IT architecture in a cloudified IT organization. Sander Schouten / Richard Bussink Nov, 2012

IT architecture in a cloudified IT organization Sander Schouten / Richard Bussink Nov, 2012

Ernst & Young Advisory Performance Technologies Strategy Business performance Enabled by Business Performance- Driven Approach Systems integration and outsourcing

IT architecture at EY Enterprise Architecture assessments Of existing architectures and as-is analysis, is the current EA fit for purpose? Of enterprise architecture function and processes Define improvements how to apply enterprise architecture Define improvements on existing architectures Definition Target Operating Model Translate business strategy and value propositions (products->channels- >customers) into architecture principles Define business domains and accountable executives Define a division wide standard business process model for each domain Definition agile IT architecture Logical application landscape Define replacements for legacy information systems Make an agile product management and product administration architecture Common IT infrastructure (ESB/ETL/BPMS/Access Management) Integration IT and Business architectures Ensuring business and IT alignment A structured, business-led framework for transformation Scoping of projects based on EA Portfolio management Enforce an architecture / project governance

Cloud Roadmap

Supply & Demand Inefficiencies

Moore s Law (CPU power)

Unlimited Storage, Increasing Bandwidth Bandwidth Growth The network is the computer Scott McNeally Storage Growth

Cloud Computing: Essential Characteristics Multi-tenancy Utility model, pay per use Rapid elasticity Go as you grow Services Short time to initiate Off premise Available on demand

You manage You manage You manage Cloud Service Models Applications Applications Applications Applications Data Data Data Data Runtime Middleware O/S Virtualization Servers Storage Runtime Middleware O/S Virtualization Servers Storage Managed by vendor Runtime Middleware O/S Virtualization Servers Storage Managed by vendor Runtime Middleware O/S Virtualization Servers Storage Managed by vendor Networking Networking Networking Networking On premises Infrastructure as a Service Platform as a Service Software as a Service

Players in the New Game Cloud Provider Cloud Auditor Cloud Broker Cloud Consumer Cloud Carrier

Clarity about the risks

Cloud promises vs. cloud doubts 1. What is the nature of the doubts and what role can a cloud broker play in the corporate adoption of cloud? n=252 Cloud Securtity Alliance & ISAS (2012): Cloud Computing Market Maturity Study Results, p.16 2. How does cloud computing change the agility of an organisation?

End users IT Management Official Cloud Access is blocked End Users End users work around

Quotes from three different organization exemplify the difference We get a list from our cloud service provider of all the accounts from our company that are using this service, but not via our official access point. There are lot. Dropbox itself is blocked, Google Drive for example as well, but Skydive not because it s a Microsoft product and Skydive makes use of port 80, that s an internal connection, so it bypasses the firewall. For me, usability outconcerns the security

Our case study research confirmed similair doubts for cloud computing. -Legal insecurity -Data protection issues the nature of the doubt is often the lack of clarity, a lack of trust, uncertaincy and unknown, unconfirmed risks.

Is cloud computing secure by definition? This generalization is impossible: There will be unsecure clouds, less secure clouds, more secure clouds and secure clouds.

How to bring clarity in the foggy world of cloud risks?

The Cloud Broker Concept: Definition An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers. NIST National Institute of Standards and Technology, USA 2011

Cloud Broker position

Cloud Broker Advantages A cloud broker 1) provides clarity Data protection issues Legal insecurity Effect of cloud broker Change of Data security Change of legal circumstances

Cloud Broker Advantages A cloud broker: 2) takes responsibility centralizes knowledge serves as a specialist handling the concerns of the cloud consumers

Cloud Broker Advantages There are already decisions made for you, that s what the Center of Excellence is about. They have experience with setting things up in the cloud. With the question mark in your head, I need something out of the cloud, but I don t exactly know how it works, you go to the Center of Excellence, you can call them, you can select on the website, you can ask your questions over there. The cloud broker as a knowledge hub centralizes experience

Cloud Broker Advantages The aggregator makes sure that ( ) there is a contract in place already, arrangement made on prices and licenses ( ) we already prearranged it. the cloud consumer is relieved from worries and the need to extensively familiarize with the changed and changing new legal situation

Cloud Broker Advantages A cloud broker: 3) provides trust Provides a trustworthy entity in a trust lacking market Relieves the cloud consumer from familiarizing with the great amount of new cloud providers

Cloud Broker Advantages Yes, cloud computing is nice if you have a trusted provider such as Amazon, ( ) you know what they offer, Amazon has a name, fine, so you can better trust them. a cloud broker offers the chance to use also smaller, unknown cloud providers

Cloud Broker effect on Cloud Adoption Cloud Broker removes barriers 1) Clarity 2) Responsibility 3) Trust IT management takes the lead Users do not need to work around Companies can safely adopt the cloud Company can benefit from the advantages of the cloud

Cloud Solutions impact on Adaptive Capacity n=252 Cloud Securtity Alliance & ISAS (2012): Cloud Computing Market Maturity Study Results, p.16 2. How does cloud computing change the agility of an organisation?

Adaptive capacity Adaptive capacity is: The fast reaction and assimilation to changed circumstances (Chakravarthy 1982), Continuous development and application of new knowledge (Staber & Sydow, 2002) Learning faster than the competition (Wang & Ahmed, 2007) that lead to identification and capitalization of emergent market opportunities (Gibson & Birkinshaw, 2004).

A study to Adaptive Capacity 3 cases and around 15 interviews Energy multinational Food delivery company Telecom organization Deployment model of Cloud Computing IaaS PaaS SaaS Off-premise Private Cloud Energy Multinational (T-Systems), Food delivery Food Delivery (SAP) Service Model Hybrid Cloud Public Cloud Energy Multinational Food Delivery Food Delivery (iland), (virtual machines) Energy Multinational (Amazon) Energy Multinational (Azure) Food Delivery (ILand) Food Delivery (Google Apps), (Joomla) Telco (Service Now, Dropbox), Energy Multinational

in some situations it might negatively impact an organizations Adaptive Capacity Limited functionality and customizability Cloud services have sometimes limited functionality compared to the desktop solutions in use before.

Indicators on how Cloud Solutions enhance the organizations Adaptive Capacity External Openness Quick exposure to new, innovative applications Services are constantly updated and improved. Employees are constantly exposed to newest External collaboration is simplified Employee Autonomy Employees are more free in how they want to organize their workflows and schedules. The dependency on the IT unit is decreased. More freedom over time and location Less administrative work The IT unit is now able to focus more on core processes of their company Speed up the handling of administrative tasks of the business users. Cloud solutions score higher in usability Scalable resource use Change back to old situation s easier. Resulting in a bigger readiness to try out new things. Quickly and easily scalable up and also down Higher exploration actions of the employees can provide them with the possibility to develop quicker new products and this way react quicker to market changes.

Efficient Supply & Demand Using Cloud Technologies like virtualization

IT architecture in a cloudified IT organization Sander Schouten, +31 6 2908 4775, sander.schouten@nl.ey.com Richard Bussink, +31 6 2908 3141, richard.bussink@nl.ey.com Ernst & Young Advisory IT Advisory Ernst & Young Advisory is a trade name of Ernst & Young Accountants LLP. This is a limited liability partnership registered in England and Wales with registered number OC335594. The term partner in relation to Ernst & Young Advisory is used to refer to (the representative of) a member of Ernst & Young Accountants LLP. Ernst & Young Accountants LLP has its registered office at 1 Lambeth Palace Road, London SE1 7EU, United Kingdom, its principal place of business at Boompjes 258, 3011 XZ Rotterdam, the Netherlands and is registered with the Chamber of Commerce Rotterdam number 24432944.