cloud computing quick gdu-tidoe-e:nd
cloud en
end-to-end.
WHY PREPARATION IS
EVERYTHING.
on the it paradigm shift.
Contents:
No question about it: in general, the cloud is a blessing. But in practice,
there are a lot of stumbling blocks on the way to the cloud.
This is mainly due to the fact that not many companies are adequately
prepared for this fundamental change. Many people in responsible
positions still consider cloud computing to be an alternative solution and
not a paradigm shift – but it is exactly this kind of cultural change that we
are talking about.
■
■
■
In End-to-End Cloud Computing, cloud experts take an analytical look at
the whole situation and explain why companies need to address cloud
computing in an “all or nothing” way.
■
We hope you find this information interesting and look forward to your
feedback!
■
■
■
your contAct perSon.
michAel pAuly
Consulting & Solution Sales
E-Mail: [email protected]
Cloud Blog: www.t-systems.de/blogs
Internet: www.t-systems.com
■
all or nothing
Michael Pauly, Cloud Expert
Why complex cloud computing works best as an end-to-end solution.
secure cloud processes
Axel Oppermann, Analyst, Experton
The recommendation: clear interfaces and a fixed set of rules.
performance is the key
Wolfgang Schwab, Analyst, Experton
Cloud applications come to a halt when data lines are too weak.
high-quality cloud services
Michael Pauly, Cloud Expert
Why technical precautions aren’t enough and how complexity
can be cut.
bring your own device
Peter Burghardt, Analyst, Managing Director, techconsult
How mobile devices can increase employee motivation and productivity.
fundamental Change
Bernhard Golden, Harvard Business Expert in Best Practice, 02/2012
IT operations need to be restructured and automated for the cloud.
trust is at the heart of cloud computing
Markus Vehlow, Cloud Expert, Partner at PwC
Effective risk management is a prerequisite for security.
think opportunity, not risk
An interview with Gunter Dueck, Blogger and Cloud Philosopher
How companies can successfully master the cultural change with cloud
computing.
All or nothing
Why complex Cloud Computing works best as an End-to-End-solution.
We’re not going to bore you with the 10,000th cloud computing story.
But before we officially announce the end of the hype, we want to be
sure that we have truly understood the cloud. Inside out. Starting with the
question: why do companies decide to go the cloud route in the first
place? And we want to explain why this model is most effective when it is
integrated with processes and people as an end-to-end chain – one that
consists of four elements: Server and storage infrastructure, network,
applications and devices.
Complex legacy systems
But not all providers are up to the job of migrating complex legacy
systems, integrating disparate data and mobile-enabling apps. Because
in these scenarios, it is all about identifying and understanding the key
issues. In other words, it’s about developing a holistic approach to the
cloud that takes into account the interdependencies between the it
architecture, processes, security and availability. This is the only way for it
to be a true enabler ad to accel erate the business. We profile three
companies that leverage cloud computing in exciting ways.
Internet resource: http://bit.ly/11GqbPP
2
Secure cloud processes
Experton analyst Alex Oppermann recommends clearly defining a framework and interfaces
when venturing into the cloud.
There is no doubt that cloud computing generates significant benefits. It
delivers savings, and requires little modification and integration effort.
But the move to the cloud can quickly turn into a full-fledged business
and IT transformation project. While most organizations are well
equipped to manage the change in terms of the technology, many
struggle when it comes to processes. For example, a study by business
consultants A. T. Kearney showed that user departments are actively
involved in only 50 percent of all cloud initiatives.
This approach is unwise. To ensure that relocating to the cloud does not
cause a thunderstorm, a corresponding transformation process must be
implemented. Axel Oppermann, Senior Advisor at Experton Group,
explains, “It is important to define interfaces, and establish a process
framework within the organization. Clear rules are required for all
aspects, from planning, to roles and responsibilities, to optimization.”
Visibility with business intelligence
In addition, the analyst recommends the use of monitoring technologies
to nip potential technical issues in the bud. Dashboards and other business intelligence (BI) tools provide valuable insights that enable companies to be proactive – and not wait until the cloud has already turned
into a thunderstorm. But Oppermann also warns against an excessively
interventionist approach: “It should not be the customer’s responsibility
to check up on every detail of the cloud supply chain. That’s down to the
service provider, who has to ensure an end-to-end contractual relationship without risky ‘black holes’.” Customers should insist on corresponding service level agreements, and require mechanisms to safeguard
against outages. “However, this is fundamental duty of due diligence in
commercial and organizational terms“ adds the analyst.
Who is involved in the delivery of cloud
services?
Firmly embedding the cloud in the organization’s processes is important
for two reasons. First of all, it minimizes the potential for conflict. For
example, Gartner analysts warn that to guarantee adherence to
legislation and internal policies following transition to the cloud, a
coherent system of governance, risk management and compliance
(GRC)is required. And second, granular definition of roles and responsibilities, as recommended by Oppermann, creates transparency.
Oppermann explains: “Cloud outsourcers must be able to provide their
customers with detailed information on who is involved in service
delivery.”
Internet resource: http://bit.ly/UeMtnE
3
Performance is the key
Poor infrastructure can cause cloud apps to grind to a halt says Experton analyst Wolfgang Schwab.
Once security was the primary concern. Today, performance issues are
equally important when considering cloud migration – according to an
Alcatel-Lucent survey of over 3,000 IT decision makers worldwide. For
CIOs, the main challenges are stability, response times and end-to-end
availability. And they believe that performance is currently the cloud’s
greatest weakness. Their concerns are not unfounded: there can be
serious problems if the network infrastructure does not make the grade,
as analyst and infrastructure expert Wolfgang Schwab explains:
“Inefficient infrastructure can stretch response times to the point where
they become unacceptable to users. In the worst-case scenario, the
network becomes so slow that applications grind to a halt due to
time-outs.”
APM ensures user satisfaction
Slashing network load by up to
80 percent
To ensure effective APM, Schwab believes the most important step is to
conduct a detailed analysis of applications – making the distinction between
“critical” and “non-critical”, and categorizing them according to numbers of
users. It is vital to examine “where most data is generated and transmitted,
and where is it being sent to,” advises Schwab. He points out that on
average, APM cuts network load by “between 40 and 80 percent. The
specifics will depend on the type of application.” However, he adds a word of
warning: “You need considerable experience to be able to accurately
estimate the kind of a reduction you can expect. And you shouldn’t try and
squeeze out every last kilobyte. The infrastructure needs to be able to cope
with organic growth, with or without APM.”
As an IDC study has shown, end-to-end performance is not simply about
technology; it also boosts user satisfaction. Excessive latency can lead to
a significant fall in productivity, and by negatively impacting the
processing of transactions it generates additional costs. Companies – or
their cloud providers – must therefore ensure effective, seamless
application performance management (APM), which reduces data traffic
on wide area networks (WANs). For large international corporations in
particular, it is an attractive option: “If data lines are operating at close to
capacity, if you want to hook-up sites in areas with poor broadband
access or where the cost of installation is prohibitive – APM makes
sense,” states Wolfgang Schwab. But it also has a pivotal role to play in
the connected cities of the western world. This is especially true at a time
when mobile applications and cloud computing are changing the face of
corporate IT infrastructures, according to a survey carried out by UK
market research firm Quocirca.
Internet resource: http://bit.ly/XA3nJs
4
High-quality cloud services
It’s not just about managing technology, it’s also about cutting complexity.
Quality assurance in cloud computing is primarily about ensuring that all
services interoperate seamlessly and reliably. Even very short periods of
downtime can jeopardize business activities. A US study of 13 leading cloud
services established that they had suffered an aggregate 568 hours of
unavailability since 2007. However, the ultimate aim is zero outage, defined
as an uptime of 99.999 percent. This is not just a matter of implementing
and operating reliable technology. It is also about robust governance.
According to security experts ISACA, organizational structures and
processes are key – they ensure that IT supports business goals and
wherever possible adds value.
The theory and the practice
IT decision makers understand the theory. But in reality things often turn out
differently, as analyst and management consultant Dr. Wolfgang Martin, from
the company of the same name, points out. With reference to a survey on
this issue, he states that “businesses in the German-speaking market
recognize the importance of governance, but many have yet to put it into
practice.”
The four key features of governance
What does effective governance for cloud services entail? It is not down to a
single factor, according to Forrester analyst Holger Kisker: “Information
governance is based on four elements: data quality, data security, data
standardization and the data life cycle.” However, executing across all four
elements requires huge effort and expense where there are multiple
providers. A multi-vendor model may offer greater flexibility, but it comes at
the price of governance and transparency. Cloud-computing expert Dr.
Mathias Weber of German IT industry association BITKOM elaborates: “A
one-stop approach simplifies contractual relationships, but limits the options
available to the business. Contracts involving diverse providers for individual
cloud-computing tasks are more complex and require greater administrative
effort on the part of the customer.”
Who carries the cloud computing can?
In the real world, roles and responsibilities are often poorly defined, with too
many cloud cooks threatening to spoil the broth. When there is no one in the
driver’s seat, problems can quickly lead to fruitless finger-pointing. This can
threaten the success of the project as a whole. Moreover, it can be difficult to
maintain control over company data, as bits and bytes are pushed to and fro
between multiple cloud vendors.
One-stop shopping is best
Experts therefore advise large corporations, in particular, to adopt a one-stop
provider model for cloud services, as is practiced in more traditional
business environments. This creates a single point of contact for all issues,
and a single, much more manageable legal framework. Clearly defined
service level agreements (SLAs) ensure compatibility of technologies and
interoperability of services. These are embedded within an overarching,
coherent information governance system. When there is a single contractual
partner, the customer can determine the legislation and the jurisdiction that
apply – and has complete visibility across all four elements described by
Kisker. The result is complete clarity. Despite the clouds.
Internet resource: http://bit.ly/X3fXU3
5
Bring your own Device
Techconsult analyst Peter Burghardt can vouch that mobile devices increase employee motivation
and productivity.
Consumerization of IT is not a fad – it’s here to stay. Employees want to
use their personal smartphones and tablets when they want, where
they want, in the office and and on the move. This entails integrating
them into the corporate IT infrastructure. The market researchers at
techconsult are currently looking into why bring your own device
(BYOD) is so important, and why business organizations must embrace
this trend. According to Peter Burghardt, Managing Director of
techconsult, “Staff motivation and productivity are interdependent
variables. And IT equipment has become somewhat of a status symbol,
especially among the younger generation.”
Intel has successfully implemented
BYOD
Intel is no stranger to this issue. The tech giant already allows thousands
of staff to access IT resources via their personal devices. This required
close cooperation between the IT, HR and legal departments. They
jointly developed a policy that ensures robust security. What’s more,
employees were actively involved, providing input on their specific wants
and needs with regard to equipment and their preferred style of working.
Intel then implemented innovative technologies, such as new authentication methods, and provided intensive training. Rob Evered, Information
Security Specialist, Intel IT, sums it all up: “It was these methods that
enabled our organization to achieve such a truly rewarding outcome –
one that has propelled us forward significantly in terms of productivity
and job satisfaction.”
Gartner: companies can tackle the
challenges of BYOD
According to a recent study by Gartner, a clearly-defined IT management
strategy can help companies come to grips with BYOD – including the
technology issues involved. Gartner recommends they focus primarily on
mobile data protection (MDP), network access control (NAC) and mobile
device management (MDM). These form the basis for a standardized
mobile enterprise platform. What’s more, the analysts from techconsult
make it clear that: “The difficulties associated with recruiting skilled staff
would make it disastrous to ignore BYOD. The up-and-coming generations are demanding it. IT departments have to get used to seeing
employees as their customers, and must implement the corresponding
processes,” says Peter Burghardt. One thing is for sure: successful IT
mobilization via smartphones and tablets means striking the right
balance between the wishes of the users and IT security imperatives.
And as Burghardt goes on to say, “This increases productivity and
ultimately, the success of the business.”
Internet resource: http://bit.ly/VfWpwj
6
Fundamental Change
Why Cloud Computing requires a restructuring and an automation on the part of
IT executives explains Bernard Golden, our expert of Harvard Business.
Everyone’s had the experience of discussing a concept with someone and
suddenly seeing the look of understanding appear on their face as the
meaning of the concept sinks in. It can be intriguing to observe how IT
executives perceive cloud computing will affect their organization’s
processes and people. Most seem to regard cloud computing simply as a
technology development that will affect one or perhaps a couple of
aspects of their organization. For example, some CIOs think of cloud
computing as something that supports developer agility by providing the
self-service of virtual machines. Others think of it as an infrastructure improvement that will reduce the cost of supporting legacy applications. In short,
most executives think of cloud computing as a drop-in replacement for
some aspect of the existing IT environment, but don’t view it as a transformative technology with an overarching impact that will affect the entire
organization. The reason is straightforward: cloud computing brings
automation into the mix, and in every industry that automation has
touched, profound disruption has followed. IT will be no different.
Re-architecting the application
development process
Many IT organizations decide to pursue cloud computing through a
develop-and-test initiative. Often the impetus is that software engineers
are turning to public web services and IT management wants to prevent
it. The thinking goes that by offering developers a local cloud, they can
be dissuaded from using a public offering. That’s ok as far as it goes, but
it misses the far larger point. Most IT organizations rolling out a developer cloud have only thought about optimizing one facet of applications:
developers getting access to resources. They haven’t thought about the
other two elements - the development process and operating applications once in production. Leveraging cloud computing for accelerated
access to resources is a big win, but optimizing this element without
enhancing the others does not speed applications into production or
make them easier to update once in production. Speeding up one part
of a process (and by the way, that’s what application development is, a
process) and leaving the other parts unchanged does not appreciably
reduce overall deployment time. At a minimum, rebuilding the application process requires a move to agile development in which the overall
development duration is trimmed through short development cycles and
intense communication. But the underlying processes also need to be
updated to support agility. Continuous integration and deployment
within a development environment reduce the errors that occur when
developers attempt to merge code artifacts that have been developed in
isolation for weeks or even months. Only by marrying quick resource
availability with agile development practices will IT organizations achieve
real application benefits from cloud computing. Restructuring IT operations
IT operations will have to undergo enormous change as well. Taking
applications that have been developed with agile methods and then
placing them into a slow-moving operations environment, crucially hinders
overall business agility. IT operations will need to be restructured and
automated to support cloud computing. This goes well beyond using tools
to support dynamic application deployment to virtual machines in the
cloud. This means modifying the processes by which IT infrastructure itself
is installed and configured. The catch phrase is “infrastructure as code,”
and it means using tools to install and configure operating systems,
networks, and storage implementation. At the very least, manual installation and configuration of all software assets must shift to automation. The
cloud environment itself should be able to absorb additional hardware
assets as they are added to the IT environment. That’s why IT executives
have to chart their own cloud future. They need to face a mixed deployment
model going forward when it comes to private vs public vs hybrid. The key
issue for IT organizations is how that mixed landscape will be implemented
and managed as well as how to decide which environment is right for a
given application. So CIOs need to discuss the deployment decision
criteria IT organizations should follow as they decide where to install
applications, and identify administrative tool requirements to make
operating a hybrid cloud environment successful. As cloud is the first
technology shift that implements automation, thus removing human
intervention from the equation. The logic of automation requires a radical
rethinking of every aspect of IT processes and operations. Those who
recognize this imperative can succeed in the future.
A talk with:
Bernhard Golden
Harvard Business-expert
Internet resource: http://bit.ly/XA3Hrm
7
Trust is at the heart of cloud computing
Security in the cloud – what you need is effective risk management.
An interview with cloud expert Markus Vehlow, partner at PwC.
As far as users are concerned, the most significant cloud risks are not
associated exclusively with the provider. “The user organization remains
responsible for security, data protection and compliance. However, it
often doesn’t know and can’t monitor what is happening with its data,”
says PwC cloud expert Markus Vehlow. He recommends that companies
ensure that security is backed by cast-iron contracts and that they
choose a provider who offers end-to-end protection. This not only means
information security and data privacy, but also robust compliance and
reliable service availability.
Mr Vehlow, in your experience, how are major corporations tackling the cloud? Initial pilot phases have been successfully completed,
and CIOs are now looking at areas where cloud computing could add
tangible value. I am aware of some projects involving hundreds of
thousands of users. The pressure from user departments is increasing,
and organizations in both the public and private sectors want to avoid
typical beginner’s mistakes.
Shouldn’t the provider help them to avoid these “beginner’s mistakes”? Yes, but we still see a mismatch between what providers actually
do and what customers expect. Providers sometimes neglect risk management and compliance, and concentrate too much on the technical
aspects of a cloud service. Problems often arise simply as a result of
data being shuffled to-and-fro between countries with differing requirements and legislation. International providers are aware of this, and are
working hard to reengineer their own networks to fulfill data protection
requirements, for example.
How can we overcome these issues? We see three basic developments. First, our research shows a trend toward German providers.
Second, in our experience, cloud projects with strong business/IT
alignment – where IT infrastructure is geared to the business processes
– have enjoyed a great track record. And third, cloud projects often bring
to light tasks of a non-technical nature that have to be tackled by both the
company and the provider.
… these would be? Businesses have to address a whole host of issues
with regard to their IT governance, before they can successfully implement cloud projects. They have to ensure that their IT supports their business strategy and goals. That’s why they should already have fundamental governance and risk structures in place. Then, there’s the question of
the types of data and how to effectively classify them. The organization
needs to be clearly cloud-ready from the very beginning. We have to ask
ourselves, how much value does the cloud add and what dependencies
arise as a result? In a nutshell, you have to be aware of all new risks and
safeguard against them. This is best achieved at the institutional level
with corresponding steering committees. And that’s why some companies have created corresponding positions for risk management.
What does the provider have to bring to the table? Service level agreements are very much at the fore – and they have to be watertight. In our
view, during the evaluation process, the provider has to be able to prove
that it has the right skills, resources and experience for the job. However,
it’s also important to find a provider whom you can trust. This is crucial
because ultimate accountability lies with the customer.
… and that means? Just because we’re dealing with a cloud project
doesn’t mean that anything changes in terms of the requirements. It
works just like a “regular” outsourcing contract. The data protection laws
are the same, and requirements such as the Sarbanes-Oxley Act are just
as important. Companies can’t shirk their responsibilities – even in the
cloud. The cloud is not a risk-free zone, that’s why it’s all about having
confidence in your provider. Consequently, the most sought-after providers are the ones with existing customer relationships and experience
under their belt.
Internet resource: http://bit.ly/12g5hq7
8
Think opportunity, not risk
How businesses can leverage the cloud to drive cultural change: an interview with high-profile
blogger and cloud philosopher Gunter Dueck.
We know the cloud is about new technology and business processes. But
it is also about creating new roles and responsibilities. Because employees
need to accept and embrace a paradigm shift. To put it simply, IT is leaving
the server room in the basement, and reaching out to many more areas of
the company. This change needs to be woven into the fabric of corporate
culture. Forward-thinking cloud expert Gunter Dueck knows it is not just a
question of new technology.
Mr. Dueck, why is the cloud such a blessing for CIOs? Everybody in IT
has been under huge pressure for some time now – building an ever-greater number of applications more-or-less by hand. But now, with the move to
the cloud, IT is entering into the realms of mass production. Now the guys
in IT can use their initiative and create new apps focused on meeting the
needs of specific user departments. It’s also about pay per use. And the
result is new and hopefully better products.
… can it really please everybody? … Why not? I don’t mean they should
pitch up, armed with their clipboard like an external consultant. They need
to listen, and test the water for new opportunities. If people feel pressured
into change, they often become suspicious – that creates resistance that
must then be overcome. But it doesn’t have to be that way. Whatever
happens, the cloud will radically transform the working environment. That’s
common knowledge – people aren’t completely oblivious. New technology
always comes up against doubts and reservations. This time it’s the cloud,
and it will impact all areas of business. But it’s crucial to remember: the
cloud offers more opportunities than risks – significantly more.
Despite the benefits, many CIOs are still hesitant. Why? You have to
understand the problems. Integrating business processes into the cloud is
a challenging change management proposition. It means major disruptions to existing operations.
What advice would you give them? Change means uncertainty, but it
can also bring about a sense of anticipation of a better future. I have no
idea why people lean towards uncertainty and worry, fear a loss of control,
etc. It is often said that senior management should be spreading positivity
– but if they aren’t convinced themselves? Innovation is something people
welcome, but change is often perceived as enforced.
What can/should they do? Someone needs a holistic understanding
of both the customers’ world and what IT can make possible. Sitting in
conference rooms won’t get you anywhere. They have to get out there and
visit each user department to identify possible cloud opportunities, before
sounding out the user response to the suggested steps. The cloud provides many businesses with a golden chance to restructure and enhance
their processes. And that makes everybody happy.
Internet resource: http://bit.ly/XAvf3N
9
EDITOR:
T-Systems International GmbH
Hahnstraße 43d
D-60528 Frankfurt am Main
Phone: +49 (0) 69 20060 - 0
E-mail: [email protected]
Internet: www.t-systems.de
Responsible for content:
PR & OnlineMarketing