15
Cloud Adoption – Journey of IT Service Management CIO San Francisco Summit Dec 4, 2013 Caroline Hsieh

Cloud Adoption - Journey of IT Service Management

  • Upload
    chsieh

  • View
    552

  • Download
    3

Embed Size (px)

DESCRIPTION

Cloud computing represents great deal of opportunities for business and IT.  The rapid adoption, flexibility, and elasticity of cloud computing have enabled companies to realize benefits such as time to market and cost saving.  However, cloud computing presents various challenges for IT service management and increases the company’s security risk exposures.  A well structured cloud service management model will enable the company to reap the benefits of cloud while minimizing the risk exposure for the company.  This presentation will cover topics on: • Governance structure for cloud solutions. • Architecture strategies to identify cloud capabilities to enable business.   • Selection criteria for preferred cloud vendors based on architecture, legal, security, and IT operations categories. • Risk management process of cloud solutions. • Service management for cloud computing following ITIL model. • Executive endorsement and buy in.

Citation preview

Page 1: Cloud Adoption - Journey of IT Service Management

Cloud Adoption – Journey of IT Service Management

CIO San Francisco Summit

Dec 4, 2013

Caroline Hsieh

Page 2: Cloud Adoption - Journey of IT Service Management

Cloud Adoption – How to Get There

Executive Endorsement

Governance structure

Architecture strategies to identify cloud capabilities to enable business

Selection criteria to determine preferred cloud vendors

Risk-management process

Service management process for cloud computing following the ITIL model

Page 3: Cloud Adoption - Journey of IT Service Management

Why Cloud Governance?

Minimize vendor proliferation

Reduce Corporate Risk

Consistently Secure Data

Threat Security Risks Service Management

Opportunity Business Growth Cost Savings Speed

Cloud Governance

Reap the benefits of cloud while….

Minimize vendor proliferation

Reduce Corporate Risk

Consistently Secure Data

Quickly and Safely

Page 4: Cloud Adoption - Journey of IT Service Management

Cloud Governance Structure Forming a Cloud Governance Body

Define cloud strategies and maintain cloud capabilities Establish selection criteria to minimize proliferation of vendors Perform risk assessment on data and cloud vendors Educate business users on how to handle data in the cloud Enforce data security and privacy policies

To enable business to rapidly adopt cloud solutions while minimizing data security risks with cloud vendors

Enterprise Architecture IT Operations Vendor Management Purchasing

Information Security Corporate Compliance Legal Business Representatives

Cloud Governance Committee is a continuous working body to define and maintain cloud usage policies and standards.

Page 5: Cloud Adoption - Journey of IT Service Management

Architecture Strategy and Cloud Capabilities Step 1 - Identify business demand across company

SaaS

Sales • Opportunity Management

• Quoting • Live Chat • Account Mgmt.

• Sales Compensation • Content

Management • Partner Relationship

Management

Marketing • Social Marketing • Campaign

Management • Live Chat

• Content Management

• Customer Survey • Lead Management • Online Collaboration

Tech Support

• Case Management • Knowledge Base • Account Mgmt.

• Content Management

• Live Chat

Education & Training

• Virtual Classroom • Live Chat

• Knowledge Base • Compliance

Education

Professional Services

• Project Accounting • Online Collaboration

• Service Resource Planning

HR • Human Resource Management

• Applicant Tracking

• Talent Management • Payroll

Legal

• Contract Management

• Online Collaboration

IaaS

Engineering • Dev./QA Lab • Storage • Database

Marketing

• Microsite Hosting

Moderate usage of cloud

Heavy usage of cloud

PaaS

Engineering

• Dev./QA Lab • Database • Integrated

Development Environment

Page 6: Cloud Adoption - Journey of IT Service Management

Identify selection criteria

Create vendor checklists to incorporate the identified criteria

Select vendor based on functionality fit and adherence to the criteria

Cost Support Talent acquisition Integration

Architecture Web services, APIs Single sign on

Data replication UI customization

Support mobile devices Multi-factor auth.

Security 3rd party certification Data loss prevention

Data retention policy Access management

Data encryption Data segregation

Operation SLA (uptime & support) Monitoring

Vendor viability Billing

Redundancy/DR Incident notification

Legal Data privacy Indemnification eDiscovery

Architecture Strategy and Cloud Capabilities Step 2 – Select Preferred Cloud Vendors

Page 7: Cloud Adoption - Journey of IT Service Management

Architecture Strategy and Cloud Capabilities Step 3 – Map business demand to vendor capabilities

Leverage preferred vendors to Minimize vendor proliferations

Reduce risk exposure

Consolidate buying power to get best pricing

Negotiate the terms to best protect the

corporation

Standardize technology and skillset required

to support the cloud solutions

Account Management

Pipeline Management

Lead Management

Preferred CRM

SaaS Vendor

Performance Management

Talent Management

Workforce Management

Preferred HRMS

SaaS Vendor

Campaign Management

Event Management

Lead Generation

Preferred

Marketing

Automation

SaaS Vendor

Virtual Machine

Storage

Web Hosting

Database

Preferred IaaS

Vendor

Development Platform

Preferred PaaS

Vendor

Content Management

Online Collaboration

Preferred

Content

Management

SaaS Vendor

Examples

Page 8: Cloud Adoption - Journey of IT Service Management

Cloud Vendor Risks What Business and IT are facing today

Security

Financial

Legal Operations

Data Access, Loss & Privacy

Service Management

Corporate Reputation

Vendor Viability

Page 9: Cloud Adoption - Journey of IT Service Management

Data Security and Risk Management

Establish policies for handling data in the cloud

Classify the data based on data sensitivity(*) Define security control policies for different data classification

Educate business community on handling data in the cloud

Obtain business and IT executive approval for storing data in the cloud

Establish standard agreement terms with preferred vendors

Less security control Higher security control

Public Info Internal data Highly confidential data

Page 10: Cloud Adoption - Journey of IT Service Management

Balancing Business Value vs. Risk Level

Business Values Time to Market

Cost Saving Operation Efficiency

Customer Experience

Risk Level Security Financial Legal Vendor Management

LOW HIGH

HIGH

Reject

Approve Assess

Assess

Page 11: Cloud Adoption - Journey of IT Service Management

Service Management Process Leveraging ITIL for cloud services

Follow ITIL framework for

end to end cloud service

management,

Clarify the role &

responsibilities of

Business, IT, and cloud

providers.

Ensure governance

process encompass the

entire service

management cycle.

Develop your staff’s skills on cloud service management

Page 12: Cloud Adoption - Journey of IT Service Management

Service Strategy

IT

Bu

siness

Ven

do

r

Service Strategy A RI C

Service Portfolio Management

A CI

Demand Management

A RC

Financial Management

R A C

Service Design

IT

Bu

siness

Ven

do

r

Service Level Management

R A C

Availability Management

A CI R

Capacity Management

A CI R

IT Service Continuity

A CI R

Information Security

CI A R

Supplier Management

CI A

Service Catalogue

A CI

Service Transition

IT

Bu

siness

Ven

do

r Transition Plan & Support

CI A R

Service Asset & Configuration

I CI A

Validation and Testing

R A CI

Release and Deploy

R A CI

Change Management

CI CI A

Evaluation R A

Knowledge Management

I A C

Service Operation

IT

Bu

siness

Ven

do

r

Event Management

I CI A

Incident Management

A

Problem Management

A

Request Fulfillment

A

Access Management

CI A

Continual Service

Improvement

IT

Bu

siness

Ven

do

r

Service Measurement and Reporting

CI CI A

Continual Service Improvement

CI CI A

R Responsible

A Accountable

C Consult

I Inform

Establish Service Management Process Roles and Responsibilities Example – to be adjusted for SaaS, PaaS, IaaS

Page 13: Cloud Adoption - Journey of IT Service Management

Cloud Vision

Funding Model

Risk Threshold

Escalation

Executive Endorsement Forming a Cloud Executive Council

Cloud Executive Council is a steering committee to sponsor cloud

adoption and champion enforcement of policies.

Chief Information

Officer

Chief Information

Security Officer

Business Executive Sponsors

Chief Technology

Officer

Page 14: Cloud Adoption - Journey of IT Service Management

Balance business benefits vs. risk level

Establish cloud strategy and cloud capability

Obtain buy-in from stakeholders

Incorporate cloud governance as part of

enterprise architecture and IT operations processes

Cloud Adoption

Summary