cloud migration for financial services - toronto - october 2016
TRANSCRIPT
© 2016 Cloud Technology Partners, Inc. / Confidential 1
Cloud Adoption Best Practices
October 11th, 2016
Robert Christiansen
© 2016 Cloud Technology Partners, Inc. / Confidential 2
• Leads the Cloud Adoption
Program Global Practice
• 30+ years of IT experience with
10 in public and private cloud
Robert Christiansen
Vice President,
Cloud Adoption Practice Lead at CTP
Today’s Speaker
© 2016 Cloud Technology Partners, Inc. / Confidential 3
Enterprise Cloud Experts
CTP is the premier cloud services
and software company for
enterprises moving to cloud.
• Experts in end-to-end cloud adoption
and mission-critical cloud application
development
• Experts in enterprise cloud and work
closely with AWS and others
• No one is more cloud-focused,
attentive, and capable than CTP
350+ Enterprise Projects
Proven, qualified, certified.
✓ AWS Premier Consulting Partner
✓ AWS DevOps Competency
✓ AWS Migration Competency
✓ Gartner 2016 Cool Cloud Vendor
© 2016 Cloud Technology Partners, Inc. / Confidential 4
Cloud First
Why CTP? We Accelerate Cloud Transformation
● We move the right workloads to the right target environment
● We are building the next generation business critical systems (IoT, Big Data, HPC)
● We are the company that supports the broadest base of cloud platforms
● We are building the future of computing today – In the enterprise and @ scale
Hybrid CloudSingle Application
© 2016 Cloud Technology Partners, Inc. / Confidential 5
Comprehensive Cloud Services
Innovate on cloud.Move to cloud.
Cloud Adoption
Follow a comprehensive and proven
approach to enterprise cloud adoption
with the Cloud Adoption Program.
● Cloud Business Office
● Security and Governance
● Implementation and Migration
Digital Innovation
Build innovative cloud-based software
solutions and accelerate adding value to
your business.
● Internet of Things (IoT)
● Big Data and Analytics
● Blockchain, Machine Learning and more
Run the cloud.
Managed Services
Offload the ongoing operations and
maintenance of your cloud with our
managed services offerings.
● Environment and Applications
● DevOps and CloudOps
● Optimization and Improvement
© 2016 Cloud Technology Partners, Inc. / Confidential 6
Let’s Start with “Why”
© 2016 Cloud Technology Partners, Inc. / Confidential 7
Why Are You Here?
1) I want to understand how to move to AWS safely.
© 2016 Cloud Technology Partners, Inc. / Confidential 8
Why Are You Here?
2) I want to understand the economics of this change.
Data Center Costs• Hardware and networking costs
• Downtime costs (planned and unplanned)
• Upgrades cost
• SLA penalties
• Deployment cost
• Operational support cost (day to day operations)
• Performance costs
• Cost of selection of the vendor software
• Requirements analysis cost
• Developer, admin and end-user training cost
• Application designs and development costs
• Cost of integration with other systems
• Quality, user acceptance and other testing costs
• Application enhancement and bug fixes cost
• Replacement costs
• Cost of other risks (including security breaches)
10%
90%
© 2016 Cloud Technology Partners, Inc. / Confidential 9
Why Are You Here?
3) I want to protect and accelerate our competitive advantage.
© 2016 Cloud Technology Partners, Inc. / Confidential 10
Prior to the national grid, all factories generated their own power.
They leveraged hydroelectricity and burned coal.
© 2016 Cloud Technology Partners, Inc. / Confidential 11
It took 20 years to convince businesses that a
multi-tenant power grid was a good idea.
© 2016 Cloud Technology Partners, Inc. / Confidential 12
Pop Quiz:
What is the average utilization
percentage of virtual CPUs in a
data center?
Answer:
12%
© 2016 Cloud Technology Partners, Inc. / Confidential 13
Realization #1
“We must come together in a
shared computer model.”
© 2016 Cloud Technology Partners, Inc. / Confidential 14
Boston Headquarters
263 Summer Street
Fourth Floor
Boston MA, 02210
Contact
617.674.0874
www.cloudtp.com
However, data center consolidation is a one-time event.
The long-term value of cloud lays elsewhere...
© 2016 Cloud Technology Partners, Inc. / Confidential 15
The real value of cloud is...
‘The Speed of Innovation’
© 2016 Cloud Technology Partners, Inc. / Confidential 16
Infrastructure as Code
• Rapid provisioning
• Compliance through software
• Continuous governance
• Elastic load balancing
• Multi-data center HA
• Geo-distribution failover
• Pay for use
What used to cost millions now cost hundreds
Accelerate Software Deployments
© 2016 Cloud Technology Partners, Inc. / Confidential 17
Realization #2
“Accelerating the software
release process has a massive
impact on the business.”
Cloud Adoption can be “The One Thing”
© 2016 Cloud Technology Partners, Inc. / Confidential 18
The Tyranny of “How?”
● What used to take months and millions of
$$s...
● Now takes minutes and costs less than
$1,000s
● “How” we move to the cloud is significantly
lower risk and more secure than moving to a
new physical data center.
Don’t let “HOW” get in the way of “WHY”
Learning has very little risk!
© 2016 Cloud Technology Partners, Inc. / Confidential 19
Realization #3
“Enterprises are not ready for
the organizational change
necessary to realize the
benefits of the cloud.”
We are working new organizational muscles
and making new decisions.
Log Jams Will Happen!
© 2016 Cloud Technology Partners, Inc. / Confidential 20
Building a Cloud Strategy
Best Practices
© 2016 Cloud Technology Partners, Inc. / Confidential 21
Best Practice #1 - Alignment Workshops
Address the Fear, Uncertainty and Doubt Early
Alignment WorkshopsNot everyone is on the same page!
Lessons Learned:
1. Get GRC involved early
2. Deeply involve all security teams
3. Know your blockers
4. Make Application Teams part of the process
5. Have a clear “WHY CLOUD?” message
© 2016 Cloud Technology Partners, Inc. / Confidential 22
Best Practice #2 - Understand the Economics
Perform TCO / ROI to Justify Business Case
Understand the
Economics
Economics are your organization’s “True North”.
Lessons Learned:
1. Those who skipped economic studies lack the
“firepower” to move their projects forward
2. Build an economic model up front
3. Refine your model with each iteration of your cloud
4. Involve finance early in the discussion
5. Automation of governance is critical to maintaining KPIs
© 2016 Cloud Technology Partners, Inc. / Confidential 23
Best Practice #3 - Make a Decision
Successful Cloud Initiatives Start with a Decision
Commitment is required.
Lessons Learned:
1. Everyone must agree “Why Cloud”
2. Dedicate a team
3. Gain appropriate funding
4. Continue to educate GRC
5. Leverage your CBO as communication hub
Agree on Direction and Why
© 2016 Cloud Technology Partners, Inc. / Confidential 24
Best Practice #4 - Establish a CBO
Establish a Cloud Business Office
The move to the cloud touches many parts of the
business. Governance is core to the CBO.
Lessons Learned:
1. Ring-fence the team
2. Central point for decision clearing with SLAs
3. All stakeholders must have full or part time roles
4. Governance is key to CBO
5. Make communications a core function
Cloud Business Office
© 2016 Cloud Technology Partners, Inc. / Confidential 25
Third Parties
AWS, Tools
vendors, private
cloud providers,
etc.)
Compliance
& Risk
Enterprise Supplier
Management(Contract management)
Third Parties(AWS, tool vendors, etc.)
Communications
Compliance & Risk
Cloud EngineeringTechnology Center of
Excellence (SMEs)
Best Practice - Cloud Business Office
A Cloud Business Office
(CBO) serves as the central
point of decision-making and
communication for your cloud
program – both internal and
external to your company.Information Security
Operations(Governance & monitoring)
IT Finance(Chargeback, budget, invoicing)
App Owners(LOB, Dev teams, etc.)
HR(Onboarding, Training)
Cloud
Business
Office✓ An industry best practice to
ensure the success of your
cloud transformation
✓ Permanent decision-making
and governing body
✓ More than a Center of
Excellence or Program
Management Office
© 2016 Cloud Technology Partners, Inc. / Confidential 26
Existing Roles
CBO Roles
Full-time
Part-time
Observers
CBO Provides Clarity and Accountability
CBO is focused on “Time to Value”
• Application team onboarding
• Assignments & accountability
• Cloud capabilities / timing
• Vendors and partners
• PMO / PM enablement
© 2016 Cloud Technology Partners, Inc. / Confidential 27
Best Practice #5 - Discovery
Dependency Discovery is Required
CMDB & tribal knowledge are not dependable.
Lessons Learned:
1. Electronic discovery is required
2. Dependencies limit ability to move to cloud
3. Hybrid (on-prem to AWS) will exist and creates latency
4. Legacy thinking gets in the way
Discovery
© 2016 Cloud Technology Partners, Inc. / Confidential 28
Best Practice #6 - Security Assessment
Know Where You Are
Processes, roles, and technology are
different in the cloud.
Lessons Learned:
1. Assess against CSA / ISO 270XX standard
2. Start with a known secure cloud (MVC) reference architecture
3. Assess against a baseline
4. Find the gaps and plan for the remediations
5. Many existing toolsets may not make the trip
Security Assessment
© 2016 Cloud Technology Partners, Inc. / Confidential 29
Best Practice #7 - Establish a Minimum Viable Cloud (MVC)
We Can Iterate Cloud Solutions
Minimum Viable CloudStart with a “Known” MVC Architecture.
Lessons Learned:
1. Start with a foundation on AWS
2. Leverage a known and proven MVC architecture
3. Work the organization’s muscles
4. Select a pilot app that is meaningful
5. Migrate the pilot to the MVC to work the system
6. Learn from the process and iterate
© 2016 Cloud Technology Partners, Inc. / Confidential 30
Alignment and planning are core to our methodology and are critical to MVC!
The MVC is the foundation for your 1st meaningful pilot application.
Key Concept: Alignment with Baseline
Networking
VPC
Accounts
Logging
IAM / Security
Encryption
Tools
Image Management
Automation
Applications
Security
CloudOps
Economics
DevOps
Infrastructure
Gather Your
Requirements Build MVC for AWS
Monitoring
Storage
© 2016 Cloud Technology Partners, Inc. / Confidential 31
Key Concept: Minimum Viable Cloud (MVC)
App Owner Account - AApp Owner Account - B
Public Cloud Region
Web App
Dev/Test
Web App
Production
IT Central Services
Security,
Governance, Ops
VPC
VPC
VPC
Big Data
Production
Big Data
Dev/Test
VPC
MVC - A secure public cloud environment running at least 1 client application to exercise the organization’s muscle,
demonstrate the viability of cloud services and engage all necessary enterprise organizations.
VPC
● Monitor / Logging
● Security / IAM
● Governance
● Encryption
● Networking
● DR / BC
● Automation
© 2016 Cloud Technology Partners, Inc. / Confidential 32
Best Practice #8 - Governance
Automation is Critical to Good Governance
We are able to provision complete systems in
minutes. Strong governance is critical. Governance
Lessons Learned:
1. Dev teams are not good at policing resources
2. Automation is critical for governance
3. Tagging standards are a must
4. Cloud governance is more than Operations
5. Leverage tools wherever possible
6. Financial controls are critical at scale
© 2016 Cloud Technology Partners, Inc. / Confidential 33
Best Practice #9 - Automation and Validation
Infrastructure is Now Software - Control and Validate
Lessons Learned:
1. Teams aspire to automate everything
2. Learn best practices from App Dev teams
3. Educate all parties on new model of infrastructure
4. Reviews will be of code, not physical infrastructure
5. Use tools to validate and test configurations
Deployment is automated. Insert controls and
checkpoints to inspect before making a change. Automate & Validate
© 2016 Cloud Technology Partners, Inc. / Confidential 34
Best Practice #10 - Prepare for Migration @ Scale
Migration @ Scale is the Goal - One App at a Time
Lessons Learned:
1. Solid MVC and factory model is critical
2. Checkpoints, not automation, are required
3. Operations and governance must be in place prior to
mass migration
4. Control new services releases
Migration @ Scale is hard. Movement is
accomplished through a factory approach. Factory
© 2016 Cloud Technology Partners, Inc. / Confidential 35
Phases 2 & 3 Phase 4 - Migration @ Scale Phase 5 - Operate
App Assessment
and MVC Build
Migration @ Scale
Workbench Paths
REHOST
REPLATFORM
REFACTOR
REPLACE
RETIRE
Applications
Destination
Best Practice #10 - Migration Workbenches
© 2016 Cloud Technology Partners, Inc. / Confidential 36
Start Assessments
● Application portfolio and economic
● Security controls and technology
● Infrastructure and operations
Establish Your CBO
● Cloud leader / operations
● Business unit / Security
● Architect and engineer
Build MVC and Pilots
● Select pilots and use cases that matter
● Exercise organizational muscles
Start with a CAP Workshop!
● Understand your “why” and build alignment
● Clear FUD
● Educate leaders on cloud strategy and technology
● Accelerate cloud program
21
3 4
Next Actions
© 2016 Cloud Technology Partners, Inc. / Confidential 37
Cloud Adoption Blueprint 10 Best Practices for Success
cloudtp.com/doppler
© 2016 Cloud Technology Partners, Inc. 38
Boston Headquarters
263 Summer Street
Fourth Floor
Boston MA, 02210
Contact
617.674.0874
www.cloudtp.com