cloud migration for financial services - toronto - october 2016

© 2016 Cloud Technology Partners, Inc. / Confidential 1

Cloud Adoption Best Practices

October 11th, 2016

Robert Christiansen


• Leads the Cloud Adoption

Program Global Practice

• 30+ years of IT experience with

10 in public and private cloud

Robert Christiansen

Vice President,

Cloud Adoption Practice Lead at CTP

Today’s Speaker

[email protected]

mailto:[email protected]


Enterprise Cloud Experts

CTP is the premier cloud services

and software company for

enterprises moving to cloud.

• Experts in end-to-end cloud adoption

and mission-critical cloud application

development

• Experts in enterprise cloud and work

closely with AWS and others

• No one is more cloud-focused,

attentive, and capable than CTP

350+ Enterprise Projects

Proven, qualified, certified.

✓ AWS Premier Consulting Partner

✓ AWS DevOps Competency

✓ AWS Migration Competency

✓ Gartner 2016 Cool Cloud Vendor


Cloud First

Why CTP? We Accelerate Cloud Transformation

● We move the right workloads to the right target environment

● We are building the next generation business critical systems (IoT, Big Data, HPC)

● We are the company that supports the broadest base of cloud platforms

● We are building the future of computing today – In the enterprise and @ scale

Hybrid CloudSingle Application


Comprehensive Cloud Services

Innovate on cloud.Move to cloud.

Cloud Adoption

Follow a comprehensive and proven

approach to enterprise cloud adoption

with the Cloud Adoption Program.

● Cloud Business Office

● Security and Governance

● Implementation and Migration

Digital Innovation

Build innovative cloud-based software

solutions and accelerate adding value to

your business.

● Internet of Things (IoT)

● Big Data and Analytics

● Blockchain, Machine Learning and more

Run the cloud.

Managed Services

Offload the ongoing operations and

maintenance of your cloud with our

managed services offerings.

● Environment and Applications

● DevOps and CloudOps

● Optimization and Improvement


Let’s Start with “Why”


Why Are You Here?

1) I want to understand how to move to AWS safely.


Why Are You Here?

2) I want to understand the economics of this change.

Data Center Costs• Hardware and networking costs

• Downtime costs (planned and unplanned)

• Upgrades cost

• SLA penalties

• Deployment cost

• Operational support cost (day to day operations)

• Performance costs

• Cost of selection of the vendor software

• Requirements analysis cost

• Developer, admin and end-user training cost

• Application designs and development costs

• Cost of integration with other systems

• Quality, user acceptance and other testing costs

• Application enhancement and bug fixes cost

• Replacement costs

• Cost of other risks (including security breaches)

10%

90%


Why Are You Here?

3) I want to protect and accelerate our competitive advantage.


Prior to the national grid, all factories generated their own power.

They leveraged hydroelectricity and burned coal.


It took 20 years to convince businesses that a

multi-tenant power grid was a good idea.


Pop Quiz:

What is the average utilization

percentage of virtual CPUs in a

data center?

Answer:

12%


Realization #1

“We must come together in a

shared computer model.”


Boston Headquarters

263 Summer Street

Fourth Floor

Boston MA, 02210

Contact

617.674.0874

[email protected]

www.cloudtp.com

However, data center consolidation is a one-time event.

The long-term value of cloud lays elsewhere...


The real value of cloud is...

‘The Speed of Innovation’


Infrastructure as Code

• Rapid provisioning

• Compliance through software

• Continuous governance

• Elastic load balancing

• Multi-data center HA

• Geo-distribution failover

• Pay for use

What used to cost millions now cost hundreds

Accelerate Software Deployments


Realization #2

“Accelerating the software

release process has a massive

impact on the business.”

Cloud Adoption can be “The One Thing”


The Tyranny of “How?”

● What used to take months and millions of

$$s...

● Now takes minutes and costs less than

$1,000s

● “How” we move to the cloud is significantly

lower risk and more secure than moving to a

new physical data center.

Don’t let “HOW” get in the way of “WHY”

Learning has very little risk!


Realization #3

“Enterprises are not ready for

the organizational change

necessary to realize the

benefits of the cloud.”

We are working new organizational muscles

and making new decisions.

Log Jams Will Happen!


Building a Cloud Strategy

Best Practices


Best Practice #1 - Alignment Workshops

Address the Fear, Uncertainty and Doubt Early

Alignment WorkshopsNot everyone is on the same page!

Lessons Learned:

1. Get GRC involved early

2. Deeply involve all security teams

3. Know your blockers

4. Make Application Teams part of the process

5. Have a clear “WHY CLOUD?” message


Best Practice #2 - Understand the Economics

Perform TCO / ROI to Justify Business Case

Understand the

Economics

Economics are your organization’s “True North”.

Lessons Learned:

1. Those who skipped economic studies lack the

“firepower” to move their projects forward

2. Build an economic model up front

3. Refine your model with each iteration of your cloud

4. Involve finance early in the discussion

5. Automation of governance is critical to maintaining KPIs


Best Practice #3 - Make a Decision

Successful Cloud Initiatives Start with a Decision

Commitment is required.

Lessons Learned:

1. Everyone must agree “Why Cloud”

2. Dedicate a team

3. Gain appropriate funding

4. Continue to educate GRC

5. Leverage your CBO as communication hub

Agree on Direction and Why


Best Practice #4 - Establish a CBO

Establish a Cloud Business Office

The move to the cloud touches many parts of the

business. Governance is core to the CBO.

Lessons Learned:

1. Ring-fence the team

2. Central point for decision clearing with SLAs

3. All stakeholders must have full or part time roles

4. Governance is key to CBO

5. Make communications a core function

Cloud Business Office


Third Parties

AWS, Tools

vendors, private

cloud providers,

etc.)

Compliance

& Risk

Enterprise Supplier

Management(Contract management)

Third Parties(AWS, tool vendors, etc.)

Communications

Compliance & Risk

Cloud EngineeringTechnology Center of

Excellence (SMEs)

Best Practice - Cloud Business Office

A Cloud Business Office

(CBO) serves as the central

point of decision-making and

communication for your cloud

program – both internal and

external to your company.Information Security

Operations(Governance & monitoring)

IT Finance(Chargeback, budget, invoicing)

App Owners(LOB, Dev teams, etc.)

HR(Onboarding, Training)

Cloud

Business

Office✓ An industry best practice to

ensure the success of your

cloud transformation

✓ Permanent decision-making

and governing body

✓ More than a Center of

Excellence or Program

Management Office


Existing Roles

CBO Roles

Full-time

Part-time

Observers

CBO Provides Clarity and Accountability

CBO is focused on “Time to Value”

• Application team onboarding

• Assignments & accountability

• Cloud capabilities / timing

• Vendors and partners

• PMO / PM enablement


Best Practice #5 - Discovery

Dependency Discovery is Required

CMDB & tribal knowledge are not dependable.

Lessons Learned:

1. Electronic discovery is required

2. Dependencies limit ability to move to cloud

3. Hybrid (on-prem to AWS) will exist and creates latency

4. Legacy thinking gets in the way

Discovery


Best Practice #6 - Security Assessment

Know Where You Are

Processes, roles, and technology are

different in the cloud.

Lessons Learned:

1. Assess against CSA / ISO 270XX standard

2. Start with a known secure cloud (MVC) reference architecture

3. Assess against a baseline

4. Find the gaps and plan for the remediations

5. Many existing toolsets may not make the trip

Security Assessment


Best Practice #7 - Establish a Minimum Viable Cloud (MVC)

We Can Iterate Cloud Solutions

Minimum Viable CloudStart with a “Known” MVC Architecture.

Lessons Learned:

1. Start with a foundation on AWS

2. Leverage a known and proven MVC architecture

3. Work the organization’s muscles

4. Select a pilot app that is meaningful

5. Migrate the pilot to the MVC to work the system

6. Learn from the process and iterate


Alignment and planning are core to our methodology and are critical to MVC!

The MVC is the foundation for your 1st meaningful pilot application.

Key Concept: Alignment with Baseline

Networking

VPC

Accounts

Logging

IAM / Security

Encryption

Tools

Image Management

Automation

Applications

Security

CloudOps

Economics

DevOps

Infrastructure

Gather Your

Requirements Build MVC for AWS

Monitoring

Storage


Key Concept: Minimum Viable Cloud (MVC)

App Owner Account - AApp Owner Account - B

Public Cloud Region

Web App

Dev/Test

Web App

Production

IT Central Services

Security,

Governance, Ops

VPC

VPC

VPC

Big Data

Production

Big Data

Dev/Test

VPC

MVC - A secure public cloud environment running at least 1 client application to exercise the organization’s muscle,

demonstrate the viability of cloud services and engage all necessary enterprise organizations.

VPC

● Monitor / Logging

● Security / IAM

● Governance

● Encryption

● Networking

● DR / BC

● Automation


Best Practice #8 - Governance

Automation is Critical to Good Governance

We are able to provision complete systems in

minutes. Strong governance is critical. Governance

Lessons Learned:

1. Dev teams are not good at policing resources

2. Automation is critical for governance

3. Tagging standards are a must

4. Cloud governance is more than Operations

5. Leverage tools wherever possible

6. Financial controls are critical at scale


Best Practice #9 - Automation and Validation

Infrastructure is Now Software - Control and Validate

Lessons Learned:

1. Teams aspire to automate everything

2. Learn best practices from App Dev teams

3. Educate all parties on new model of infrastructure

4. Reviews will be of code, not physical infrastructure

5. Use tools to validate and test configurations

Deployment is automated. Insert controls and

checkpoints to inspect before making a change. Automate & Validate


Best Practice #10 - Prepare for Migration @ Scale

Migration @ Scale is the Goal - One App at a Time

Lessons Learned:

1. Solid MVC and factory model is critical

2. Checkpoints, not automation, are required

3. Operations and governance must be in place prior to

mass migration

4. Control new services releases

Migration @ Scale is hard. Movement is

accomplished through a factory approach. Factory


Phases 2 & 3 Phase 4 - Migration @ Scale Phase 5 - Operate

App Assessment

and MVC Build

Migration @ Scale

Workbench Paths

REHOST

REPLATFORM

REFACTOR

REPLACE

RETIRE

Applications

Destination

Best Practice #10 - Migration Workbenches


Start Assessments

● Application portfolio and economic

● Security controls and technology

● Infrastructure and operations

Establish Your CBO

● Cloud leader / operations

● Business unit / Security

● Architect and engineer

Build MVC and Pilots

● Select pilots and use cases that matter

● Exercise organizational muscles

Start with a CAP Workshop!

● Understand your “why” and build alignment

● Clear FUD

● Educate leaders on cloud strategy and technology

● Accelerate cloud program

21

3 4

Next Actions


Cloud Adoption Blueprint 10 Best Practices for Success

cloudtp.com/doppler

More on this topic

© 2016 Cloud Technology Partners, Inc. 38

Boston Headquarters

263 Summer Street

Fourth Floor

Boston MA, 02210

Contact

617.674.0874

[email protected]

www.cloudtp.com

[email protected]