The benefits of cloud computing are many, especially as it relates to providing a more collaborative work environment for your decentralized and mobile employees, partners, and customers. But your mission critical applications are not always the easiest to maintain, let alone migrate into the cloud. So what are your options? What are the best ways to deploy your applications?
Your Journey into the Cloud Optimize Critical Systems
1. Presented June 6, 2012
Your Journey into the Cloud:
Optimize your
Mission Critical Systems
In association with: Presented by:
2. About AIIM
AIIM is the Global Community of
Information Professionals
We provide the education, research,
and certification that
information professionals need
to manage and share
information assets in an era of
mobile, social, cloud, and big data.
Learn more about AIIM at
www.aiim.org
In association with: Presented by:
3. About AIIM
www.aiim.org/research Visit AIIM’s video library at
www.aiim.org/videos
With more than 100
Research/Industry watch snapshots on all things
Information Management
www.aiim.org/training www.aiim.org/membersonly
Check out your professional member
benefits
In association with: Presented by:
4. Secure Your Success
Become a
Demonstrate your ability to address
and manage today’s information challenges
www.aiim.org/certification
5. Follow AIIM on
AIIM Community – @aiimcommunity
John Mancini – @jmancini77 #aiim
Atle Skjekkeland – @skjekkeland #aiimwebinar
Laurence Hart – @piewords
#infomgmt
Peggy Winton – @pwwinton
Bryant Duhon – @bduhon #ecm
Jesse Wilkins – @jessewilkins
Nick Inglis – @nickinglis
Theresa Resek – @tmresek
Beth Mayhew – @bethmayhew
Thedra White – @thedrawhite
In association with: Presented by:
6. AIIM Presents:
Your Journey into the Cloud:
Optimize your Mission Critical Systems
Host: Theresa Resek – Director, AIIM Webinars
Shadrach White – Founder, cloudPWR
Andrea Leggett – Global Product Marketing, EMC OnDemand, IIG
In association with: Presented by:
7. Many Choices…
APPLICATIONS
PLATFORM
INFRASTRUCTURE
In association with: Presented by:
8. The Cloud Demystified
DEPLOYMENT
APPLICATIONS
PLATFORMS PUBLIC PRIVATE HYBRID
INFRASTRUCTURE
In association with: Presented by:
9. ECM in the Cloud
Return on Investment
DR | Reliability | Scalability | Mobility
Management Overhead
Patch | Security | Version
Complexity
UI | Dashboard | Integration
In association with: Presented by:
10. Security
Physical Data Center 7x24x365
System Monitoring
Change Control
Governance
In association with: Presented by:
11. Data Privacy
Personal Identifiable Information
FERPA, HIPAA, PTI, FISMA, PIP
Data Control
Where is the Data?
Who Has Access?
Single Tenant v. Multi-Tenant
Auditing & Tracking
In association with: Presented by:
12. Integration
Legacy Applications v. Web Services
How much data is being transmitted
What kind of data?
Data Encryption
In association with: Presented by:
13. Traditional | Cloud
OLD WAY NEW WAY
MONTHS HOURS
Weeks Task Minutes Task
5 Acquire hardware 15 Log in, review, and approve work order
2 Rack and cable hardware 60 Monitor provisioning progress
2 Install operating systems 15 Sanity test provisioned environment
1 Install DBs 30 Configure secure network to customer site
1 Install application servers
1 Install batch scheduler
1 Install DEV servers
3 Record and test desktop installation
1 Push install desktop products to
locked- down desktops
1 Install TEST servers
2 Install PROD servers
2 Configure backup, monitoring
3 Test PROD fault tolerance, backup,
monitoring
In association with: Presented by:
14. Capture
CENTRALIZED DISTRIBUTED
Scanning Workstation Multi-function devices
Image Processing Digital Snapshots
File Caching Desktop Scanning
Scheduled Batch Processing Print to PDF
Full Page | Thumbnails File Browsing
Upload
RealTime – High Bandwidth
Scheduled – Low Bandwidth
Metering with checksum
In association with: Presented by:
15. Hybrid Connections
Migration v. Bridge
On Premise Apps
Cloud 2 Cloud
Security Models - SAML
In association with: Presented by:
16. Sharing | Managing
Sharing Managing
Collaboration Check in/out
Mobility Version Control
Social Records
Management
In association with: Presented by:
17. Old School | New School
LEGACY CLOUD
M/F Accounting SalesForce, WorkDay, Intuit
Email Collaboration GoogleApps, Box
DC Infrastructure App Driven Solutions
CAPEX OPEX
Driving Change: Adapting Quickly:
Mobile BYOD Web Services – Oauth |SAML
SaaS App Sprawl Freemium Trials
Social Business Born Social
In association with: Presented by:
18. Private Public
Network
Physical Infrastructure
Application Storage Application Storage Application
Private Private
Database
OS | Security Database OS | Security Database
OS | Security
Application Storage
Storage
Private
OS | Security Database
In association with: Presented by:
19. Content Value for Cloud Offerings
High Governance
Regulated
Value Controlled
Full ECM Functionality
Basic ECM Functionality
Casual
Minimal ECM Functionality
Low
Individual Organization
Access
Source: “Can Google Solve Your ECM Problems?” Forrester Research, Inc., July 28, 2011
In association with: Presented by:
20. Enterprise Sync, Share & Collaboration
in the Cloud
• Business Requirements
Seamless File and Folder Sync
File Sharing and Collaboration
Enterprise Mobile Access
IT Requirements
Administrator Control
Enterprise Security and Reliability
Easy Deployment and End-User Support
In association with: Presented by:
21. Full Enterprise Content Management
• Business Requirements
Information Governance Controls (e.g. Records Management)
Content Lifecycle Management
Business Process Management Critical
Mobile Access
• IT Requirements
Same As Above Plus…
Seamless Integration to ERP On-Premise System
System Auditability
Performance
In association with: Presented by:
22. IT USER
LIMITATIONS DEMANDS
ANYWHERE,
HARDWARE COSTLY
ANYTIME, ANY
AND CUMBERSOME
DEVICE
ONLINE AND
CONTROL CONTENT
OFFLINE
RISK ADVERSITY DATA
SLOWS PRODUCTIVITY CONVERGENCE
In association with: Presented by:
22
23. Accelerate Achieve Reduce
Application Flexible Computing Operational
Deployment Time Capacity Overhead
GETTING IT RIGHT
IN THE CLOUD
In association with: Presented by:
24. Case Study
• Solution - Invoice processing
• We are ‘Accountants’
• Managing performance, not
servers
• Tighter SLA than we could
put in place with our internal
IT group
• ‘Bought licenses?’
In association with: Presented by:
25. 10 Critical Questions to Ask
Your Cloud Provider
1. What is your data encryption philosophy and how, specifically, do
you encrypt data?
2. How do you manage the encryption keys?
3. What certifications for data protection have you attained?
4. How much data replication is enough, and what level of data
durability do you provide?
5. How much control do I retain over my data?
6. How do you ensure client (endpoint) security?
7. Can I leverage existing credentials and password policies and
disable access immediately?
8. How do you isolate and safeguard my data from that of other
clients?
9. How is activity in my account monitored and documented?
10. Can you continue to provide protection as my workloads evolve?
In association with: Presented by:
26. Next Steps
1. Contact Us:
www.emc.com/ondemand
2. Need Help Understanding Your
Potential TCO?
3. See how Lahey Clinic leverages
EMC OnDemand for Patient
Records
4. Talk to a Cloud broker
In association with: Presented by:
27. Thank You
Shadrach White
www.cloudPWR.com
@shadrachwhite
In association with: Presented by:
29. Survey
This survey will open in a new window.
(or click here)
Tell us how we did today,
and offer suggestions for topics of future events.
In association with: Presented by:
30. Upcoming Webinars
June 13th
Big Data, Big Hype: Why the Business Should Care
June 21st
Responding to and Capitalizing on the Latest Trends in Data Capture
Register Today at
www.aiim.org/webinars
Or check out our Webinar Archive at
www.aiim.org/WebinarArchive
In association with: Presented by:
Editor's Notes
With so many choices its hard to know where to begin, fortunately there is a place for everyone to start whether its just getting started with file sharing, mitigating dev/test expenses by leveraging the limitless compute resources available for pennies on the dollar or deploying a full fledge suite of enterprise class customer relationship management and sales automation, Human Capital Mgt. and even complete ERP solutions. The cloud has you covered with many options for any size organization.For many the challenge is how to absorb all these options and fear of choosing the wrong provider or solution. Today we will examine what the cloud has to offer in the realm of content management and how far you can go. You might be surprised at just how capable Cloud Content Management has become and how far it will go in the next few years.
Today you can operate all your compute and application resources at all levels.IaaS - You can spin up core infrastructure in the cloud in minutes and augment your traditional OnPremise compute needs.PaaS – You can build complete web applications using software tools and resources to build out whatever your Web2.0 dream team can think up in the environment of your choice – opensource, java, .NET – You can create rich internet applications and use the latest HTML5, JavaScript, WPF & Silverlight development tools. Take it one step further and leverage Google AppEngine or SalesForce and you can take advantage of core platform AppStores and community development resources to build out enterprise capable business apps without worrying about scale, security or the hardware costs of multiple environments for test/dev/prodSaaS – If you have a limited IT staff and want to start using the cloud right now to make your business more Mobile, Social or leverage Localization there are thousands of options that take minutes to deploy at no upfront cost. In fact if you wanted to start a new business today you could have email, file storage, office documents, billing, time tracking, CRM a new website and social feeds all enabled before the end of the day. Well maybe a couple of days but trust me it can be done.Check out Syncplicity, Concur, GoogleApps, Freshbooks, MavenLink, Box, QBO. You could even spin up a full fledged content management and collaboration platform like SharePoint Server Farm using CloudShare in under 15min and be testing your latest custom webparts at scale.Today we are going to focus on content management and how the cloud is ECM ready.
Key ROI considerations include the ability to leverage common facility and DC Operations for improved and more predictable DR and ReliabilityThe ability to scale your Mission Critical Content Management applications on the flyGive your users the ability to securely access content on mobile devices that support two factor authentication for apps and encryption for data security at RestReduce the complexity of the User Interface and the management of the applications with common DashboardsLeverage integration options using current technologies for Web Services integration like REST / SOAP / WSDL and content management integration standards like CMIS
When evaluating a public or even a private cloud infrastructure that is hosted by a third party you need to clearly understand and incorporate your requirements into a service level agreement and contract that includes an understanding of how the facility is secured.Does the provider monitor the physical structure internally and externally 7x24x365 with security surveillance. How long are the recording archived and when and how are customers alerted if a there is a breach.How is change control managed for the facility. To often we forget to ask how non-server related tasks like environment control upgrades, testing or other basic utility upgrades or maintenance are handled. This should happen in a uniform manner and incorporate communication protocols for notifying customers of a potential or planned outage.Governance – what is the chain of command and who is responsible when things go bad, what is the escalation protocol and who is responsible for key performance monitoring and delivery.
Data Privacy rules and regulations vary depending on the country you are located in and specific industry laws and regulations that govern your organization.Considerations need to be made for who has access to the data.Does the service provider perform regular background checks and limit the number of support personal that have access to data in a public or hosted private cloud environment. How is access to the data audited and where is the data stored. Consider all your virtualized systems, including production, test, backup and any cached data.Are you running a single or multi-tenant architecture and at what level are resources shared, eg. File Services, Database, Caching, etc.
Integration options can vary widely depending on the platforms and applications that need to share or leverage information.Options for integrating from the cloud back to legacy applications or hardware may be limited to older technologies like ActiveX, VBScript, HLLAPI or direct ODBC connections to secondary databases. On the other hand Integrating from legacy applications to a cloud based repository can be as simple as a URL string with authentication and search parameters embedded in the link.Integration in a Web2.0 world provides much more flexibility and single line of code integration options like URL + parameters can provide secure accessing to a content repository for sharing or collaborating on content in a single click. By using HTTPS, SOAP and REST architectures you can leverage a common web services integration model that can speed integration and provide a loosely coupled yet secure connection that doesn’t require months of programming and compiled integration code.Key considerations when integrating your traditional applications with a cloud solution are what kind of data are your integrating or sharing, do you need to consider data encryption in transit and/or at rest. You also have to assume that when you share content it will be accessed on a mobile device. In an enterprise it is smart to consider a mobile device management solutions and there are several options for MDM including AirWatch, FiberLink, MobileIron, Zenprise and Notify Technologies to name a few of the visionaries in the space.
Are you using a calendar or a stopwatch to plan your next rollout. While the comparison may be a little extreme it is none the less apropos when comparing the striking differences in fundamental planning and rollout.One way to look at how this impacts the consumers in the buy-sell cycle is the ability to actually test drive the solution or app before you upgrade or pay for the full license or subscription. This was unheard of just a few years ago and have upset the established software monarchy. While cloud content management is still nascent it offers a quick spin up with little revenue risk and tangible ROI when applied to the right business groups.And there in lies the tipping point, you aren’t going to have AP clerks processing invoices from their mobile devices using a cloud based workflow and repository but you certainly want to enable the Sales and Marketing departments to access, submit and share content with external third parties and internal peers. Most organizations are caught off guard when they realize that the Product Mgrs., Sales Reps, Marketing Staff and even Support staff are adopting and using apps like DropBox and EverNote w/o IT Approval or support.These companies are quickly realizing that they need to adopt a strategy and enterprise grade solutions to address this user need. Those that do are looking at products like Syncplicity, Egnyte and Box for their security, integration API’s and reporting features.
The scan workstation requires that a physical PC, Scanner and OS Drivers be installedThere are web-based interfaces that support scanning in production modes, to accomplish this file caching and bandwidth considerations are considered and configuration options are provided for low and high bandwidth situations. Many of these solutions have incorporated advanced image processing technologies. Full image view is supported and generation of thumbnails for document browsing provide the performance users need when accessing larger document sets.Many transactional capture models have been successful adopted that are eliminating the need to provide centralized capture for specific use cases like Expense reports and Trailing documents. Most of these are leveraging MFD and Mobile devices to capture documents at the point of origin in full scanning mode or digital snapshots.
There are so many options when considering how to adopt or migrate to a cloud based repository. Our Webinar sponsor EMC has developed a variety of options that can support full migration or ‘bridging’ between OnPremise and Cloud based repositories. Being at the foundational layer of the cloud by leading the way with virtualization has given them a unique perspective and a running start on developing the V-Cube Architecture. It is important to understand how you will integrate your existing desktop and local network applications with cloud based content management or file sharing solutions. You may want to look at tools like AppConnector from Karora or Dell BoomiMost organizations haven’t considered what type of security model they will need when they begin adopting multiple cloud based solutions. Authentication and security keys for userID / Passwords could pose a real challenge for users. Tools like Intel’s recently announce SSO and competitor OKTA provide single sign-on solutions that leverage SAML (Security Assertion Markup Language) an XML based open standard to create a library of cloud based apps with one common sign-on credential for passing user credentials between security domains.A great example of a Hybrid content management approach is the use of a product like LibraryCard from LivingAnalytics. This can implemented to connected a SharePoint instance that sits behind the firewall to an Enterprise Box account to provide secure real-time syncing of documents and content stored in a SharePoint library. That gives you OnPremise control of your content and external Cloud file sharing using Box, the best of two worlds.
There is a lot of hype around cloud content management and a lot of confusion. You need to break down the differences between ‘Sharing’ & ‘Managing’Many of the File Sharing applications don’t offer advanced features normally found in traditional content management solutions. But they are so easy to use and are adopted pervasively by users that IT departments are having a hard time balancing users needs with corporate governance requirements. The file sharing vendors are gaining however and adding administrative features and enhancements that are helping to drive corporate adoption.There are some solutions that have been around for several years and offer more traditional Content Management features. Some that come to mind are NetDocuments, SpringCM and Ricoh Document Mall.More now than ever a whole new breed of Content Management solutions are being launched in the cloud from industry stalwarts and OpenSource vendors including OpenText Tempo, Alresco Cloud, EMC OnDemand to name a few.
Single and Multi Tenant clouds can share core incoming data center network, cooling, power and some DR resources like generators and UPSThe overall costs can vary drastically depending on what specification & requirements you need.Private Clouds can virtualize all resources in a container that segments all data, security and storage. Private virtualization does not always mean that your virtual server is not sharing physical resources with other private clouds. This is a distinction that you may not have thought about but is a driving factor in the reason why cloud computing is more cost effective, due to the ability to share physical compute and storage resources to leverage cost savings and minimize under or over compute resource usage.Multi Tenant Public Cloud solutions share compute, storage and application resources and secure data using only authentication userID / Password. There are many permutations of this and its important to understand the underlying fabric that the cloud service provider is using. In my opinion companies like FaceBook and Google have led the way in terms of next generation data center security by controlling every aspect of the data center including building their own Servers from the ground up to support maximum scale redundancy and at the same time increase efficiency while reducing hackability by controlling a customized Linux OS Kernel.
I would talk about the obvious fact of cloud adoption, I don’t think we need to recite statistics about businesses moving to the cloud – everyone is but what’s not so apparent is trying figure out the right cloud solution that maps to content mgmt business problems – its not a one size fits all.And this is where many organizations are finding their footing. I stated earlier that you probably wouldn’t have your AP clerks processing invoices in the cloud, however you may just outsource the whole enchilada to a company like Concur and then integrate your ERP solution using a simplified URL + parameters approach. Let them do the sorting, scanning and OCR, then you simply download a register and begin doing the matching in the ERP system. When you need to look at an invoice you click the URL integration link and pop an image in a secure browser session. Even the SMB market can do this type of processing and take it one step further by using a product like QBO. Connect your bank accounts and credit card accounts to QBO, download your latest register and reconcile your statements all in the cloud.Casual usage is usually cause and effect, there is a need a user downloads and app fills the need and the effect is IT needs to figure out a way to secure the usage or adopt a solution that provides the enterprise level features we have already talked about.As you move outward you find the need to have a more controlled, regulated and governed approach. This too can be accomplished and is more readily available than you might think. I encourage everyone to look at what companies like EMC, Alfresco, NetDocuments and SpringCM are doing in this area. If you’re a SharePointer you can consider spinning everything up in Azure and using Office365. You will probably want to add some third party software to SharePoint for any real ECM features, consider KnowledgeLake for document imaging, K2 for workflow and Collabware for records management.To Answer the Forrester Research question - As an SMB business I use Google and Box with a Canon DR C-125 as my ECM solution and it works really well. It took a while to get over the traditional field level boolean search and results process I was used to with traditional ECM solutions. But eventually I accepted that the google style search box and labels worked and I was able to find the documents I needed fast.
Enterprise Marketing Organization needed to share files inside and outside of the organization.Business Requirements:Share any folder on you computer with users or groupsHaving the ability to sync with Google Docs, SharePoint, and SalesForce.Leverage existing file folder structureNative Apps for iPad, iPhone and Android devices and tabletsIT Requirements:Admin ControlSingle Sign-On with SAML (AD/LDAP) and OpenID (Google Apps)2-Factor authentication optionAll user and Admin actions authorized and validated by a single policy engineSecurity and ReliabilityEach file is encrypted with its own encryption keyAll data in transit and at rest is encrypted with AES-256Each stored in a different data center, physical separation of keys and data, never cached. Keys and encrypted data joined only when needed in an auditable and tracked mannerEasy Deployment and End User SupportSet up user accounts individually or in batches Auto-configure user sync options (including default folders to sync)First sync and sharing solution to support group permissions and sharing
Major Transportation Carrier example – full ECM in the cloudBusiness case – Aircraft training and manufacturing protocolsTransition to Andrea Legget – Global Product Marketing EMC
For any technology solution, IT organizations need to balance the needs of the business with the needs of users. On the business side, they want to improve productivity while reducing capital and operating expense. Ensure adherence to compliance and information governance mandates. Penalties for non-compliance can be severe. And they want to support rapid innovation that speeds the introduction of new products and services. These are all very broad strategic objectives. But for the user the devil is in the details. To make the business successful, users need to find the most up to date information on demand. No matter where it is or where they are. To be productive, they can’t be worrying about retention periods, metadata, or compliance and governance. These things are important to the organization but a nuisance to those tasked with the work of the organization. They need zero-effort compliance. They need intuitive, easy to use solutions that help them work—not make them work. And they want access from… whatever they want access from. Desktop, smart phone, tablet, laptop. Without having to think about it., This is the IT balancing act.
Talk about the enterprise opportunities – What we are seeingSmall, Medium and deptsLarge enerprisesDrivers moving folks to the cloud: Agility, Elastic Computing (seasonality changes); reduce maintenance spend by just 10% would help me fund new products – but ideally we should look to reduce operational spend by at least 20% over a 5 yr period on average – in some cases it could be higher.In this slide I would like to set the stage for talking about the value for customers who have already installed ECM systems and are looking to move legacy apps to the cloud or migrate.Next talk about net new projects and the perceived benefits.Summary: Cost vs agility conversation
Mandate to move to the cloud / no ROI/TCO calculations involvedDocument capture in the cloudOne less item to be concerned about, we are ‘Accountants’Managing performance, not serversTighter SLA than we could put in place with our internal IT group ‘Bought licenses?’ Yes, we bought licenses; helps mitigate some of the risks of the cloudNew ChallengesProject Timing/ScheduleEarly SLALTF had a few needs. Guaranteed uptimeDefined calculationReportingPenaltiesSAS70 Type II, SSAE 16Web Service CallsCaptiva team learning to make web service calls to Workday’s public web services.Workday, Not Your Grandfather’s ERPImplications To Overall Design, VPN, Security, & Integration/Relay Server
Provide pragmatic advise – Rate your ECM functionality first – rate IT security demands with business demandsThen rate the cloud aspectsConclusionThe advent of the cloud opens up new possibilities—and new security vulnerabilities—for businesses. The object is to maximize the advantages and opportunities while minimizing the risks and the temptations of “backdoor IT.” This paper has presented a framework for considering the issues, along with specific questions for evaluating vendors.But there is one additional question that every business leader should contemplate before making the move to the cloud model, and it’s an issue about which you, as a decision maker, must formulate your own opinion. What is the best approach to protecting and securing data in today’s “connected era?”Should your business attempt to protect via restriction—in other words prohibiting everything that could present an incremental security risk? Or should it protect by empowering users, finding new ways to secure the activities you know they will engage in?There is no right answer, but your opinion will shape your perception of the promise of the cloud—and directly impact the results you expect and receive from a cloud service provider.
Add a call out for Shad about leveraging a cloud broker to help you find the right ECM solution in the cloud