B Y D R M O H A M M A D Z U N N U N K H A N
Cloud Resilience, Provisioning, and Asset
Management
Cloud Resilience
 If organizations are not integrating resiliency into their initial cloud
adoption, they are accepting risks, whether they realize it or not.
The reality of cloud resilience
 When it comes to resilience, most organizations find these questions
difficult to answer for their legacy environments:
 Can you reliably quantify the cost of an hour of downtime?
 Can you provide accurately tested evidence to show how quickly you
can resume business operations?
 Do you know where your data corruption concentrations of risk reside?
 Do you know the extent of the impact should something happen?
On average, an infrastructure failure can cost $100,000 an hour and a
critical application failure can cost $500,000 to $1 million per hour.
The right approach to cloud resiliency
 The reality of cloud resiliency is that if you don’t design, implement and maintain
it, you don’t get it.
 But how does an organization ensure they get it right from the beginning? Best
practices suggest doing it right takes a structured approach that lets organizations:
●● Understand the criticality of business services supported by target cloud
workloads, associated business and IT resiliency requirements, and cloud/legacy
application/data dependencies
●● Identify related risks and required mitigation treatments
●● Determine best fit cloud strategies that meet business based resilience needs
●● Document linkages, interdependencies and synchronization points between
cloud and legacy environments
●● Develop, implement, test and sustain corresponding business and technology
resiliency plans and procedures
●● Create cloud specific and integrated cloud or legacy resiliency validation and testing
plans
●● Develop resilient cloud transition roadmap
 Step1 Asset and Evaluation
 Key activities in this process include:
●● Collecting key business resilience requirements for target cloud
workloads
●● Profiling existing application chains with associated
infrastructure components and data, governing policies, resilience
strategies and plans
●● Assessing target cloud workloads in terms of resilience
requirements and capabilities
●● Documenting linkages, interdependencies and processing/data
synchronization points between applications workloads running
on cloud or legacy IT environments
 Step 2 – Plan and Design
●● Identifying in-scope resiliency requirements for cloud and
workload affinity groups and integrated cloud/legacy application
dependency groups
●● Understanding the impact of provisioning lead times on recovery
time and recovery point objectives
●● Applying cloud resiliency guiding principles in the design of the
architecture and delivery model
●● Rationalizing legacy and cloud hybrid resiliency strategies to
determine best fit to meet resilience needs
●● Developing resilient strategy and resilient architecture design
Step 3 – Implement and Test
●● Provisioning target resilience environment using methods and
tools to automate virtual or physical servers for continuity and
configure the cloud workload for resilience testing
●● Creating cloud specific and integrated cloud or legacy resiliency
validation and testing plan (may include regular introduction of
planned failures to test real time component/ service resiliency)
●● Testing the cloud resilience strategy and gaining customer
acceptance
●● Retaining evidence of test scope and outcomes for audit and
reporting purposes
 Step 4 – Manage and Sustain
●● Designing/updating resilience program framework, monitoring, governance
and resiliency risk reporting to include cloud
●● Developing resilient cloud transition roadmap
●● Developing cloud specific education for IT/Cloud resilience stakeholders
●● Transitioning to steady state integrated resilience program management and
reporting
●● Maintaining appropriate checks and balances for:
– Assurance (including third-party) and attestation
– Application readiness – Process readiness, vendor stability and reputation,
mobility to migrate to another location/vendor
– Continuity requirements
– Network
– Data
—location, protection, segregation
– Governance, risk and compliance (GRC)
Cloud Provisioning
 Cloud provisioning primarily defines how, what and when an organization
will provision cloud services. These services can be internal, public or hybrid
cloud products and solutions. There are three different delivery models:
 Dynamic/On-Demand Provisioning: The customer or requesting application
is provided with resources on run time.
 User Provisioning: The user/customer adds a cloud device or device
themselves.
 Post-Sales/Advanced Provisioning: The customer is provided with the
resource upon contract/service signup.
 From a provider’s standpoint, cloud provisioning can include the supply and
assignment of required cloud resources to the customer. For example, the
creation of virtual machines, the allocation of storage capacity and/or
granting access to cloud software.
 Cloud Asset Management
 Cloud Asset Management (CAM), should not be confused with
cloud-based asset management, which is about managing IT
assets using SaaS-based SAM and ITAM solutions.
 CAM is primarily about managing the challenges of cloud
applications, platforms and infrastructure (SaaS, PaaS and IaaS).
For instance:
 inability to track and manage the growing use of SaaS applications
and providers
 lack of a centralized view of Cloud resources and consumption
 limited access to SaaS subscription data
 limited access to actual SaaS, IaaS and PaaS usage data
 To successfully manage cloud assets, key questions need to be
addressed:
 Do you have a full understanding of most expensive cloud-based
applications, platforms and infrastructure used across your
organization?
 Are you fully aware of the impact on governance and security?
 Do you know how much your organization is spending in the Cloud?
 Are you actually using what you’re paying for?
 Can you easily obtain subscription or usage data and access valuable
management reports?
 Are you getting value for money from your Cloud investment?
 Can you successfully plan any future Cloud migration?
 Can you easily access all the information you need to ensure a
successful transition?
 Benefits of Cloud Asset Management (CAM)
 An effective Cloud Asset Management program should address the
questions above and deliver a host of benefits, including:
 Accurate tracking of key applications delivered in the Cloud
 Overcome the limitations of Cloud portals, by providing access to a
single centralized view
 Expanded access to data and improved analysis and reporting
 Granular insight into SaaS, IaaS and PaaS usage across your
organization
 Combine Cloud and on-premise deployment data for a complete end-
to-end view of your IT ecosystem
 Accurate, complete view of investments and their usage across the
whole IT estate enables better cost control
 Access all the information needed to ensure a successful migration to
the Cloud
 The platform comprises the following core components:
 Certero for Enterprise ITAM – full visibility of on-premise
hardware and software plus inventory of resources in Azure and AWS.
 Certero for Enterprise SAM – complete coverage of on-premise
software for all strategic software publishers including Microsoft,
Oracle, IBM, Autodesk etc.
 Certero for Cloud – manage your key SaaS expenditure including
Office 365, Salesforce, Adobe Creative Cloud, G Suite, Okta etc.
 Thank Yous

cloud Resilience

  • 1.
    B Y DR M O H A M M A D Z U N N U N K H A N Cloud Resilience, Provisioning, and Asset Management
  • 2.
    Cloud Resilience  Iforganizations are not integrating resiliency into their initial cloud adoption, they are accepting risks, whether they realize it or not.
  • 3.
    The reality ofcloud resilience  When it comes to resilience, most organizations find these questions difficult to answer for their legacy environments:  Can you reliably quantify the cost of an hour of downtime?  Can you provide accurately tested evidence to show how quickly you can resume business operations?  Do you know where your data corruption concentrations of risk reside?  Do you know the extent of the impact should something happen? On average, an infrastructure failure can cost $100,000 an hour and a critical application failure can cost $500,000 to $1 million per hour.
  • 4.
    The right approachto cloud resiliency  The reality of cloud resiliency is that if you don’t design, implement and maintain it, you don’t get it.  But how does an organization ensure they get it right from the beginning? Best practices suggest doing it right takes a structured approach that lets organizations: ●● Understand the criticality of business services supported by target cloud workloads, associated business and IT resiliency requirements, and cloud/legacy application/data dependencies ●● Identify related risks and required mitigation treatments ●● Determine best fit cloud strategies that meet business based resilience needs ●● Document linkages, interdependencies and synchronization points between cloud and legacy environments ●● Develop, implement, test and sustain corresponding business and technology resiliency plans and procedures ●● Create cloud specific and integrated cloud or legacy resiliency validation and testing plans ●● Develop resilient cloud transition roadmap
  • 6.
     Step1 Assetand Evaluation  Key activities in this process include: ●● Collecting key business resilience requirements for target cloud workloads ●● Profiling existing application chains with associated infrastructure components and data, governing policies, resilience strategies and plans ●● Assessing target cloud workloads in terms of resilience requirements and capabilities ●● Documenting linkages, interdependencies and processing/data synchronization points between applications workloads running on cloud or legacy IT environments
  • 7.
     Step 2– Plan and Design ●● Identifying in-scope resiliency requirements for cloud and workload affinity groups and integrated cloud/legacy application dependency groups ●● Understanding the impact of provisioning lead times on recovery time and recovery point objectives ●● Applying cloud resiliency guiding principles in the design of the architecture and delivery model ●● Rationalizing legacy and cloud hybrid resiliency strategies to determine best fit to meet resilience needs ●● Developing resilient strategy and resilient architecture design
  • 8.
    Step 3 –Implement and Test ●● Provisioning target resilience environment using methods and tools to automate virtual or physical servers for continuity and configure the cloud workload for resilience testing ●● Creating cloud specific and integrated cloud or legacy resiliency validation and testing plan (may include regular introduction of planned failures to test real time component/ service resiliency) ●● Testing the cloud resilience strategy and gaining customer acceptance ●● Retaining evidence of test scope and outcomes for audit and reporting purposes
  • 9.
     Step 4– Manage and Sustain ●● Designing/updating resilience program framework, monitoring, governance and resiliency risk reporting to include cloud ●● Developing resilient cloud transition roadmap ●● Developing cloud specific education for IT/Cloud resilience stakeholders ●● Transitioning to steady state integrated resilience program management and reporting ●● Maintaining appropriate checks and balances for: – Assurance (including third-party) and attestation – Application readiness – Process readiness, vendor stability and reputation, mobility to migrate to another location/vendor – Continuity requirements – Network – Data —location, protection, segregation – Governance, risk and compliance (GRC)
  • 12.
    Cloud Provisioning  Cloudprovisioning primarily defines how, what and when an organization will provision cloud services. These services can be internal, public or hybrid cloud products and solutions. There are three different delivery models:  Dynamic/On-Demand Provisioning: The customer or requesting application is provided with resources on run time.  User Provisioning: The user/customer adds a cloud device or device themselves.  Post-Sales/Advanced Provisioning: The customer is provided with the resource upon contract/service signup.  From a provider’s standpoint, cloud provisioning can include the supply and assignment of required cloud resources to the customer. For example, the creation of virtual machines, the allocation of storage capacity and/or granting access to cloud software.
  • 13.
     Cloud AssetManagement  Cloud Asset Management (CAM), should not be confused with cloud-based asset management, which is about managing IT assets using SaaS-based SAM and ITAM solutions.  CAM is primarily about managing the challenges of cloud applications, platforms and infrastructure (SaaS, PaaS and IaaS). For instance:  inability to track and manage the growing use of SaaS applications and providers  lack of a centralized view of Cloud resources and consumption  limited access to SaaS subscription data  limited access to actual SaaS, IaaS and PaaS usage data
  • 14.
     To successfullymanage cloud assets, key questions need to be addressed:  Do you have a full understanding of most expensive cloud-based applications, platforms and infrastructure used across your organization?  Are you fully aware of the impact on governance and security?  Do you know how much your organization is spending in the Cloud?  Are you actually using what you’re paying for?  Can you easily obtain subscription or usage data and access valuable management reports?  Are you getting value for money from your Cloud investment?  Can you successfully plan any future Cloud migration?  Can you easily access all the information you need to ensure a successful transition?
  • 15.
     Benefits ofCloud Asset Management (CAM)  An effective Cloud Asset Management program should address the questions above and deliver a host of benefits, including:  Accurate tracking of key applications delivered in the Cloud  Overcome the limitations of Cloud portals, by providing access to a single centralized view  Expanded access to data and improved analysis and reporting  Granular insight into SaaS, IaaS and PaaS usage across your organization  Combine Cloud and on-premise deployment data for a complete end- to-end view of your IT ecosystem  Accurate, complete view of investments and their usage across the whole IT estate enables better cost control  Access all the information needed to ensure a successful migration to the Cloud
  • 16.
     The platformcomprises the following core components:  Certero for Enterprise ITAM – full visibility of on-premise hardware and software plus inventory of resources in Azure and AWS.  Certero for Enterprise SAM – complete coverage of on-premise software for all strategic software publishers including Microsoft, Oracle, IBM, Autodesk etc.  Certero for Cloud – manage your key SaaS expenditure including Office 365, Salesforce, Adobe Creative Cloud, G Suite, Okta etc.
  • 17.