JW
Uploaded byJoseph Williams
656 views

IEEE PHM Cloud Computing

This document discusses cloud computing and the challenges of managing applications and data in cloud environments. It covers a wide range of topics including the complexity of cloud platforms, regulatory and jurisdictional challenges of data sovereignty, and key questions around compliance, risk management, and interoperability that enterprises need to have answered before moving workloads to the cloud.

Related topics:
Cloud Computing Insights

Embed presentation

Cloud ComputingDr. Joseph WilliamsSenior Director – Cloud Connect StrategiesMicrosoft Corporationjosephwi@microsoft.com
Thank you for your timePHM up in Seattle has historically been associated more with Boeing than with MicrosoftSoftware systems are incredibly complex and they operate in similarly complex ecosystems of Hardware, networks, security, and end-usersWe do pay attention to PHM
It is still the wild, wild west out there amongst the clouds…A whole lot of vendors, analysts, and evangelists making a whole lot of noiseAccording to IDC, worldwide customers spent nearly $23 billion on public IT cloud services in 2010Gartner was reporting 2010 spend of $68.3B, including private cloud
Why Enterprise Customers Embrace the CloudReduce CAPEX & OPEXLatest Versions with No Server UpgradesPredictable SubscriptionsChoice, Flexibility, & Resource Agility Merger, Acquisition & DivestituresFocus on Market DifferentiationEnergy EfficiencyUp and Running QuicklyPlus CIOs are being told they aren’t “innovative” unless they are looking atthe cloud.
Vision for a Cloud EnterpriseSalesCollaborationFor all employeesOperationsAccountingHRR&DMarketing
It is all very seductiveAnd mystifying
But the Cloud isn’t easy“Cloud” has already disaggregated into Service offerings
Technical platforms
Economic models The Cloud is a BattlegroundThe Battle InTHE CLOUDThe Battle forCONSUMERSThe Battle In The DATA CENTER
The Cloud is complexEach Service layer is every bit as complicated as in any large-scale data centerUnlike in a traditional data center, each service layer may have its own service-level agreements (SLAs)Each cloud service layer may need to interoperate with services from other providers; those interactions, in turnmay have their own SLAsExtremely difficult to architect and build for resiliencySecurity is its own dynamic problem
Customer Priorities For How they Select Cloud ProvidersIDC Microsoft Hoster Server Infrastructure End User Survey - Dec 2010
Cloud Services are customized combinations of servicesInfrastructure(as a Service)Platform(as a Service)Software(as a Service)(On Premises)ApplicationsApplicationsApplicationsApplicationsYou manageDataDataDataDataYou manageRuntimeRuntimeRuntimeRuntimeMiddlewareMiddlewareMiddlewareMiddlewareOther ManagesYoumanageO/SO/SO/SO/SOther ManagesVirtualizationVirtualizationVirtualizationVirtualizationOther ManagesServersServersServersServersStorageStorageStorageStorageNetworkingNetworkingNetworkingNetworking
IT Pro shifts in management responsibility: Whose cloud is it?On-premise IT departmentCloud service providerWhere things could get “interesting”HighLowLowHighIaaSSaaSPaaSIT has most control over Infrastructure
Theoretically, IT Org duties won’t change significantly
Initially, increased work responsibilities for architects
Monitoring processes will change with greater reliance on host (for security, resource allocation, connectivity, performance, etc.)
IT Pro has increased responsibility in terms of maintenance, monitoring, and troubleshooting
Troubleshooting is more complicated, support workflow more complicated
A top pain point
Monitoring processes may change with greater reliance on host
IT Pro has least control over this environment
Lightest touch troubleshooting and support
Relationship with host will be mostly routing trouble ticketsVisibility BoundaryVisibility Boundary
Cloud Management Platform PhasesStandard model for offering cloud servicesThese models take a strong dependency on what kind of SLAs the service expects to offer
Where PHM fits in with Cloud ServicesHow teams understand the status of their service reporting dashboards alertingpredictionSLA measurement Collection and analysis of data that reflects real-time and historical performance of the service against key scenariostelemetry machine health instrumentation tracingalertingUnified ExperienceCustomer Self-ServiceEasy to UseProactive FocusNext Generation PlatformPerformanceEnablementStability
Some interesting learnings since last yearA lot of enterprises don’t like the self-service model of the cloud and they are willing to pay for elevated supportDealing with regulatory compliance / certification is complicated byLegal interpretationRisk toleranceProcurement maturityCloud interoperability is really, really hardWho controls the end-user experience?Who controls PHM elements?How to do trouble-shooting?
Regulatory and Jurisdictional Challenges for the Cloud are the same as always10 years ago…Security and privacy top of mindHacking, virus propagation, cyber-espionage and cyber-warfare on the riseEnforcement officials need tools & trainingVehicles for cross-border collaboration inadequateToday…Security and privacy top of mindHacking, virus propagation, cyber-espionage and cyber-warfare on the riseEnforcement officials need tools & trainingVehicles for cross-border collaboration inadequate
Still Unresolved : Jurisdictional TensionsWhere is the data?Tensions created by different countries asserting jurisdiction over dataTension between privacy rules requiring minimization of data retention obligationsLaw enforcement accessHuman rights concernsHow much should the location of the data matter?
Data SovereigntyA Serious ProblemGreenlandEfficiencies and benefits of cloud computing are best achieved when data flows freely across bordersPrivacy laws that restrict such flows will continue to be an impediment European restrictionsCanadian provincial rulesAustralia National Privacy Principle #9Blackberry problems of 2010AlaskaNorwayFinlandIcelandRussiaIrelandSwedenUnited StatesCanadaGermanyBelarusGreat Britain IrelandPolandUkraineNetherlandsKasachstanFranceMongoliaRomaniaUzbekistan Kirgisistan ItalyNorth KoreaSpainPortugalUSATurkeyTadschikistanJapanGreeceSyriaTurkmenistanChinaSouth KoreaHong KongTunesiaLibanonIraqAfghanistanIranMoroccoBhutanIsraelNepalKatarAlgeriaLibyaPakistanBahamasSaudiArabiaWestsaharaMexicoV.A.ETaiwanEgyptMyanmarCubaIndiaBelizeLaosDom. Rep.OmanMauretaniaEritreaBangladesh NigerMaliVietnamJamaicaTschadHondurasGuatemalaSenegalYemenSudanKambodschaNikaraguaBurkinaEl SalvadorGuineaPhilippinesVenezuelaNigeriaThailandZ. R.Bangui Ethiopia Costa RicaGuyanaSierra LeoneKamerun PanamaSurinameColumbiaSomaliaMalaisiaLiberiaTogoUgandaFr. GuyanaGhanaGabunEcuadorCote d‘IvoireKeniaD. R.Congo IndonesiaCongoPapua New GuineaTansaniaBrazilPeruAngolaMozambiqueZambiaBoliviaZimbabwe NamibiaSingaporeMadagascarParaguayBotsuanaAustraliaSwazilandSouth AfricaLesothoChileUruguayArgentiniaNew Zealand
The Big Battles in the CloudService descriptions do not rise to legal clarityNeed for standardizationNeed for clear articulation (service catalog)OpEx is not always preferable to CapEx, contradicting one of the generally assumed benefits of Cloud ComputingFor many, CapEx is perceived as an easier and faster expense to justify, and OpEx is something they’re continually pushed to reduce.
Final Thoughts – The Good NewsWorkforce mobility, supporting branch locations, and granting partners access to enterprise resources are becoming realConceptually there are significant Cloud benefits, including flexibility, resiliency (i.e., failover / DR), reduced internal management burden, faster provisioning, pay-as-you go, and anywhere access.Licensing complexity will eventually be reduced:Subscription easier than perpetual

More Related Content

PDF
Cloud Computing for Nonprofit Organizations
by4Good.org
 
PPTX
How Businesses are Navigating the Transition to Cloud Computing - eFax Corporate
byeFax Corporate®
 
PDF
Hybrid Technology
byGFI Software
 
PDF
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
byGFI Software
 
PDF
Hybrid cloud- driving a business
byGabe Akisanmi
 
PDF
How Secure Is Cloud
byWilliam Lam
 
PDF
bishu pdf1
byBishwanth Konathala
 
PDF
Facing the Future - Is the cloud right for you?
byAdvanced Business Solutions
 
Cloud Computing for Nonprofit Organizations
by4Good.org
 
How Businesses are Navigating the Transition to Cloud Computing - eFax Corporate
byeFax Corporate®
 
Hybrid Technology
byGFI Software
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
byGFI Software
 
Hybrid cloud- driving a business
byGabe Akisanmi
 
How Secure Is Cloud
byWilliam Lam
 
bishu pdf1
byBishwanth Konathala
 
Facing the Future - Is the cloud right for you?
byAdvanced Business Solutions
 

What's hot

PDF
VIPRE Business Takes a Bite out of Bloatware
byGFI Software
 
PDF
Vps server 3
byGeralynDeanda36
 
PDF
Improve network safety through better visibility – Netmagic
byNetmagic Solutions Pvt. Ltd.
 
PPTX
Reasons why accountants should switch to cloud computing
byLily Smith
 
PDF
IBM cloud e book
byelan405
 
PPTX
Boston Cloud Dinner/Discussion November 2010
byNess Technologies
 
PDF
Identity and Access Management as a Service Gets Boost with SailPoint's Ident...
byDana Gardner
 
PDF
The Ultimate Guide to Managed IT Services for the Modern Business
byTechvera
 
PDF
Virtualization infrastructure in financial services rully feranata
byRully Feranata
 
PDF
Ebusiness Auditing
bynewarttech
 
PDF
NoHidingInTheCloud
byJoan Ross
 
PDF
J3602068071
byijceronline
 
PDF
EMEA10: Trepidation in Moving to the Cloud
byCompTIA UK
 
PPTX
Trends in Law Practice Management – Calculating the Risks
byNicole Garton
 
PDF
Protecting What Matters...An Enterprise Approach to Cloud Security
byInnoTech
 
PPTX
Technology in Law Practice
byStephanie Kimbro Dolin
 
PPT
Consumer tech invasion
byInfo-Tech Research Group
 
PDF
Bringing Cloud Computing Out of the Shadows: Shine the light on Shadow IT wit...
byDivvyCloud
 
VIPRE Business Takes a Bite out of Bloatware
byGFI Software
 
Vps server 3
byGeralynDeanda36
 
Improve network safety through better visibility – Netmagic
byNetmagic Solutions Pvt. Ltd.
 
Reasons why accountants should switch to cloud computing
byLily Smith
 
IBM cloud e book
byelan405
 
Boston Cloud Dinner/Discussion November 2010
byNess Technologies
 
Identity and Access Management as a Service Gets Boost with SailPoint's Ident...
byDana Gardner
 
The Ultimate Guide to Managed IT Services for the Modern Business
byTechvera
 
Virtualization infrastructure in financial services rully feranata
byRully Feranata
 
Ebusiness Auditing
bynewarttech
 
NoHidingInTheCloud
byJoan Ross
 
J3602068071
byijceronline
 
EMEA10: Trepidation in Moving to the Cloud
byCompTIA UK
 
Trends in Law Practice Management – Calculating the Risks
byNicole Garton
 
Protecting What Matters...An Enterprise Approach to Cloud Security
byInnoTech
 
Technology in Law Practice
byStephanie Kimbro Dolin
 
Consumer tech invasion
byInfo-Tech Research Group
 
Bringing Cloud Computing Out of the Shadows: Shine the light on Shadow IT wit...
byDivvyCloud
 

Similar to IEEE PHM Cloud Computing

PPTX
Gitex journey to the cloud
byJorge Sebastiao
 
PPT
Cloud Computing Realities - Getting past the hype and setting your cloud stra...
byCompuware APM
 
PDF
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
byTim Harvey
 
PDF
Building A Cloud Strategy Powerpoint Presentation Slides
bySlideTeam
 
PDF
Building A Cloud Strategy PowerPoint Presentation Slides
bySlideTeam
 
PPTX
Cloud Computing - The new buzz word
byQuadrisk
 
PPTX
Isaca cloud security presentation duncan unwin 16 jul13
byDuncan Unwin
 
PDF
Moving your IT to the Cloud with an Enterprise Cloud Strategy
bymstockwell
 
PPT
To Cloud or Not to Cloud for Transaction Document Production
byStephen D. Poe, SPC4, CSM, CSPO, PMC, EDP
 
PDF
cloud session uklug
bydominion
 
PPTX
Best Practices for the Cloud
byHurwitz & Associates
 
PPT
Perspective on the current state of the Cloud
byDavid Terrar
 
PPTX
Cloud Computing dominated by AI in modern world
byDhruvPatel79152
 
PPS
CRTC Cloud- Scott Sadler
byKrisValerio
 
PDF
Cloud Computing | Dimension Data Europe
byDavid Martin
 
PPT
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
byRio Info
 
PPTX
gkkCloudtechnologyassociate(cta)day 2
byAnne Starr
 
PPT
Cloud Computing and Enterprise Architecture
byDavid Linthicum
 
PPTX
Feet On The Ground Head In The Cloud
bydchmielewski
 
PPTX
Cloud is not an option, but is security?
byJody Keyser
 
Gitex journey to the cloud
byJorge Sebastiao
 
Cloud Computing Realities - Getting past the hype and setting your cloud stra...
byCompuware APM
 
May 2013 Federal Cloud Computing Summit Keynote by David Cearly
byTim Harvey
 
Building A Cloud Strategy Powerpoint Presentation Slides
bySlideTeam
 
Building A Cloud Strategy PowerPoint Presentation Slides
bySlideTeam
 
Cloud Computing - The new buzz word
byQuadrisk
 
Isaca cloud security presentation duncan unwin 16 jul13
byDuncan Unwin
 
Moving your IT to the Cloud with an Enterprise Cloud Strategy
bymstockwell
 
To Cloud or Not to Cloud for Transaction Document Production
byStephen D. Poe, SPC4, CSM, CSPO, PMC, EDP
 
cloud session uklug
bydominion
 
Best Practices for the Cloud
byHurwitz & Associates
 
Perspective on the current state of the Cloud
byDavid Terrar
 
Cloud Computing dominated by AI in modern world
byDhruvPatel79152
 
CRTC Cloud- Scott Sadler
byKrisValerio
 
Cloud Computing | Dimension Data Europe
byDavid Martin
 
Rio Info 2010 - Seminário de Tecnologia - Integracao de Servicos - Cesar Taur...
byRio Info
 
gkkCloudtechnologyassociate(cta)day 2
byAnne Starr
 
Cloud Computing and Enterprise Architecture
byDavid Linthicum
 
Feet On The Ground Head In The Cloud
bydchmielewski
 
Cloud is not an option, but is security?
byJody Keyser
 

IEEE PHM Cloud Computing

  • 1.
    Cloud ComputingDr. JosephWilliamsSenior Director – Cloud Connect StrategiesMicrosoft Corporationjosephwi@microsoft.com
  • 2.
    Thank you foryour timePHM up in Seattle has historically been associated more with Boeing than with MicrosoftSoftware systems are incredibly complex and they operate in similarly complex ecosystems of Hardware, networks, security, and end-usersWe do pay attention to PHM
  • 3.
    It is stillthe wild, wild west out there amongst the clouds…A whole lot of vendors, analysts, and evangelists making a whole lot of noiseAccording to IDC, worldwide customers spent nearly $23 billion on public IT cloud services in 2010Gartner was reporting 2010 spend of $68.3B, including private cloud
  • 4.
    Why Enterprise CustomersEmbrace the CloudReduce CAPEX & OPEXLatest Versions with No Server UpgradesPredictable SubscriptionsChoice, Flexibility, & Resource Agility Merger, Acquisition & DivestituresFocus on Market DifferentiationEnergy EfficiencyUp and Running QuicklyPlus CIOs are being told they aren’t “innovative” unless they are looking atthe cloud.
  • 5.
    Vision for aCloud EnterpriseSalesCollaborationFor all employeesOperationsAccountingHRR&DMarketing
  • 6.
    It is allvery seductiveAnd mystifying
  • 7.
    But the Cloudisn’t easy“Cloud” has already disaggregated into Service offerings
  • 8.
  • 9.
    Economic models TheCloud is a BattlegroundThe Battle InTHE CLOUDThe Battle forCONSUMERSThe Battle In The DATA CENTER
  • 10.
    The Cloud iscomplexEach Service layer is every bit as complicated as in any large-scale data centerUnlike in a traditional data center, each service layer may have its own service-level agreements (SLAs)Each cloud service layer may need to interoperate with services from other providers; those interactions, in turnmay have their own SLAsExtremely difficult to architect and build for resiliencySecurity is its own dynamic problem
  • 11.
    Customer Priorities ForHow they Select Cloud ProvidersIDC Microsoft Hoster Server Infrastructure End User Survey - Dec 2010
  • 12.
    Cloud Services arecustomized combinations of servicesInfrastructure(as a Service)Platform(as a Service)Software(as a Service)(On Premises)ApplicationsApplicationsApplicationsApplicationsYou manageDataDataDataDataYou manageRuntimeRuntimeRuntimeRuntimeMiddlewareMiddlewareMiddlewareMiddlewareOther ManagesYoumanageO/SO/SO/SO/SOther ManagesVirtualizationVirtualizationVirtualizationVirtualizationOther ManagesServersServersServersServersStorageStorageStorageStorageNetworkingNetworkingNetworkingNetworking
  • 13.
    IT Pro shiftsin management responsibility: Whose cloud is it?On-premise IT departmentCloud service providerWhere things could get “interesting”HighLowLowHighIaaSSaaSPaaSIT has most control over Infrastructure
  • 14.
    Theoretically, IT Orgduties won’t change significantly
  • 15.
    Initially, increased workresponsibilities for architects
  • 16.
    Monitoring processes willchange with greater reliance on host (for security, resource allocation, connectivity, performance, etc.)
  • 17.
    IT Pro hasincreased responsibility in terms of maintenance, monitoring, and troubleshooting
  • 18.
    Troubleshooting is morecomplicated, support workflow more complicated
  • 19.
  • 20.
    Monitoring processes maychange with greater reliance on host
  • 21.
    IT Pro hasleast control over this environment
  • 22.
  • 23.
    Relationship with hostwill be mostly routing trouble ticketsVisibility BoundaryVisibility Boundary
  • 24.
    Cloud Management PlatformPhasesStandard model for offering cloud servicesThese models take a strong dependency on what kind of SLAs the service expects to offer
  • 25.
    Where PHM fitsin with Cloud ServicesHow teams understand the status of their service reporting dashboards alertingpredictionSLA measurement Collection and analysis of data that reflects real-time and historical performance of the service against key scenariostelemetry machine health instrumentation tracingalertingUnified ExperienceCustomer Self-ServiceEasy to UseProactive FocusNext Generation PlatformPerformanceEnablementStability
  • 26.
    Some interesting learningssince last yearA lot of enterprises don’t like the self-service model of the cloud and they are willing to pay for elevated supportDealing with regulatory compliance / certification is complicated byLegal interpretationRisk toleranceProcurement maturityCloud interoperability is really, really hardWho controls the end-user experience?Who controls PHM elements?How to do trouble-shooting?
  • 27.
    Regulatory and JurisdictionalChallenges for the Cloud are the same as always10 years ago…Security and privacy top of mindHacking, virus propagation, cyber-espionage and cyber-warfare on the riseEnforcement officials need tools & trainingVehicles for cross-border collaboration inadequateToday…Security and privacy top of mindHacking, virus propagation, cyber-espionage and cyber-warfare on the riseEnforcement officials need tools & trainingVehicles for cross-border collaboration inadequate
  • 28.
    Still Unresolved :Jurisdictional TensionsWhere is the data?Tensions created by different countries asserting jurisdiction over dataTension between privacy rules requiring minimization of data retention obligationsLaw enforcement accessHuman rights concernsHow much should the location of the data matter?
  • 29.
    Data SovereigntyA SeriousProblemGreenlandEfficiencies and benefits of cloud computing are best achieved when data flows freely across bordersPrivacy laws that restrict such flows will continue to be an impediment European restrictionsCanadian provincial rulesAustralia National Privacy Principle #9Blackberry problems of 2010AlaskaNorwayFinlandIcelandRussiaIrelandSwedenUnited StatesCanadaGermanyBelarusGreat Britain IrelandPolandUkraineNetherlandsKasachstanFranceMongoliaRomaniaUzbekistan Kirgisistan ItalyNorth KoreaSpainPortugalUSATurkeyTadschikistanJapanGreeceSyriaTurkmenistanChinaSouth KoreaHong KongTunesiaLibanonIraqAfghanistanIranMoroccoBhutanIsraelNepalKatarAlgeriaLibyaPakistanBahamasSaudiArabiaWestsaharaMexicoV.A.ETaiwanEgyptMyanmarCubaIndiaBelizeLaosDom. Rep.OmanMauretaniaEritreaBangladesh NigerMaliVietnamJamaicaTschadHondurasGuatemalaSenegalYemenSudanKambodschaNikaraguaBurkinaEl SalvadorGuineaPhilippinesVenezuelaNigeriaThailandZ. R.Bangui Ethiopia Costa RicaGuyanaSierra LeoneKamerun PanamaSurinameColumbiaSomaliaMalaisiaLiberiaTogoUgandaFr. GuyanaGhanaGabunEcuadorCote d‘IvoireKeniaD. R.Congo IndonesiaCongoPapua New GuineaTansaniaBrazilPeruAngolaMozambiqueZambiaBoliviaZimbabwe NamibiaSingaporeMadagascarParaguayBotsuanaAustraliaSwazilandSouth AfricaLesothoChileUruguayArgentiniaNew Zealand
  • 30.
    The Big Battlesin the CloudService descriptions do not rise to legal clarityNeed for standardizationNeed for clear articulation (service catalog)OpEx is not always preferable to CapEx, contradicting one of the generally assumed benefits of Cloud ComputingFor many, CapEx is perceived as an easier and faster expense to justify, and OpEx is something they’re continually pushed to reduce.
  • 31.
    Final Thoughts –The Good NewsWorkforce mobility, supporting branch locations, and granting partners access to enterprise resources are becoming realConceptually there are significant Cloud benefits, including flexibility, resiliency (i.e., failover / DR), reduced internal management burden, faster provisioning, pay-as-you go, and anywhere access.Licensing complexity will eventually be reduced:Subscription easier than perpetual
  • 32.
  • 33.
    Underutilization and undeployedsoftware easier to manageEase and speed to deployment are benefits will arise from the CloudCentralized Cloud IT will embrace collaboration and reduce complexity
  • 34.
    Final Thoughts –Some Grim NewsInternet has enjoyed ‘light touch’ regulation – That will end soonData is becoming ‘stateless’:Cross platforms
  • 35.
    Cross providers Governments and Enterprises are very worried about this
  • 36.
    Cross borders“Best ofBreed” Clouds stiil need to integrate:Developers need certainty to build globally relevant applications
  • 37.
    Customers need confidencethat their data is protected
  • 38.
    Service providers needclarity to build the platform and infrastructure for the cloudTaxation will have caught up with the Cloud pretty soonHow legal and regulators frameworks view ‘interoperability’ could change things
  • 39.
  • 40.
    Appendix: Questions ToBe AnsweredThe next few slides contain questions that really need to be addressedMost enterprises will demand satisfying answers before deciding to move significant workloads to the cloudUltimately there is no right or wrong answer, there is just an answer which reflects the enterprise and its requirements
  • 41.
    Compliance and RiskManagementWhat certifications does your provider possess?ISO 27001:2005How often do they re-certify?Do you have access to the audit reports?Who conducts the audits?How seamless are the processes to move in to the cloud and back?How is the collaboration between the cloud provider and you with regards to essential processes like:Incident ResponseForensic AnalysisRisk ManagementBreach NotificationLaw Enforcement Enquiries?
  • 42.
    Compliance and RiskManagementHow do you handle dispute resolution and liability issues?How can you ensure policy compliance?How can you prove that you follow your internal policies in the cloud as well? What is needed?What is needed to prove policy compliance towards any regulation you have to follow?What industry or government standards do you comply with?How is your infrastructure and processes audited and by whom? Do I have access to audit summaries?How are you able to monitor your risks all across your infrastructure?Are there clearly defined metrics for the cloud service to be monitored?How are eDiscovery and criminal compliance requests handled?Are the audit logs forensically and legally sound?
  • 43.
    Identity and AccessControlHow can you integrate the provider’s identity metasystem with your identity management processes?Who owns your identity?Is there an in-person proofing for identities you will trust (if this is necessary from your risk assessment)?How can identities federate across different services and from your internal environment to the cloud?How do I federate with my partners, vendors, and other enterprises?Is the application writer responsible for access controls or is there a service to do that?How are the databases protected for access?Do the software API’s have cryptographic keys in use?Is all of your software signed?
  • 44.
    Service IntegrityHow doesyour provider ensure the security of the written code?Have they implemented a Security Development Lifecycle?How do they do Threat Modeling?How do they test against their Threat Model?How is process consistency ensured?What is the hiring process for the personal doing administrative operations?Are they background checked?What levels of access do they have?
  • 45.
    Service IntegrityHow isthe software protected from corruption (malicious or accidental)?Is there a secure development and software integrity process enforced for all the code within the responsibility of the provider?Who does the cloud supplier use as their critical suppliers and transparency into how those relationships are managed for security and availability?What is the Security Update strategy of the cloud provider?How does the cloud provider manage vulnerabilities? Including incident response and triaging?
  • 46.
    Other IntegrityEnd-Point IntegrityHowis the client integrated into the trust relationship with the cloud (e.g. Cardspace)?Information Protection and Transaction IntegrityWho owns your data?Can it be encrypted?Who has access to encryption keys?Where is the backup located and do you have an on-premise backup? How is the backup purged?Where is your data stored? What requirements do you have with regards to the physical location of your data?
  • 47.
    Key Findings –Cloud Migration of ApplicationsThe sensitivity of app data has significant influence in determining which workloads/ apps IT departments would even be willing to consider moving to the Cloud.
  • 48.
    Firms won’t movemission-critical apps or highly sensitive data sets into the Cloud. They want them on-premise for control, performance, and security reasons.
  • 49.
    Highly integrated applications(e.g., ones that touch multiple internal databases or systems) are impractical to move to the Cloud in isolation.
  • 50.
    Firms are generallynot willing to re-write their legacy apps for the Cloud. The rare exception was if a positive ROI could be proven at the outset. Most Likely Candidates for CloudPackaged apps (SaaS)
  • 51.
  • 52.
    New and/orsmaller LOB apps
  • 53.
  • 54.
    Apps builton Web standardsLeast Likely Candidates for CloudMission critical apps
  • 55.
    Running highlysensitive data
  • 56.
  • 57.
    Custom orspecialized apps
  • 58.
    Highly integratedappsThank you!© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Editor's Notes

  • #5 Why all the discussion around the cloud computing? What is so interesting?Here are the key areas we are hearing from customers. Managed costs From a financial perspective, you can manage costs as a capital expense or an operational expense depending on what works best for your business. The exciting things here are to be able to get started quickly without huge barriers in capital costs as well as having predictable and reduced costs. Greater resource agility The management burden of anticipating and building out excess capacity IT infrastructure decreases. The result—less management, maintenance and deployment time, with the additional benefit of greater scalability to more easily handle peaks in demand.Greater business agility From an IT management perspective, you can focus on solving business problems, and not on infrastructure issues. A cloud model enables you to respond to business demands more effectively, and help ensure employees have on-demand access to critical business information, customers, partners and each other, using any device, from anywhere. Quote on the right is Aviva it was actually 142 days for the One Aviva intranet.Smaller carbon footprint At the same time, using off-premises IT infrastructure has the additional value of decreasing your environmental impact through a reduction in the physical resources required to run on-premises systems. This ofcoure can tranlate into lower taxes and power and utility savings for corporations. Microsoft datacenters benefit from negotiated low power costs and we leverage cool climates and place our DCs next to rivers for hydro power to further reduce costs and carbon impact. We are seeing key industry analysts also highlighting the benefits and momentum around cloud services. Cloud Analyst QuotesForresterTop Left:It’s not the hype, but actual business results achieved by early cloud adopters fueling CIO interest, according to James Staten, principal analyst at Forrester Research. “Early adopters are finding serious benefits, meaning that cloud computing is real and warrants your scrutiny as a new set of platforms for business applications.” Top Right: Forrester analyst Ted Schadler said a financial services firm migrated its employee portal to a cloud-based vendor and launched it in two months, while another firm he surveyed has spent the last 18 months building its employee portal in-house. Source: eweek.comBottom: Gartner’s predictions for the last 2 years have made some huge statements around the pace businesses will move to cloud services as well as how there is huge momentum for businesses to select and move some IT assets out of their own datacenters. More Quotes:ForresterCase Study: GlaxoSmithKline is moving approximately 90,000 email users to Microsoft's Exchange Online, a cloud-delivered service. The result is that GSK is able to optimize its messaging and collaboration platform to meet the full range of its end users' requirementsSource: forrester.comGartner:Cloud Computing Will Be As Influential As E-business. Source: gartner.comGartner:Cloud computing revenue will soar faster than expected and will exceed $150 billion within five years, Gartner report predicts. Cloud-based business processes are the largest portion of the cloud services market, which includes advertising, e-commerce, human resources, and payments processing.Source: infoworld.comGartner:Gartner predicts that by 2012, 80 percent of Fortune 1000 enterprises will be paying for some cloud computing services, and 30 percent will be paying for cloud computing infrastructure services.Source: itnews.com.auIDC: One reason IT suppliers are sharpening their focus on the “cloud” model is its growth trajectory, which - at 27% CAGR - is over five times the growth rate of the traditional, on-premise IT delivery/consumption model. Source: blogs.idc.comIDC: Spending on IT cloud services will triple in the next 5 years, reaching $42 billion and capturing 25% of IT spending growth in 2012Source: blogs.idc.comMerrill Lynch: By 2011 the volume of cloud computing market opportunity would amount to $160bn, including $95bn in business and productivity apps (email, office, CRM, etc.) and $65bn in online advertising.Source: sys-con.com
  • #23 No changes.