Cloud Computing in the Enterprise: A Question of Control.. And who has it. INF5210 Ben Eaton 12/11/2013 1
The Cloud We all use it as consumers
But I m going to talk about cloud computing in an enterprise setting Background Defining the Cloud Cloud Architecture Managing the Cloud in organisations Adoption & Issues of Cloud in the Enterprise 3
Cloud Computing in the Enterprise Background Defining the Cloud Cloud Architecture Cloud Governance Adoption & Issues of Cloud in the Enterprise 4
Emerging Phenomenon In Public Discourse 5
Emerging Phenomenon Forecast growth in industry revenues associated with Cloud Computing (Forrester): $61Bn for 2012 (Kirsker, 2012) Growing to $241Bn by 2020 (Dignan, 2011) Cloud represents a $3.3 trillion transformation that s going on in the computing world Microsoft are betting the company on cloud (Steve Ballmer CEO Microsoft 2011) 6
Gartner s Hype Cycle for 2012 7
There really is substance to the Cloud The public cloud services market is forecast to grow 18.5 percent in 2013 to total $131 billion worldwide, up from $111 billion in 2012 Source: Gartner Newsroom Gartner 28/02/2013 http://www.gartner.com/newsroom/id/2352816 8
Cloud Computing in the Enterprise Background Defining the Cloud Cloud Architecture Cloud Governance Adoption & Issues of Cloud in the Enterprise 9
Technical Origins of Cloud Computing Computing as a service and accessing remote and distributed hardware and software resources over a network is not a new concept. 1960's notions of : "computing utilities" (Cafaro & Aloisio, 2011; Kleinrock, 2005) Virtualisation (Graziano 2011) Gradual development over next forty years, e.g. Distributed IT infrastructures in the 80's and 90's Application Service Provision (ASPs) in the 90's and 00 s However they were all constrained by a lack of computing power and network bandwidth. (Venters & Whitley 2012) 10
Technical Origins of Cloud Computing Factors conspired at the turn of the millennium to facilitate Cloud Computing: Rise of cheap computing power and network bandwidth The rise of large scale computing architectures and enabling technologies around Grid computing enabling affordable high power computing tasks Adaptation of these architectures for large data centres of commodity hardware to service the IT business needs of organisations such as Google, Amazon and Microsoft Commercialisation of their computing architectures in ways that could be sold as the first Cloud Computing services. (Venters & Whitley 2012) 11
In its most Basic Form It is a means of: outsourced shared-computing where resources are virtualised, distributed and pooled amongst external data centres accessed by users through the internet (Venters & Whitley 2012) 12
Virtualisation & Virtual Machines
Cloud Computing Definition U.S. National Institute for Standards and Technology (NIST): Cloud computing is a model for enabling ubiquitous, convenient, on demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction (Mell & Grance, 2011) 14
Key Components of Cloud 15
What it delivers Service Models Customers may purchase: Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) 16
Infrastructure as a Service (IaaS) Virtualisation of physical Compute Assets Storage Processing No control over underlying cloud infrastructure Control over ability to deploy and run software operating systems and applications E.g. Amazon Web Services (AWS) Used for: File Backup Temporary Processing Campaigns, Product Design 17
Platform as a Service (PaaS) Virtual development environment Develop & deploy applications for the Cloud No control over underlying Cloud infrastructure Control over deployed application e.g. provisioning and access E.g. Google App Engine, Microsoft Azure Used for: Startups quick way of deploying Cloud apps Enterprise productivity - apps for internal to the org Enterprise storefronts means of developing interface between business and public 18
Software as a Service (SaaS) Access to Service Providers Applications that execute on the Cloud Accessed via thin client interface such as a web browser (or smartphone app) No control over underlying Cloud infrastructure Minimal control over application settings E.g. Gmail, Google Docs, DropBox, Facebook, Evernote etc Uses: You name it 19
Scope of Control Source: Liu et al (2011) NIST Cloud Computing Reference Architecture 20
Essential Characteristics On Demand Self Service Commoditised Measured Service Variable Cost Model, pay for capacity you use Resource Pooling High Utilisation & Economies of scale Rapid Elasticity Commission / Decommission Capacity Broad Network Access Accessibility over internet 21
Which meets Organisations desires to Simplify the management of their IT resources (hardware, middleware and software) resources Scale up (or down) available resource capacity dynamically on demand Reduce and simplify their costs Whilst ensuring levels of data security, service latency and service availability are at least maintained and preferably improved. 22
Deployment Models So far so good but Cloud can be deployed in different ways Public Private Hybrid Community Which have implications on the organisation. control! 23
Public Cloud Source: Liu et al (2011) NIST Cloud Computing Reference Architecture 24
Public Cloud Multi-tenancy architecture open to all E.g: Amazon AWS, Google App Engine, Microsoft 365 etc Benefits of computing with: Significant Cost Savings (Economies of Scale, PAYG, Low Overheads) Hi Performance (Super computer power,latency) Very Flexible (switching on & off Virtualised Hardware and Software) Popular with Small Medium Businesses = Access to Power Comes at cost of loss of control Lack of transparency Sharing of computing assets Your competitor could be using the neighbouring VM how secure? 25
Private Cloud Source: Liu et al (2011) NIST Cloud Computing Reference Architecture 26
Private Cloud Not shared - operated solely for a single organization. Hosted / Non Hosted Solutions Benefit: Under enterprise control Whilst VM architecture essential, it will lack benefits of sharing: Cost; Scalability; Performance 27
Community Cloud Source: Liu et al (2011) NIST Cloud Computing Reference Architecture 28
Hybrid Cloud Source: Liu et al (2011) NIST Cloud Computing Reference Architecture 29
Cloud Computing in the Enterprise Background Defining the Cloud Cloud Architecture Cloud Governance Adoption & Issues of Cloud in the Enterprise 30
Physical Layer Resource Layer Cloud Service Management Security Privacy Service Layer (NIST) Cloud Reference Architecture Cloud Consumer Service Orchestration Cloud Provider Cloud Broker Cloud Auditor Resource Abstraction Resource Control Hardware Facility Cloud Carrier Source: Liu et al (2011) NIST Cloud Computing Reference Architecture 31
Cloud Service Orchestration Architecture Web, HTTP (REST / SOAP) Service Layer (s/w) Resource Abstraction & Control Layer (m/w) Resource Abstraction Resource Control Physical Resource Layer (h/w) Hardware Facility 32
Service Layer Web, HTTP (REST / SOAP) Service Layer (s/w) Resource Abstraction & Control Layer (m/w) Resource Abstraction Resource Control Physical Resource Layer (h/w) Hardware Facility 33
Physical Resource Layer Web, HTTP (REST / SOAP) Service Layer (s/w) Resource Abstraction & Control Layer (m/w) Resource Abstraction Resource Control Physical Resource Layer (h/w) Hardware Facility 34
Virtualisation & Virtual Machines
Resource Abstraction & Control Layer Web APIs Service Layer (s/w) Resource Abstraction & Control Layer (m/w) Physical Resource Layer (h/w) Resource Abstraction Resource Control Hardware Facility Virtual Machines & Virtual Storage Hypervisors Access Control Resource Allocation Usage Monitoring 36
Single Tenancy vs Multi Tenancy User A @ Company 1 User B @ Company 1 Single Tenancy User C @ Company 1 User A @ Company 1 User B @ Company 2 Multi Tenancy User C @ Company 3
Multi Tenancy & Risk On-Premises Data Centre (e.g. Private Cloud) Off-Premises Data Centre (e.g. Public Cloud) Security Concern? Independent organisations sharing the same hypervisor 38 From: Cloud Security Alliance - https://wiki.cloudsecurityalliance.org/guidance/index.php/cloud_computing_architectural_framework
Public Cloud Service Orchestration: e.g. Amazon Service Layer (s/w) Resource Abstraction & Control Layer (m/w) Xen Hypervisor Proprietary = Open Standards = Closed Standards Physical Resource Layer (h/w) Proprietary Proprietary 39
Private Cloud Service Orchestration: e.g. Cloudstack Service Layer (s/w) Resource Abstraction & Control Layer (m/w) Xen KVM vsphere CloudStack Management Server = Open Standards = Closed Standards Physical Resource Layer (h/w) Open Open 40
Physical Layer Resource Layer Service Layer Comparison of Service Orchestration Stacks Public Amazon AWS HTTP (REST/SOAP) Private Cloudstack HTTP (REST/SOAP) Amazon Open Resource Abstraction Resource Control Hardware Facility Amazon Amazon Amazon Amazon Open Cloudstack Open Open Monolithic Black Boxed Closed Cloud Service Provider Has Control Open Layered Modular Enterprise/Outsourcer Has Control 41
Physical Layer Resource Layer Cloud Service Management Security Privacy Service Layer Wider Cloud Ecosystem Cloud Consumer Service Orchestration Cloud Provider Cloud Broker Cloud Auditor Resource Abstraction Resource Control Hardware Facility Cloud Carrier 42
Wider Cloud Ecosystem PaaS CSP e.g. Google SaaS CSP e.g. Microsoft NIST Reference Architecture IaaS CSP e.g. Amazon Cloud Broker e.g. Jamcracker, Liaison Hardware Vendor e.g. HP Facility Provider e.g. Rackspace Cloud Carrier e.g. Akamai Cloud Service Management e.g. Vordel Cloud Security & Privacy e.g. Level 7 43
Cloud Computing in the Enterprise Background Defining the Cloud Cloud Architecture Cloud Governance Adoption & Issues of Cloud in the Enterprise 44
Governance of Enterprise Cloud Concerns how enterprise IT department manages cloud services with different stakeholders such as:- With rest of the enterprise organisation With the State With Suppliers (Cloud Service Providers & Vendors) 45
Managing the Cloud : vis-à-vis the rest of the organisation Management of cloud = sourcing purchasing integration with portfolio usage When to get rid of Who manages Cloud services? The IT Department. Or Departments themselves (e.g. marketing, sales, finance etc) LOBS provisioning their own services.. DropBox security Enterprise Cloud Service Broker Bring Your Own Device (BYOD) The changing role and skill sets of the IT department in a Cloud based enterprise This will effect you! 46
Governance of Enterprise Cloud: vis-à-vis the state (national & EU law) Compliance with local laws & regulation Act No. 31 relating to the processing of personal data (Personal Data Act) (14 April 2000) Data laws and regulations increasingly by industry vertical E.g. retail banking - Bankenes Standardiseringskontor (BSK) Compliance with international laws EU Directive 95/46/EC Data Protection Directive processing of personal data free movement of personal data Section 404 of the Sarbanes-Oxley Act of 2002 Complexity of competing jurisditions (customer, CSP, host) Audits E.g. SAS 70 47
Governance of Enterprise Cloud: vis-à-vis suppliers (& contracts) Contractual relationship Can have similarities to outsourcing contract Tensions between the different parties Enterprises desire tight & tailored contracts offering Equivalence to In house systems Measures to minimise perceived risk (see next page) Commitment to detailed levels of service allowing enterprises to retain control Outsourcing style contracts Public CSPs desire loose & general contracts reflecting Commoditised XaaS style services Risk Avoidance Minimum SLAs (a la Amazon) 48
Example Risks Geographic Risk e.g. Whose Jurisdiction? Data Security Risks e.g. What happens when you move Cloud Service Provider? Contractual Risks e.g. Can supplier change terms without me knowing? Architectural Risk e.g "Lock in" to vendors integrated cloud stack Ecosystem Risk e.g. Long supply chain in Cloud your service is as strong as the weakest link 49
Cloud Computing in the Enterprise Background Defining the Cloud Cloud Architecture Cloud Governance Adoption & Issues of Cloud in the Enterprise 50
Architectural Integration in the Cloud Integration at the level of: Infrastructure; Data; Applications; Service Management Integration with: Existing legacy systems Between public & private Cloud Bursting Between different public cloud services Advanced Cloud Service Brokerage An issue of Cloud architecture: At the level of design rules and interfaces such as APIs A debate concerns whether interfaces need to be standardised or not An emerging issue Not yet experienced Globally / Norway But it is bound to become an issue 51
Standardisation in the Cloud Standardisation of What? Interoperability, Security & Privacy, Data Portability Formal Standardisation Efforts slow to take off Cultural difference in Europe vs US A break on innovation & fast tracking commoditisation? Dominant (US) platform owners see it as a threat/opportunity? Informal de Facto standards Based on emerging dominant platforms Closed Standards. e.g. Amazon Open Standards.e.g. Cloudstack Increasing adoption of Amazon standards in other platforms (e.g. Cloudstack) as an attractor to build installed base 52
CSPs evolving portfolios Public CSPs adding private cloud capabilities to their portfolios Amazon Virtual Private Cloud Still not adopting outsourcing contract model Attracting large customers.. e.g. the CIA! Private->Public VMware vcloud Hybrid Service Launched in early 2013 Oriented towards Cloud Bursting 53
Global adoption of cloud in the enterprise Enterprise adoption of cloud is still immature In Norway adoption is more cautious still less economic incentives Enterprises Still Sceptical of Public cloud Perceived loss of control & increased levels of risk Outweigh the benefits of public cloud Prefer to deploy on private clouds with increasing interest in "hybrid models" Much greater Public Cloud adoption within SMEs Decision to go Public or Private How much control do you want to risk giving up? How much do you wish to spend / save? How much performance do you want? 54
Global adoption of cloud in the enterprise Private Cloud used for core data & services Core Data Customer / HR / Finance & Accounting Core Services Essential Business Processes core to the enterprise Public Cloud possibly used for non core data & services CRM - Salesforce.com Productivity - Microsoft Office 365 55
Adoption amongst some Norwegian cloud champions Company Deployment Use Bank Private cloud Core and non core activities Clothing Manufacturer Public Cloud Non core activities - MS Office 365 deployed Food Manufacturer Financial Services Private Cloud Public Cloud Private Cloud Public Cloud Private Cloud Core business processes - Cytrix Non core activities - MS Office 365 experimented with, not yet adopted Core business processes - VMWare Non core - Office 365 experimented with rejected Core business processes - highly innovative Broadcaster Public Cloud Core business processes - Microsoft Azure PAAS Logistics Public Cloud Non core activities - Salesforce.com deployed Private Cloud Core business processes Fuel & Oil Distributer Private Cloud Virtualised Desktop (Hosted) 56
Predictions of Commentators Enterprises will continue to struggle to come to terms with public cloud But eventually perceived risks will be overcome Its benefits will outweigh its disadvantages Changing balance between SaaS / PaaS / IaaS SaaS will eclipse IaaS by value SaaS solutions will increasingly segment on verticals PaaS will grow and substitute sales of SaaS & IaaS 57