Date post: | 04-Apr-2015 |
Category: |
Documents |
Upload: | ravinder-chiluveru |
View: | 59 times |
Download: | 0 times |
An Overview to
Cloud Computing
1
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Agenda and Objectives
Introduction
2
Module / Lesson Objectives
Introduction Introduce facilitators and learning objectives
Module 1: About Cloud Computing Describe Cloud Computing is the associated features and
benefits
Module 2: Types of Clouds Identify Cloud Types and Cloud Services
Module 3: Typical Cloud Architecture Identify the key characteristics and components of the Cloud
Computing architecture
Module 4: Security & Risk Describe the security, risk and compliance issues that need
to be considered and provides a risk-based approach to
addressing them
Module 5: Compliance Identify compliance regulations and data governance
requirements to Deloitte service offerings
Module 6: Governance Describe IT Governance and the need for standardized
processes
Module 7: Why Deloitte? Distinguish between the different services Deloitte offered to
support cloud computing and why clients should choose
Deloitte
Module 8: Summary Summarize lessons learned and answer remaining
questions
Module 1: About Cloud Computing
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Upon completing this module, you will be able to:
Describe Cloud Computing is the associated features
and benefits
Duration: 5 minutes
4
Learning Objectives
Module 1: About Cloud Computing
Copyright © 2010 Deloitte Development LLC. All rights reserved.
• In the simplest of terms, Cloud Computing is an Internet-based
shared computing paradigm, somewhat like an electricity grid:
‒ Internet-based computing
‒ Shared resources
‒ Shared software
‒ Shared platforms and infrastructure
‒ Available on-demand
• Cloud Computing… this is the future of computing, it is cutting
edge, it is out there right now and clients are asking about it:
‒ Future of computing
‒ Cutting edge
‒ Out there, right now
‒ Clients are asking about it
5
Module 1: About Cloud Computing
Cloud Computing Description
Copyright © 2010 Deloitte Development LLC. All rights reserved.6
Module 1: About Cloud Computing
Key Characteristics of Cloud Computing
Standardized Standardized IT services configurations are
implemented in order to leverage the capabilities
of cloud computing.
Easily Accessible Easy access via the Internet from any computer:
Cloud services can be conveniently accessed by
using a standard Web browser
Available On-demand Cloud computing is highly available and
scalable: Replication is part of the cloud
framework.
Scalable Capabilities are easily scaled, and can be
automatically adjusted to meet demand
Pay As You Go Pay only for what you use and only while you
use it
Self-servicing Full customer self-service: customers can
provision, manage, and terminate services
themselves
Copyright © 2010 Deloitte Development LLC. All rights reserved.
• If you access multiple servers, you need to only request access; you don’t have
to complete the actual server setup.
• Costs are lower. Public Cloud computing customers do not own the physical
infrastructure, thus avoiding capital expenditure (CapEx) by contracting for the
service from a third-party provider.
• You can release a capability if you are no longer using the resource, while
retaining the configuration in a library for future use.
• You always have the most updated applications and setup.
• As your requirements grow, the cloud expands with you.
• Cloud user groups and communities help to drive the face of the future.
Feedback from early adopters changes the technology.
• The importance of on-demand is that you pay for only what you use, as
opposed to traditional infrastructure.
• Maintenance is easier since the host cloud environment is maintained by the
provider.
7
Module 1: About Cloud Computing
Benefits of Cloud Computing
Copyright © 2010 Deloitte Development LLC. All rights reserved.8
Module 1: About Cloud Computing
Evolution of Cloud Computing
1998-2002 Application Service Providers:
• Applications were designed with
the mindset of a dedicated
operating environment.
• Bandwidth and hardware
limitations led to performance,
reliability, and scalability issues.
Today • Network and hardware
advancements make remote
enablement of pieces of
critical business processes
viable.
• The global economic
recession led to an increased
role of the business in
software selection and cost
reduction.
2003-2006 Grid Computing:
• ―The network is the computer‖ –
though famously promoted by
hardware, database, and systems
software providers, the lack of
multi-tenancy application
architectures and related security
capabilities undermined these
impressive technical advances.
• The market was crowded with
contradictory approaches.
Challenges post 2010.
Today • Underlying computing,
storage, and data layers are
increasingly abstracted from
the consumer, shifting to a
true utility model.
• Proliferation of supported
infrastructure, platform, and
software offerings built around
cloud principles.
• Continued hardware
advances are improving
performance, bandwidth, and
scalability.
Copyright © 2010 Deloitte Development LLC. All rights reserved.9
Module 1: About Cloud Computing
Evolution of Cloud Computing, Cont’d.
2008-Onwards Cloud Commercialization:
• Cloud computing is coming to the market in waves of capabilities –
capabilities that improve as the technology matures
• Cloud computing is a multi-faceted concept without universally
accepted definitions.
• Organizations are awash with partial and inaccurate understanding of
cloud computing – causing confusion and barriers.
• Suppliers have rebranded products as cloud computing – diluting the
marketplace.
• Definitions for the types of clouds, disposition of cloud services, and
business models are gaining traction.
• Free-market principles are forcing fringe products from the space, with
higher-tier products gaining share.
• Emergence of ―capability clouds ‖ offering clearly packaged services
with direct business relevance and value i.e. Cloud solutions.
Module 2: Types of Clouds
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Upon completing this module, you will be able to:
Identify Cloud Types and Cloud Services
Duration: 10 minutes
11
Learning Objectives
Module 2: Types of Clouds
Copyright © 2010 Deloitte Development LLC. All rights reserved.12
Module 2: Types of Clouds
What is a “Cloud”?
Public Cloud Cloud computing services from vendors that can be
accessed across the Internet or a private network,
using systems in one or more data centers, shared
among multiple customers, with varying degrees of
data privacy control.
Private Cloud Computing architectures that are built, managed, and
used internally; uses a shared services model with a
common pool of virtualized computing resources.
Data is controlled within the enterprise.
Hybrid Cloud A combination of public cloud services, private cloud
computing architectures, and classic IT infrastructure.
This forms a hybrid model that uses the best-of-breed
technologies to meet specific needs.
Copyright © 2010 Deloitte Development LLC. All rights reserved.13
Module 2: Types of Clouds
Public Cloud
Attributes
• Quick startup time
• No capital investment required
• Allows outsourcing of non-core functions to a service
provider
• Leverages highly scalable vendor infrastructure
• Uses a standardized software stack
• Lower initial fees, variable costs, billed by usage
Benefits
• On-demand access to a shared pool of resources,
applications, and data
• Procurement and expandability is easy
• Accessibility to public clouds
• Interfaces with public cloud services
Copyright © 2010 Deloitte Development LLC. All rights reserved.
There is no specific reference architecture for Public Cloud, given that it’s a
service abstraction. All the major vendors do it differently at the physical
architecture level.
Public clouds offer dynamically provisioned resources on a self-service basis over the Internet
via web applications/web-services from an off-site service provider who shares resources and
charges on a fine-grained utility computing basis. In this model, service providers manage the
infrastructure and resource pools which can be paid for and used by any customer.
14
Public Cloud Logical Model
Module 2: Types of Clouds
Copyright © 2010 Deloitte Development LLC. All rights reserved.15
Module 2: Types of Clouds
Private Cloud
Attributes
• Quick startup and flexibility of resource allocation
• Requires capital investment
• On-premise data and systems
• Good choice when possible to leverage existing staff and
investments
• Cost savings through leveraging virtualization and grid
technology
Benefits
• Business units may share costs
• More efficient use of CapEx and corporate resources
• pay as you go versus costs up front, and only while
resources are needed
• Expenses become part of business units operating
expenses (OpEx) rather than capital expenditure up front
(CapEx)
Copyright © 2010 Deloitte Development LLC. All rights reserved.16
Private Cloud Logical Model
Module 2: Types of Clouds
Enterprise Data Center
Virtualized Servers Databases/Storage
Load Balancing
User Interface
User Interface
Reference DepositoryComputing Resource
Manager
Firewall
Internet
User Interface
Front-End Application
User Interface
High Speed
Ethernet
User Access Management – Intrusion ManagementU
ser
Acc
ess
Man
agem
ent –
Intr
usio
n M
anag
emen
t Preconfigured
TemplatesStandard Operating
Procedures
VPN
VPN
Private Cloud Computing
Logical Model
Copyright © 2010 Deloitte Development LLC. All rights reserved.17
Module 2: Types of Clouds
Hybrid Cloud
Attributes
• More flexibility in providing IT services while at the same
time maintaining more control over business services and
data
• Quick startup
• Integration of cloud types adds complexity
• Allows ―best of both worlds‖ for control of data and reduction
of non-core focus
• Allows selection of scalable vendor infrastructure
• Allows internal control
• Allows fine-grained sourcing of most appropriate technology
and cost profiles
• Integration may constrain savings potential
Benefits
• More control over security
• Advantages on cost savings from Public Cloud use
Copyright © 2010 Deloitte Development LLC. All rights reserved.18
Hybrid Cloud Logical Model
Module 2: Types of Clouds
Enterprise Data Center
Virtualized Servers Databases/Storage
Load Balancing
User Interface
User Interface
Reference DepositoryComputing Resource
Manager
Firewall
Internet
User Interface
Front-End Application
User Interface
High Speed
Ethernet
User Access Management – Intrusion ManagementU
ser
Acc
ess
Man
agem
ent –
Intr
usio
n M
anag
emen
t Preconfigured
TemplatesStandard Operating
Procedures
VPN
VPN
Private Cloud Computing
Logical Model
Hybrid Cloud leverages the same logical model as the Private Cloud.
Copyright © 2010 Deloitte Development LLC. All rights reserved.19
Module 2: Types of Clouds
Cloud Services
Service type
categoryDescription of the different service categories
Software-as-a-
Service (SaaS)
• A model of software deployment whereby a provider licenses an
application to customers for use as a service on demand
• SaaS software vendors may host the application on their own web
servers or download the application to the consumer device, disabling it
after use or after the on-demand contract expires
Platform-as-a-
Service (PaaS)
• The delivery of a computing platform and solution stack as a service
• Facilitates the deployment of applications without the cost and complexity
of buying and managing the underlying hardware and software layers
• Provides all of the facilities required to build and deliver web applications
and services entirely from the Internet
Infrastructure-
as-a-Service
(IaaS)
• The delivery of computer infrastructure (typically a platform virtualization
environment) as a service
• Rather than purchase servers, software, data center space ,or network
equipment directly, clients instead buy those resources as a fully
outsourced service
• Service is typically billed on a utility computing basis with the cost
reflecting the amount of resources consumed
Module 3: Typical Cloud Architecture
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Upon completing this module, you will be able to:
Identify the key characteristics and components of the
Cloud Computing architecture
Duration: 10 minutes
21
Learning Objectives
Module 3: Typical Cloud Architecture
Copyright © 2010 Deloitte Development LLC. All rights reserved.
• Data Center architecture and capacity:
‒ Reduces costs of purchasing servers, software, data center space, or network
equipment.
‒ Billing and how customers are billed is impacted. Cost reflects the level of
activity.
‒ Scalability
• Architecture transformation and evolution:
‒ Network-based access to, and management of, commercially based software
‒ Centralized feature updating
• Policy-based management of IT platforms
• Technology implications
• Managing operational risks—depending on the cloud solutions
operational activities that are managed from central provider locations
22
Module 3: Typical Cloud Architecture
Key Characteristics
Copyright © 2010 Deloitte Development LLC. All rights reserved.23
Module 3: Typical Cloud Architecture
Basic Features of Cloud Computing
Architecture and Services
Front-End Portal
Application
Provisioning of services begins immediately once an end-user defines and
submits their service choices, except those services that require IT
administrator approval.
Service Options
Service Options an End-User Could Define Within the Front-End Portal
include:
• Environment
• Virtual Server
• Storage
Compute
Resource
Manager
The Compute Resource Manager provides IT administrator’s deep visibility
and control into their virtual environments and underlying infrastructure,
while allowing for automatic IT service provisioning with little human
interaction necessary. The four key functions of the Compute Resource
Manager are:
• Define infrastructure service templates workflows, and automation scripts
• Allocate and provision infrastructure services
• Monitor active infrastructure services
• Decommission and repurpose infrastructure services
Computing
Resources
The servers, storage, and network resource pool
Load Balancing Used for maintaining and balancing loads on provisioned resources
• Backup
• Network
• Database
Copyright © 2010 Deloitte Development LLC. All rights reserved.24
Module 3: Typical Cloud Architecture
Cloud Flow
Differences of
the Private
Cloud vs.
Public Cloud
• How does the user interact with the cloud: ordering, monitoring
what you use, billing, releasing what you don’t use.
• Location/use of firewall will distinguish private from public.
Effort to
Deploy, Run,
and Manage
Applications
• Owned by you and configured as a cloud services model, or is it
owned by cloud service providers and you are just renting them?
• In the case of private clouds clients may have to build out the
four pieces and parts. There is no standard path around building
out these pieces. They can all evolve over time. Flow is relevant
when you define a new environment.
Module 4: Security & Risk
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Upon completing this module, you will be able to:
Describe the security, risk and compliance issues that
need to be considered and provides a risk-based
approach to addressing them
Duration: 10 minutes
26
Learning Objectives
Module 4: Security & Risk
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Concerns over integrity and information security continues to slow
the adoption of cloud services.
• Security, risk, and compliance concerns are top reasons cited for delaying cloud
adoption.
• On the other hand, cloud solutions can potentially provide better security
protection, risk management, and compliance.
27
Module 4: Security & Risk
Cloud Concerns
Copyright © 2010 Deloitte Development LLC. All rights reserved.
New risks have been introduced to Cloud Computing that include:
• Identity and access management
• Vulnerability management
• Network, system, and application security
• Encryption
• Privacy and data protection
• Monitoring
• Incident management
28
Module 4: Security & Risk
New Security Risks
Copyright © 2010 Deloitte Development LLC. All rights reserved.
There are many other risks that one has to consider when
implementing cloud. These include:
• Business continuity, disaster recovery, and availability
• Asset management
• Human risks (e.g. malicious insider at cloud provider)
• Electronic discovery
• Financial controls
• Vendor management
• Vendor lock-in
29
Module 4: Security & Risk
Risks to Consider When Implementing Cloud
Copyright © 2010 Deloitte Development LLC. All rights reserved.
The platform for compliance is under continuous change and
requires detailed attention.
• Complexity in complying with multi-jurisdictional data laws because of lack of
knowledge of data location
• Lack of transparency impediment to monitoring compliance
• Evolving cloud standards, regulations, and compliance enforcement landscape
30
Module 4: Security & Risk
Compliance Within Cloud
Copyright © 2010 Deloitte Development LLC. All rights reserved.
There are many benefits of a risk-based approach to address
security, risk, and compliance which includes:
• Risk assessment
• Risk management system/solution
• Implementation of specific controls or remediation
• Internal audits and external assurance
• Ongoing monitoring and improvement
31
Module 4: Security & Risk
Benefits of a Risk-based Approach
Module 5: Compliance
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Upon completing this module, you will be able to:
Identify compliance regulations and data governance
requirements to Deloitte service offerings
Duration: 5 minutes
33
Learning Objectives
Module 5: Compliance
Copyright © 2010 Deloitte Development LLC. All rights reserved.
There are many legal requirements for providing cloud services that
include:
• Overview regulations and data governance requirements
• Internal compliance requirements
• Privacy laws
• Compliance with local laws and regulations
34
Module 5: Compliance
Legal Compliance
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Data protection is critical to the viability of cloud services. It provides
the following for cloud services:
• Protecting data against theft, loss and misuse
• Tax implications
• Auditing and monitoring
• Data integration hub
• Master data management strategy
35
Module 5: Compliance
Data Governance
Module 6: Governance
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Upon completing this module, you will be able to:
Describe IT Governance and the need for standardized
processes
Duration: 5 minutes
37
Learning Objectives
Module 6: Governance
Copyright © 2010 Deloitte Development LLC. All rights reserved.
The primary objective of IT Governance and Controls is to ensure the
investments an organization makes in Cloud Computing create business
value, mitigate related risk, and align with the organization’s overall IT
and business strategy.
38
Module 6: Governance
IT Governance and Controls
Copyright © 2010 Deloitte Development LLC. All rights reserved.
When implementing Cloud Computing there are some key questions
to consider in relation to security and risk.
• What is Cloud Computing governance?
• Why is it important?
(You have to think about this differently and re-define the governance structure
as it applies to IT structure and services.)
• Does the Cloud Computing model continue to align with existing IT governance
and business objectives?
• Should you take a traditional approach and change it to account for on-demand
service provision and chargeback?
• What tools need to be monitored?
(These will need to be put in place and this is where the investment comes in.)
• Is the governance defined for the cloud computing model as well as the
organizational structure?
39
Module 6: Governance
Things to Consider
Module 7: Why Deloitte?
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Upon completing this module, you will be able to:
Distinguish between the different services Deloitte
offered to support cloud computing and why clients
should choose Deloitte
Duration: 5 minutes
41
Learning Objectives
Module 7: Why Deloitte?
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Unmatched global capabilities across technology and business
consulting, financial advisory services, and tax and risk management:
‒ Vendors only look at niche market and their vertical Deloitte looks at a solution
holistically. Deloitte provides an unbiased opinion, based on our exposure to
market capabilities.
‒ Deloitte is an integrator—can model solutions to the size of business and
required business solution. Vendors are just ―one note.‖
‒ Deloitte can create a test pathway of implementation and prevent obstacles by
testing.
‒ Avoid vendor locking, not vendor specific.
‒ Synthesizing cloud computing trends. Cut through the fluff. Get the real story.
‒ Can leverage Deloitte collaboration with industry standards.
‒ Deloitte actually has its own cloud—so, we walk the walk.
42
Module 7: Why Deloitte?
Our Value Proposition
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Deloitte provides various best-in-class service offerings, including:
• Cloud strategy, integration, and migration
• Data governance
• Security, risk, and compliance
• Tax strategies
43
Module 7: Why Deloitte?
Service Offerings
Module 8: Summary
Copyright © 2010 Deloitte Development LLC. All rights reserved.45
Cloud Computing Resources
Module 8: Summary
Other Cloud Computing courses in this series:
• Introduction to Cloud Computing (e-Learning)
• Public Cloud Computing (Virtual Classroom)
• Private Cloud Computing (Virtual Classroom)
• Security, Risk, and Compliance in the Cloud (Virtual Classroom)
• Cloud Computing Governance (Virtual Classroom)
• Selling Cloud Services (Virtual Classroom)
For additional information, please contact:
DeWayne Holmes
+1 916 712 0258
Chris Weitz
+1 408 315 6289
Erik Marvik
+1 415 713 2505
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Lessons learned from this session include:
• Cloud Computing is Internet-based shared
computing paradigm, meaning shared software,
platform, and infrastructure resources are made
available on demand.
• The major types of Clouds are Public, Private, and
Hybrid.
• The three cloud service type categories are
Software-as-a-Service (SaaS), Platform-as-a-Service
(PaaS), and Infrastructure-as-a-Service (IaaS).
• Security, risk, and compliance concerns are top
reasons cited for delaying cloud adoption.
• IT Governance and Controls provides the means to
carefully limit risks and maintain a controlled
environment.
• Deloitte provides unmatched Cloud Computing global
capabilities across technology and business
consulting, financial advisory services, and tax and
risk management:
46
Lessons Learned
Module 8: Summary
Copyright © 2010 Deloitte Development LLC. All rights reserved.
Questions
47
Module 8: Summary
© 2010 Deloitte Development LLC48