Cloud Adoption - Journey of IT Service Management


Published on

Cloud computing represents great deal of opportunities for business and IT.  The rapid adoption, flexibility, and elasticity of cloud computing have enabled companies to realize benefits such as time to market and cost saving.  However, cloud computing presents various challenges for IT service management and increases the company’s security risk exposures.  A well structured cloud service management model will enable the company to reap the benefits of cloud while minimizing the risk exposure for the company.  This presentation will cover topics on:
• Governance structure for cloud solutions.
• Architecture strategies to identify cloud capabilities to enable business.  
• Selection criteria for preferred cloud vendors based on architecture, legal, security, and IT operations categories.
• Risk management process of cloud solutions.
• Service management for cloud computing following ITIL model.
• Executive endorsement and buy in.

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cloud Adoption - Journey of IT Service Management

  1. 1. Cloud Adoption – Journey of IT Service Management CIO San Francisco Summit Dec 4, 2013 Caroline Hsieh
  2. 2. Cloud Adoption – How to Get There Governance structure Architecture strategies to identify cloud capabilities to enable business Selection criteria to determine preferred cloud vendors Risk-management process Service management process for cloud computing following the ITIL model Executive Endorsement
  3. 3. Why Cloud Governance? Opportunity  Business Growth Threat  Cost Savings  Minimize vendor proliferation  Security Risks  Speed  Reduce Corporate Risk  Service Management  Consistently Secure Data Cloud Governance Reap the benefits of cloud while….  Minimize vendor proliferation  Reduce Corporate Risk  Consistently Secure Data Quickly and Safely
  4. 4. Cloud Governance Structure Forming a Cloud Governance Body To enable business to rapidly adopt cloud solutions while minimizing data security risks with cloud vendors      Define cloud strategies and maintain cloud capabilities Establish selection criteria to minimize proliferation of vendors Perform risk assessment on data and cloud vendors Educate business users on how to handle data in the cloud Enforce data security and privacy policies     Enterprise Architecture IT Operations Vendor Management Purchasing     Information Security Corporate Compliance Legal Business Representatives Cloud Governance Committee is a continuous working body to define and maintain cloud usage policies and standards.
  5. 5. Architecture Strategy and Cloud Capabilities Step 1 - Identify business demand across company SaaS Sales IaaS • Opportunity Management • Quoting • Live Chat • Account Mgmt. • Sales Compensation • Content Management • Partner Relationship Management Marketing • Social Marketing • Campaign Management • Live Chat Tech Support • Content Management • Live Chat Education & Training • Virtual Classroom • Live Chat • Knowledge Base • Compliance Education Professional Services • Project Accounting • Online Collaboration • Service Resource Planning HR • Human Resource Management • Applicant Tracking • Talent Management • Payroll Legal • Contract Management • Online Collaboration • Dev./QA Lab • Storage • Database Marketing • Microsite Hosting • Content Management • Customer Survey • Lead Management • Online Collaboration • Case Management • Knowledge Base • Account Mgmt. Engineering PaaS Engineering • Dev./QA Lab • Database • Integrated Development Environment  Moderate usage of cloud  Heavy usage of cloud
  6. 6. Architecture Strategy and Cloud Capabilities Step 2 – Select Preferred Cloud Vendors  Identify selection criteria  Cost  Support  Talent acquisition  Integration  Web services, APIs  Single sign on  Data replication  UI customization  Support mobile devices  Multi-factor auth.  3rd party certification  Data loss prevention  Data retention policy  Access management  Data encryption  Data segregation  SLA (uptime & support)  Monitoring  Vendor viability  Billing  Redundancy/DR  Incident notification  Data privacy  Indemnification  eDiscovery  Architecture  Security  Operation  Legal  Create vendor checklists to incorporate the identified criteria  Select vendor based on functionality fit and adherence to the criteria
  7. 7. Architecture Strategy and Cloud Capabilities Step 3 – Map business demand to vendor capabilities Examples Account Management Pipeline Management Lead Management Performance Management Talent Management Virtual Machine Preferred CRM SaaS Vendor Storage Web Hosting Database Preferred HRMS SaaS Vendor Development Platform Preferred PaaS Vendor Workforce Management Campaign Management Event Management Lead Generation Content Management Online Collaboration Preferred IaaS Vendor Preferred Marketing Automation SaaS Vendor Preferred Content Management SaaS Vendor Leverage preferred vendors to      Minimize vendor proliferations Reduce risk exposure Consolidate buying power to get best pricing Negotiate the terms to best protect the corporation Standardize technology and skillset required to support the cloud solutions
  8. 8. Cloud Vendor Risks What Business and IT are facing today Data Access, Loss & Privacy Operations Legal Financial Service Management Security Corporate Reputation Vendor Viability
  9. 9. Data Security and Risk Management  Establish policies for handling data in the cloud   Classify the data based on data sensitivity(*) Define security control policies for different data classification Less security control Public Info    Higher security control Internal data Highly confidential data Educate business community on handling data in the cloud Obtain business and IT executive approval for storing data in the cloud Establish standard agreement terms with preferred vendors
  10. 10. Balancing Business Value vs. Risk Level HIGH Approve Assess Assess Reject Business Values Time to Market Cost Saving Operation Efficiency Customer Experience LOW Risk Level Security Financial Legal Vendor Management HIGH
  11. 11. Service Management Process Leveraging ITIL for cloud services  Follow ITIL framework for end to end cloud service management,  Clarify the role & responsibilities of Business, IT, and cloud providers.  Ensure governance process encompass the entire service management cycle. Develop your staff’s skills on cloud service management
  12. 12. Establish Service Management Process Roles and Responsibilities Example – to be adjusted for SaaS, PaaS, IaaS Service Strategy Service Design Vendor Service Portfolio Management A Demand Management Financial Management Service Level Management R A C Transition Plan & Support CI A R Event Management CI Availability Management A CI R Service Asset & Configuration I CI A Incident Management A A RC Capacity Management A CI R Validation and Testing R A CI Problem Management A R A IT Service Continuity A CI R Release and Deploy R A CI Request Fulfillment A Information Security CI A R Change Management CI CI A Access Management Supplier Management CI A Evaluation R A Service Catalogue A CI Knowledge Management I A C Continual Service Improvement IT Business Vendor Service Measurement and Reporting CI CI A Continual Service Improvement CI CI A Vendor Business C Business IT RI IT Vendor Vendor Business Business A Service Operation IT IT Service Strategy Service Transition I CI A CI A C R Responsible A Accountable C Consult I Inform
  13. 13. Executive Endorsement Forming a Cloud Executive Council Chief Information Officer Business Executive Sponsors Cloud Vision Funding Model Risk Threshold Escalation Chief Technology Officer Chief Information Security Officer Cloud Executive Council is a steering committee to sponsor cloud adoption and champion enforcement of policies.
  14. 14. Summary Balance business benefits vs. risk level Establish cloud strategy and cloud capability Cloud Adoption Obtain buy-in from stakeholders Incorporate cloud governance as part of enterprise architecture and IT operations processes
  15. 15. Thank you! Caroline Hsieh Email: CarolineLHsieh