Date post: | 20-Nov-2014 |
Category: |
Technology |
Upload: | inevitablecloud |
View: | 327 times |
Download: | 2 times |
24/01/2013 1John Rhoton – 2013
Cloud Deployment StrategyChallenges to Consider
John Rhoton
Cloud Weekend, Giza, Egypt11-12 May 2013
24/01/2013 2John Rhoton – 2013
Agenda
• Business/Financial• Risk & Security• Technical• Process
24/01/2013 3John Rhoton – 2013
Business Case
• Sunk Cost– Irrelevant?– Political, Marginal Costs
• Return on Investment– Calculated with NPV / IRR– Payback period
• Cash Flow effects• Revenue impact of flexibility and speed
24/01/2013 4John Rhoton – 2013
Cost Tradeoffs
Initial Ongoing
PrivateCloud
Capital Expenditures
LicensingOperations
PublicCloud
Migration Subscription
Hardware, Software, Deployment, Administration, Support
24/01/2013 5John Rhoton – 2013
Hybrid Usage Profile
Base
Series1
Base Usage Peak
Spikes
24/01/2013 6John Rhoton – 2013
Risk Analysis
• Governance• Risk• Security• Compliance
24/01/2013 7John Rhoton – 2013
Risk Mitigation Options
Data Leakage
Data Loss
Service Loss
Service Impairment
Damaged Reputation
Lock-In
Provider Assessment
Contract Negotiation
Encryption
Additional Backup
Multi-sourcing
Standardization
24/01/2013 8John Rhoton – 2013
• Personal observation• Personal experience• Insight
Employees Contractors
Partners Suppliers
• Public verification• Contracts• Compensation
ExpertsLegal Counsel
AuditorsPublic Scrutiny
SegmentationAccess controls
EncryptionAccess controls
Shifting Trust
Adapt Corporate Culture
24/01/2013 9John Rhoton – 2013
Confidentiality
• Data Governance– Data loss prevention
• Compartmentalization
• Encryption
Classify data, Select and Combine Options
24/01/2013 10John Rhoton – 2013
Compliance
Enforce Logical Barriers
Global Internet versus National Laws
24/01/2013 11John Rhoton – 2013
BusinessContinuity
Eliminate
High Probability
Low Probability
High ImpactLow Impact
Resilience
Risk Treatment
24/01/2013 12John Rhoton – 2013
Technical Considerations
• Technologies• Integration• Availability• Automation
24/01/2013 13John Rhoton – 2013
Lock-in vs. Cloud Stacks
• Servers• Storage• Network• Hypervisor• Operating
System• Orchestration
Proprietary Hardware
Proprietary Software
OpenSource
ConsortiumDriven
Balance ease with flexibility
24/01/2013 14John Rhoton – 2013
Integration• Connectivity• Application Compatibility• Authorization and Isolation
Internal External
Users
Functions
Resources
24/01/2013 15John Rhoton – 2013
Identity Federation
Identity challenges• Password
proliferation• Weak
authentication• Support costs• User
productivityImplement Identity Standards (SAML,
SCIM)
24/01/2013 16John Rhoton – 2013
Redundancy
• Dimensions– Physical– Geographical– Technological– Organizational
• Horizontal Scalability• ACID (Atomic Consistent Isolated Durable)
=> BASE (Basic Availability, Soft-state, Eventual consistency)
Architect for scale
24/01/2013 17John Rhoton – 2013
Automation
• Efficiency, Quality, Traceability, Compliance
• Scripting• Workflow• Sizing• Best practice configuration
• Puppet, Chef, Capistrano• OpenStack Heat, Juju Charms
24/01/2013 18John Rhoton – 2013
Process• Culture
– Job Security Career Enhancement– Political Power shift
• Skills– Virtualization, Networking, Storage– Linux, Python, Ruby, OpenStack, OpenFlow
• Procedures– Workflow definition
• Project Management– Rollout pace, schedule– Continuous integration, continuous deployment
24/01/2013 19John Rhoton – 2013
Emotional vs Factual
• Fear, Uncertainty and Doubt• Increased Effort– Evaluation– Negotiation– Integration– Implementation
• Reduce CAPEX benefits
Plan early, think objectively
24/01/2013 20John Rhoton – 2013
Summary
• Build the business case around agility• New trust model is inevitable• Security challenges real but
addressable• Integration the biggest technical
hurdle• Don’t forget the human element!
24/01/2013 21John Rhoton – 2013
Contact Details
Follow me: @johnrhotonConnect: linkedin/in/rhotonRead the books:
amazon.com/author/rhotonDownload the presentation:
slideshare.net/rhoton