It's More than Cloud - Digital Disruption - your business model is under threat! - EuroCloud UK discuss the latest on cloud computing - SAP UKI User Group 2013
My #UKISUG13 presentation on Tuesday 26th November 2103 in the Cloud stream:
- Rethink the way you look at Cloud
- Simplify the Cloud message for your colleagues
- Go back to your company, look at your plans for innovation and put your foot on the accelerator
Contents:
A bit of a history lesson: back to basics to explain where we are and why it’s so exciting
It’s more than Cloud: “The Big Shift” , “Digital Disruption” , “Third Wave of IT”
Standards, compliance, and EU strategy
Data security after PRISM
What about the other big players?
Where next?
Semelhante a It's More than Cloud - Digital Disruption - your business model is under threat! - EuroCloud UK discuss the latest on cloud computing - SAP UKI User Group 2013
Semelhante a It's More than Cloud - Digital Disruption - your business model is under threat! - EuroCloud UK discuss the latest on cloud computing - SAP UKI User Group 2013 (20)
It's More than Cloud - Digital Disruption - your business model is under threat! - EuroCloud UK discuss the latest on cloud computing - SAP UKI User Group 2013
1. EuroCloud UK discuss the latest
on Cloud Computing
David Terrar | D2C | EuroCloud | techUK| Cloud Industry Forum
@DT on Twitter, BizTwoZero.com, www.d2c.org.uk
2. Agenda
• A bit of a history lesson:
back to basics to explain where we are and why it’s so
exciting
• It’s more than Cloud:
“The Big Shift” , “Digital Disruption” , “Third Wave of IT”
•
•
•
•
Standards, compliance, and EU strategy
Data security after PRISM
What about the other big players?
Where next?
3.
4.
5.
6.
7. World Wide Web – 20 years
old
• Tim Berners-Lee invented the web at CERN - March
1989
• First website - http://info.cern.ch – 6 August 1991
• CERN statement World Wide Web technology available
on a royalty free basis - 30 April 1993
• Mid to late 90s – the web gets commercial
• Google founded 1998
• 1999 to 2001 – the dot-com boom and bust – web 1.0
• 2002 to now – the web gets interactive – web 2.0 and
beyond
20. Why cloud?
•
•
•
•
•
•
•
•
•
Lower costs – pay as you go vs. capex
More flexible – scale up, scale down
24/7 access – anytime, anywhere, PC, tablet and smart phone
Faster deployment – faster time to benefit
Innovation for strategic advantage
Less IT headaches
Richer user experience
Facilitates collaboration
Availability and security
22. Major shifts in 21st Century
Tech
• Consumerization of IT
• Big Data
23. What next?
•
•
•
•
•
•
•
Barrier to entry for start-ups has never been lower
Heading towards Everything as a Service
Internet of Things
3D printing
Nanotechnology
Rate of change is getting faster
What will happen in the next 5 years?
24. Transition to IT as a Service implications?
“For a few applications you may need
to run your own infrastructure. For most you
will be able to pool, in the fashion of shared
services. But increasingly we will all be
drawn to the benefits of scale of the
public cloud. Lower cost, higher reliability,
and one day more control.”
- Government Chief Information Officer
250913
24
25. Delivering IT as a Service
Serving the Customer
Apps
Apps
Serving the Enterprise
New Enterprise Apps
SaaS Apps
Application Platform
Cloud Infrastructure
Infrastructure Renters
26. What’s happening in the
Enterprise environment
Computing
Apps
Public Cloud
Apps
Computing
Interaction
Apps
Devices
Desktop Is Being Pulled Apart
by the Cloud Forces
Private Cloud
27. Selected Cloud computing
standards initiatives
• Open Grid Forum (OGF) *
• The Open Group
• Cloud Computing Interoperability Forum
(CCIF)
• European Network and Information
Security Agency (ENISA)
• Distributed Management Task Force
(DMTF)
• ISO/IEC JTC1 SC7 System and
Software Engineering
• Cloud Security Alliance (CSA)
• ISO/IEC JTC1 SC27 Security
• ETSI TC Cloud/CSC *
• ISO/IEC JTC1 SC38 WG3 Cloud *
• Org for Advancement of Structured
Information Standards (OASIS) *
• Object Management Group (OMG)
• Storage Networking Industry Association
(SNIA)
• ITU-T Focus Group on Cloud Computing
• Institute of Electrical & Electronic
Engineers Standards Association *
• China Electronics Standardization
Institute (CESI)
• Cloud Industry Forum (CIF) *
• Cloud Computing Forum (CCF - Korea)
• OSGi Alliance
• Korea Cloud Service Assn (KCSA)
• Open Data Center Alliance(ODCA) *
• Japan Cloud Consortium
http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909024
29. Emerging Cloud Standards of
Note
• ISO/ITU SC/38
• OASIS
Reference Architecture
Vocabulary
• ISO
• SNIA
27017 Information Security for Cloud
20000 IT Service Management
• NIST
Original Definitions
SAJACC
250913
CAMP
TOSCA
CMDI (ISO 17826:2012)
• OGF
OCCI
• DMTF
OVF
http://cloud-standards.org
29
30. Industry Codes of Practice
STAR Audit
• A seal of approval for SaaS
• Code of Practice
• Self certified, independently • 1 to 5 Star levels
assured
• Audit certification covers:
terms of service
• Demonstrating:
Transparency
Accountability and
Capability
www.cloudindustryforum.org
250913
data security
data protection
contract terms, and
interoperability
www.saas-audit.de/en/507/overview/
30
31. European Cloud Strategy
• Announced September 2012, VP Neelie Kroes, DG
Connect. Aiming to deliver in Q4 2013
• Three components:1. Cutting through the Jungle of Standards, ETSI Cloud
Standards Coordination and ENISA
2. Safe and Fair Contract Terms
3. European Cloud Partnership
• Key players:•
•
Ken Ducatel (Standards & Certification)
Dirk Van Rooy (ECP)
https://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy
33. Cutting through the Standards
Jungle
• Three workgroups:1. Roles & Responsibilities (Influenced by ISO/ITU
Standards in Committee Draft) – Complete
2. Use Cases; 108 Examples for use in Public Sector.
Selection used for evaluation.
•
E.g. Cloud Bursting, Changing Cloud Vendor;
3. Mapping of Selected examples to Existing and Near
future Standards. Including Security and Privacy,
Service Level Agreements, etc.. Work in progress.
•
Emphasis on mapping to existing standards, e.g. ISO 27001 &
20000; W3C; OASIS; DMTF, etc..
34. ETSI Cloud Standards
Coordination Deliverable
1.
2.
3.
4.
INTRODUCTION
DESCRIPTION OF THE METHODOLOGY USED
ROLES AND USE CASES
MAPPING CLOUD STANDARDS AND SPECIFICATIONS
TO COMMON USE CASES
4.1 Service Level Agreement
4.1.1 General introduction
4.1.2 High Level Use Cases selected
4.1.3 Use Case #1: An Enterprise develops and provides
an App on a Cloud service for their end users
4.1.4 Mapping of standards to selected use case
4.1.5 Concluding remarks
4.2 Interoperability
4.2.1 General introduction
4.2.2 Use case - “Cloud bursting scenario”
4.2.3 Data Portability Use Case - “Changing Cloud Vendor”
4.2.4 Concluding remarks
4.3 Security
4.3.1 General introduction
4.3.2 Context setting: Security and Clouds
4.3.3 Use case description and analysis
4.3.4 Standards Mapping
4.3.5 Concluding remarks
5. GLOBAL CLOUD STANDARDIZATION LANDSCAPE
6. CONCLUSIONS / RECOMMENDATIONS
7. REFERENCES
ANNEX 1
FULL LIST OF STANDARDS AND SPECIFICATIONS
ANNEX 2
LIST OF USE CASES
250913
• Interim report delivered in June
• Work in progress on selected
Use cases
• Face to Face meeting Mid
October, ETSI
• Report Submission to
Commission end October
34
35. Safe and Fair Contract Terms
Cloud Select Industry Group
Certification (Led by ENISA)
Codes of Practice
Service Level Agreements
• Looking for the required set of standards and codes of
practice which would equip the Public Sector and other
bodies to safely adopt Cloud.
• Framework agreements proved challenging
• Some definitional assistance from ISO/ITU Vocabulary?
36. European Cloud Partnership
• Two phases of activity:1. €10M FP7 R&D Initiative let in May to the Fraunhofer
FOKUS consortium*. See Objective ICT-2013.11.3 High
quality cloud computing environment for public sector
needs, validated through a joint pre-commercial
procurement (PCP)
2. European Cloud Partnership Steering Committee led
by the President of Estonia and comprising
representatives from Public Sector, Large and SME
Industry. Kate Craig-Wood, Memset, the UK rep.
*http://www.fokus.fraunhofer.de/en/fokus/publikationen/presse/mit
teilungen/20130704_cloud_europe.html
37. EU Data Protection
Regulation
• Data Protection Regulation (2014/15)
Mandatory legislation
Harmonising EU data protection
Aim to facilitate cross region business
Privacy by Design
Enshrine specific citizen rights: E.g. Right
to be forgotten
• Looked to be dead in June, but PRISM
fixed that!
• Legislation in European Parliament
38. The verdict?
• EU Data Protection – with Merkel behind it will
likely happen
• Standards are good, but trying to impose them
won’t work
• Let the market decide
39. The Patriot Act & Data
Security
•
•
•
•
•
•
Is it anti-European?
My data is in a US data centre – can the FBI access it?
If I store my data in the UK, the FBI can’t access it?
If I avoid US providers, no-one will see my data?
The UK won’t hand my data over to the FBI?
The draft EU Data Protection Regulation will stop the
Patriot Act?
• If governments can get my data wherever I am, I should
stay out of cloud?
• I’m not in cloud. I’m secure?
http://www.comparethecloud.net/6179/patriot-actand-data-security/
40. What about PRISM?
• Is your data of interest to governmental agencies?
• Evaluate your data and identify the really important
information
• Consider hybrid cloud where you keep your key data on
premise and run everything else through public cloud
• Consider private cloud where your data is held by
someone you can investigate and trust
• Consider encryption or tokenisation to protect your
data
• Check whether staff are using their own devices or
public cloud accounts
http://www.comparethecloud.net/7085/helpnsa-has-my-data/
41.
42.
43. • Great pricing – 2-3 years pay back to standard Office
license
• Always on the latest Office versions on up to 5 devices
• No capital investment – monthly/yearly pay as you go
• Microsoft running exchange for you on their servers
• No IT support required – from in house or external
provider
• Great support from people you can actually talk to
• Some collaboration built in
• Not perfect – confusing licencing options
45. Oracle
Larry Ellison :
“a cloud customer is economically more valuable to us over time.”
“We are growing very fast in the cloud; especially the HCM cloud.
We’re larger in SaaS than anyone else but Salesforce.com,”
“One reason I was confident SAP HANA could never compete with
Oracle was because of 12c.”
50. IBM CEO Study
88% of business leaders said getting closer to their
customers was the top priority for realizing their
strategy over the next 5 years
www.ibm.com/services/us/en/c-suite/ceostudy2012/
51. Social Media:
CIO & CMO budget overlap
• Reputation monitoring
• Marketing & PR
• Market research
• Customer services & support
• Sales & lead generation
• Research & development
• Management & collaboration
Tools
+
Time
+
Content
+
Content
+
Content
53. Getting Social
• You need a Social Media Strategy
• It needs to be fully integrated with your:
Business objectives
Marketing plan
Overall communications strategy
56. Where next?
• Mobile first
• Platforms win
• Cloud integration (and APIs)
• Systems of engagement
• Real time analytics
• Social Business – collaboration – connectivity
Why is this more simple? Well there’s a lot less stuff you own and manage! You have tools and platforms to support app development.
Examples include:- Move three-tier application from on-premises to cloudAn organization (customer) moves a three-tier application from an on-premises datacentre to a cloud infrastructure provider that will run the application off-premises.A three-tier application consists of the frontend web server, back-end database, and middle-tier business logic that services data requests between the user and the database.The data associated with the application is sensitive and confidential and it is necessary to assure its integrity.
Real time – just social media or across the whole net.