Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

State of Cloud 2016 - WGroup Industry Report

497 views

Published on

Cloud technology is core to delivery of services in almost every industry, but its ongoing evolution means your organization needs to be flexible and agile enough to change with it. New services and applications appear daily, and cost structures are constantly changing. This special WGroup industry report, State of Cloud, will help you understand its rapid evolution so you can refine your IT strategy and fully leverage the power of today’s cloud in your organization.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

State of Cloud 2016 - WGroup Industry Report

  1. 1. Drive Your Business And what it means for IT leaders Industry Report State of Cloud
  2. 2. 2 ©2016 WGroup. ThinkWGroup.com by Bill Genovese, Tony Ioele, Doug Smith and David Spindel State of Cloud And what it means for IT leaders Copyright © 2016 WGroup. All rights reserved.
  3. 3. 3 ©2016 WGroup. ThinkWGroup.com Cloud technology is core to delivery of services in almost every industry, but its ongoing evolution means your organization needs to be flexible and agile enough to change with it. New services and applications appear daily, and cost structures are constantly changing. This special WGroup industry report, “State of Cloud,” will help you understand its rapid evolution so you can refine your IT strategy and fully leverage the power of today’s cloud in your organization. Feel free to contact me personally to discuss at 610-854-2700 or hwallaesa@thinkwgroup.com. Foreword – Harry Wallaesa, WGroup CEO
  4. 4. 4 ©2016 WGroup. ThinkWGroup.com Table of Contents Introduction............................................................................................................................................... Governance is a must, not an option........................................................................................................ The state of cloud..................................................................................................................................... Cloud is diverse........................................................................................................................... Cost structures are changing....................................................................................................... The rise of data............................................................................................................................ Increased automation.................................................................................................................. Increased performance and security............................................................................................ Staying competitive...................................................................................................................... Challenges and opportunities.................................................................................................................... Cloud players................................................................................................................................ Detailed leading cloud vendor comparison................................................................................... Cloud challenges CIOs face today............................................................................................................. Evaluating your current state..................................................................................................................... The big picture.............................................................................................................................. Performance................................................................................................................................. Security and compliance.............................................................................................................. Vendors........................................................................................................................................ Making the move to cloud............................................................................................................ Applications.................................................................................................................................. Cost-effective cloud adoption.................................................................................................................... Evaluating your cloud implementation...................................................................................................... How WGroup can help............................................................................................................................. About the authors .................................................................................................................................... References............................................................................................................................................... 5 8 14 14 17 21 21 22 29 30 30 36 42 48 51 52 53 54 54 55 56 58 61 62 66
  5. 5. 5 ©2016 WGroup. ThinkWGroup.com Cloud technology has gained a permanent foothold in IT and continues to revolutionize businesses and other organizations in increasingly significant ways. With the ability to provide greater scalability, functionality, and in many cases cost-effectiveness, almost every organization is implementing cloud deployments in some form. With SaaS, PaaS, IaaS, private cloud, hybrid cloud, and other public cloud technologies, this new paradigm is bringing remarkable change to IT departments across all industries. WGroup believes that cloud technology will become just as ubiquitous to all of us as the Internet is. In order to harness the power of this environment, businesses must learn how to more effectively secure and manage cloud, leveraging it to make their organization more responsive. At any given moment, we can access information on the Internet via computers, phones, tablets, and televisions. This trend will continue, and one day all of the enabling IT infrastructure will be available like a utility to further offer access to information and data through cloud computing and technology. The explosion of information and data is increasing, along with new technology to capture and monitor more information. So, how does a company harness this data through cloud technology? Introduction
  6. 6. 6 ©2016 WGroup. ThinkWGroup.com It begins with the use of a well-defined strategy with specified business processes and aligned IT services (via private, public and “hybrid” cloud deployment models). A mature enterprise architecture- driven framework provides building blocks that can act as investment enablers for decisions on how and where to begin to take advantage of cloud technology, for example, to gain faster access to data. This strategy and framework is critical for cost avoidance, so that maximum accelerated ROI is achieved, and duplication of investments is limited or prevented. In addition, a mature enterprise architecture function provides the guardrails to mitigate risk as technologies converge. An enterprise-technology framework defines the technology services and functions (IT capabilities) required to support the business applications and data, including common (or shared) application services, common data services, common system services, network services, security services, and platform services, as well as the management tools used to support the delivery of IT service. It also helps to define the specifics for a line of business that may be required as well, or in the case of a software defined and enabled hybrid-cloud model, what system or application must stay in the datacenter at the corporation. (For example, “system of record” vs. what may be hosted in a SaaS or Public Model and also potentially accessed via a “system of engagement” via a mobile device, where data and analysis output can be received). This reference framework can help to define what are private or bounded service definitions, policies, and patterns; it also helps define the policies for a hybrid- cloud delivery model and how best to access and secure structured and unstructured data outside the organization. That data is being captured and delivered via technology sensors and devices across entities, geographies, and even people (via wearable devices), as part the Internet of Things (IoT). Our society is rapidly transforming with the explosion of data. To best harness it for its full advantage, enterprise architecture provides a roadmap on where to best leverage existing assets for development of services. A well-established enterprise-technology framework aligns with an enterprise-security architecture framework to define the guardrails, based on regulatory and corporate policy. WGroup can accelerate your cloud-value journey to enable faster business outcomes, by guiding you and your team as you define a very specific IT strategy, based on your business goals and objectives. We can also guide you through identifying the required enablers and accelerators (leveraged as services) to identify the optimal entry points for the converging technologies, as delivered through cloud technology.
  7. 7. 7 ©2016 WGroup. ThinkWGroup.com Cloud technology is evolving every day, and keeping up with the latest trends, standards, security, and opportunities is not always straightforward. Although most businesses have awoken to the benefits of cloud and started to implement it, many have not yet taken full advantage of new technologies and deployed them in a strategic way. Managing contracts with cloud vendors can be very complex as many organizations struggle to validate their SLAs and keep track of multiple providers. Ensuring that a cloud deployment is securely and reliably maintained can be equally challenging. In order to make sure that your organization is taking full advantage of the power and flexibility cloud can offer, it’s important to assess the current state and maturity level of cloud technology and its applicability in your organization. Is your business already leveraging that power? Where are future opportunities? How can cloud be used to meet your business goals and challenges? This paper will help you better understand cloud, how it affects your organization, how to take advantage of cloud technology, and how to meet the challenges and opportunities it brings. It’s important to assess the current state and maturity level of cloud technology and its applicability in your organization. Is your business already leveraging that power? Where are future opportunities? How can cloud be used to meet your business goals and challenges?  Managing the changing cloud
  8. 8. 8 ©2016 WGroup. ThinkWGroup.com When moving to a cloud environment, whether you manage your own cloud environment or use a cloud-service provider, there should be no difference between your IT management of your existing SLAs and associated systems. If anything, you should expect more from a cloud service provider, then what you may have already implemented in-house. For example, imagine you have applied discipline to the management team of what was once a loose process consisting of one meeting a year, which usually resulted in priorities shifting based on squeaky wheels. You now run quarterly cross-functional meetings to review requirements and are holding to the priorities. In accordance with this, you are establishing a project management office (PMO). Your intent is to make the PMO not overly burdensome. Is the PMO standing on its own to help execute the individual projects on a transaction-by-transaction basis or squeaky wheel basis? Is the portfolio aligned to the business strategy? Who in the organization is ensuring the “right” technology and architecture for what the business needs? A solid PMO is a good part of the puzzle and needed for project (and larger program level) governance and execution, but without a mature enterprise-architecture function in the organization, are they the right projects? Are they ensuring the organization is making the right choices for technology to meet the business drivers and requirements, while ensuring technical risk is mitigated and stability is maintained or improved? As part of this scenario, imagine you have many large-scale infrastructure transformation initiatives planned and some are in flight, so having a PMO to govern and manage them is a good thing. You have a roadmap to transform your infrastructure with a “rolling thunder” approach that will take at least three years and cost about $30 million. Your CFO and board are already aware and support it (even though your board may not know what the core technology is, and how it will solve the most pressing issues for the business and by when). Governance is a must, not an option
  9. 9. 9 ©2016 WGroup. ThinkWGroup.com The strategic steps you have in mind include assessing the current state, developing the future vision (leveraging cloud and new technologies), developing the roadmap to achieve the vision, and executing. Today you are in the process of assessing your infrastructure, as a starting point. In developing your future vision you have a number of items that are known considerations, in-flight initiatives, and challenges you are facing – your enterprise requirements. They include the following hypothetical activities: • June 2016 is a milestone month. Your Enterprise Microsoft contract is up for renewal. • You plan to upgrade to JDE EnterpriseOne (your options in this regard are limited). • As has been planned, your JDEOne ERP implementation is likely to start. • As you look at renewal options you are considering migrating to Microsoft Office 365, to potentially reduce costs and administrative burden. This analysis should also start to consider integration of other capabilities from Microsoft Sharepoint for collaboration, Microsoft Dynamics as a potential alternative for JDEOne, and as you are growing your B2B model and business you are possibly considering a CRM solution, which Dynamics provides as well, vs. what you may have in house today. • Another potential integrated solution to investigate is Microsoft Azure. You may be able to further reduce application licensing and administrative burden, and reduce risks by going with a hosted Microsoft cloud offering through Azure. • Then, you start thinking. Today you are generally on-premise for about 50 enterprise applications. Should this be moved to co-lo or cloud? A benefit of moving away from on- premise will enable you to have resources focused on core activities. But what applications and workloads should be moved and can be moved? What are the risks? • Given the intended moves to MS and the JDE ERP installation you should be able to consolidate applications that will reduce resource requirements. • You are a VMware shop and are your IT staff is very comfortable with this. There is no issue here or compelling reason to change this.
  10. 10. 10 ©2016 WGroup. ThinkWGroup.com • Then as you get further into the analysis, you realize that moving applications into cloud has network implications that need to be considered. Have you planned for this? • You also have apps that hold core systems of record in your datacenter on legacy systems (e.g. AS400), that may not be the best candidates to re-platform (for interoperability reasons) or move off-premise (due to data privacy issues). • You’ve given a large portion of the responsibility for addressing and solving the above challenges to your IT operations manager, while maintaining, running, and operating your existing daily demands on IT. • You have heard (rightly or wrongly) that cloud can be your saving grace to solve these challenges. • Your expectations for taking advantage of cloud for the future minimally include lower HW investment, lower staffing requirements, and more flexibility and scale.
  11. 11. 11 ©2016 WGroup. ThinkWGroup.com To further complicate the above, you may now also have existing applications or systems that are undergoing or in need of overhaul because they are not yet ready to meet new regulatory mandates. Your data may be at risk of exposure or not properly protected. The above is a typical example of what all organizations are facing today. The challenges and obstacles are oriented on people, process, and technology. Introducing what can be perceived as disruptive technology can create additional obstructions for the business and your IT staff. Before moving workloads to a vendor-hosted cloud, you need evidence that the vendor is already meeting regulatory standards (e.g., HIPAA, PCI- DSS, FedRAMP, FISMA) for organizations similar to yours. As data proliferates, there is increasing improvement to standards that deal specifically with governance and management of data and information security, including the identification of risks and the implementation of security controls to address these risks. The ISO/IEC 27000-series is the most widely recognized and applied set of standards relating to the security of ICT systems. The core standards are 27001 and 27002, with 27001 containing the requirements related to an information security management system, and 27002 describing a series of controls that address specific aspects of the information- security management system. ISO 27001 is an advisory standard that is meant to be interpreted and applied to all types and sizes of organizations, according to the particular information security risks they face. In practice, this flexibility gives users a lot of latitude to adopt the detailed information-security controls that make sense to them, but can make compliance testing more complex than some other formal certification schemes. ISO 27001 is an advisory standard that is meant to be interpreted and applied to all types and sizes of organizations, according to the particular information security risks they face. 
  12. 12. 12 ©2016 WGroup. ThinkWGroup.com ISO 27002 is a collection of security controls (often referred to as best practices) that are used as a security standard.  ISO 27002 is a collection of security controls (often referred to as best practices) that are used as a security standard. Assuming that the design and/or operation of a cloud service provider’s information security management systems are consistent with the standard (e.g., there are no notable gaps) it can be asserted that their environment is compliant with the standard. The 27001 and 27002 standards apply generally to the operation of ICT systems. ISO 27017 and ISO 27018 are two new standards under development that describe the application of 27002 to cloud computing. ISO 27017 deals with the application of the ISO 27002 specification to the use of cloud services and to the provision of cloud services. ISO 27018 deals with the application of 27002 to the handling of personally identifiable information (PII) in cloud computing, sometimes described as dealing with privacy in cloud computing. At a minimum, cloud-service customers are advised to look for providers that conform to the ISO 27002 standard for information systems security. This is not necessarily specific to cloud computing, but the principles can still be usefully applied to the provision of cloud services (i.e., as a measure of maturity and as a necessary safeguard of doing “the right things” in an IT organization). A cloud- service provider can assert on its own behalf as to its compliance with a standard, but having an independent/qualified third-party certify compliance is a notably stronger form of attestation. In addition, customers are advised to check whether their cloud-service provider conforms to ISO 27017 and ISO 27018, standards, since they are specific to cloud computing for information security and for the handling of PII, respectively. WGroup is your preferred and chosen advisory partner to ensure that effective governance, risk, and compliance processes exist. If they don’t, we’ll show you how to implement and deploy them. However, this is just the first step. We are here to help you through the analysis of choices and architectural decisions you will need to make, with critical input from your team. We’ll help you adapt the leading and best practices implemented by those who have made this journey.
  13. 13. 13 ©2016 WGroup. ThinkWGroup.com WGroup’s vision and capabilities align with Cloud Standards Customer Council’s 10 steps to help your organization ensure success for secure cloud computing. 1. Ensure effective governance, risk, and compliance processes exist. 2. Audit operational and business processes. 3. Manage people, roles and identities. 4. Ensure proper protection of data and information. 5. Enforce privacy policies. 6. Assess the security provisions for cloud applications. 7. Ensure cloud networks and connections are secure. 8. Evaluate security controls on physical infrastructure and facilities. 9. Manage security terms in cloud SLA. 10. Understand the security requirements of the exit process. Taking a holistic approach to your challenges and in-flight initiatives, WGroup develops a strategy with you and your team. We meet your most pressing needs, but also align these to next steps in meeting your business strategy. In the most cost-effective and safest approach possible, we bring higher standards to your organization through service-provider capabilities and management.
  14. 14. 14 ©2016 WGroup. ThinkWGroup.com The state of cloud Cloud is a diverse, rapidly changing model that can enable a range of services and applications for business and other organizational users. It represents any system that gives end- users access to computing resources, allowing organizations to more easily scale their businesses, share information, and implement new functionality. Clearly cloud will be an increasingly important fixture in organizations for the foreseeable future. That’s why it’s so important that your business understands the current state of cloud, have robust governance processes in place, and prepare for the changes that the shifting landscape will bring. An ever-expanding array of cloud applications and services is available. SaaS, IaaS, PaaS, private cloud, hybrid cloud, and other solutions each offer unique opportunities and challenges for businesses. To determine which choices fit their needs, organizations need to understand this wide range of options and their security considerations. Cloud is diverse
  15. 15. 15 ©2016 WGroup. ThinkWGroup.com Multiplying XaaS options Each organization has unique cloud needs, and public-cloud providers are offering a growing range of options to meet them. Although many non-IT focused organizations can use primarily pre-packaged SaaS solutions, others are leveraging more flexible offerings to fully or partially outsource internal infrastructure. PaaS offers another option for organizations looking for an environment to develop and customize applications. Although these have been the standard XaaS options for several years, many cloud providers offer an increasing range of service options. Storage as a service, communications as a service, network as a service, and disaster recovery as a service are all now common options for business. Another new service that is expected to increase in popularity in the coming years is big data as a service, with the total big data market projected to reach $88 billion by 2021.1 These offerings allow companies to leverage powerful infrastructure to collect and analyze data more cost efficiently and flexibly than would often be possible in-house. Public, private and hybrid cloud XaaS options exist in the realm of the public cloud, but many organizations choose to share computing resources in a generic third-party owned solution. This provides many benefits, such as economies of scale, flexibility, and reduced need for maintenance. However, some organizations find they need to create their own private cloud using proprietary servers, primarily due to information security concerns. Many are also using a public deployment option in conjunction with in-house infrastructure in a hybrid- cloud configuration. This allows them to take advantage of the flexibility and cost savings of the public cloud for certain applications, while keeping other applications on-premises for compliance or other reasons. This hybrid solution can offer many new opportunities for businesses that can’t fully outsource to the public cloud, allowing them to benefit from cost savings and get products to market faster.
  16. 16. 16 ©2016 WGroup. ThinkWGroup.com The rising influence of MSPs Another increasingly important option in cloud arena is the managed service provider (MSP). These providers let organizations outsource their IT operations, providing security, maintenance, monitoring, and other services. Although these companies began managing servers for organizations remotely, many have grown to offer their own or third-party cloud services to customers. Many can provide fully managed hybrid implementations, often including mobile-device management. This can offer an attractive solution for SMBs without the human resources to manage their operations in-house. Deciding on IaaS, PaaS, or SaaS is not always as cut and dry as one would expect. With any “as-a-service” solution, information security requirements could diminish the value of these solutions. Some things to consider: • IaaS is a good option when the organization has the resources to manage the environment either by in-house or sourced resources. IaaS solutions provide the capabilities to secure data in transit and at rest with key management firmly in your control. • PaaS is a good option when the organization does not have the resources to manage the environment but has the expertise and resources to manage the application. Like IaaS solutions, PaaS solutions allow for data to be secured in transit and at rest, however there is less flexibility on the tools utilized. A primary difference between IaaS and PaaS is that PaaS includes the database and middleware components. • Saas is a good option when the organization has requirements meeting the standard configurations of a SaaS solution. SaaS solutions provide data security in transit and at rest, but the provider usually manages the encryption keys.
  17. 17. 17 ©2016 WGroup. ThinkWGroup.com Some of the primary driving factors of change in IT are evolving cost structures. IT infrastructure was once incredibly specialized and costly. With technological developments and the increased popularity of cloud, it is now being provided more economically than ever. Businesses can move a larger portion of their IT workload and storage onto cloud services, which can offer them almost limitless computing capabilities cost effectively and shift the cost structures of the business fundamentally. Cost structures are changing Falling prices As competitive, high-volume providers such as Amazon and Microsoft expand in the market, costs for cloud storage, computing, and other services have fallen rapidly. Today, a typical on- demand application costs $1.68 per hour with the best price offerings down nearly 12% over the prior year.2 Many have speculated that there may be no bottom price for certain cloud infrastructure components, as companies can theoretically offer storage for free while profiting off of other extra services. CapEx Vs. OpEx Cloud-service providers fundamentally change the cost structures of the IT department. Adding IT functionality once required a significant capital expenditure in the form of buying new servers, adding infrastructure, and hiring new employees. Cloud providers today simply charge a monthly or per-hour fee for usage of their services. This shifts much of IT costs into day-to-day operating expenditure. This offers some benefits given current technology consumption models. Investing a significant sum in infrastructure that could be obsolete in two years no longer makes financial or business sense. It is frequently more cost effective to simply “rent” cloud services that will automatically be upgraded.
  18. 18. 18 ©2016 WGroup. ThinkWGroup.com Hidden costs With the explosion of available data and the desire to bring into the organization, there is a natural tendency to look at off-premise clouds as a way to gain faster access to new data. An alternative is to move existing workloads to the off-premise cloud with the expectation that new data from ancillary applications or sources outside the enterprise is now “closer” and more easily accessible. True, in many cases infrastructure-hosting costs may be reduced vs. in-house spend. But there will always be requirements to transfer and likely integrate off-premise hosted-data applications (for example, accessed with mobile devices and supported through enterprise BYOD policies or systems of engagement) with on-premise hosted data applications (systems of record). Data transfer expense can be a hidden cost that is not accounted for in comparing cloud-service providers. Looking at and analyzing per-instance-based costs when comparing cloud service providers is misleading and does not reflect the real world. In data intensive environments, system and application architectures are becoming key determinators of cost differentiation. Workload-based comparisons running on clouds are a true indicator of cost. The following must be considered: The true holistic workload-based cost elements that should be considered when comparing cloud service include infrastructure cost, data transfer cost, and software cost. These cost elements are important when comparing and contrasting cloud-provider hosting services to determine what it costs your organization on a per unit performance basis, typically based on a workload specific benchmark that provides a relative performance score (rps). Since workloads vary in characteristics, using this method can provide a more realistic holistic cost analysis to help you decide which solution provider and cloud solution to select. • What is the cost of delivering a workload? You need to consider line item cost elements beyond the acquisition cost. • What is the infrastructure needed to deliver a given workload? • What are the performance requirements and how do they factor in?
  19. 19. 19 ©2016 WGroup. ThinkWGroup.com Infrastructure costs are relatively similar when comparing the leading providers, but this can vary based on workload requirements. Software cost can vary based on requirements, either by selecting hosted software from cloud solution provider vs. “porting” or requesting that your own software and applications get moved to the hosting providers cloud. One of the largest differences in cost between providers is data transfer cost. One leading provider doesn’t charging anything for data transfer cost, while others charge on a per GB basis per month after the “free” initial allocation is met. (For example, first 5 GB free, then anywhere from .05 to .19 cents per GB based on tiering, with anything above 500TB of data per month as negotiable). Another leading provider does not allocate or provide any initial “free” data transfer upfront and charges .08 to .21 cents per GB based on tiering, with anything above 100TB per month as negotiable. These rates are classified as “outbound data transfer to the Internet” where, for example, your company may be sending data to another company or one of your customers from your data center to the application hosted in the service provider’s cloud. The interdata center data transfer charges from each provider fluctuate even more. If your company is spread across a country or is an international company with multiple datacenters, these costs can add up.
  20. 20. 20 ©2016 WGroup. ThinkWGroup.com In conclusion, when selecting your cloud service provider, ensure that you can account for and uncover any potential hidden costs as you decide on your cloud strategy and deployment model. The following are key components of consideration, as you complete your analysis, and identify your cloud workloads: • Shared virtual infrastructure: For workloads that are not as critical, but need to be provisioned, deployed, and released rapidly. • Non-shared virtual infrastructure: For workloads requiring predictable performance or more stringent security. • Bare metal (non-virtual): For workloads requiring highest performance, security, and manageability. • Mix of virtual and bare metal infrastructure: For flexibility in deployment. • Virtual Private Cloud: Logically isolated section of cloud in a virtual network you define, which provides further flexibility for security and manageability. • Build your own private cloud: For the ultimate control over configuring and managing your infrastructure. • Unlimited datacenter-to-datacenter networking: For replication, backup, failover for critical workloads. • Transparency from topology to hardware: For layered control, security, and compliance.
  21. 21. 21 ©2016 WGroup. ThinkWGroup.com As computing power has increased and storage has become cheaper, companies have turned to data analysis as an invaluable tool to increase their productivity and profitability. Big and small data are no longer relegated to massive corporations; now even small business can leverage the power of cloud to gain a competitive advantage. Independent research studies show that between 2011 and 2015, the total amount of enterprise data grew by 800%.3 As the price of physical hard drives fall dramatically, cloud storage prices also have significantly decreased. Many leading cloud providers have explicitly stated that they are seeking to offer cloud storage to enterprises for free, while charging for other services, such as analytics. The rise of data Automation and autonomics are revolutionizing businesses, allowing them to increase performance while redirecting human resources to more value-added activities in support of the business. Cloud services make it possible for businesses to automate an increasing amount of their workload. The computing power offered by these tools allows many businesses to outsource repeatable processes to computers. This is particularly apparent in the IT department, where operational costs make up 80% of the average budget.4 By implementing automation and autonomics, businesses can reduce these costs by as much as 35%.5 However, these new tools can present several challenges for organizations. As many tasks that were once performed by human workers are given to automated processes, the structure of the workplace must change. It is now important to have staff who can oversee the automated workers, and step in as necessary. Human employees will be more focused on higher-level tasks, such as collaborative work, creative work, or more complicated processes. Increased automation Independent research studies show that between 2011 and 2015, the total amount of enterprise data grew by 800%. 
  22. 22. 22 ©2016 WGroup. ThinkWGroup.com Performance and security concerns have been major obstacles to cloud adoption since its inception. Ninety percent of organizations responding to a 2015 survey said that they were either moderately or very concerned about security in the public cloud6 , while 32% of respondents to another survey said that performance was the greatest barrier to entry into the public cloud.7 However, in recent years, security and performance in cloud have significantly improved, in many cases even surpassing on-premises solutions. New connection possibilities create adjacency and increase security and performance for many applications, allowing organizations to deploy some mission-critical, sensitive applications and services in a cloud environment. Cloud providers also are becoming increasingly mature and sophisticated in their ability to provide and assure security. Leading providers like Google and Amazon can often offer more cost-effective security than would be available on-premises. As companies begin to realize that they can achieve similar performance and security with cloud deployments, adoption rates will continue to rise. The explosion of data coupled with social, mobile and analytic applications is challenging IT departments as never before. CEOs now view the rapid pace of technological innovation as the #1 issue impacting business.8 Increased performance and security The rapid pace of technological innovation is viewed by CEOs as the #1 issue impacting business. 
  23. 23. 23 ©2016 WGroup. ThinkWGroup.com • Disruptive innovation affecting how data is stored and processed, from structured data at rest to unstructured data in motion. • Fast evolving software ecosystems and application frameworks, along with what to do with the older legacy software and applications. • The move from monolithic applications to composable services. • Re-usable iterative processing instead of relying on linear batch processing. So what are the issues and challenges facing organizations looking at these new born-in-cloud technologies? • Data is growing exponentially and demands new approaches (both from a technology and strategy perspective). • Hard disk drives (HDD) performance and capacity are losing ground to keep up with the demand. • Microprocessor clock rates have stalled. • Network bandwith is becoming choked and cannot keep up. • Encompassing all of the above is the demand to drive costs down, and do more with less. • Converged data and compute, instead of data and compute in silos. • Management of unpredictable workloads. • The maturation of cloud deployment options (private, public, and hybrid). • Multi-tenant platform as a service options instead of siloed IT environments. • Open innovation and standards vs. proprietary and “locked-in” standards. • Dynamic services defined by software instead of “static” infrastructure. • New service-delivery models. “Born-in-the-cloud technologies” are causing a re-think of IT infrastructure, in terms of:
  24. 24. 24 ©2016 WGroup. ThinkWGroup.com Workload readiness for cloud and the most suitable cloud-deployment types are driven mainly by elasticity of demand and mission criticality. The following diagram provides examples of workloads in respect to their readiness for cloud, their characteristics, and suggested placement via the different cloud deployment models. WORKLOAD READINESS FOR CLOUD (examples) Highly Sensitive Data Online Transactions Regulated / Auditable Processes Highly Customized SW (Unvirtualized) Third Party SW READY LESS READY Highly Elastic Demand Daily, monthly, seasonal variations, unknown demand or seasonal transient needs Inelastic Demand High Security / Mission Critical Low Security / Non-Mission Critical Medical Imaging (not medical records) Collaboration Tools & Email Web Apps Development and Test Desktop and Devices Traditional BI (Virtualized) SaaS Apps Big Data Analytics Overfow Storage, Offsite Backups Generic Compute (one-time batch jobs) Compute-Intensive R&D** • Bioinformatics • Engineering simulations • Financial risk modeling **Except those requiring full use of multiple cores and high performance file systems or very high bandwidths Traditional Data Centers Enterprise Private Cloud Managed Private Cloud Hosted Private Cloud Hybrid Cloud Public Cloud As another example, to better understand the current rate of cloud adoption, as well as drivers, barriers, and considerations that are influencing the adoption of cloud computing, IBM conducted a survey (“Dispelling the Vapor Around Cloud Computing in the Financial Services Industry”) of 1,090 IT and line-of-business decision makers around the world, including participants from 161 financial institutions.10 The findings validate that many organizations are now considering cloud computing, with most of the financial services sector respondents currently favoring a private-cloud delivery model.
  25. 25. 25 ©2016 WGroup. ThinkWGroup.com Workload Type Workload Public cloud reference Private cloud reference Analytics • Data mining, text mining or other analytics • Data warehouses or data marts • Transactional databases 9% 21% 11% 52% 44% 45% Business Services • CRM or sales force automation • Email • ERP applications • Industry-specific applications 30% 21% 25% 21% 43% 48% 55% 49% Collaboration • Audio / video / web conferencing • Unified communications • VoIP infrastructure 41% 26% 14% 34% 50% 49% Desktop and Devices • Desktop 17% 47% Development and Test • Development environment • Test environment 20% 16% 40% 42% Infrastructure • Application servers • Application streaming • Business continuity / disaster recovery • Data archiving • Data backup • Data center network capacity • Security • Servers • Service / Help Desk • Storage • Training infrastructure • WAN capacity 17% 24% 24% 22% 18% 14% 17% 15% 17% 18% 15% 29% 47% 37% 40% 46% 48% 46% 46% 50% 54% 50% 47% 43% As part of the study, respondents were asked to rate IT workloads they would consider most appropriate for deployment in a public- or private-cloud environment. Financial services has a rapidly growing appetite for computing resources that can more flexibly and efficiently deliver services such as conferencing, VoIP, desktop service/help desk WAN capacity, and storage. Using a public cloud is the ideal solution for such requirements, where the emphasis is on achieving high utilization (and therefore low costs). The full list of 25 workloads included in the survey is shown in the table below. This table indicates which workloads the financial services respondents preferred for public or private cloud solutions (either currently using or planning to use the features in the next 12 months following the survey). Workloads: Financial services respondents’ preference for public or private cloud solutions. The study asked respondents to rate 25 different workloads they had already deployed or would consider deploying in a public or private cloud.
  26. 26. 26 ©2016 WGroup. ThinkWGroup.com Workloads are increasingly comprised of distributed services. Organizations are deploying distributed applications from a variety of sources, out of business necessity, often on costly, underutilized, replicated infrastructure. Thus, more and more “cloud native” applications are being developed to meet these demands, and have the following characteristics: • Parallel – they can run on distributed topologies. • Resilient – the components are designed from the beginning for resilience/fault-tolerance. • Elastic – services can flex up or down as required. • Scalable – services can scale out horizontally. • Mobile – independent of specific hardware. • Services – have interdependencies between one another, and can be maintained either state or stateless. • Introduction of “microservices” – the application is broken into decoupled stateless and stateful services.
  27. 27. 27 ©2016 WGroup. ThinkWGroup.com Microservices are the resulting set of services (mini applications, if you will) that arise from the process of decomposing an application into smaller pieces. If you take a monolithic application and segment it into many pieces, you end up with microservices. It is an application architecture; an approach to designing applications. This architectural approach has a significant impact on the network architecture, as it forces broader distribution of application-affine services like load balancing, caching and acceleration to be located closer to the individual service. Microservices as an approach is a forcing factor in the bifurcation of the network as it separates application-affine services from corporate-affine services. Microservice architectures are beneficial in that they are highly efficient; it separates functional or object domains and thus lends itself well to a more targeted and efficient scalability model. It is particularly useful when designing APIs, as in addition to the scalability benefits it also localizes capabilities and enables isolated upgrades and new features without necessarily disrupting other services (and the teams developing other services). This lends itself well to agile methodologies while enabling a greater focus on API development as it relates to other services as well as the applications that will use the service. Microservices Monolithic Architecture /account Microservices Architecture App /config /status App App App Billing Polling & Notification Config & Options
  28. 28. 28 ©2016 WGroup. ThinkWGroup.com In conclusion, when assessing which workloads to move to cloud, the choice of a hosting provider and cloud platform is critical to ensure both the newer cloud native applications as well as the older legacy applications can be supported adequately, safely and securely. These new requirements and capabilities for cloud platforms are: • Fine-grained integration with application frameworks • Multi-dimensional resource management • Data “locality” – affinity, anti-affinity • Compute and data convergence • “Co-optimization” for compute, storage, and network The choice of a hosting provider is critical when assessing which workloads to move to cloud.  • Horizontal and vertical auto-scaling • SLA management • Lifecycle management for distributed services • Dependency management • Distributed state management • Multi-tenancy, isolation, and security
  29. 29. 29 ©2016 WGroup. ThinkWGroup.com Cloud offers many benefits to companies. It can help dramatically boost the efficiency and cost- effectiveness of an organization, and transform IT from a cost center to a profit enabler. This has made cloud usage nearly universal across businesses. However, despite the ever-increasing popularity of cloud deployments, it’s important to understand that technology, software, and IT are changing every day, and companies must stay proactive in order to adapt. Automation, increased scalability, and lower costs can all boost profitability for IT, but managing cloud contracts, implementing new technologies, and building a team knowledgeable in cloud can be difficult. Companies must stay aware of changes and build a knowledge base that can be used to navigate the evolving cloud. Staying competitive
  30. 30. 30 ©2016 WGroup. ThinkWGroup.com Challenges and opportunities Today’s cloud offers many benefits to organizations, allowing them to gain new IT functionality faster, deploy applications more rapidly, reduce costs, and gain increased flexibility. But in order to stay competitive and gain the greatest advantage from the evolving technology, it’s critical that organizations stay aware of the changing challenges and opportunities that it brings. Leaders in the cloud marketplace include Amazon, Microsoft, Google, and IBM. They all have their pros and cons. There are a lot of choices in the market place today for cloud providers. If you are thinking of moving into cloud technology and services, you are most likely thinking of one of the market leaders: Amazon, Microsoft, VMware, Google, and IBM. Your choice will depend on your specific requirements and how the provider’s solution is best for your needs. WGroup can guide you through this selection process. Cloud-computing business models are shifting from product- or service-based business models to an ecosystem business model. A few years ago, technologies like ESX virtualization, products like vBlock cloud appliance, and services like Windows Azure were competing in isolated silos. Today, cloud ecosystems like Amazon AWS ecosystem, OpenStack ecosystem, and VMware vCloud ecosystem have emerged, and the primary competition is moving towards ecosystem dominance. When we talk ecosystem, we are talking about keystone players providing a platform for a myriad of partners and niche players to innovate, create value, and co-invent the future. As such, characteristics like critical mass are very important, possibly more important than the technology itself. Cloud players
  31. 31. 31 ©2016 WGroup. ThinkWGroup.com Let’s use VMware as an example to illustrate this business model shift. In 2008, VMware was the undisputed leader in the data-center virtualization market. They sustained their domination with incessant innovation, and they were ruling the game on this market, despite growing competition from Microsoft Hyper-V and open source KVM. They did not perceive cloud threat at this time because it was easy to convince the world that they had the technology to create private clouds and that this was all that mattered for enterprises. However, things started to change with the emergence of large clouds like Amazon. Instant access to unlimited resources raised a lot of interest from startups, enterprises, developers, and other service providers. People learned to use these clouds; they liked the flexibility and started to create tremendous value out of them. Suddenly, people did not care anymore about the hypervisor technology, which lost its importance, and companies provided ready-to-deploy AWS software images. The threat became clear to VMware: Many developers, startups, and enterprises (a growing ecosystem) were embracing this new paradigm. VMware’s response was to feed a competing ecosystem with the vCloud program. They empowered external partners like Dell or Terremark to create VMware compatible public clouds. At that time, they recognized the importance of the ecosystem, but they were still a technology-oriented company, and this was not enough. More recently, VMware again reoriented their strategy by building their own public cloud (vCloud Hybrid Services) and by providing enterprises with a multi- cloud management system gained from the DynamicOps acquisition. Instant access to unlimited resources raised a lot of interest from startups, enterprises, developers, and other service providers. 
  32. 32. 32 ©2016 WGroup. ThinkWGroup.com Business ecosystems are proven models and are becoming more and more important in our global economy. Apple with its app store ecosystem, Twitter with its APIs, and Salesforce with its AppExchange are great example of successful ecosystems. Business ecosystems are the underpinning principle of what we call the API economy. The IBM Watson program is also a great example of ecosystem creation. IBM provides the cognitive platform, makes it as easy as possible to leverage, and opens its platform to as many companies as possible for them to create value out of it. Business ecosystems have specific characteristics which that been analyzed and summarized in several studies. Ecosystems typically include a keystone player that provides the ecosystem platform. This platform is being embraced by niche players, which are creating most of the value. The business ecosystem can die or can grow, very much like living species within natural ecosystems. The health of ecosystems is a function of critical mass (like for invasive species), but is also a function of how the symbiotic relationships between the ecosystem participants allow co-evolution, value creation, and continuous innovation. Clouds are on a business ecosystem competition. But what really defines cloud ecosystem platform? Any IT platform exposes some sort of API for others to innovate and create value out of it. So a new question emerges: On the typical IT scale from hardware to business application APIs, what is the level of abstraction that has the potential to feed successful ecosystems? In the past decade, plenty of utility markets have been tested, and there is now a fair amount of evidence that the winning platform is defined by the infrastructure as a service or software-defined environment. VMware started an empire at the hypervisor level but was forced to make a move to the IaaS level to survive. SUN made a move into utility computing in 2004 with their Network.com $1 per CPU-hour offering. The underlying technology was SUN grid engine, and the workloads had to be packaged like The health of ecosystems is both a function of critical mass – and the symbolic relationships between the participants. 
  33. 33. 33 ©2016 WGroup. ThinkWGroup.com jobs with specific constraints. These constraints made it difficult to generate a lot of interest, and the service was withdrawn in 2008 with only 13 customers. SUN learned from this adventure and they had plans to launch in 2009 a cloud service very similar to Amazon. But they were acquired by Oracle at that time, and it took several years for Oracle to recognize the importance of cloud. Microsoft and Google started their utility-computing journey with PaaS offerings. PaaS provides a higher level abstraction, directly targeting developers. However, for multiple reasons not foreseen at the beginning, the PaaS market is still a niche market, and its success still needs to be built. Furthermore, the potential PaaS ecosystems are fragmented by nature, because a single PaaS cannot serve all IT needs. Therefore, Microsoft and Google were forced to make a recent move toward infrastructure clouds and entered the IaaS battle in 2012 in order to stay in the game. Cloud ecosystems are defined by their infrastructure model (defined by its APIs and behavior). But this does not infer that infrastructure as a service (IaaS) is the most important layer. IaaS only defines the ecosystem keystone, and most of the value will be created on top of this platform. Given that the market has now selected the winning keystone abstraction, there is no reason to fight against it. The software-defined environment APIs split the IT world into two areas: the infrastructure providers who will serve the APIs and the myriad of upper level systems who will consume the APIs. Both areas are places in which companies are innovating. The business natures of the areas are different, The infrastructure-providers tend to be high-volume and low-margin businesses. The businesses built on top of these APIs are very diverse, can serve very specific IT needs, can include unique skills or knowhow, and can potentially be high margin businesses. A good proxy to evaluate cloud ecosystem size would be the aggregate revenue of the keystone player.
  34. 34. 34 ©2016 WGroup. ThinkWGroup.com Let’s first consider the three leading web-scale cloud providers: Amazon, Google and Microsoft Azure. Amazon is currently the undisputed leader. Google is a new entrant in this battle, taking advantage of its web scale experience and innovation capacity. There is an intersection between the two ecosystems because Google storage service has the same API as Amazon’s S3 storage. This is a strategic play to ease portability for application written on top of AWS storage (the likes of Dropbox, Flickr, Smugmug, etc.). Microsoft provides cloud Infrastructure services in parallel with their Azure PaaS offering. Their strategy is to attract and retain their large developer base. Beside these three giants, we have the vCloud ecosystem which is VMware’s attempt to maintain its enterprise footprint. The latest ecosystem is the OpenStack ecosystem. The open-source OpenStack initiative was launched in 2010 by NASA and Rackspace engineers to enable every company and organization to build its Amazon clone. Then the OpenStack initiative acquired interest from the broader IT community and from major companies like IBM and HP who joined the community. At that stage, OpenStack released a second API which is now known as the OpenStack API. OpenStack community faces a strategic choice. One option is to join Amazon’s ecosystem and provide the reference implementation for private clouds. The other option is to run another independent ecosystem in order to counter Amazon’s dominance. When analyzing the market leaders’ strengths and weaknesses, it is important to consider the emerging cloud trends in the marketplace: 1. Big players have now ALL entered the web scale infrastructure market (IaaS), fighting for ecosystem dominance. 2. Enterprises need to strategically pursue a multi-cloud approach. • Traditional DC / private cloud / public cloud integration as intermediate tactical solutions. • The shift to public clouds is inevitable. • Multi sourcing for public clouds is mandatory and the only way to avoid lock-in. • A multi-cloud management platform may be the future control point for cloud accounts. Even keystone players fighting for their ecosystem have a Plan B with multi-cloud control (either via acquisitions or via internal developments).
  35. 35. 35 ©2016 WGroup. ThinkWGroup.com The following table provides a high level summary of each of the leading cloud vendors and considerations for selection. Southbound Innovation Northbound Innovation Cloud Management Multi-cloud TYPE Strategic Ecosystem • Web scale DC • Networking • Breadth of features • Shared services • Business administration • Governance • Monitoring • Capacity • Catalog • Single pane of glass • Brokering • Networking Amazon Keystone player AWS Microsoft Azure Keystone player Azure HP Keystone player OpenStack VMware Keystone player vCloud Oracle Keystone player OpenStack Cisco Niche player vCloud / OpenStack / AWS BMC Niche player AWS / vCloud / OpenStack Accenture Niche player AWS / vCloud / Azure Google Keystone player Google compute / AWS IBM Keystone player OpenStack 3. Most of the innovation emerges in the platform services (horizontal services) and the business automation services (vertical services), all built on top of cloud-computing APIs. • Re-inventing the IT, given cloud-computing APIs. • Value will be dramatically higher than traditional IT, given the new agility, scale, and speed delivered by cloud services.
  36. 36. 36 ©2016 WGroup. ThinkWGroup.com Amazon Web Services Overall strategy: “Cloud is a Disruptive Force to IT” • IaaS Market Leader and de-facto standard • Huge ecosystem of system integrators, ISVs and added value service providers Multi-cloud strategy • They are not in this role • However, partnership with Eucalyptus provides enterprise multi-cloud capability Ability to serve enterprises • Traditional enterprises fear public clouds like AWS • However, they are using it for specific workloads • The vibrant ecosystem is progressing fast and increases enterprise capabilities Ability to drive an ecosystem • Constant feature introduction • Price structure innovation • Developer certification program • Technology and consulting partners > 8000 Innovation • Availability zones • Server, storage, network innovation • Innovation goes up to the power supply • Innovation in pricing • Pave the way for platform services • Database, Hadoop, data warehouse • Orchestration, VPC • Rely on partners for high level business services Detailed leading cloud vendor comparison
  37. 37. 37 ©2016 WGroup. ThinkWGroup.com Microsoft Overall strategy: “Embrace Cloud to Survive” • Leverage Microsoft control points (tooling, user interface, programming models) with developers and IT to build an ecosystem of partners and solutions on the Microsoft Cloud platform • Turn Hyper-V as a credible alternative to ESX • Leverage ITSM toolkits into private cloud software Multi-cloud strategy • Very strong integration between System Center-based private clouds and Azure • AWS management pack to monitor and manage AWS VMs - no support for OpenStack Ability to serve enterprises • System Center is hypervisor agnostic so can be installed on top of ESX or KVM based DC • Hyper-V installed based (increasing) Ability to drive an ecosystem • Initially wanted to leverage existing .NET developers with Azure Platform • Moved in 2012 to IaaS to counter AWS • Current ecosystem has not reached critical mass Innovation • Hyper-V is gaining market shares (27% in 2012 from 11% 2 years ago – 84 % for SMBs) • Web scale data center – in competition with AWS and Google • Azure provides application services like data bases, queuing services • Proven PaaS with initial Azure offering • Azure HD Insight for Big Data Hadoop deployments
  38. 38. 38 ©2016 WGroup. ThinkWGroup.com Google Overall strategy: “Analytics and Big Data In Cloud” • “Production container cloud” with all the security, performance, and orchestration that implies Multi-cloud strategy • Focus on data security to propagate data • Google object store has the same AWS S3 API (simple for customers to move to Google) Ability to serve enterprises • Strong in all layers (Google App,Google App Engine, Google Compute) • BigQuery • Dataflow Ability to drive an ecosystem • Primarily between AWS and Google adopters Innovation • Google compute differentiation: – Priced by the minute – Live migration to avoid instance shutdown – Faster boot time
  39. 39. 39 ©2016 WGroup. ThinkWGroup.com VMware Overall strategy: “Cloud is a natural extension of virtualization” • Leverage VMware’s virtualization leadership as a datacenter control point • Partner with Cisco to obtain network, server, and services management • Strong communication around SDDC Multi-cloud strategy • vCloud automation center is hypervisor agnostic and can manage AWS • Based on DynamicOps acquisition Ability to serve enterprises • Established dominant virtualization market • “Private Cloud” story resonates with customers Ability to drive an ecosystem • The vCloud ecosystem is primarily the established ESX base + the public cloud partners • Dell, Verizon moved away • vBlock relative success but ESX is expensive Innovation • Primarily focused on private cloud technologies • Active in networking (VXLAN) • Active in hypervisor related features (vMotion, HA) • Partners with public providers, now opens VHS • Moves to the upper layers • Less innovative than Amazon • Project Serengeti (Hadoop on VMware) • Project Cloud Foundry – Pivotal spin-off
  40. 40. 40 ©2016 WGroup. ThinkWGroup.com IBM Overall strategy: “Provides all the ingredients for cloud” • Cloud and non-cloud assets such that they work together as a single, end-to-end system Multi-cloud strategy • Hybrid clouds deploy both private cloud instances and multi-tenant public instances, as well as on-premises servers, infrastructure components, and microservices Ability to serve enterprises • Bluemix DevOps framework • Cloud Foundry for deploying PaaS software stacks • IBM knowledge of how to run workloads in data center • Extensive set of offerings to build complete solution • Consulting services • Established base of customers Ability to drive an ecosystem • Aggressive move into Hybrid cloud space and providing help to customers • IBM joined OpenStack ecosystem as large contributor • However SoftLayer does not participate in this ecosystem, thus blurring the message Innovation • SoftLayer innovates with bare metal offering • Worldwide coverage is another important asset • Proprietary API hinders developer adoption • Broad set of deployment capabilities (patterns, orchestration, TSAM) • Rational for Dev/Test, Platform computing for HPC • However, the lack of strategic IBM API makes it hard to unify hybrid customer experience
  41. 41. 41 ©2016 WGroup. ThinkWGroup.com Oracle Overall strategy: “Opportunistic Strategy” • Re-engineer Oracle applications to run in Hybrid Clouds • Cloud optimization around Oracle middleware stack • Offers hybrid cloud experience (within Oracle) • Recently joined OpenStack ecosystem Multi-cloud strategy • Hybrid experience between Oracle private and Oracle public clouds • No clear positioning into multi cloud management • Commitment to have all products offered as cloud services • Mid 2015 launch of 27 cloud services Ability to serve enterprises • Oracle Product suite spans IaaS, PaaS and SaaS – No other company has the span of Oracle • Oracle has 40% WW market share In App Servers and 41% in Data Base • Lock-in effect • Oracle positions its cloud messaging around these workloads Ability to drive an ecosystem • Not an actor in this space • Joined OpenStack • Creating price wars with AW, Google, Microsoft and IBM Innovation • Entered the public IaaS market • Aim to compete with Amazon • Build on Oracle VM for private clouds • Oracle optimizes and adapts its core stack (Java and Data Base) to cloud • Availability of Big Data solutions • Targets ISV with Oracle Platform for SaaS
  42. 42. 42 ©2016 WGroup. ThinkWGroup.com Cloud challenges CIOs face today Many organizations are rightfully excited about the benefits of cloud, but minimize the challenges that it can bring. In order to properly prepare for these challenges and make good decisions about cloud deployments, companies must educate themselves and understand the risks. Security Security is one of the primary concerns when implementing a new cloud deployment, particularly in a public- or hybrid-cloud environment. Entrusting critical applications and sensitive information to third parties can create great anxiety for organizations used to managing their IT infrastructure themselves. In a recent survey, the top perceived threats were unauthorized access (63%), account hijacking (61%), and malicious insiders (43%).6 It is notable that users also fear that they cannot trust their cloud providers. 71% of respondents to a survey said that they did not think their provider would alert them if customer data were stolen, and 72% believed they wouldn’t be notified if confidential business information were stolen.10 One of the major sources of these fears is a lack of visibility. One recent survey found that approximately half of an enterprise’s cloud applications aren’t visible or fully accessible to the IT professionals on staff.12 This obviously can create significant trust issues and leads many organizations to be wary of cloud solutions.
  43. 43. 43 ©2016 WGroup. ThinkWGroup.com Although there are unique security risks to using a public-cloud implementation, in reality it is often much safer to use the public cloud than on-premises IT. Tech leaders like Amazon, Google, IBM, and Microsoft have significant budgets, with experienced professionals working to certify products and configurations to protect their clients’ data and applications. The IT security departments of these providers are significantly better funded and more experienced than those of their clients. However, it is still important to understand the security risks at play and carefully vet cloud providers to ensure that they are a proper fit for your organization and applications. Focus on what is core vs. non-core to your organization. Cloud usage must be business- value aligned. Everything else should be viewed as a commodity and outsourced. • CIOs should have a “cloud first” policy and have good business case and decision process for non-cloud implementation. • CIOs are now out of the business of managing data centers or being programmers and in the business of driving business value. Finding ways to use technology to generate more revenue, increase customer satisfaction, and improve profits are top objectives for today’s CIO. • Cloud implementations are not a substitute for monitoring and management of the applications. However, with cloud, technologists can focus on higher value initiatives.
  44. 44. 44 ©2016 WGroup. ThinkWGroup.com Financial Cutting costs, whether IT or business-related, remains a primary driver influencing initial cloud-investment decisions. The following diagram shows the results of a survey conducted by Ovum of CIOs, IT managers, and IT decision-makers from large Enterprises across US, UK, France, and Germany. It is clear that cutting costs is the leading primary driver influencing cloud-investment decisions. 3.3 3.1 3.1 2.8 2.6 Highly Sensitive Data Cutting IT costs Cutting overall business costs Improve business agility Application modernization Improvement of business processes Data center or IT consolidation Develop innovative new business activities Improve time to market Entry into new markets or lines of business Merger or acquisition activities Entry into new geographies Layoffs or staff reduction Entry into new vertical industries Source: Cloud Services Business Trends Survey, Summary Results, Ovum, Jan. 2012 (Survey of CIOs, IT managers and IT decision makers from large enterprises across the US, UK, France and Germany, consucted by Ovum) 4.0 3.9 3.8 3.6 3.6 3.5 3.5 3.5 Least important Most important Source: Cloud Services Business Trends Survey, Summary Results, Ovum, Jan. 2012 (Survey of CIOs, IT managers and IT decision makers from large enterprises across the US, UK, France and Germany, constructed by Ovum)
  45. 45. 45 ©2016 WGroup. ThinkWGroup.com Cloud technology can help turn IT from a major expense to a significant profit enabler. By leveraging strategic outsourcing and shifting much of the IT department to 3rd parties reduces the need to invest in expensive infrastructure so that organizations can improve their overall profitability. Innovative companies are leveraging cloud by using data collection and analysis, automation, and other new technologies to reduce expenditure and increase revenues. It is critical that every organization stays abreast of current trends in order to maximize their revenue and productivity, and minimize expenses. Still, many organizations remain reticent about new cloud technologies and are unsure what their real financial impact will be. IT professionals and executives need a solid framework upon which to base their cloud decisions in order to ensure that they are maximizing cost effectiveness and getting the most from their cloud services. According to a study by Forrester’s James Staten, “There’s a disturbing trend reemerging in our client inquiries of late: rising demand for software-as-a service- (SaaS) solutions and purchases of solutions that are not really SaaS. When we inform clients that the solution they’re talking about isn’t SaaS, we are increasingly hearing, “So what? As long as I don’t have to run it, it’s better.” This is a trap that can cost you more, result in less agility, and lock you into a poor sourcing decision. Too many vendors today are seeing an opportunity to make big profits in software-as-a- service by taking advantage of customer naiveté and simply rebranding older deployment models as SaaS, on-demand, or cloud. These solutions inevitably fail to live up to customer expectations for agility, standardization, and efficiency. As SaaS continues to increase in popularity across a growing range of application areas, technology buyers (ranging from CIOs to line-of-business [LOB] execs) need to know what differentiates SaaS from application service providing (ASP) and other on-demand implementations cloudwashed with the SaaS term.”
  46. 46. 46 ©2016 WGroup. ThinkWGroup.com The following table illustrates the important considerations for evaluating true SaaS vs. other “off-premise” deployment models: Tenancy Upgrades Payment model Location Responsibility for managing the application SaaS ASP Managed All customers run the same version? Yes No No Significant modifications possible?* No Yes Yes Multitenant architecture? Yes No No Originally designed to be SaaS? Yes No No Who controls upgrade timing? Provider Customer Customer Frequency of feature enhancements As often as every week Typically 2-4 per year Typically 2-4 per year Frequency of major releases Typically 2-3 per year Typically 1 or fewer per year Typically 1 or fewer per year How is the software priced? Subscription Subscription with multi-year commitment required Upfront license + maintenance fee Customer owns license? No No Yes Where does the code and data reside? SaaS provider ASP AO provider (but sometimes at the customer site) Who develops application? SaaS provider Software provider (may not be the ASP) Software provider (not hosting provider) Customer control over operation, deployment and configuration of the app None Limited Negotiable Vendor examples: salesforce.com, Workday, SAP’s Success Factors BTRG’s PeopleSoft-as-a- Service offering PeopleSoft run by Oracle on Demand, Accenture managing SAP *Significant modifications include: adding unique modules, changing application configurations, adding custom code, unique infrastructure, etc. These are all very important considerations to help you choose a deployment model for cloud and selecting your non-core services vs. core services.
  47. 47. 47 ©2016 WGroup. ThinkWGroup.com Understanding the changing landscape Cloud growth, automation, and other technological changes are shaping the way business is done, products are sold, and IT is managed. CIOs need to cope with this changing landscape by reallocating resources, finding personnel with the right skills, and reducing redundant staff and infrastructure. However, sometimes understanding what actually needs to be done can be challenging, particularly if executives have limited experience working with new cloud technology. In order to make the right choices, organizations need to fully understand what these new innovations can actually do for the company, how they work, and how they should be managed. This requires a deep understanding of the technology and the marketplace. Managing cloud contracts One of the most challenging aspects of implementing cloud in an organization is managing vendor contracts. Dealing with a range of cloud providers offering vastly different services and guarantees can be incredibly challenging and requires a comprehensive understanding of how the contracts are structured and what an organization really needs from the provider. Organizations must ensure that the provider complies with all local, applicable laws, that they have necessary control over any cryptographic keys used, that the provider has been recently audited, and many other similar details that might be overlooked by those that do not fully understand the current environment. Getting the big picture In order to manage all of these concerns, each organization needs a framework to understand where they are and where they’re going. With the shifting dynamics of today’s evolving IT world, businesses need comprehensive situational awareness that allow them to understand their needs and how new technologies can help them stay competitive. Organizations must fully understand what new innovations can do for the company, how they work, and how they should be managed. 
  48. 48. 48 ©2016 WGroup. ThinkWGroup.com Evaluating your current state In order to gain situational awareness and make better decisions when implementing cloud into your organization, it is important to examine how others in your industry are being impacted by cloud, your current state in terms of cloud consumption, and your needs. Analyze your current organization to assess both your readiness and “need” for adopting cloud technology along the following five imperatives: 1. Identify your reasons for using cloud: The development of a cloud-computing strategy begins with defining the motivations and goals for migrating to cloud. The reasons for using cloud include a range of benefits for an enterprise, although IT leaders should usually focus on no more than three specific objectives for their strategy. Common goals for a cloud strategy include improving IT efficiency, increasing investment flexibility, accelerating application delivery, reducing risks, and expanding markets.
  49. 49. 49 ©2016 WGroup. ThinkWGroup.com • Level 1 organizations may be developing strategies for cloud, but they haven’t yet deployed cloud applications. These organizations typically need to define their architecture requirements, evaluate their available options, and select the applications that would be most appropriate for cloud. • Level 2 organizations are usually still working with proof of concepts or initial projects for cloud. They usually need to gain additional experience with cloud before they can determine the next steps in their cloud strategy. • Level 3 organizations have already deployed multiple applications to cloud. They’re typically most interested in increasing and improving their use of cloud resources. • Level 4 organizations are already making heavy use of cloud-based infrastructures. Their greatest area of interest is usually in optimizing operations and minimizing the costs of working in cloud. 2. Assess your cloud maturity level: The next step in developing a cloud-computing strategy is to assess your organization’s level of cloud maturity. This assessment determines your organization’s current level of preparedness for migrating to cloud. A catalog of strengths and weaknesses in cloud technology will indicate the steps needed to make this transition. Cloud analysts often categorize organizations into four levels of cloud maturity, with level 1 indicating the least experience: 3. Develop your portfolio: Most enterprises are planning a multi-cloud strategy for using both public and private clouds or they have already implemented such a strategy. Organizations that maximize their vendor options for cloud platforms can take advantage of the rapid changes in service and price that are common in this volatile industry. 4. Overcome challenges: Organizations must overcome several challenges in their journey to cloud. The four most common of these are reliability, security, culture, and expenses.
  50. 50. 50 ©2016 WGroup. ThinkWGroup.com 5. Select your strategy for cloud adoption: IT leaders can develop cloud-adoption strategy for their enterprise once they have determined the reasons for migrating to cloud, assessed their enterprise’s cloud-maturity model, planned their cloud portfolio, and identified the challenges. The options for an enterprise’s cloud-adoption strategy include cloud-first, targeted, and grassroots. Each of these approaches requires a separate set of considerations and procedures. An organization’s strategy for adopting cloud will typically change as its deployment proceeds. For example, an organization may begin with a grassroots strategy, change to a targeted strategy, and finally adopt a cloud-first strategy. Cloud-first: A cloud-first strategy is the best choice for organizations that select cloud for all existing applications, as well as new applications. Enterprises that choose this adoption strategy are typically seeking to leverage public and private clouds aggressively to obtain significant business gains. Existing projects must be evaluated for migration to cloud, and new applications must be designed to operate in a cloud environment. The organization must evaluate each of these applications against business and technical criteria to ensure they meet ROI requirements. A cloud- first strategy means that the organization is fully committed to cloud, including the IT department. Targeted: In a targeted cloud-adoption approach, the organization identifies the applications that are best suited for cloud, which generally means they have variable demand and global scale. These applications typically include batches runs, big data analytics, mobile applications, and social media. Enterprises adopting this strategy typically will have limited cloud usage, along with a desire to increase their cloud workload in measured steps. A targeted approach generally involves developing new applications for cloud and migrating existing applications to cloud over time. The targeted strategy is a short-term approach that should help an enterprise gain expertise in developing cloud architectures for public and private clouds. Grassroots: A grassroots adoption strategy generally consists of the IT department providing individual business units and developers with a self-service portal that allows users to access public and private clouds. The self-service portal used in this strategy should include technology stacks that meet the enterprise’s standards, while still providing the flexibility expected of a public cloud. Enterprises use this strategy to help business units and developers embrace cloud. Easy on-demand access to cloud services is essential for allowing developers to enable cloud adoption. This type of strategy is also effective when coupled with IT Operations and Service Management improvements and raising maturity, i.e., through adoption to an ITIL framework.
  51. 51. 51 ©2016 WGroup. ThinkWGroup.com As the five imperatives are developed for a cloud strategy, organizations must ask themselves many questions: The big picture • What is the current size, growth, and financial state of my organization? • Do you have an acquisition or new geography launch that requires creation of new enterprise infrastructure? • What challenges do you face in responding to requirements for new or changed enterprise services? • What cloud solutions has my organization already adopted? • What cloud components would my organization like to implement? • Why is cloud being used? • How would the organization benefit from cloud? • What cloud solutions are the competition implementing? • How mature is our enterprise architecture and governance? • Where are there gaps between business expectations and what cloud is delivering? • Does the organization have a cloud strategy that helps us stay competitive and reduce costs?
  52. 52. 52 ©2016 WGroup. ThinkWGroup.com Performance • What are the performance requirements: CPU, memory, IPOS, network? • What are your current SLA’s for the enterprise service (availability, performance, service delivery)? • How long does it currently take to add capacity for your enterprise? • Are you able to easily scale up and down in alignment with your enterprise load requirements? • How long does it take to install a new enterprise module? • Are you facing any issues in procuring the HW/SW you need for enterprise applications? • Which applications can be moved to cloud, and which must be kept on-premises based on information security data classifications? • Can the public cloud deliver the same or better performance as on-premises solutions? • Are enterprise resources constrained with routine enterprise maintenance and operations that limits their ability to support critical new enterprise projects required for business growth? • How are you managing your virtual enterprise environments, and what improvements would you like to see? • Are you being asked to provide basic metering for “charge back” services? • Are you facing high enterprise administration costs and is management labor intensive?
  53. 53. 53 ©2016 WGroup. ThinkWGroup.com Security and compliance • Is privacy and security your biggest worry or concern? • Where is sensitive information stored? Is it encrypted at rest and in transit? • Which applications are mission critical and need to exist in an extremely secure environment? • Can cloud vendors deliver the same or better security as the IT team? • What compliance regulations are relevant to the organization? • Do you have an enterprise testing strategy? • What does your enterprise dev/test environment look like?
  54. 54. 54 ©2016 WGroup. ThinkWGroup.com Vendors • If the organization subscribes to cloud services today, are the needs of the organization being met? • What are the termination, indemnity, and performance clauses of existing cloud contracts/subscriptions? • Is the organization effectively managing its cloud vendors? Making the move to cloud • Will cloud be cost-effective? • Does the organization have the knowledge and resources to maximize the effectiveness of cloud implementations? • What business functions can benefit from being moved to cloud? • What deployment model is right for the organization? Will the flexibility and ease of public cloud be right, or is there a requirement for a single-tenant cloud or on-premises private cloud? Is a hybrid solution the best option? • What changes in governance, architecture, and process are required to be effective?
  55. 55. 55 ©2016 WGroup. ThinkWGroup.com Applications • Are you ensuring the best customer experience and adapting to changing employee needs your most important priorities? • Do you have many applications that are customized due to unique business processes or unique integrations and require custom modules or extensions? • What are your plans for growth in the enterprise application area? • Will you be implementing any new enterprise module/solution in the following months? • Will you be upgrading your enterprise systems in the following months? • Are enterprise applications growing or shrinking in your enterprise and how does this affect the cost and quality of delivering services to your customers? • Describe the level of support required to deliver and maintain enterprise applications as well as any inhibitors to supporting the environment. • How does the infrastructure required to deliver enterprise applications affect your ability to deliver services to your customers. • What plans do you have to more fully utilize your existing enterprise application servers and how much of your ERP infrastructure is underutilized due to being reserved for future projects? It’s all about the applications! The architecture of the application dictates the success of cloud implementations. Many think cloud is part of an infrastructure strategy, but it is really an application strategy. Any strategy to migrate workloads to cloud must include an application portfolio and architecture and security assessment. Determining which applications can be migrated to cloud will be determined by user interface, transaction volume, identity and access management framework, information security requirements and component isolation (e.g. different VLANs, firewalls between UI, app, DB layers).
  56. 56. 56 ©2016 WGroup. ThinkWGroup.com Cost-effective cloud adoption One of the most important considerations when adopting new cloud technology is cost. By taking steps to ensure that your organization is implementing cloud in a way that provides a high ratio of benefits to costs, the organization can help make IT a revenue enabler that adds value to the organization. Make a cost / benefit analysis Whether your organization is implementing cloud for the first time or evaluating current deployments, a good first step is making a cost/benefit analysis of the technology. How much will upfront and monthly costs be for cloud deployment? How much will the company save in productivity, increased sales, or reduced downtime? What are the costs of alternative solutions? Repurpose existing investments One of the most effective ways to reduce the cost of cloud is to repurpose existing investments as entry points. By using an enterprise-technology framework to identify what can be reused and what needs to be rebuilt, organizations can greatly decrease the financial costs of a cloud deployment. Investments made for server consolidation, ITSM, virtualization, API adoption and development, high availability improvements, and scripting automations are all examples of improvements that can be applied in particular to private cloud deployments. These can also be a part of a hybrid deployment or integrated into a public deployment.
  57. 57. 57 ©2016 WGroup. ThinkWGroup.com Here’s the example of one client, a regional South East Asia bank: • Leverages IBM AIX Power7 virtualization technology investments, service management program improvements and maturity, and new automation as Private Cloud Entry points to achieve accelerated benefits. • New technology and cloud entry enablement was funded by other enterprise initiatives, including infrastructure modernization, optimization, server consolidation, virtualization, and enterprise-wide new ITIL program with supporting technology. These IT infrastructure and operations maturity improvements provided a funded cloud solution. • Platforms and Technologies: IBM Power 7 servers, IBM x3650, x3850, IBM System Director, LPM (Live Partition Mobility), Tivoli Service Delivery Manager (ISDM) and ITSM. Negotiate agreeable terms When working with public cloud vendors or MSPs, it is extremely important to negotiate terms that meet the needs of the organization. Make sure that your organization has considered what maintenance is included, what the uptime guarantees are, how much support is available, and what the vendor’s reliability record is as these will all influence the ongoing cost of the deployment.
  58. 58. 58 ©2016 WGroup. ThinkWGroup.com Evaluating your cloud implementation To ensure that your organization stays competitive and takes full advantage of the growing power of cloud, it is important to constantly evolve your cloud implementation. Below are some key questions and steps to help your organization make its use of cloud more effective. 1. Evaluation • Identify the business challenges your organization is facing. • How is IT affecting these challenges? • How effective are my cloud implementations (if any)? • How are my business stakeholders interfacing with cloud vendors without me? 2. Implementation • What are the existing investments that can be repurposed as entry points to cloud? • How will your internal cloud capability grow alongside your virtualized environments? • How will you start building relationships with external cloud providers? • As you begin to adopt more cloud solutions, how will it change your network architecture and data center requirements?
  59. 59. 59 ©2016 WGroup. ThinkWGroup.com 3. Ongoing management • What cloud deployment models can be used to fill gaps, improve efficiency, and build the business? • Is the internal cloud and external environment more efficient and cost effective? • What are your current SLA’s for the enterprise service (availability, performance, service delivery)? • How will you maintain talent? • How will you manage current providers and continue to build relationships with new ones? • Do you have systems in place to help you keep pace with changing technology? 4. Delivery models • How will cloud impact how you interface with your suppliers and customers and deliver your services? • What are the opportunities for reduced costs? • What are the opportunities for improved efficiency?
  60. 60. 60 ©2016 WGroup. ThinkWGroup.com 5. Financial models • What new means of charging and paying for services does cloud allow? • How can cloud help your organization drive profits? • How will cloud affect IT’s ongoing budget? • How will cloud affect IT’s capital and operational expenditures? 6. New operating models • How do I manage security in the public and private cloud? • What are the greatest threats to a cloud deployment? • How do I ensure performance? • Do existing SLAs ensure uptime? • What staff do I need to maintain? What skills do they need? • How does cloud affect enterprise architecture? • How does cloud affect governance?
  61. 61. 61 ©2016 WGroup. ThinkWGroup.com How WGroup can help At WGroup, we understand that cloud has revolutionized IT and continues to rapidly evolve. We also understand that businesses must stay proactive in order to ensure that they remain competitive in this shifting marketplace. In order to help you meet these goals, we work with your organization to simplify IT and allow you to use it more effectively. We are leading experts in cloud-vendor management, cloud strategy, and cloud evolution. We can help your organization better understand the opportunities and challenges that this changing technology brings, so you can be equipped to make better decisions for your business. If you’d like to learn more about how to leverage cloud’s rapid evolution to grow your business, contact one of our representatives today.
  62. 62. 62 ©2016 WGroup. ThinkWGroup.com Tony Ioele has 30 years of experience across the Information Technology disciplines with demonstrated ability to transform business opportunities resulting in a competitive advantage, increased customer satisfaction and positive financial impact for his customers. Tony is a senior leader with a unique blend of strategy, technology, security, risk, finance, personnel, operations, business and process management skills and experiences. Tony is known for his astute sourcing and vendor stewardship as well as his broad knowledge and experience in the areas of enterprise architecture, ITIL process management, COBIT/SOX controls creation and enforcement, technical services delivery, customer services delivery, application development and delivery, infrastructure services and security and risk management. Tony holds a BS from East Stroudsburg University of PA and a Masters Certificate, Applied Project Management from Villanova. See more at Tony’s LinkedIn profile About the Authors Tony Ioele, Managing Principal
  63. 63. 63 ©2016 WGroup. ThinkWGroup.com William (Bill) Genovese is a CTO, executive architect and consultant with over 20 years of experience. He has a proven track record comprised of leadership through consulting, design, and implementation of infrastructure, applications and core systems on an enterprise scale for global organizations. His passion includes raising architectural maturity for organizations by aligning business and technical strategy, and leading and inspiring people to deliver outcomes and drive increased performance. His focus is on both tactical and strategic architecture definition, enablement, and delivery, through interpretation of complex subjects and architectures, and recommendation of simple and tactical choices while ensuring these integrate with the enterprise strategy. Bill has a Bachelor’s Degree from Western Connecticut State University. He also has the following certifications: Bill Genovese, Principal Bill is also a CTO and Executive Board member at Saving Promise, a national non-profit organization whose charter is to help prevent and change domestic violence in America. See more at Bill’s LinkedIn profile • The Open Group – Distinguished IT Architect • The Open Group – Master IT Specialist • IBM Executive Certified IT Architect (Application Architecture, Infrastructure Architecture and Systems Engineering Disciplines) • IBM Expert Certified IT Specialist (Systems Management – Cross Platform) • IBM Certified IT Consultant • ITIL V3
  64. 64. 64 ©2016 WGroup. ThinkWGroup.com Doug is a seasoned information technology executive with over 20 years of experience as an IT leader and strategist. He has held numerous operational, program-level, and strategic roles in a variety of industries including healthcare, manufacturing, and technology. His areas of expertise include IT strategy, enterprise architecture, technology governance, infrastructure modernization, technology innovation, application rationalization, cloud strategy, advanced analytics, and talent development. Doug is passionate about the transformative nature of technology and focuses on improving the organization’s capacity to adapt to change. Before joining WGroup, Doug built and led the Enterprise Architecture function for McKesson, a Fortune 15 pharmaceutical distribution, health information technology, and medical supply company. Doug began his career at IBM Global Services as an IT consultant. Doug holds an MBA from Duke University’s Fuqua School of Business and a BA in International Studies from the University of Alabama. Doug is a board member of the CTO forum and an attendee of Yale’s CEO College. He has spoken at numerous conferences on the topics of innovation, collaboration, and leading change in technology organizations. See more at Doug’s LinkedIn profile Doug Smith, General Manager
  65. 65. 65 ©2016 WGroup. ThinkWGroup.com David Spindel has over 25 years of experience in Strategy and Business / IT Transformation – both as a consultant and as an executive with Fortune 500 technology companies. At WGroup, David focuses on IT Strategy, IT Transformation, IT / Business Alignment, Sourcing Advisory Services, IT Governance, and Organization Design and Implementation. Before joining WGroup, David was Vice President of Corporate Strategic Planning for Unisys Corporation and prior to that VP of Strategy for Unisys’ Professional Services and Vertical Solutions business unit. Prior to joining Unisys, David spent over 20 years at Xerox Corporation where he held increasingly responsible positions in strategy, product management, strategic pricing and marketing, most recently as VP of Strategy for the company’s $5B Document Production Systems business unit. David has both a BA in Mathematics and an MBA from the University of Chicago. See more at David’s LinkedIn profile David Spindel, Principal
  66. 66. 66 ©2016 WGroup. ThinkWGroup.com References [1] http://www.forbes.com/sites/bernardmarr/2015/04/27/big-data-as-a-service-is-next-big-thing/ [2] https://451research.com/cloud-pricing-index [3] http://www.intel.com/content/dam/www/public/us/en/documents/ product-briefs/big-data-cloud-technologies-brief.pdf [4] https://www.usenix.org/legacy/event/hotos05/final_papers_backup/brown/brown_html/hotos05.html [5] http://www.slideshare.net/cheahwk/ipsoft-autonomics-it-service-management [6] https://esj.com/articles/2015/03/30/security-concerns-block-cloud-adoption-survey-says.aspx [7] http://www.cdwnewsroom.com/wp-content/uploads/2013/02/ CDW_2013_State_of_The_Cloud_Report_021113_FINAL.pdf [8] http://fortune.com/2015/06/04/fortune-500-ceo-survey/ [9] http://www.slideshare.net/IBMIndiaSS/dispelling-the-vapor-around-cloud-computing-7461827 [10] http://www.infoworld.com/article/2607997/cloud-security/users- fear-cloud-breaches-are-more-expensive.html [11] http://go.netskope.com/rs/netskope/images/Ponemon-DataBreach-CloudMultiplierEffect-June2014.pdf [12] https://www.forrester.com/Beware+Of+The+SaaS+Trap/fulltext/-/E-RES115775
  67. 67. Drive Your Business Founded in 1995, WGroup is a technology management consulting firm that provides Strategy, Management and Execution Services to optimize business performance, minimize cost and create value. Our consultants have years of experience both as industry executives and trusted advisors to help clients think through complicated and pressing challenges to drive their business forward. Visit us at www.thinkwgroup.com or give us a call at (610) 854-2700 to learn how we can help you. 150 N Radnor Chester Road Radnor, PA 19087 610-854-2700 ThinkWGroup.com

×