1 / 0

Cloud Computing

Cloud Computing. Erin Quill SME erin@netiq.com. Situational Fluency.

gitel
Download Presentation

Cloud Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cloud Computing Erin Quill SME erin@netiq.com
  2. Situational Fluency Successful conversations with existing and potential customers are founded on your ability to show understanding of the world they live in, the business issues they face, and the ability to speak their language. This enablement session focuses on how to ensure your conversations on Cloud Computing are credible. 15% of Business Leaders indicate that conversations they have with sales reps are of value to them. Our goal is to enable Customer-centric conversations, conversations focused on their issues and priorities
  3. What is the Cloud?
  4. Cloud Description Cloud Computing is: On-demand access to a shared pool of computing resources or services that can be rapidly provisioned and released Characteristics of Cloud Computing: On-demand self-service Broad network access Resource pooling Rapid elasticity Measured resource usage (see http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf)
  5. Cloud Computing Types Private Hybrid Public
  6. Cloud Computing Examples Software as a Service (SaaS) Salesforce.com Google Apps (Gmail, Google Docs, etc.) Platform as a Service (PaaS) Microsoft Azure Force.com Infrastructure as a Service (IaaS) Amazon EC2, S3 Rackspace VMware (vCloud Express or private clouds with vSphere)
  7. Why is the Cloud a Big Deal?
  8. Why compute in the Cloud? Challenges with traditional IT: Difficult to provision just the right amount of computing resources IT takes too long to provision resources Lack of transparency into costs of IT services Cost prohibitive access to IT services Benefits of Cloud Computing: Elasticity (scalability up and down) Pay only for what you use, and know the total cost up-front Provider takes care of infrastructure and application management Access information and services from multiple devices or platforms, anywhere (as long as Internet is available)
  9. A conversation before Cloud Computing We need faster rollout of services That’ll cost you How much? I can’t say Isn’t there unused capacity on systems we paid for? Possibly, but it’s all part of a virtual pool of servers Not going to happen I’d rather pay by user Business Executive IT Manager
  10. A conversation after Cloud Computing We need faster rollout of services Is next week bad? How much? $50/user/month What if I have to expand or shrink the user base No problem Not going to happen I love you Business Executive Cloud Provider
  11. Cloud adoption accelerates in 2012 “What are your firm’s plans to adopt the following software technologies?”(Respondents who selected “implementing, not expanding,” “expanding/upgrading implementation,”“planning to implement in the next 12 months,” or “planning to implement in a year or more”) SaaS By the end of 2012, 45% of all companieswill be using SaaS (60% in 2013!). IaaS PaaS Base: 1,900 to 2,438 software decision-makers Source: Forrester ForrsightsSoftware Survey, Q4 2009, 2010, 2011
  12. Most aggressive users of SaaS are enterprises Using your best estimate, how many different software-as-a-service (SaaS)...? Base: 910 software decision-makers in North America and Europe Source: Forrsights Software Survey, Q4 2011, mean for each business size presented here
  13. IT wants control, business wants flexibilityThe cloud is disrupting the balance of power Flexibility Control
  14. Left to IT leaders, apps would stay in-house “Today, what percentage of your firm’s total x86 server OS instances are in each of the following categories? In four years, what percentage of your firm’s total x86 server OS instances will be in each of the following categories?” Base: 247 technology decision-makers at North American enterprises (5000+ employees) using x86 servers Source: ForrsightsHardware Survey, Q3 2011
  15. Few Firms Are Ready To Operate A Private Cloud “What are your firm’s plans to implement the following server virtualization management capabilities?” Base: 804 North American and European IT decision makers at firms which are using x86 server virtualization Source: Forrsights Hardware Survey, Q3 2011
  16. IT wants to take charge of procurement of cloud services – IT as a Service Broker “Today, which of the following describes your firm’s strategy/approach around the use of software-, infrastructure-, or business-process-as-a-service offerings?”“By the end of 2012, which of the following will describe your firm’s strategy/approach around the use of public software-, infrastructure-, or business-process-as-a-service offerings?” “We have no formal [cloud] strategy/approach” “We are executing on a formal [cloud] migration plan” “We see unsanctioned [cloud] buying by business outside IT” ∆45% ∆47% ∆75% Base: 1,031 IT services decision-makers Source: Forrsights Software Survey, Q3 2011
  17. …so why are they struggling to implement?
  18. Data Protection Concerns Top cloud providers are typically conscientious at securing servers and networks Companies want to protect information, not servers Public cloud services are available anywhere, and data is “outside the firewall” broadening access Lack of access to log data prevents visibility into attacks The infamous “Twitter Hack” was made possible by use of Google Apps (ref http://www.csoonline.com/article/500344/winkler-the-real-problems-with-cloud-computing?page=1)
  19. Regulatory Violations National data privacy laws in Europe require customer data reside in country of origin For example, a U.S.-based Cloud Service Provider that controls data in Germany must comply with German data protection laws, European Union data protection and notification statutes, and USA Patriot Act requirements (ref http://www.journalofaccountancy.com/News/20125922.htm)
  20. Downtime Are You Prepared? Google Doc’s September Disaster There came a day when Google Docs suffered approximately an hour outage due to which work in terms of daily tasks came to a standstill. This proved to be a major setback for Managed Cloud Provider in terms of monetary losses company suffered as well as their reputation in the market. Microsoft’s Office 365 Cloud Disaster Recently, in the month of August and September, Microsoft launched its Office 365 cloud productivity suite, but just few months after its launch media broke the news of its collapse that shattered hopes of Microsoft applications users. The company also experienced a global outage with DNS servers failing Google Docs…Again! Yet another cloud outage erupted with a bang when Google Docs collapsed in the Google HQ. Bad Weather Conditions can Result in Cloud Disaster In the month of August that both Microsoft and Amazon’s cloud data centers had blown off by a thunder lighting strike. Both the cloud servers collapsed because of it, which led big and small organizations to suffer hugely. Companies not only suffered monetary losses, but also had hard time in recovering. Amazon Elastic Cloud Compute Outage Yet another cloud disaster occurred when Amazon EC2 or Elastic Cloud Compute hit the East coast of the US making big time players like the Reddit, Hootsuite, Quora and Sqaurefoot suffer tremendously. To add more to its numbers, approximately 170 SMBs also suffered a major setback as they found it extremely tough to run their businesses during an 8 hour downtime that Amazon EC2 cloud showed to them. (ref http://www.computerworlduk.com/news/cloud-computing/3364982/cloud-downtime-has-cost-more-than-45-million-since-2007/) Source: http://www.prlog.org/11760525-5-serious-cloud-failures-disasters-of-2011.html
  21. Access Control SaaS services can have inconsistent and non-compliant processes for controlling account access For example, if an employee leaves, who checks to ensure their account is not left enabled for weeks, allowing access to sensitive information that can be misused? Single-sign-on is sometimes used to get around this problem, but often passwords are sent to the cloud provider instead of a token, meaning that a malicious actor who has access to the cloud provider’s data now has access to this user’s services in all other corporate accounts as well
  22. Cost Containment 38% of companies using or evaluating the cloud (IaaS) are concerned about runaway costs if a service scales up unintentionally, by error or mismanagement (ref Information Week Cloud ROI Survey, Nov 2011) Costs can also rise if the flexibility of cloud encourages faster service rollout, particularly for increased headcount to support (ref http://www.infoworld.com/d/cloud-computing/3-issues-the-cloud-cant-solve-you-190921)
  23. Silos Multiply Organizations that use cloud computing typically create new items that become silos of data, services, and processes that are difficult to integrate into on-premise systems (ref http://www.infoworld.com/d/cloud-computing/3-issues-the-cloud-cant-solve-you-190921)
  24. Compounding Problems IT is dealing with the old and new – Legacy systems must be maintained, cloud applications must be contained, all without additional resources Accounting for cloud spend – Are we tracking all of our cloud purchases? Do we need all of our seats? All of our cloud computing capacity? Duplication of efforts – With multiple business units making cloud purchases, there are overlapping providers
  25. Why You Need to Understand the Topic of Cloud Cloud is a disruptive technology to the way IT services are being delivered IT is losing control of their traditional monopoly By next year, 60% of all companies will be using cloud services The rush to cloud is compromising security, availability and can have hidden costs Your customers are struggling with how to address cloud computing – help them and become a trusted advisor
  26. Who to talk to
  27. Market Segmentation by Size The topic of Cloud is relevant to all industry verticals in every size company. But benefits may vary: Large Enterprise and Federal: the top benefit is agility - the ability to more rapidly provision new IT services than is possible with traditional internal IT processes Mid-Market: the top benefit is efficiency - improved asset utilization due to the “elastic” nature of cloud computing SMB: the top benefit is innovation - the ability to use IT services internally and provide them to customers that would otherwise be out of reach Ask your customer if they agree with these assertions – a healthy debate could uncover opportunity
  28. Market Segmentation by Vertical:Federal Government “The cloud computing model can significantly help agencies grappling with the need to provide highly reliable, innovative services quickly despite resource constraints” – VivekKundra, U.S. CIO “An estimated $20 billion of the Federal Government’s $80 billion in IT spending is a potential target for migration to cloud solutions” Case Study: The Defense Information Systems Agency (DISA) supports US and coalition fighting forces. To better meet their needs, DISA decided to deploy its own IaaS solution called Rapid Access Computing Environment (RACE) Using traditional infrastructure, provisioning a dedicated server environment required 3 to 6 weeks. With RACE, the time required to provision functional service space for users is now 24 hours. For more details and case studies, see: http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf
  29. Market Segmentation by Vertical:Healthcare Cloud computing is an ideal solution for an industry that prefers targeted services rather than big investments in “sunk costs” for internal IT, but privacy issues remain. Case Study: Cook Children’s Healthcare System in Fort Worth, Texas is pursuing cloud-based electronic health records “The difference is there’s no significant upfront investment with cloud. What I like about CareCloud is if they’re not working for you, you can move on; you don’t have a huge sunken cost,” says Ryan Champlin, VP of Operations. “The question is: who is going to produce better health for a given dollar? I bet my money it’s cloud.” http://www.forbes.com/sites/zinamoukheiber/2012/06/11/can-cloud-computing-take-on-the-health-care-establishment/
  30. Market Segmentation by Vertical:Financial Some resistance to the cloud due to risks, but the benefits can be had with private, hybrid and community clouds, and banks like ING and Deutsche Bank are building these Case Study: “ING Bank’s project involves building a large hybrid cloud that combines features of public clouds and private data centers, one it will open to other banks to use. The hybrid or shared IT infrastructure will achieve the variable costs, scalability, flexibility, and on-demand availability offered by public cloud computing in a way that addresses the security, compliance and performance requirements banks adhere to in their internal clouds.” http://www.cloudave.com/16149/banking-sector-gets-more-comfortable-with-cloud/
  31. Market Segmentation by Vertical:Retail Time to market and scalability (up and down) are critical concerns of companies selling to finicky consumers. The inherent elasticity and agility of cloud computing is compelling. Case Study: WalMart selected SuccessFactors (an SAP company) for a 2.1M seat SaaS HR Management platform Drivers for selection included the scalability to deliver across multiple geographies for large numbers of customers and the shortened timeframe for implementation vs. traditional IT http://www.informationweek.com/news/global-cio/interviews/224700586
  32. Market Segmentation by Vertical:Manufacturing This industry has applied information technology to supply chain management – a benefit of cloud computing is the opportunity to expand communication between sales, suppliers and operations Case Study: Andersen Windows and Doors needed to populate Salesforce CRM with customer master data (Customer Care) as well as supplemental data from 4 other sources (Oracle, SQL Server, Flat File) Used a cloud service from Informatica to integrate the data Now has external customer reporting from Salesforce and back office systems available in the corporate Data Warehouse for one view across sales, operations and suppliers http://www.informaticacloud.com/customers/106-andersen-windows.html
  33. Market Segmentation by Vertical:Service Providers Most service providers are joining the cloud computing gold rush. They are well-positioned for this role, but like internal IT organizations, are threatened by cloud providers competing for their business. So not only do they have advantages, but they must adapt to stay relevant. Case Study: NetIQ AppManager customer Terremark leveraged its market leadership in IaaS offerings to acquisition by Verizon Business, itself an MSP customer of NetIQ AppManager
  34. Business DiscoveryStarting the Conversation
  35. Conversation Starters What sort of cloud initiatives do you have this year? What’s your primary driver for using cloud services? What is driving your choice in using a private cloud? (if applicable) How would you measure the success of your cloud initiative(s)? What’s preventing you from achieving that success? What risks have you had to consider when moving services to the cloud? How are you provisioning/deprovisioning access to the cloud? Does that apply to partners and customers? Are users going to the cloud outside of your control? How are you tracking compliance of access? Do you know if your data in the cloud is secure?
  36. Conversation “Grabbers” Shadow IT – the cloud services that the business buys directly, typically from SaaS providers, without any knowledge or involvement from IT Living with a false sense of security – the presumption, usually of PaaS or IaaS providers, that more services for disaster recovery, security and compliance are being provided than actually are IT as a service broker – the concept that IT can act as a fulfillment house for services, whether provided by the IT organization or externally by cloud providers, for the purpose of ensuring security, compliance and service levels
  37. ITOM-Related Cloud Problems
  38. Shadow IT The cloud services that the business buys directly, without knowledge or involvement from the IT organization Circumvents the controls that minimize risks of outages and cost overruns IT organizations can see this trend as both a threat and an opportunity to create competitive offerings with private clouds Private clouds are more than virtualization - automation is needed for self-service provisioning, DR, securing, maintaining and billing for usage
  39. Shadow IT Solution ComponentBuilding, Securing and Maintaining a Private Cloud NetIQ Cloud Manager Self-service provisioning of VMs and workloads Standardize service offerings and SLAs Manage capacity Chargeback based on usage and service levels
  40. Shadow IT Solution ComponentBuilding, Securing and Maintaining a Private Cloud PlateSpin Protect: Disaster Recovery solution for all server workloads. Virtual servers Virtual hosts Physical servers Workload decoupled from hardware Backup to virtual machines Incremental replication One-click failover Easy to test
  41. Shadow IT Solution ComponentBuilding, Securing and Maintaining a Private Cloud NetIQ Sentinel Security Information and Event Management Log Management NetIQ Secure Configuration Manager Configuration assessment and compliance reporting NetIQ Change Guardian Real-time change monitoring for critical information
  42. Shadow IT Solution ComponentBuilding, Securing and Maintaining a Private Cloud NetIQ AppManager Auto-detect and deploy monitoring for Virtual Machines & workloads in your private cloud NetIQ Operations Center Understand the performance of services, regardless of where they are hosted
  43. Downtime Significant outages of popular cloud services continue to make headlines Organizations must be able to objectively measure the performance of public-cloud services Hold cloud service providers accountable for service levels Ensure users can perform their jobs
  44. Downtime Solution ComponentObjectively Measure and Report Against Service Levels NetIQ AppManager Actively performs user transactions at regular intervals, collects data and escalates events NetIQ Operations Center Create dashboards of service performance achievement so that remediation can be pursued
  45. Creating Competitive Cloud Services Most service providers are joining the cloud computing gold rush. They are well-positioned for this role, but like internal IT organizations, are threatened by cloud providers competing for their business. They must adapt to stay relevant. Service providers looking to evolve into Cloud service providers must understand the expectations from cloud buyers for a fully-automated experience.
  46. Creating Competitive Cloud ServicesA powerful set of tools for service providers to get services deployed quickly NetIQ Cloud Manager Offer customers mobile-enabled self-service provisioning and management NetIQ Access Manager Offer “Access as a Service” NetIQ Aegis Automate simple or complex processes by integrating multiple tools
  47. ITOM-Related Cloud Problems
  48. Compliance in the Cloud Organizations lack controls and cannot effectively certify and report on cloud services, let alone who has access, to meet compliance standards Security teams need a way to integrate the management of access and compliance reporting across multiple cloud and traditional environments
  49. Compliance in the Cloud SolutionsIntegrated Access Management and Compliance Reporting NetIQ Access Manager Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Allows the organization to control the provisioning process, certify access and report on system activity SaaS Single sign-on and strong authentication Automated process Full reporting Corporate credentials secured IT Department
  50. Compliance in the Cloud - SolutionsIntegrated Access Management and Compliance Reporting NetIQ Secure Configuration Manager Report on servers in private clouds and in traditional environments Maintain compliance continuously through an automated process that produces audit efficiencies
  51. Controlling Access to Cloud Services and Data Since most cloud services are provided as a subscription, there is a tendency to allow users to sign up directly, rather through IT controls Lack of visibility and control of data may put organizations at risk of regulatory violations and data loss If user management is not done properly, organizations may encounter large unanticipated fees and true-ups
  52. Controlling Access to Cloud Services and Data - SolutionsReduce the Risk of Data Loss and Unexpected Costs NetIQ Sentinel Integrated SIEM to identify Cloud services accessed from the network, affording greater control and faster response to an attack NetIQ Secure Configuration Manager Helps ensure consistent policies are enforced across traditional, private cloud and IaaS environments
  53. Controlling Access to Cloud Services and Data - SolutionsReduce the Risk of Data Loss and Unexpected Costs NetIQ Access Manager Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Allows the organization to control the provisioning process, certify access and report on system activity SaaS Single sign-on and strong authentication Automated process Full reporting Corporate credentials secured IT Department
  54. Increased Risk in Mixed Environments Most IT organizations are supporting both traditional and cloud-based services, with hybrid public/private configurations Mixing high and low value virtual machines on the same hardware introduces risk that a breach to one can cascade to others Users commonly use the same credentials for their cloud hosted applications as they do for their internally hosted applications, increasing the risk of a breach
  55. Increased Risk in Mixed Environments- SolutionsReduce the Risk of Cascading Security Breaches NetIQ Secure Configuration Manager Automatically identify systems in the private cloud that are poorly configured and vulnerable to attack
  56. Increased Risk in Mixed Environments- SolutionsReduce the Risk of Cascading Security Breaches NetIQ Access Manager Extends identity management to include SaaS offerings like SalesForce.com, Google Apps or Office365 Extend single sign-on experience to cloud hosted applications, making access more convenient for users and eliminating the need for users to save passwords in an unprotected format SaaS Single sign-on and strong authentication Automated process Full reporting Corporate credentials secured IT Department
  57. SummaryWhy You Should Care
  58. Why You Need to Understand the Topic of Cloud Cloud is a disruptive technology to the way IT services are being delivered Business and government organizations of all sizes and verticals are adopting cloud computing, although for multiple reasons Leverage grabbers such as “Shadow IT” “Living with a false sense of security” and “IT as a service broker” to engage in conversations Your customers are struggling with how to address cloud computing – help them and become a trusted advisor
  59. Questions?
More Related