Pogled sa zemlje na Cloud poslovni model Krešimir Pešice Business Solution Architect Information Management & Analitics 5-6-2014 Cloud je „samo” poslovni model ▶ Cloud pruža mnoge do sada nedovoljno istražene mogućnosti. ▶ Europska unija je definirala Cloud kao jedno od ključnih područja za unapređenje konkurentnosti. ▶ Zrelost Cloud tržišta ubrzano raste. ▶ Cijene usluga padaju ▶ Cloud strategija je preduvjet za odluku ▶ Svijest o rizicima 2 | Cloud Academy Let the Clouds make your life easier 3 | Cloud Academy A Cloud Technology Reference Model Your Application Governance Your Problem Architectural Views Life Cycle (Birth, Growth, Failure, Recovery, Death) Testing, Monitoring, Diagnostics and Verification Web of Metadata Categories, Capabilities, Configuration and Dependencies Their Problem Facilities & Logistics Element Management (Split Responsibility) Resource Management Software & Hardware Infrastructure 4 | Cloud Academy Basic Monitoring Kontrola, sigurnost, rizici ▶ Povjerljivost: – Kriptografija – Brisanje podataka – Pristup aplikacijama ▶ Integritet ▶ Pristupačnost (Availability) – Smetnje u radu usluge (Service disruptions) – Portabilnost podataka – Portabilnost aplikacija – Interoperabilnost ▶ Kontrola i fleksibilnost u praksi: – Vrlo često dolazi do različitih tumačenja odgovornosti obzirom na poslovne modele (PaaS, SaaS, IaaS) 5 | Cloud Academy Kontrola u praksi ▶ Passive provision of resources: – Većina trenutnih zakona(1) se odnosi na tradicionalne outsourcing modele ▶ Razlike Cloud modela u odnosu na outsoarcing. Ključni pojmovi za razmatanje zakonskih odredbi. – Proaktivna usluga vs. pasivni resursi za samoposluživanje. – Smjerovi eskalacije i procedure rješavanja. – Standardizirana, dijeljena infrastruktura i okruženja. – Razina znanja – Razina kontrole ▶ Osiguranje kao alat za upravljanje rizicima (1) Cloud Security Allinace: Cloud controls matrix 6 | Cloud Academy Zakonska regulativa i razvoj tehnologije 7 | Cloud Academy Standardni ugovori za Cloud Services ▶ Sastavni dio svakog standardnog ugovora su: – Terms of Service (ToS) – Dokument u kojem su opisani odnosi između kupca i pružatelja usluge (Komercijalni uvjeti, pravne klauzule, primjenjivi zakoni, i ograničenja od odgovornosti) – Service Level Agreement (SLA) – Dokument koji opisuje nivo pružanja usluge i kompenzacije ukoliko dođe do prekoračenja u dogovorenom nivou pružanja usluge. – Acceptable use Policy (UAP) – Dokument koji opisuje dozvoljeni i nedozvoljeni način korištenja usluge. – Privacy policy – Dokument koji opisuje koji način pružatelj usluge koristi i štiti osobne podatke. Ovaj termin se obično koriti i u smislu zaštite podataka. 8 | Cloud Academy Standardni ugovori za Cloud usluge ▶ Ugovorna forma i primijenjen pravni okvir: – zakoni, jurisdikcija, arbitraža – prihvatljivo korištenje usluge – izmjene ugovornih odredbi ToS-a ▶ Upravljanje podatcima: – Integritet podataka, Očuvanje podataka – Objavljivanje podataka – Lokacija podataka/transfer – Prava intelektualnog vlasništva – Monitoring by provider ▶ Ograničenja i odgovornosti: – Garancija – Indirektna odgovornost – Ograničena odgovornost – Obeštećenje 9 | Cloud Academy Zakoni koji se primjenjuju 10 | Cloud Academy Pregovorni ugovori za pružanje Cloud usluga ▶ Odgovornost: isključenje od odgovornosti, ograničenja i obeštećenja ▶ Otpornost, dostupnost, performanse i razina usluge ▶ Regulatorna pitanja (Lokacija podataka i export, data procesori, osobni podatci) ▶ Tajnost i prava na praćenje/pristup/otkrivanje/korištenje podataka o klijentima ▶ Sigurnosni zahtjevi, revizija prava, proboj sigurnosti ili incident, način odgovora na incident. –Audit prije potpisivanja govora –Certificiranje: Cloud specific, PCI/DSS, ISO 27001, –penetracijsko testiranje prije ugovora –prava auditora ▶ Lock-in i izlazna strategija –zadržavanje podataka/brisanje i portabilnost podat. ▶ Uvjeti prekida usluge i način 11 | Cloud Academy What are the main concerns of clients with regard to Cloud computing? ▶ 58% of surveyed companies (study realized by Forrester) revealed they were hesitating to go for Cloud – WHY? These concerns are all data protection related. 12 | Cloud Academy Software as a Service Application Application Server Middleware Database Your Problem Operating System Their Problem Hypervisor CPU Networking Storage Backup Datacenter (Power, Cooling, Physical Security) 13 | Cloud Academy Software as a Service Application Application Server Middleware Database Your Problem Operating System Their Problem Hypervisor CPU Networking Storage YOUR DATA Backup Datacenter (Power, Cooling, Physical Security) 14 | Cloud Academy Platform as a Service Application Application Server Middleware Database Your Problem Operating System Their Problem Hypervisor CPU Networking Storage Backup Datacenter (Power, Cooling, Physical Security) 15 | Cloud Academy Platform as a Service Your Application Application Server Middleware Database Your Problem Operating System Their Problem Hypervisor CPU Networking Storage Backup Datacenter (Power, Cooling, Physical Security) 16 | Cloud Academy Infrastructure as a Service Application Application Server Middleware Database Your Problem Operating System Their Problem Hypervisor CPU Networking Storage Backup Datacenter (Power, Cooling, Physical Security) 17 | Cloud Academy Infrastructure as a Service Your Application Your Application Server Your Middleware Your Database Your Problem Your Operating System Their Problem Hypervisor CPU Networking Storage Backup Datacenter (Power, Cooling, Physical Security) 18 | Cloud Academy Novi Cloud poslovni modeli 19 | Cloud Academy Odaberite model Legacy Infrastructure Single Tenant Private cloud Multi Tenant Private Cloud LAN Legacy Internal Private Cloud External Private Cloud End to End Solution on Hybrid Cloud 20 | Cloud Academy Public Cloud Umjesto zaključka ▶ ▶ ▶ ▶ ▶ ▶ ▶ Nova paradigma nove vještine Razvijete svoju Cloud strategiju Napravite dobar Due Diligence Procijenite rizike i dobiti. Moja, vaša ili naša odgovornost. Sigurnost počinje u kući. Razvijajte kulturu odgovornosti za podatke u vašoj tvrtci. ▶ Razmotrite prednosti upravljanja rizicima u Cloudu. „Resistance is futile” 21 | Cloud Academy Hvala na pažnji! Pitanja? Atos, the Atos logo, Atos Consulting, Atos Sphere, Atos Cloud and Atos Worldgrid, Worldline, blueKiwi are registered trademarks of Atos Group. November 2013 © 2013 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos. 04-06-2014
© Copyright 2024 Paperzz