Considering the Cloud?Thinking Beyond the Readme File              Bill Malchisky Jr.     Effective Software Solutions, LLC
Agenda   Introduction   Defining Cloud Strategies   Risk Assessment   SWOT Analysis   Decision Matrix   Final Thoughts
A Little Bit About Your Speaker... Regulatory compliance expert in the field Written multiple articles on compliance and...
Completing Your Evaluations Please ensure that you fill-in your session evaluation form when it is provided  after the co...
Agenda   Introduction   Defining Cloud Strategies   Risk Assessment   SWOT Analysis   Decision Matrix   Final Thoughts
Cloud Defined Standard Definition   – There is none!
Two Primary Cloud Facets      Infrastructure         Software           (IaaS)             (SaaS)    Virtual Hardware     ...
Combining Cloud Facets Creates Additional Services                                      IaaS                        SaaS  ...
Decisions. Decisions. What Can You Cloud?                                         Process                               Ba...
Setting the Foundation to Make the MoveCreate a well defined plan, with clear boundaries• Otherwise, the effects to your b...
For Any Cloud Move Discussions, Key Questions Must HaveAnswered                              What do                      ...
The Benefit Contrast – A Trio What are the best points of cloud, hybrid, and on-premises solutions
First, the Cloud: Private and Public  Ubiquitous               Upgrade      Decreased    access                 simplicity...
On-Premises       Ubiquitous     Increased        Decreased         access        security        overall risk            ...
Hybrid         Same benefits     Increased          as cloud and       design          on-premises      flexibility       ...
The Hybrid’s Three Styles Allow for Cost and ConfigurationOptimization Public                 Private               Public...
The Detriment Contrast – In Multi-part Harmony
Reasons Not To Go To The Cloud You hate your IT Staff    – “Who cares about the cost, get rid of them!”    – This is a ma...
Private Cloud Considerations Beyond the Risks  Private clouds are    • Lack of multi-location clustering  less DR hardened...
Public Cloud Considerations Beyond the Risks  Public clouds are                       • Security officers will be concerne...
On-Premises Considerations Beyond the Risks                      • Whatever issues you have, will remain Nothing changes  ...
Hybrid Considerations Beyond the Risks                       • Creates complexity through resource tracking Split Environm...
Agenda   Introduction   Defining Cloud Strategies   Risk Assessment   SWOT Analysis   Decision Matrix   Final Thoughts
Cloud Compound Critical Risk Factor Identified “Single point of failure, where you have no control.” – David Leedy, Notes ...
With the Good, Does Come The Bad: Majors Areas to beEvaluated   Legal risk   Compliance risk   Security risk   Vendor ...
Vendor Outsourcing Risk Just because you have a contract with your cloud vendor, hardly indicates  those terms will conti...
Finally, Reliable Accessibility What if you cannot get to your data when you need it?    – The big question and one that ...
The Delicate Corporate Balancing Act                    Risk           Reward                   Corporate                 ...
The Overall Risk Relationship Model – Putting the PiecesTogether Helps Drive Proper Inter-team Dialogue                   ...
Some of the Top Outages in 2011 See if any of these stories sound familiarNote: Images with supporting prose included fro...
The Data Center Glitch – 500 Customers Affected
One Update Glitch Equals Disappearing Mail Boxes for150,000 People
Maintenance Operation Malfunction – The Seven Day Glitch
The Seven Day “Re-mirroring Storm”
One Errant Keystroke and All Load Balancers Gone
The Undisclosed Mystery Outage
BPOS: Four Days -- 1.5 Million Messages Are Stuck
BPOS: Mail Issues Cause Exchange Delivery Delays
BPOS – Fourth Outage in a Month, Blinding Admins and Users
Heating Up the Internet for Four Days and 17,000 People
But Wait, There are More…    Playstation Network    Twitter Service    Netflix Streaming Service    Research In Motion (Sa...
Some Additional Queries Around RiskWhen service levels change between a cloud provider and their vendors, will yoube notif...
Agenda   Introduction   Defining Cloud Strategies   Risk Assessment   SWOT Analysis   Decision Matrix   Final Thoughts
Strengths            Weaknesses        Opportunities                         Threats
The Basic Process       One SWOT matrix for each strategic                permutation  Facets with each                  H...
Group Discussion Exercise: Learning From Each Other
SWOT: Your In-session Input, Entered Below            S                                         W            • Fixed costs...
Agenda   Introduction   Defining Cloud Strategies   Risk Assessment   SWOT Analysis   Decision Matrix   Final Thoughts
Decision Matrix Template What is the data we want to move?         _______________________ What is the time-frame?        ...
Agenda   Introduction   Defining Cloud Strategies   Risk Assessment   SWOT Analysis   Decision Matrix   Final Thoughts
Your Pre-session Questions Answered Below Want to put a blog in the cloud: concerned about system security    – A: Blogs ...
Contact Information       E-mail: bill@billmal.com       Skype: fairtaxbill       Twitter: @billmalchisky       Company si...
Considering The Cloud? Thinking Beyond The Readme File
Upcoming SlideShare
Loading in …5
×

Considering The Cloud? Thinking Beyond The Readme File

800 views

Published on

As the Cloud computing's popularity continues to climb, should your firm become an adopter? If so, what architecture model is best for your firm? Do you know the queries to pose that can aide your business in making an informed decision? This session's focus is to reduce the set of unknowns that can create buyer's remorse. Learn to ask the direct revealing questions that normally do not get raised unless you have a skilled advisor at your side.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
800
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Considering The Cloud? Thinking Beyond The Readme File

  1. 1. Considering the Cloud?Thinking Beyond the Readme File Bill Malchisky Jr. Effective Software Solutions, LLC
  2. 2. Agenda Introduction Defining Cloud Strategies Risk Assessment SWOT Analysis Decision Matrix Final Thoughts
  3. 3. A Little Bit About Your Speaker... Regulatory compliance expert in the field Written multiple articles on compliance and eDiscovery Speaker at 18 Lotus® related conferences/LUGs Co-authored two IBM® Redbooks on Linux® Designed disclosure response solutions for Fortune® 100, medium-sized, and small established regulated firms Technical advisor for many of my clients IBM Champion – Collaboration Solutions 2011
  4. 4. Completing Your Evaluations Please ensure that you fill-in your session evaluation form when it is provided after the conference Thank you in advance
  5. 5. Agenda Introduction Defining Cloud Strategies Risk Assessment SWOT Analysis Decision Matrix Final Thoughts
  6. 6. Cloud Defined Standard Definition – There is none!
  7. 7. Two Primary Cloud Facets Infrastructure Software (IaaS) (SaaS) Virtual Hardware Layered Functionality Bandwidth Business Line Storage Specific
  8. 8. Combining Cloud Facets Creates Additional Services IaaS SaaS Data Protection & DR Recovery as a Service (RaaS)
  9. 9. Decisions. Decisions. What Can You Cloud? Process Backup Database Software Security Platform Testing Infrastructure The Storage Cloud
  10. 10. Setting the Foundation to Make the MoveCreate a well defined plan, with clear boundaries• Otherwise, the effects to your business can be catastrophic Define the business functionality set in-scope for the project • Review what you feel you need to outsource • Ensure the affected business leaders are aware, support, and well coupled during the process Ensure legal, security, compliance, network all approve the plan • Where you do business or with whom affects how these teams will evaluate your plan Before your firm approves the plan, you may learn it is not in your company’s best interest • Perhaps modifying the design to achieve unanimous approval is required
  11. 11. For Any Cloud Move Discussions, Key Questions Must HaveAnswered What do you want to move? How do Who is you going to measure move it? success? Where do When do you want we want to move to finish? it? What is the expected outcome?
  12. 12. The Benefit Contrast – A Trio What are the best points of cloud, hybrid, and on-premises solutions
  13. 13. First, the Cloud: Private and Public Ubiquitous Upgrade Decreased access simplicity overall TCO Business Decreased Predictable process capital cash flow efficiency expenditures calculations
  14. 14. On-Premises Ubiquitous Increased Decreased access security overall risk Customizable Governance Data portability solution Increased Maintain vendor multiple vendor management relationships
  15. 15. Hybrid Same benefits Increased as cloud and design on-premises flexibility More security over pure cloud
  16. 16. The Hybrid’s Three Styles Allow for Cost and ConfigurationOptimization Public Private Public- • On-premises • On-premises Private • Public cloud • Private cloud • On-premises • Public cloud • Private cloud
  17. 17. The Detriment Contrast – In Multi-part Harmony
  18. 18. Reasons Not To Go To The Cloud You hate your IT Staff – “Who cares about the cost, get rid of them!” – This is a management issue, not a resource issue: fix the team You want to impress the boss – “If I succeed, I’ll get a promotion.” Your users are threatening to leave – If the users dislike a solution to the point of changing career paths, address the true problem ̶ Users drive features, but not infrastructure – Address the underlying issue(s) instead Cost – “The cheap solution is always the most expensive.” – If you only look at the hard numbers, you will ignore mitigating factors ̶ E.g. eDiscovery responsiveness “Everyone is doing it!”
  19. 19. Private Cloud Considerations Beyond the Risks Private clouds are • Lack of multi-location clustering less DR hardened • Generally housed in one building New utilization, • Built in-house or purchased monitoring, and • Establishes self-service resource allocation billing tools needed • Must be designed, planned, and developed Private Clouds are • Cooling, clustering, connections SMB cost • Priced only for the largest shops prohibitive
  20. 20. Public Cloud Considerations Beyond the Risks Public clouds are • Security officers will be concerned housed with an • Your control ends at their door unknown entity Data transport to • Third-party tools help public clouds • Costs are hardly trivial • Proprietary data storage Vendor lock-in • Lack of standards forces dependency • Upgrade frequency is mostly on their terms
  21. 21. On-Premises Considerations Beyond the Risks • Whatever issues you have, will remain Nothing changes • Must actively create projects to renew • Can outsource these efforts Upgrade • The larger the shop, the longer the project complexity • Customizations require additional testing • New equipment requires ad hoc approvals Cash flow • Dramatic changes can consume budget unpredictability • Additional projects can be delayed
  22. 22. Hybrid Considerations Beyond the Risks • Creates complexity through resource tracking Split Environment workflow • Must ensure proper access to both environments • Perimeter extension beyond your walls New security • New/additional encryption key management concerns • Common to resolve by extending to the cloud Extending identity • Can impact the corporate identity through management tools security due to risk; discuss with security team
  23. 23. Agenda Introduction Defining Cloud Strategies Risk Assessment SWOT Analysis Decision Matrix Final Thoughts
  24. 24. Cloud Compound Critical Risk Factor Identified “Single point of failure, where you have no control.” – David Leedy, Notes In 9
  25. 25. With the Good, Does Come The Bad: Majors Areas to beEvaluated Legal risk Compliance risk Security risk Vendor lock-in risk Data usability risk – Received format will any returned data be useful Data safe-guards risk – Bypassing what you currently have in-place Data management risk Personnel risk – Who’s vetting the people running your systems? – Unable to screen administrators in your usual manner
  26. 26. Vendor Outsourcing Risk Just because you have a contract with your cloud vendor, hardly indicates those terms will continue when they outsource certain aspects of their data center – Quite common and is a question that is almost never asked – Can create quite a concern down the road for disclosure motion requests – They can decide to move part of their environment to a place that is unpalatable to your business – The cloud is faceless ̶ Changes are never seen by the end-user – Almost all vendors deny they do this; some are correct
  27. 27. Finally, Reliable Accessibility What if you cannot get to your data when you need it? – The big question and one that catches all the news headlines What is your company’s reputation worth? Lack of multiple network access paths – Regardless of how well your servers are clustered – Company-wide outage is just one hop away
  28. 28. The Delicate Corporate Balancing Act Risk Reward Corporate Cost savings Reputation Compliance Upgrade Ease Lawsuits Simplification
  29. 29. The Overall Risk Relationship Model – Putting the PiecesTogether Helps Drive Proper Inter-team Dialogue End-user Satisfaction Solution Access What Data Is Cloud Worthy? Hosting Center The Vendor
  30. 30. Some of the Top Outages in 2011 See if any of these stories sound familiarNote: Images with supporting prose included from the CRN article, “The 10 BiggestCloud Outages of 2011, So Far”http://www.crn.com/slide-shows/cloud/231000954/the-10-biggest-cloud-outages-of-2011-so-far.htm
  31. 31. The Data Center Glitch – 500 Customers Affected
  32. 32. One Update Glitch Equals Disappearing Mail Boxes for150,000 People
  33. 33. Maintenance Operation Malfunction – The Seven Day Glitch
  34. 34. The Seven Day “Re-mirroring Storm”
  35. 35. One Errant Keystroke and All Load Balancers Gone
  36. 36. The Undisclosed Mystery Outage
  37. 37. BPOS: Four Days -- 1.5 Million Messages Are Stuck
  38. 38. BPOS: Mail Issues Cause Exchange Delivery Delays
  39. 39. BPOS – Fourth Outage in a Month, Blinding Admins and Users
  40. 40. Heating Up the Internet for Four Days and 17,000 People
  41. 41. But Wait, There are More… Playstation Network Twitter Service Netflix Streaming Service Research In Motion (SaaS/push)
  42. 42. Some Additional Queries Around RiskWhen service levels change between a cloud provider and their vendors, will yoube notified?What control do you have around data access? • Data encryption • Vetting administratorsHow do you manage data distribution across multiple jurisdictions? • When you lack awareness of the matter?What guarantee do you have the cloud provider will take the same datasafeguards to protect your data? • How do you fill-in the gaps?
  43. 43. Agenda Introduction Defining Cloud Strategies Risk Assessment SWOT Analysis Decision Matrix Final Thoughts
  44. 44. Strengths Weaknesses Opportunities Threats
  45. 45. The Basic Process One SWOT matrix for each strategic permutation Facets with each How does each Where could Faults with each to help you help your each hurt your strategy/process endure business? business?
  46. 46. Group Discussion Exercise: Learning From Each Other
  47. 47. SWOT: Your In-session Input, Entered Below S W • Fixed costs • Security • No infrastructure • Risks • World-wide access • Available bandwidth • Software upgrades • Technical barriers • Reduces overhead • Lack of change control O T • Flexible • Unavailability • Future integration • Not possible to customize • Extra customer channel • Data protection • Lower cost of ownership • Your customers may not like their data in • Scalability the cloud • Mergers/Acquisitions: Faster adaption • Restore procedure, not as fast, less flexible, lose granularity
  48. 48. Agenda Introduction Defining Cloud Strategies Risk Assessment SWOT Analysis Decision Matrix Final Thoughts
  49. 49. Decision Matrix Template What is the data we want to move? _______________________ What is the time-frame? _______________________ What is the end goal/objective? _______________________ Full Risk Assessment Completed? _______________________ External forces assisting process? _______________________ Strategy Risks Timeline Compliance Fixed Variable Legal Concerns Costs Costs Concerns On-Premises Public Cloud Private Cloud Hybrid
  50. 50. Agenda Introduction Defining Cloud Strategies Risk Assessment SWOT Analysis Decision Matrix Final Thoughts
  51. 51. Your Pre-session Questions Answered Below Want to put a blog in the cloud: concerned about system security – A: Blogs are one of the easier applications to move to the cloud and it is quite common to do so; security concerns are common and should be reviewed with your vendor(s) of interest as it will vary based upon the vendor Challenges – A: Good question and we cover this extensively in the session Security – A: Another good question, which we cover in the session in a few areas Record Management – A: Although we did not cover this directly in the session, I would be happy to answer a few questions afterwards, as time for the session expired Is moving to the cloud technically feasible? – A: Absolutely it is. The challenges you will face depend upon what you want to move, getting the correct vendor, and ensuring that your company has a full and complete discusson around risk and the process
  52. 52. Contact Information E-mail: bill@billmal.com Skype: fairtaxbill Twitter: @billmalchisky Company site: http://www.effecitvesoftware.com My Blog: http://billmal.com

×