Date post: | 23-Jan-2015 |
Category: |
Technology |
Upload: | chsieh |
View: | 552 times |
Download: | 3 times |
Cloud Adoption – Journey of IT Service Management
CIO San Francisco Summit
Dec 4, 2013
Caroline Hsieh
Cloud Adoption – How to Get There
Executive Endorsement
Governance structure
Architecture strategies to identify cloud capabilities to enable business
Selection criteria to determine preferred cloud vendors
Risk-management process
Service management process for cloud computing following the ITIL model
Why Cloud Governance?
Minimize vendor proliferation
Reduce Corporate Risk
Consistently Secure Data
Threat Security Risks Service Management
Opportunity Business Growth Cost Savings Speed
Cloud Governance
Reap the benefits of cloud while….
Minimize vendor proliferation
Reduce Corporate Risk
Consistently Secure Data
Quickly and Safely
Cloud Governance Structure Forming a Cloud Governance Body
Define cloud strategies and maintain cloud capabilities Establish selection criteria to minimize proliferation of vendors Perform risk assessment on data and cloud vendors Educate business users on how to handle data in the cloud Enforce data security and privacy policies
To enable business to rapidly adopt cloud solutions while minimizing data security risks with cloud vendors
Enterprise Architecture IT Operations Vendor Management Purchasing
Information Security Corporate Compliance Legal Business Representatives
Cloud Governance Committee is a continuous working body to define and maintain cloud usage policies and standards.
Architecture Strategy and Cloud Capabilities Step 1 - Identify business demand across company
SaaS
Sales • Opportunity Management
• Quoting • Live Chat • Account Mgmt.
• Sales Compensation • Content
Management • Partner Relationship
Management
Marketing • Social Marketing • Campaign
Management • Live Chat
• Content Management
• Customer Survey • Lead Management • Online Collaboration
Tech Support
• Case Management • Knowledge Base • Account Mgmt.
• Content Management
• Live Chat
Education & Training
• Virtual Classroom • Live Chat
• Knowledge Base • Compliance
Education
Professional Services
• Project Accounting • Online Collaboration
• Service Resource Planning
HR • Human Resource Management
• Applicant Tracking
• Talent Management • Payroll
Legal
• Contract Management
• Online Collaboration
IaaS
Engineering • Dev./QA Lab • Storage • Database
Marketing
• Microsite Hosting
Moderate usage of cloud
Heavy usage of cloud
PaaS
Engineering
• Dev./QA Lab • Database • Integrated
Development Environment
Identify selection criteria
Create vendor checklists to incorporate the identified criteria
Select vendor based on functionality fit and adherence to the criteria
Cost Support Talent acquisition Integration
Architecture Web services, APIs Single sign on
Data replication UI customization
Support mobile devices Multi-factor auth.
Security 3rd party certification Data loss prevention
Data retention policy Access management
Data encryption Data segregation
Operation SLA (uptime & support) Monitoring
Vendor viability Billing
Redundancy/DR Incident notification
Legal Data privacy Indemnification eDiscovery
Architecture Strategy and Cloud Capabilities Step 2 – Select Preferred Cloud Vendors
Architecture Strategy and Cloud Capabilities Step 3 – Map business demand to vendor capabilities
Leverage preferred vendors to Minimize vendor proliferations
Reduce risk exposure
Consolidate buying power to get best pricing
Negotiate the terms to best protect the
corporation
Standardize technology and skillset required
to support the cloud solutions
Account Management
Pipeline Management
Lead Management
Preferred CRM
SaaS Vendor
Performance Management
Talent Management
Workforce Management
Preferred HRMS
SaaS Vendor
Campaign Management
Event Management
Lead Generation
Preferred
Marketing
Automation
SaaS Vendor
Virtual Machine
Storage
Web Hosting
Database
Preferred IaaS
Vendor
Development Platform
Preferred PaaS
Vendor
Content Management
Online Collaboration
Preferred
Content
Management
SaaS Vendor
Examples
Cloud Vendor Risks What Business and IT are facing today
Security
Financial
Legal Operations
Data Access, Loss & Privacy
Service Management
Corporate Reputation
Vendor Viability
Data Security and Risk Management
Establish policies for handling data in the cloud
Classify the data based on data sensitivity(*) Define security control policies for different data classification
Educate business community on handling data in the cloud
Obtain business and IT executive approval for storing data in the cloud
Establish standard agreement terms with preferred vendors
Less security control Higher security control
Public Info Internal data Highly confidential data
Balancing Business Value vs. Risk Level
Business Values Time to Market
Cost Saving Operation Efficiency
Customer Experience
Risk Level Security Financial Legal Vendor Management
LOW HIGH
HIGH
Reject
Approve Assess
Assess
Service Management Process Leveraging ITIL for cloud services
Follow ITIL framework for
end to end cloud service
management,
Clarify the role &
responsibilities of
Business, IT, and cloud
providers.
Ensure governance
process encompass the
entire service
management cycle.
Develop your staff’s skills on cloud service management
Service Strategy
IT
Bu
siness
Ven
do
r
Service Strategy A RI C
Service Portfolio Management
A CI
Demand Management
A RC
Financial Management
R A C
Service Design
IT
Bu
siness
Ven
do
r
Service Level Management
R A C
Availability Management
A CI R
Capacity Management
A CI R
IT Service Continuity
A CI R
Information Security
CI A R
Supplier Management
CI A
Service Catalogue
A CI
Service Transition
IT
Bu
siness
Ven
do
r Transition Plan & Support
CI A R
Service Asset & Configuration
I CI A
Validation and Testing
R A CI
Release and Deploy
R A CI
Change Management
CI CI A
Evaluation R A
Knowledge Management
I A C
Service Operation
IT
Bu
siness
Ven
do
r
Event Management
I CI A
Incident Management
A
Problem Management
A
Request Fulfillment
A
Access Management
CI A
Continual Service
Improvement
IT
Bu
siness
Ven
do
r
Service Measurement and Reporting
CI CI A
Continual Service Improvement
CI CI A
R Responsible
A Accountable
C Consult
I Inform
Establish Service Management Process Roles and Responsibilities Example – to be adjusted for SaaS, PaaS, IaaS
Cloud Vision
Funding Model
Risk Threshold
Escalation
Executive Endorsement Forming a Cloud Executive Council
Cloud Executive Council is a steering committee to sponsor cloud
adoption and champion enforcement of policies.
Chief Information
Officer
Chief Information
Security Officer
Business Executive Sponsors
Chief Technology
Officer
Balance business benefits vs. risk level
Establish cloud strategy and cloud capability
Obtain buy-in from stakeholders
Incorporate cloud governance as part of
enterprise architecture and IT operations processes
Cloud Adoption
Summary