Upload
ray-bugg
View
125
Download
0
Embed Size (px)
Citation preview
Matching Solutions with Requirements
Dr Mark I. Williams @drmiw
Managing DirectorMuon Consulting Ltd
@drmiw #ScotCloud
Any/Everything as a service (XaaS)
Communications as a service (CaaS) orUnified Communications as a service (UCaaS)Desktop as a service (DaaS)Disaster Recovery as a service (DRaaS)Information as a Service (Info-aaS)Monitoring as a service (MaaS)Network as a service (NaaS)Storage as a service (SaaS or STaaS)
@drmiw #ScotCloud
5 steps to cloud success
1. Investigation2. Evaluation3. Decision4. Implementation5. Iteration
I’ll only talk about steps 1 to 3 today…
@drmiw #ScotCloud
Step 1: Investigation
Business review – e.g. SMARTA objectives; employee utilisation; customer surveys; process documentation & analysisInformation governance, controls and riskIT systems – TCO; capabilities & limitationsEducate, engage and encourage staff to rethink what they do and consider cloudList potential problems/opportunities
@drmiw #ScotCloud
Step 1 continued: Problem selection
Positive impact criteria Score
Urgency of problem 1 – 5
Customer pain due to problem 0 – 5
Financial savings from cloud 0 – 5
Team interest and/or buy-in 0 – 5
Management interest/support 0 – 5
Total positive impact (P): 1 – 25
@drmiw #ScotCloud
Negative impact criteria Score
Difficulty of solving in cloud 1 – 5
Resources required 0 – 5
Effect on other systems 0 – 5
Time required to solve 0 – 5
Data sensitivity and/or risk 0 – 5
Total negative impact (N): 1 – 25
Impact criteria rating ( 1 – 25) = P / N
Step 2: Evaluation
Genuine business case?Business critical?Sensitive data involved?Gather detailed requirements for chosen problem with relevant staff and stakeholdersPrioritise functionality – e.g. MoSCoW methodDocument characteristics and get sign-offFind matching cloud solution/s that tick boxes
@drmiw #ScotCloud
Step 2: Technical choices
Off-the-shelf software → SaaS Look for web services interfaces to facilitate integration
Customizable software → PaaS Choose best match for in-house skills, beware vendor
lock-in, and look for ready-made plug-in applications
Complete control over application servers → IaaS Consider portability of virtual machines
Sensitive data → Private or hybrid cloud
@drmiw #ScotCloud
Step 2 continued: Solution selection
Will cloud service integrate well with other systems?Are SLA; security; expected system availability; client references; and measured QoS acceptable? Satisfactory answers to data protection questions?Following best practices for IT service management?Independently certified systems and processes?Easy to migrate to another provider’s cloud?Affordable service costs for max expected usage?
@drmiw #ScotCloud
Step 2 continued: Service costs
SaaS → Monthly application cost per user per month Minimum number of users? Different editions? Data storage costs?
PaaS → user numbers; app numbers; in/out bandwidth; compute time; database objects; storageIaaS → server spec; number of servers; compute hours; file storage; in/out bandwidth; IP addressesAdditional charges? E.g. software licenses; operating systems; third-party services; data
transfer on contract termination; taxes
@drmiw #ScotCloud
Step 3: Decision
True cloud cost includes internal costs for evaluation, testing, documentation & trainingWill solution deliver ROI and fit present & future requirements?Will business users be more productive and less reliant on internal IT staff?Could you do it better and cheaper? Really?Are risks understood and acceptable?
@drmiw #ScotCloud
Concluding remarks
Three top tips:1. Always engage stakeholders and get sign-off2. Start small but think big, keeping future systems
integration, agility and IT strategy in mind3. Create an exit plan and make sure it works!
Remember: You are responsible for data protectionNeed help? Email [email protected]
@drmiw #ScotCloud
23© Copyright 2015 EMC Corporation. All rights reserved.
23© Copyright 2015 EMC Corporation. All rights reserved.
What’s holding you back
24© Copyright 2015 EMC Corporation. All rights reserved.
24© Copyright 2015 EMC Corporation. All rights reserved.
32%73%
19%45%
IDCGartner
The Economist451
25© Copyright 2015 EMC Corporation. All rights reserved.
25© Copyright 2015 EMC Corporation. All rights reserved.
26© Copyright 2015 EMC Corporation. All rights reserved.
26© Copyright 2015 EMC Corporation. All rights reserved.
27© Copyright 2015 EMC Corporation. All rights reserved.
27© Copyright 2015 EMC Corporation. All rights reserved.
28© Copyright 2015 EMC Corporation. All rights reserved.
28© Copyright 2015 EMC Corporation. All rights reserved.
29© Copyright 2015 EMC Corporation. All rights reserved.
29© Copyright 2015 EMC Corporation. All rights reserved.
30© Copyright 2015 EMC Corporation. All rights reserved.
30© Copyright 2015 EMC Corporation. All rights reserved.
31© Copyright 2015 EMC Corporation. All rights reserved.
31© Copyright 2015 EMC Corporation. All rights reserved.
32© Copyright 2015 EMC Corporation. All rights reserved.
32© Copyright 2015 EMC Corporation. All rights reserved.
EasyReliableSafe
@CSAUKResearch
Cloud Security Alliance, UK chapter https://cloudsecurityalliance.org.uk
Sensible controls to protect Cloud deployments
Scott Cloud 2015, 18 June 2015Vladimir Jirasek, CSA UK Research
@CSAUKResearch
Cloud Security Alliance, UK chapter https://cloudsecurityalliance.org.uk
Your organisation stakeholders and Cloud
Customers Business managers
, CEO/CFO
CIO Legal Security
Is my data safe and available?Happiness 😀
Customer satisfaction, ROI, EBITDA
ROI, System architecture,Migrations
Legality of data processing and locations, Privacy
Security architecture, Cyber threats, Monitoring
@CSAUKResearch
Cloud Security Alliance, UK chapter https://cloudsecurityalliance.org.uk
Does you organisation have Cloud policy?
Generic requirements
• Requirement 1: Discover Cloud services being used in organisation
• Requirement 2: Alignment of organisation enterprise and security architectures with the Cloud
Before a Cloud service procurement
• Requirement 3: Comply with organisation data classification requirements
• Requirement 4: Encrypt all sensitive data processed in the Cloud
• Requirement 5: Link the Cloud service into the organisation Identity and Access architecture and monitoring of activities of users
During a Cloud service procurement
• Requirement 6: Perform due diligence activities before the contract is signed
• Requirement 7: Require “Right to audit” clause in the contract
• Requirement 8: Know locations of personal identifiable information in the cloud
• Requirement 9: Assess the availability of the Cloud services
• Requirement 10: Assess the cloud provider’s security arrangements
• Requirement 11: Assess the Cloud provider’s ability to comply with the organisation forensic investigations
Running a Cloud service
• Requirement 12: Limit the use of live data for testing and development purposes
• Requirement 13: Monitor Cloud providers security arrangements
Decommissioning a Cloud service
• Requirement 14: Destroy sensitive information when not required
@CSAUKResearch
Cloud Security Alliance, UK chapter https://cloudsecurityalliance.org.uk
Cloud Security Alliance offers multiple tools
https://cloudsecurityalliance.org/star/
http://www.nist.gov/itl/cloud/
@CSAUKResearch
Cloud Security Alliance, UK chapter https://cloudsecurityalliance.org.uk
Get involved! Share knowledge and push towards transparency and standards
Call for contributors for a new version of CSA Cloud Guidance, opened on Monday, June 8, for 6 weekshttps://cloudsecurityalliance.org/media/news/call-for-volunteers-security-guidance-for-critical-areas-of-focus-in-cloud-computing/ Call for contributors for a new CSA UK Small business Cloud Guidance, opening July. Planned delivery Dec 2015
More info on CSA UK website, LinkedIn and Twitter @csaukresearch from next week
48Information Classification: Restricted
The next 30 minutes
brightsolid today
Cloud philosophy
7 critical cloud considerations
Hybrid cloud– why is this future?
Hybrid cloud in practice
49Information Classification: Restricted
brightsolid todayTechnical Innovation Personal Service
Private cloud provider with Azure capabilities, who own and operate our own data centres and national network
Working with Public Sector, Oil & Gas, and Enterprise
First Scottish partner on the Microsoft Cloud OS Network
Approved Scottish Government Framework Supplier
Investing 5 million into Scotland’s digital economy with our next Tier III data centre…
51Information Classification: Restricted
Cloud philosophy Cool clouds
We care about and make good use of the geographical location of our clouds
Changing political landscape of data protection and privacy Is Scotland the new Mecca for Data Centres? Importance of Regional centres to the future
52Information Classification: Restricted
brightsolid AberdeenOur next 400 rack facility
Surpassing expectations Thinking outside the cube Sharing knowledge brightsolid family
53Information Classification: Restricted
Custom cloudsCloud philosophy
Not all clouds are created equal
“We deploy and make use of all of our products and services internally, continuously learning and improving them to deliver a truly refined service to our customers” – Kenny Lowe, Head of Emerging Technologies
Personal cloud service that is proactive rather than reactive Kenny Lowe,
Head of Emerging Technologies
54Information Classification: Restricted
Security at the heart of what we doCloud philosophy
brightsolid Security is strong and simple
Derek RoyData Centre Manager
ISO 27001:2013 ISO 22301:2012
55Information Classification: Restricted
brightsolid National NetworkOur investment in resilience
10Gbps Core networkDiverse routesMultiple telco suppliers3x UK egress pointsHybrid ProtectionMonitored 24/7
56Information Classification: Restricted
Representing valueCloud philosophy
Case Study:
“Migration from traditionalenvironment to brightsolid private cloud”
“The solution is now hosted in a private cloud for less than half the price that IS were
previously paying.”
57Information Classification: Restricted
IaaS
Embracing commodity cloud where appropriate
It’s not ‘cheap’ but represents greater economic benefit
Cloud philosophy
Utility
Private
Hybrid
Commodity cloud
SaaSPaaS
?
58Information Classification: Restricted
Revolution not Evolution Cloud philosophy
Control to the customer
Secure burst capabilities
Development in Azure app layer
Karrie Fyffe, Head of Delivery
Katie Armstrong, Marketing Manager
59Information Classification: Restricted
7 critical cloud considerations
1. Continuous service availability
2. Measure and optimise resource usage
3. Platform enhancements to fit individual needs
4. Architect holistically
5. Automation is king
6. Security at the heart of everything
7. Hybrid is the future
The brightsolid strategy document
60Information Classification: Restricted
Hybrid solutionsPhilosophy and strategy in practice
Customer Site
brightsolidCloud
Public Clouds
ConsistentPlatform
1. There is no one best location for all customer data – on premises, private clouds, and public clouds all have their place
2. Management and usage of clouds should be a unified and consistent experience
3. The customer always owns and has full control of their data
4. Hybrid enables the future by creating new development and deployment opportunities
61Information Classification: Restricted
Backup as a Service (BaaS)A Backup Solution for any Scenario
Veeam Cloud Connect
For customers who already use Veeam on premises
brightsolid appear as a new backup location in existing Veeam console
Enables Veeam’s 3-2-1 rule: Three copies, two separate media, one offsite backup.
Customer managed from on premises#
"I have been very impressed with Veeam Cloud Connect, the simplicity of the product hides what is a complete VM backup tool, whether it be a single file or a full VM restore, with the knowledge that the backups are securely held off site.“ - DC Thomson IT Operations
62Information Classification: Restricted
Backup as a Service (BaaS)A Backup Solution for any Scenario
Asigra Backup
Supports VMware, Hyper-V, XenServer, and Physical servers
Agentless backup means no laborious deployment or update processes
Compression, deduplication and encryption as standard reduce data sent across the wire to minimal levels while maintaining high security standards
Application aware backups available as standard, not as add on
Enables Hybrid backup scenarios – e.g. On-Premises, Azure, AWS, and Office 365 all supported
Competitive pricing enabled by our deep knowledge of storage technologies
63Information Classification: Restricted
Disaster Recovery as a Service (DRaaS)
Disaster Recovery planning does not begin with technology, it starts with an understanding of business needs
brightsolid operate a DR portfolio which simplifies deployment and management of DR end to end
Tools utilised include Veeam, InMage, and Azure Site Recovery
Self-service and fully managed invocation models available
Understanding your needs to deliver a service of real business value
64Information Classification: Restricted
Our Clouds todayFocus on Doing Innovation
Infrastructure Clouds that are architected for operation, security and reliability
65Information Classification: Restricted
Windows Azure PackEnabling Cloud Consistency
1. Windows Azure Pack delivers a web portal for VM management in an Azure consistent manner.
2. Allows self management and provisioning of Virtual Machines and Virtual Networks
3. Enables MySQL and MSSQL as a service features
66Information Classification: Restricted
The Conclusions…
Cloud is exciting – it is going to drive efficiency
The evolutionary phase continues and the revolutionary phase has begun
Opportunity to step in and augment existing services or transform them.
Risks remain and that is why we stepped back to really consider our philosophy (PPP)
68Information Classification: Restricted
PS - What is Innovation?
“trying something new every week. It drives innovation through our business
and to our customers.”
independent travel search site in the world
million visits per month
countries with over 50,000 visitors each
downstream flights booked in last 12 months
languages in which skyscanner is available
million mobile app installs
sessions sourced from repeat users
No.1
62
45
$7bn
40
35
56%
74.6 billion quotes from our partners per month
1.6 billion API calls to our partners
300 million user searches per month
2100 user events per second
400 GB of archive flights data per day
hosting overview
Global Traffic Management
Content Delivery Network
UK1Data CentreWest London
Skyscanner for Business APIs
UK2Data CentreDocklands
NL1Data CentreAmsterdam
SG1Data CentreSingapore
HK1Data CentreHong Kong
APAC VisitorsRest of World Visitors
Web
B2B
Apps
Backbone Network
Capacity Agility
Squad Agilityenables
experimentation
enables rapid deployment to live
reduces dependency
EdinburghQuartermile One15 Lauriston PlaceEdinburgh EH3 9EN
Glasgow5th floor, 151-155 St Vincent St, Glasgow G2 5NW
SingaporeNo. 08-01&04 & 09-048th floor, Robinson Point, 39 Robinson Rd, Singapore
BeijingLevel 19, Tower E2, Oriental Plaza, No. 1 East Chang An Avenue, Dong Cheng District, Beijing 100738
Miami1395 Brickell Ave, Suite 900, Miami, Florida 33131
BarcelonaC/Esteve Terradas, 21, Bajos 3a - 08023 Barcelona, España
thank you