archistry Limited. All Rights Reserved.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×