© 2014 IBM Corporation

ID202: What You Shouldn’t Care About With Cloud, But Do Anyway

Marshall Lamb, IBM

2

Please Note

IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion.

Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision.

The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion

Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.

Security & Privacy - concerns

Where is the data?

What’s being done with it?

Who has access to it? – “On-premise” is not the panacea – Governments’ rights to data

Separation from other customer data – Inter-company, and intra-company

Industry regulation requirements – FISMA, HIPAA, etc

Security & Privacy in the cloud

Multi-tenant, so security and privacy are paramount

Logical data isolation, not physical – Exception being regulated data

Depending on vendor, and licensing option, data may not be private – IBM maintains a strict privacy policy on customer data

Government rights to data includes on-premise as well as cloud providers operating in that country – US PATRIOT Act – Canadian Anti-Terrorism Act – EU Schengen Information System (SIS) II

Quality-oriented industry attestations and compliances are common in public clouds – SSAE 16, ISO 27001, STAR, etc

Security and privacy regulatory compliances require specialized clouds and higher price points – FISMA, HIPAA, BAFIN, etc

SmartCloud for Social Business will recertify to SSAE 16 SOC 2 and is pursuing other certifications – Its internal IBM security practices are based on the ISO 27001 standard

SSL yes, VPN no

Archiving and e-discovery

Industry regulation or internal security policies may require archiving of collaboration data

– Email is a standard requirement – Could include instant messaging and file data as well

Data retention policies differ by company

Data archive unaffected by user action or status

Used for legal/compliance reasons, not for data backup/restore

IBM SmartCloud™ for Social Business provides archiving and e-discovery for IBM SmartCloud Notes

– Policies set by organization

Customization and integration – building the perfect solution

Most on-premise solutions are heavily customized

Custom applications

Themes, skins, pages

Mobile apps

Specific use cases and metaphors

Enterprise data integration

Metrics and analytics

Customization in the cloud – good enough?

SaaS providers won’t run your custom applications, and won’t fully customize their solution to your needs

Defined points of variability – Branding and color schemes – Feature enablement

Extending cloud capabilities with partner apps and extension points

On-premise apps to consume SaaS APIs – Adoption of OAuth and/or Open ID as an authentication standard

SmartCloud for Social Business provides a rich set of extension points and APIs

– Social Business Toolkit (social.ibmcloud.com/toolkit) – Consume SaaS as a service, not just a UI

But is it good enough?

black box

Hybrid cases – SmartCloud for Social Business

On-premise Domino application and directory integration with SmartCloud for Social Business – Directory sync – Mail routing – Common ID

Sametime Instant Messaging Communities

Rich client and plugin access

Desktop file access

Portlet integration (WebSphere Portal)

Mobile access – Sametime IM – Sametime Meetings

Enterprise maintenance and update schedule woes

On premise, you are in control of software update schedules – Change freezes – Retraining and documentation updates

Typically, the rule is, only update software if: – Existing level is going out of service – Something is broken that the new level fixes – Some other software or development effort requires the upgrade

Update cycles are infrequent (every 2 to 3 years) and are costly, disruptive, and big!

– Typically try to coordinate updates to multiple parts of the infrastructure

Then there are the prolific security patches!

Fosters “Change is bad!” mentality

Constantly behind, at risk, and uncompetitive

v6.1 v2.3a v5.1.2 v2.0.2 …

In cloud, what does “version” mean?

Cloud in general, and SaaS in particular, is all about continuous evolution

– IBM updates SmartCloud for Social Business every week!

There is no such thing as “software versions”

Customers get the benefit of fixes, security patches, and major updates with minimal to no disruption

Most major vendors employ “progressive disclosure” to govern who sees new features and when

– Customer “opt in” – Percentage exposure with temporary “opt out” – Policy-based feature enablement – IBM will too!

But in general, customers don’t have a say in when change happens – it happens constantly

– Frequent small changes are safer and have less impact that infrequent massive changes

On-premise network advantages

Solutions can be co-located with its users for optimized delivery – Headquarter data centers – Branch office hubs and network entry points

Often require VPN access for remote employees

Try to minimize the “last mile” problem

Firewall rules for authorized outbound Internet access

Private network and bandwidth control

Cloud network challenges

Data centers in major geographic regions, but not everywhere

Leverages content delivery networks (CDNs) and network path optimization to bridge the last mile – Akamai®

– IBM SoftLayer® CDN (Edgecast®)

Constantly optimizing content for speedy delivery

Requires predictable IP address ranges and bandwidth allocations for Internet access

C:\>nslookup apps.na.collabserv.com Server: bol-dns-vip1.boulder.ibm.com Address: 9.0.128.50 Non-authoritative answer: Name: e425.b.akamaiedge.net Address: 23.12.241.213 Aliases: apps.na.collabserv.com engage.lotuslive.com.edgekey.net

Resolved PoP

CNAME for *edgekey.net

Resolves PoP based on location

The “Last Mile”

Access Connect Online to complete your session surveys using any: – Web or mobile browser – Connect Online kiosk onsite

29

30

Acknowledgements and Disclaimers

© Copyright IBM Corporation 2014. All rights reserved.

U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

IBM, the IBM logo, ibm.com, SoftLayer, IBM SmartCloud, IBM SmartCloud Notes and IBM SmartCloud for Social Business are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml

Akamai is a registered trademark of Akamai Technologies.

Other company, product, or service names may be trademarks or service marks of others.

Availability. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates.

The workshops, sessions and materials have been prepared by IBM or the session speakers and reflect their own views. They are provided for informational purposes only, and are neither intended to, nor shall have the effect of being, legal or other guidance or advice to any participant. While efforts were made to verify the completeness and accuracy of the information contained in this presentation, it is provided AS-IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this presentation or any other materials. Nothing contained in this presentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.

All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.