EuroCloud UK discuss the latest on Cloud Computing

David Terrar | D2C | EuroCloud | techUK| Cloud Industry Forum

@DT on Twitter, BizTwoZero.com, www.d2c.org.uk

• A bit of a history lesson: back to basics to explain where we are and why it’s so

exciting

• It’s more than Cloud: “The Big Shift” , “Digital Disruption” , “Third Wave of IT”

• Standards, compliance, and EU strategy• Data security after PRISM• What about the other big players?• Where next?

Agenda

World Wide Web – 20 years old

• Tim Berners-Lee invented the web at CERN - March 1989

• First website - http://info.cern.ch – 6 August 1991• CERN statement World Wide Web technology available

on a royalty free basis - 30 April 1993• Mid to late 90s – the web gets commercial• Google founded 1998• 1999 to 2001 – the dot-com boom and bust – web 1.0• 2002 to now – the web gets interactive – web 2.0 and

beyond

Moore’s Law

"the fundamental interconnectedness of all things"

20042005 2006

20072010 2010

2011

2007

2010

"1.7 billion touch-screen devices shipped in 2012." - IDC

http://www.youtube.com/watch?v=aXV-yaFmQNk

do more with less and do it better

What is Cloud Computing?

Gartner Magic Quadrant for Cloud Infrastructure as a Service

Everybody’s business model

is under threat

Why cloud?

• Lower costs – pay as you go vs. capex• More flexible – scale up, scale down• 24/7 access – anytime, anywhere, PC, tablet and smart phone• Faster deployment – faster time to benefit• Innovation for strategic advantage• Less IT headaches• Richer user experience• Facilitates collaboration• Availability and security

do more with less and do it better

Why Cloud?

• Consumerization of IT• Big Data

Major shifts in 21st Century Tech

What next?

• Barrier to entry for start-ups has never been lower• Heading towards Everything as a Service• Internet of Things• 3D printing• Nanotechnology• Rate of change is getting faster• What will happen in the next 5 years?

Transition to IT as a Service - implications?

“For a few applications you may needto run your own infrastructure. For most youwill be able to pool, in the fashion of shared

services. But increasingly we will all bedrawn to the benefits of scale of the

public cloud. Lower cost, higher reliability,and one day more control.”

- Government Chief Information Officer

250913 24

Serving the Enterprise

SaaS Apps

Delivering IT as a Service

Apps Apps

Infrastructure Renters

Serving the Customer

New Enterprise Apps

Application Platform

Cloud Infrastructure

Public Cloud

Private Cloud

Computing

Apps

Desktop Is Being Pulled Apart by the Cloud ForcesDevices

Computing

Apps

Interaction

Apps

What’s happening in the Enterprise environment

• Open Grid Forum (OGF) *

• Cloud Computing Interoperability Forum (CCIF)

• Distributed Management Task Force (DMTF)

• Cloud Security Alliance (CSA)

• ETSI TC Cloud/CSC *

• Org for Advancement of Structured Information Standards (OASIS) *

• Object Management Group (OMG)

• Storage Networking Industry Association (SNIA)

• ITU-T Focus Group on Cloud Computing

• Cloud Computing Forum (CCF - Korea)

• Korea Cloud Service Assn (KCSA)

Selected Cloud computing standards initiatives

• The Open Group

• European Network and Information Security Agency (ENISA)

• ISO/IEC JTC1 SC7 System and Software Engineering

• ISO/IEC JTC1 SC27 Security

• ISO/IEC JTC1 SC38 WG3 Cloud *

• Institute of Electrical & Electronic Engineers Standards Association *

• China Electronics Standardization Institute (CESI)

• Cloud Industry Forum (CIF) *

• OSGi Alliance

• Open Data Center Alliance(ODCA) *

• Japan Cloud Consortium

http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909024

The truth about Standards!

http://xkcd.com/927/

29

• ISO/ITU SC/38 Reference Architecture Vocabulary

• ISO 27017 Information Security for Cloud 20000 IT Service Management

• NIST Original Definitions SAJACC

250913

Emerging Cloud Standards of Note

• OASIS CAMP TOSCA

• SNIA CMDI (ISO 17826:2012)

• OGF OCCI

• DMTF OVF

http://cloud-standards.org

30

• Code of Practice• Self certified, independently

assured• Demonstrating:

Transparency Accountability and Capability

www.cloudindustryforum.org

250913

Industry Codes of Practice

STAR Audit

• A seal of approval for SaaS• 1 to 5 Star levels• Audit certification covers:

terms of service data security data protection contract terms, and interoperability

www.saas-audit.de/en/507/overview/

• Announced September 2012, VP Neelie Kroes, DG Connect. Aiming to deliver in Q4 2013

• Three components:-1. Cutting through the Jungle of Standards, ETSI Cloud

Standards Coordination and ENISA2. Safe and Fair Contract Terms3. European Cloud Partnership

• Key players:-• Ken Ducatel (Standards & Certification)• Dirk Van Rooy (ECP)

European Cloud Strategy

https://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy

Working Group Structure

Cutting through the Standards Jungle

• Three workgroups:-1. Roles & Responsibilities (Influenced by ISO/ITU

Standards in Committee Draft) – Complete2. Use Cases; 108 Examples for use in Public Sector.

Selection used for evaluation. • E.g. Cloud Bursting, Changing Cloud Vendor;

3. Mapping of Selected examples to Existing and Near future Standards. Including Security and Privacy, Service Level Agreements, etc.. Work in progress.• Emphasis on mapping to existing standards, e.g. ISO 27001 &

20000; W3C; OASIS; DMTF, etc..

34250913

ETSI Cloud Standards Coordination Deliverable

• Interim report delivered in June

• Work in progress on selected Use cases

• Face to Face meeting Mid October, ETSI

• Report Submission to Commission end October

1. INTRODUCTION2. DESCRIPTION OF THE METHODOLOGY USED3. ROLES AND USE CASES4. MAPPING CLOUD STANDARDS AND SPECIFICATIONS

TO COMMON USE CASES4.1 Service Level Agreement

4.1.1 General introduction4.1.2 High Level Use Cases selected4.1.3 Use Case #1: An Enterprise develops and provides

an App on a Cloud service for their end users4.1.4 Mapping of standards to selected use case4.1.5 Concluding remarks

4.2 Interoperability4.2.1 General introduction4.2.2 Use case - “Cloud bursting scenario”4.2.3 Data Portability Use Case - “Changing Cloud Vendor”4.2.4 Concluding remarks

4.3 Security4.3.1 General introduction4.3.2 Context setting: Security and Clouds4.3.3 Use case description and analysis4.3.4 Standards Mapping4.3.5 Concluding remarks

5. GLOBAL CLOUD STANDARDIZATION LANDSCAPE6. CONCLUSIONS / RECOMMENDATIONS7. REFERENCESANNEX 1 FULL LIST OF STANDARDS AND SPECIFICATIONSANNEX 2 LIST OF USE CASES

Safe and Fair Contract Terms

Cloud Select Industry GroupCertification (Led by ENISA)Codes of PracticeService Level Agreements

• Looking for the required set of standards and codes of practice which would equip the Public Sector and other bodies to safely adopt Cloud.

• Framework agreements proved challenging• Some definitional assistance from ISO/ITU Vocabulary?

European Cloud Partnership

• Two phases of activity:-1. €10M FP7 R&D Initiative let in May to the Fraunhofer

FOKUS consortium*. See Objective ICT-2013.11.3 High quality cloud computing environment for public sector needs, validated through a joint pre-commercial procurement (PCP)

2. European Cloud Partnership Steering Committee led by the President of Estonia and comprising representatives from Public Sector, Large and SME Industry. Kate Craig-Wood, Memset, the UK rep.

*http://www.fokus.fraunhofer.de/en/fokus/publikationen/presse/mitteilungen/20130704_cloud_europe.html

• Data Protection Regulation (2014/15) Mandatory legislation Harmonising EU data protection Aim to facilitate cross region business Privacy by Design Enshrine specific citizen rights: E.g. Right

to be forgotten

• Looked to be dead in June, but PRISM fixed that!

• Legislation in European Parliament

EU Data Protection Regulation

• EU Data Protection – with Merkel behind it will likely happen

• Standards are good, but trying to impose them won’t work

• Let the market decide

The verdict?

• Is it anti-European?• My data is in a US data centre – can the FBI access it?• If I store my data in the UK, the FBI can’t access it?• If I avoid US providers, no-one will see my data?• The UK won’t hand my data over to the FBI?• The draft EU Data Protection Regulation will stop the

Patriot Act?• If governments can get my data wherever I am, I should

stay out of cloud?• I’m not in cloud. I’m secure?

The Patriot Act & Data Security

http://www.comparethecloud.net/6179/patriot-act-and-data-security/

• Is your data of interest to governmental agencies?• Evaluate your data and identify the really important

information• Consider hybrid cloud where you keep your key data on

premise and run everything else through public cloud• Consider private cloud where your data is held by

someone you can investigate and trust• Consider encryption or tokenisation to protect your data• Check whether staff are using their own devices or public

cloud accounts

What about PRISM?

http://www.comparethecloud.net/7085/help-nsa-has-my-data/

• Great pricing – 2-3 years pay back to standard Office license

• Always on the latest Office versions on up to 5 devices• No capital investment – monthly/yearly pay as you go• Microsoft running exchange for you on their servers• No IT support required – from in house or external

provider• Great support from people you can actually talk to• Some collaboration built in• Not perfect – confusing licencing options

Microsoft

Larry Ellison :“a cloud customer is economically more valuable to us over time.”

“We are growing very fast in the cloud; especially the HCM cloud. We’re larger in SaaS than anyone else but Salesforce.com,”

“One reason I was confident SAP HANA could never compete with Oracle was because of 12c.”

Oracle

Salesforce

Salesforce

• Betting the farm on mobile• It’s all about the platform (+ APIs + ecosystem)• Focus on customer – sales + marketing - 1:1

Salesforce

The CMO is expected to spend more on technology than the CIO by 2017

Gartner prediction

88% of business leaders said getting closer to their customers was the top priority for realizing their strategy over the next 5 years

IBM CEO Study

www.ibm.com/services/us/en/c-suite/ceostudy2012/

Social Media: CIO & CMO budget overlap

• Reputation monitoring• Marketing & PR• Market research• Customer services & support• Sales & lead generation• Research & development• Management & collaboration

Tools+

Time+

Content+

Content+

Content

Social Media Channels

Where does your target audience hang out?Go there and join the conversation!

?

Getting Social

• You need a Social Media Strategy• It needs to be fully integrated with your:

Business objectives Marketing plan Overall communications strategy

Mobile Ready? - Responsive Web Design as well as Apps

Where next?

• Mobile first• Platforms win• Cloud integration (and APIs)• Systems of engagement• Real time analytics• Social Business – collaboration – connectivity

References and photo sources

• http://en.wikipedia.org/wiki/File:IBM_card_punch_029.JPG• http://en.wikipedia.org/wiki/File:Blue-punch-card-front-horiz.png• http://en.wikipedia.org/wiki/File:Apple_II_tranparent_800.png• http://www-03.ibm.com/ibm/history/exhibits/vintage/vintage_4506VV2236.html • http://upload.wikimedia.org/wikipedia/commons/f/f1/Ibm_pc_5150.jpg• http://www.youtube.com/watch?v=aXV-yaFmQNk• http://en.wikipedia.org/wiki/File:IPhone_2G_PSD_Mock.png• http://en.wikipedia.org/wiki/File:IPad_1_PSD_Mockup.png • http://secrets-of-self-sufficiency.com/how-to-install-a-plug-socket-outlet • http://www.gartner.com/technology/reprints.do?id=1-1IMDMZ5&ct=130819&st=sb• http://en.wikipedia.org/wiki/File:Transistor_Count_and_Moore%27s_Law_-_2011.svg• http://clearslide.com/view/mail?iID=UA7WEVJ8XPWPYSG62QW6• http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909024• http://xkcd.com/927/• http://cloud-standards.org• https://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy• http://www.fokus.fraunhofer.de/en/fokus/publikationen/presse/mitteilungen/20130704_cloud_europe.html • http://www.comparethecloud.net/6179/patriot-act-and-data-security/• http://www.comparethecloud.net/7085/help-nsa-has-my-data/ • www.ibm.com/services/us/en/c-suite/ceostudy2012/ • http://mashable.com/2012/12/11/responsive-web-design/

Contact details

David TerrarD2C | EuroCloud | techUK | Cloud Industry Forum

p: +44 (0)1727 866309 m: +44 (0)7715 159423

e: dt@d2c.org.ukw: www.d2c.org.ukskype: david_terrartwitter: http://twittter.com/DT @DT linkedin: http://www.linkedin.com/in/davidterrar

blog: http://biztwozero.com