Belgacom Cloud Computing Workshop

0 views
1,036 views

Published on

Slides from the presentation that I gave to Belgacom in Brussels

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
0
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Belgacom Cloud Computing Workshop

  1. 1. Cloud ComputingWorkshop with Belgacom20 June 2012
  2. 2. Agenda Activity Speakers Duration Goal setting and expectations KPMG/Belgacom 10 min Setting the scene Mike Chung 10 min Best practices telcos and cloud services Mike Chung 45 min Break - 10 min Demo Cloud Readiness Scan Tünde Balint 15 min Rules, regulations and (pre)conditions John Hermans/Mike Chung 35 min Determining Belgacom’s need for advice Belgacom/KPMG 25 min Defining steps forward and action items KPMG/Belgacom 15 min: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 1All rights reserved. Printed in Belgium
  3. 3. Goal setting and expectations Your name Your function/role What are your expectations? What question(s) would you like to have answered?: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 2All rights reserved. Printed in Belgium
  4. 4. Setting the scene: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 3All rights reserved. Printed in Belgium
  5. 5. Defining the cloud: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 4All rights reserved. Printed in Belgium
  6. 6. Into perspective Ongoing, solid growth in 2012 • Microsoft Office 365 at All India Council for Technical Education containing 7.5 million users • Google signs with BBVA to migrate over 100,000 users to GoogleApps • About 40% of CRM software has gone online (Wall street Journal) Evolving partnership ecosystem • HP Cloud with Amazon EC • Cisco, VMware, EMC, NetApp partnership • IBM pacts with Cloudera (Hadoop) – also with Siebel Move towards privacy and security • New data centers in Europe (Verizon/Terremark, HP, Salesforce (planned)) • GoogleApps ISO2700x certified • Emergence of external private clouds: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 5All rights reserved. Printed in Belgium
  7. 7. Emergence of telcos DTAG s DTAG’s Cloud 7.0 including SAP online 70 KPN’s Hybrid cloud y Telenor’s Ibiroda cloud based on MS KT’s Ucloud: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 6All rights reserved. Printed in Belgium
  8. 8. Presumed business case Telcos own and manage (mobile) networks Telcos have an existing business client base g Telcos have full enterprise solutions portfolio Telcos have enterprise sales capability: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 7All rights reserved. Printed in Belgium
  9. 9. Best practices telcos and cloud services: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 8All rights reserved. Printed in Belgium
  10. 10. Topics Sales & marketing Product portfolio p Building blocks & integration Service & support: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 9All rights reserved. Printed in Belgium
  11. 11. Approach General market’s view market s Focus on the telecommunication sector Specific case regarding two telcos: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 10All rights reserved. Printed in Belgium
  12. 12. Sales & marketing: market focus SMBs vs. enterprises vs National or international Selected or general: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 11All rights reserved. Printed in Belgium
  13. 13. Sales & marketing: unique selling points Price Trust Innovation: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 12All rights reserved. Printed in Belgium
  14. 14. Sales & marketing: revenue model Emerging cloud pricing models Free – Ad Supported Subscription Usage based • Still evolving • Primarily for applications • Infrastructure focus • Primarily for applications • Salesforce.com • Amazon AWS SMB Focus: Enterprise Focus: À la carte Product & Variable Pricing Vs Custom Built Product & Fixed Pricing Amazon Rackspace . AT&T Terremark • None • $100/month (One 1.2GHz • Mostly fixed pricing • Mostly fixed pricing Fixed server, 500 GB bandwidth, – ~$4000/month for a – $2000/month for a 50 GB storage) starting compute starting 5GHz bundle compute bundle • Compute: 10c - • Compute: $0.01/compute • Low variable pricing • Low variable pricing ble $1.2/instance hr $1 2/instance hr* cycle cycle* component component Variab • Bandwidth: $0.10 - • Bandwidth: $0.25/GB – $425/Ghz month $0.17/GB • Storage: $0.5/GB added capacity • Storage: $0.10/GB month: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 13All rights reserved. Printed in Belgium
  15. 15. Product portfolio: overview 2003-2004 2007-2008 2009-2010 2011-present  Vodafone Cloud Services  BT Open Orchard  Telstra  NTT Business Security  SK Telecom T-bizpoint  T-Systems Dynamic  T-Suite  Telia Sonera Business  Softbank White Cloud Software as a Services  Orange IT Plan Class Cloud Services  T-Systems ERP on- Service  Telefónica Aplicateca demand (SaaS)  T-Systems (Database  SK Telecom Cloud  AT&T and Middleware Computing Platform  Telstra Platform as a Environments)  KT Ucloud Service (PaaS)  AT&T Synaptic Hosting  Orange Flexible  Telecom Italia computing  NTT IaaS  BT Virtual Data Center  Telefónica (T-Cloud) (T Cloud) Infrastructure  Verizon Computing as a  KPN Hybrid Cloud as a Service Service (IaaS)  AT&T Synaptic Storage and Compute  Telefónica: Cloud Storage & Virtual Data g Center: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 14All rights reserved. Printed in Belgium
  16. 16. Product portfolio: different concepts Proprietary services vs partnerships vs. Development or acquisition p q Reselling or value-added services: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 15All rights reserved. Printed in Belgium
  17. 17. Product portfolio: scope of services Integration/aggregation services SaaS, PaaS, IaaS , , Private vs public: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 16All rights reserved. Printed in Belgium
  18. 18. Product portfolio: partnerships Reselling of cloud services Consultancy y Technology partnerships: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 17All rights reserved. Printed in Belgium
  19. 19. Product portfolio: ecosystem of cloud Cloud enablers Cloud service vendors Cloud service integrators  Provide the technology,  Provide the actual cloud  Provide cloud focused infrastructure, platforms services, services spanning SaaS SaaS, technology services such as Value and Middleware to PaaS and IaaS, to customers system integration, cloud added enable provision of cloud migration and maintenance services H/W and S/W vendors IT & Services players (HW & SW Integrators vendors / IT distributors) Pure Cloud players (e-commerce, Internet giants, Hosting companies) Examples Telcos Telcos: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 18All rights reserved. Printed in Belgium
  20. 20. Product portfolio: example of candidates Example Partner Candidates by Area of Expertise System Integrators y g Applications Application Development Platform Infrastructure Platform Software Virtualization Software Operating System O S Hardware: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 19All rights reserved. Printed in Belgium
  21. 21. Building blocks & integration: areas of concern Identity & Access Management Network integration g Backend services integration: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 20All rights reserved. Printed in Belgium
  22. 22. Building blocks & integration: architecture Organization Other Cloud Customers Users Users Services Internet or Internet LAN Organizations Internal IT Service provider Service provider Service provider Hardware, software + data Hardware, software + data Hardware, software + data Hardware, software + data Internal Data Center Managed hosting Third-Party Vendor (Multi-Tenant) Combined Public + Private Cloud Private Private-External Public Hybrid: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 21All rights reserved. Printed in Belgium
  23. 23. Building blocks & integration: technology 1/2 Multiple authentication Cloud methods Cloud Service Service PUBLIC CLOUD IT function of Cloud ation CSP Multiple Service Virtualiza API Cloud Business Business Service Service Service Multiple software versions i Hypervisor solutions – Unified controlled PRIVATE CLOUD data in a unified Cloud Off-premise policies li i way a Service and Business security Cloud Service measures Service: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 22All rights reserved. Printed in Belgium
  24. 24. Building blocks & integration: technology 2/2 Multiple authentication methods (e.g. Load Message Client different AD diff t queues estimates A trees) How to assure SSO? Monitoring Different software ft Legacy Client versions applications IT function of Virtualization B Payment CSP model Old data Business Business Data which Service Service migration & needs to different Backup/ be moved data types restore Client and C Interfaces failover between in- house and Information I f ti cloud part of security the application Client D: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 23All rights reserved. Printed in Belgium
  25. 25. Service & support: main topics Cloud service advisory and consultancy Customer support pp Technical support: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 24All rights reserved. Printed in Belgium
  26. 26. Service & support: service integrator model The Business Service Ownership: • Single Point of Contact IT Risk Management with the Cloud Service Service IT Risk • Risk identification and Providers (CSP) & IT Owner Manager analysis across • Demand Capture different CSPs • Services Standards • Risk library • Service Level • Vendor/CSP Audits Monitoring Vendor IT Finance Manager Manager IT Finance Vendor Management: Management • Vendor certification • Business case • Contract Negotiations • Service Costing and Chargeback • SLA penalty-bonus Rackspace Internal IT calculation Google Organization O i ti Amazon Web Services (retained IT Services): © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 25All rights reserved. Printed in Belgium
  27. 27. Summary Emergence of telcos Sales & marketing g Product portfolio Building blocks & integration Service & support: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 26All rights reserved. Printed in Belgium
  28. 28. 10 minutes break: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 27All rights reserved. Printed in Belgium
  29. 29. Demo Cloud Readiness Scan: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 28All rights reserved. Printed in Belgium
  30. 30. Cloud Readiness Scan: overview CSP 1 People ness Strategy fo Cloud CSP 2 or Risk& Regulatory Financial Process Technology CSP 3 Busin Operational CSP Technology 4 Business IT function Delivering Cloud 1 requirements 2 requirements 3 solutions: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 29All rights reserved. Printed in Belgium
  31. 31. Cloud Readiness Scan: for providers• Need to determine which part of the organization (which application) can be migrated to the cloud• Take into account different areas:• Assess what needs to change to be able to adopt a service from a given cloud provider• Assess the integration efforts: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 30All rights reserved. Printed in Belgium
  32. 32. Cloud Readiness Scan: a global effort: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 31All rights reserved. Printed in Belgium
  33. 33. Demo: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 32All rights reserved. Printed in Belgium
  34. 34. Rules, regulations and (pre)conditions: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 33All rights reserved. Printed in Belgium
  35. 35. Overview of (perceived) risks Security and Privacy Finance & Tax • No control over critical security areas • Movement from CapEx to OpEx model • Weak logical access controls • Tax considerations • Legal jurisdiction over data • ROI and cost/benefit analysis of cloud model Security and Privacy Finance Operations & Tax Operations • Redundant roles and skills Vendor Management • Rapid change of the organization • Ownership of responsibilities BUSINESS • Business resiliency impact • Standards for interoperability CHALLENGES • Reliance on the vendor Vendors IT Regulatory and d Compliance Regulatory and Compliance Information Technology • Cloud provider’s compliance with regulations • External access of the Data Center • Complexity of records management/records • Bypass of the IT for technology solutions retention • Change of the IT paradigm • Lack of industry standards and certifications • Independent silo of information: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 34All rights reserved. Printed in Belgium
  36. 36. Compliance: customer side Laws and directives Internal control standards Sector specific regulations: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 35All rights reserved. Printed in Belgium
  37. 37. Compliance: main questions Enterprise requirements concerning data Are our controls still valid and what What should the methodology to keep the need to be actualised? Enterprise IT controls up-to-date? controls set -RFP RFP - Negotiations Contracts How can assurance be obtained; & Assurance statements be tested? What should be the process to SLAs SLA include these controls in each contract/SLA? - (Right-to-) Audit - (Realtime) Monitoring -Periodical assurance reports Implemented controls in IT environment: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 36All rights reserved. Printed in Belgium
  38. 38. Compliance: mode of assurance Traditional mode Future mode Enterprise requirements concerning data g Controls included for cloud Controls for on-premises IT and mobile services Enterprise IT controls set Static controls set Dynamic controls set -RFP - Negotiations Shell-specific quality Standardised quality statements statements Contracts & Assurance SLAs Right-to-audit Limited right-to-audit - (Right-to-) Audit Custom-fit monitoring and Standardised monitoring and - (Realtime) Monitoring logging gg g logging gg g -Periodical assurance reports Dedicated IT resources Shared IT resources Implemented controls in IT environment On-premise data processing External data processing & & storage storage: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 37All rights reserved. Printed in Belgium
  39. 39. Security and privacy: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 38All rights reserved. Printed in Belgium
  40. 40. Security risk profile Data processing On-premise Off-premise and storage Resource use Single-tenant Multi-tenant Primary network y LAN ( (Public) internet ) infrastructure Cloud Cl d On-premise IT SSC Hosting Outsourcing computing: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 39All rights reserved. Printed in Belgium
  41. 41. Compliance: trust Reputation Guarantee Assurance: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 40All rights reserved. Printed in Belgium
  42. 42. KPMG’s track record: framework development • ISO 27017 Working Group • ISO TC68 Financial Services Security subcommittee and working groups • ISO SC27 Information Security working groups • BITS Shared Assessments Cloud Working Group • ISACA Cloud Working Group • IETF DNS Security working group • CA/Browser Forum • ANS X9 Financial Services Security board and working groups • Identity Theft Prevention and Identity Management Standards Panel (IDSP) • AICPA/CICA Trust Services Task Force • AICPA/CICA Pri ac Task Force Privacy • AICPA/CICA WebTrust for CAs Task Force • NOREA: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 41All rights reserved. Printed in Belgium
  43. 43. KPMG’s track record: cloud audits KPMG provides assurance KPMG provides assurance advisory services to Fortune 500 services to providers enterprises To be shown on demand: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 42All rights reserved. Printed in Belgium
  44. 44. Summary Laws and directives Internal control standards Sector specific regulations KPMG’s track record: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 43All rights reserved. Printed in Belgium
  45. 45. Contacts John A.M. Hermans drs. Mike Chung RE Partner KPMG Risk Consulting Senior Manager KPMG Advisory N.V. IT Advisory - KPMG Advisory N.V. Laan van Langerhuize 1 Laan van Langerhuize 1 1186 DS Amstelveen 1186 DS Amstelveen PA: +31 20 6568131 Direct Line: +31 (0) 20 656 4034 Mobile: +31 6 51366389 Mobile :+31 (0) 61 455 9916 Hermans.john@kpmg.nl Chung.mike@kpmg.nl: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 44All rights reserved. Printed in Belgium
  46. 46. © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm ofthe KPMG network of independent member firms affiliated with KPMGInternational Cooperative (“KPMG International”), a Swiss entity. All rightsreserved. Printed in Belgium.The KPMG name, logo and “cutting through complexity” are registeredtrademarks or trademarks of KPMG International Cooperative (“KPMG ( KPMGInternational”).

×