Upload
david-terrar
View
837
Download
5
Embed Size (px)
DESCRIPTION
My #UKISUG13 presentation on Tuesday 26th November 2103 in the Cloud stream: - Rethink the way you look at Cloud - Simplify the Cloud message for your colleagues - Go back to your company, look at your plans for innovation and put your foot on the accelerator Contents: A bit of a history lesson: back to basics to explain where we are and why it’s so exciting It’s more than Cloud: “The Big Shift” , “Digital Disruption” , “Third Wave of IT” Standards, compliance, and EU strategy Data security after PRISM What about the other big players? Where next?
Citation preview
EuroCloud UK discuss the latest on Cloud Computing
David Terrar | D2C | EuroCloud | techUK| Cloud Industry Forum
@DT on Twitter, BizTwoZero.com, www.d2c.org.uk
• A bit of a history lesson: back to basics to explain where we are and why it’s so
exciting
• It’s more than Cloud: “The Big Shift” , “Digital Disruption” , “Third Wave of IT”
• Standards, compliance, and EU strategy• Data security after PRISM• What about the other big players?• Where next?
Agenda
World Wide Web – 20 years old
• Tim Berners-Lee invented the web at CERN - March 1989
• First website - http://info.cern.ch – 6 August 1991• CERN statement World Wide Web technology available
on a royalty free basis - 30 April 1993• Mid to late 90s – the web gets commercial• Google founded 1998• 1999 to 2001 – the dot-com boom and bust – web 1.0• 2002 to now – the web gets interactive – web 2.0 and
beyond
Moore’s Law
"the fundamental interconnectedness of all things"
20042005 2006
20072010 2010
2011
2007
2010
"1.7 billion touch-screen devices shipped in 2012." - IDC
http://www.youtube.com/watch?v=aXV-yaFmQNk
do more with less and do it better
What is Cloud Computing?
Gartner Magic Quadrant for Cloud Infrastructure as a Service
Everybody’s business model
is under threat
Why cloud?
• Lower costs – pay as you go vs. capex• More flexible – scale up, scale down• 24/7 access – anytime, anywhere, PC, tablet and smart phone• Faster deployment – faster time to benefit• Innovation for strategic advantage• Less IT headaches• Richer user experience• Facilitates collaboration• Availability and security
do more with less and do it better
Why Cloud?
• Consumerization of IT• Big Data
Major shifts in 21st Century Tech
What next?
• Barrier to entry for start-ups has never been lower• Heading towards Everything as a Service• Internet of Things• 3D printing• Nanotechnology• Rate of change is getting faster• What will happen in the next 5 years?
Transition to IT as a Service - implications?
“For a few applications you may needto run your own infrastructure. For most youwill be able to pool, in the fashion of shared
services. But increasingly we will all bedrawn to the benefits of scale of the
public cloud. Lower cost, higher reliability,and one day more control.”
- Government Chief Information Officer
250913 24
Serving the Enterprise
SaaS Apps
Delivering IT as a Service
Apps Apps
Infrastructure Renters
Serving the Customer
New Enterprise Apps
Application Platform
Cloud Infrastructure
Public Cloud
Private Cloud
Computing
Apps
Desktop Is Being Pulled Apart by the Cloud ForcesDevices
Computing
Apps
Interaction
Apps
What’s happening in the Enterprise environment
• Open Grid Forum (OGF) *
• Cloud Computing Interoperability Forum (CCIF)
• Distributed Management Task Force (DMTF)
• Cloud Security Alliance (CSA)
• ETSI TC Cloud/CSC *
• Org for Advancement of Structured Information Standards (OASIS) *
• Object Management Group (OMG)
• Storage Networking Industry Association (SNIA)
• ITU-T Focus Group on Cloud Computing
• Cloud Computing Forum (CCF - Korea)
• Korea Cloud Service Assn (KCSA)
Selected Cloud computing standards initiatives
• The Open Group
• European Network and Information Security Agency (ENISA)
• ISO/IEC JTC1 SC7 System and Software Engineering
• ISO/IEC JTC1 SC27 Security
• ISO/IEC JTC1 SC38 WG3 Cloud *
• Institute of Electrical & Electronic Engineers Standards Association *
• China Electronics Standardization Institute (CESI)
• Cloud Industry Forum (CIF) *
• OSGi Alliance
• Open Data Center Alliance(ODCA) *
• Japan Cloud Consortium
http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909024
29
• ISO/ITU SC/38 Reference Architecture Vocabulary
• ISO 27017 Information Security for Cloud 20000 IT Service Management
• NIST Original Definitions SAJACC
250913
Emerging Cloud Standards of Note
• OASIS CAMP TOSCA
• SNIA CMDI (ISO 17826:2012)
• OGF OCCI
• DMTF OVF
http://cloud-standards.org
30
• Code of Practice• Self certified, independently
assured• Demonstrating:
Transparency Accountability and Capability
www.cloudindustryforum.org
250913
Industry Codes of Practice
STAR Audit
• A seal of approval for SaaS• 1 to 5 Star levels• Audit certification covers:
terms of service data security data protection contract terms, and interoperability
www.saas-audit.de/en/507/overview/
• Announced September 2012, VP Neelie Kroes, DG Connect. Aiming to deliver in Q4 2013
• Three components:-1. Cutting through the Jungle of Standards, ETSI Cloud
Standards Coordination and ENISA2. Safe and Fair Contract Terms3. European Cloud Partnership
• Key players:-• Ken Ducatel (Standards & Certification)• Dirk Van Rooy (ECP)
European Cloud Strategy
https://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy
Working Group Structure
Cutting through the Standards Jungle
• Three workgroups:-1. Roles & Responsibilities (Influenced by ISO/ITU
Standards in Committee Draft) – Complete2. Use Cases; 108 Examples for use in Public Sector.
Selection used for evaluation. • E.g. Cloud Bursting, Changing Cloud Vendor;
3. Mapping of Selected examples to Existing and Near future Standards. Including Security and Privacy, Service Level Agreements, etc.. Work in progress.• Emphasis on mapping to existing standards, e.g. ISO 27001 &
20000; W3C; OASIS; DMTF, etc..
34250913
ETSI Cloud Standards Coordination Deliverable
• Interim report delivered in June
• Work in progress on selected Use cases
• Face to Face meeting Mid October, ETSI
• Report Submission to Commission end October
1. INTRODUCTION2. DESCRIPTION OF THE METHODOLOGY USED3. ROLES AND USE CASES4. MAPPING CLOUD STANDARDS AND SPECIFICATIONS
TO COMMON USE CASES4.1 Service Level Agreement
4.1.1 General introduction4.1.2 High Level Use Cases selected4.1.3 Use Case #1: An Enterprise develops and provides
an App on a Cloud service for their end users4.1.4 Mapping of standards to selected use case4.1.5 Concluding remarks
4.2 Interoperability4.2.1 General introduction4.2.2 Use case - “Cloud bursting scenario”4.2.3 Data Portability Use Case - “Changing Cloud Vendor”4.2.4 Concluding remarks
4.3 Security4.3.1 General introduction4.3.2 Context setting: Security and Clouds4.3.3 Use case description and analysis4.3.4 Standards Mapping4.3.5 Concluding remarks
5. GLOBAL CLOUD STANDARDIZATION LANDSCAPE6. CONCLUSIONS / RECOMMENDATIONS7. REFERENCESANNEX 1 FULL LIST OF STANDARDS AND SPECIFICATIONSANNEX 2 LIST OF USE CASES
Safe and Fair Contract Terms
Cloud Select Industry GroupCertification (Led by ENISA)Codes of PracticeService Level Agreements
• Looking for the required set of standards and codes of practice which would equip the Public Sector and other bodies to safely adopt Cloud.
• Framework agreements proved challenging• Some definitional assistance from ISO/ITU Vocabulary?
European Cloud Partnership
• Two phases of activity:-1. €10M FP7 R&D Initiative let in May to the Fraunhofer
FOKUS consortium*. See Objective ICT-2013.11.3 High quality cloud computing environment for public sector needs, validated through a joint pre-commercial procurement (PCP)
2. European Cloud Partnership Steering Committee led by the President of Estonia and comprising representatives from Public Sector, Large and SME Industry. Kate Craig-Wood, Memset, the UK rep.
*http://www.fokus.fraunhofer.de/en/fokus/publikationen/presse/mitteilungen/20130704_cloud_europe.html
• Data Protection Regulation (2014/15) Mandatory legislation Harmonising EU data protection Aim to facilitate cross region business Privacy by Design Enshrine specific citizen rights: E.g. Right
to be forgotten
• Looked to be dead in June, but PRISM fixed that!
• Legislation in European Parliament
EU Data Protection Regulation
• EU Data Protection – with Merkel behind it will likely happen
• Standards are good, but trying to impose them won’t work
• Let the market decide
The verdict?
• Is it anti-European?• My data is in a US data centre – can the FBI access it?• If I store my data in the UK, the FBI can’t access it?• If I avoid US providers, no-one will see my data?• The UK won’t hand my data over to the FBI?• The draft EU Data Protection Regulation will stop the
Patriot Act?• If governments can get my data wherever I am, I should
stay out of cloud?• I’m not in cloud. I’m secure?
The Patriot Act & Data Security
http://www.comparethecloud.net/6179/patriot-act-and-data-security/
• Is your data of interest to governmental agencies?• Evaluate your data and identify the really important
information• Consider hybrid cloud where you keep your key data on
premise and run everything else through public cloud• Consider private cloud where your data is held by
someone you can investigate and trust• Consider encryption or tokenisation to protect your data• Check whether staff are using their own devices or public
cloud accounts
What about PRISM?
http://www.comparethecloud.net/7085/help-nsa-has-my-data/
• Great pricing – 2-3 years pay back to standard Office license
• Always on the latest Office versions on up to 5 devices• No capital investment – monthly/yearly pay as you go• Microsoft running exchange for you on their servers• No IT support required – from in house or external
provider• Great support from people you can actually talk to• Some collaboration built in• Not perfect – confusing licencing options
Microsoft
Larry Ellison :“a cloud customer is economically more valuable to us over time.”
“We are growing very fast in the cloud; especially the HCM cloud. We’re larger in SaaS than anyone else but Salesforce.com,”
“One reason I was confident SAP HANA could never compete with Oracle was because of 12c.”
Oracle
Salesforce
Salesforce
• Betting the farm on mobile• It’s all about the platform (+ APIs + ecosystem)• Focus on customer – sales + marketing - 1:1
Salesforce
The CMO is expected to spend more on technology than the CIO by 2017
Gartner prediction
88% of business leaders said getting closer to their customers was the top priority for realizing their strategy over the next 5 years
IBM CEO Study
www.ibm.com/services/us/en/c-suite/ceostudy2012/
Social Media: CIO & CMO budget overlap
• Reputation monitoring• Marketing & PR• Market research• Customer services & support• Sales & lead generation• Research & development• Management & collaboration
Tools+
Time+
Content+
Content+
Content
Social Media Channels
Where does your target audience hang out?Go there and join the conversation!
?
Getting Social
• You need a Social Media Strategy• It needs to be fully integrated with your:
Business objectives Marketing plan Overall communications strategy
Mobile Ready? - Responsive Web Design as well as Apps
Where next?
• Mobile first• Platforms win• Cloud integration (and APIs)• Systems of engagement• Real time analytics• Social Business – collaboration – connectivity
References and photo sources
• http://en.wikipedia.org/wiki/File:IBM_card_punch_029.JPG• http://en.wikipedia.org/wiki/File:Blue-punch-card-front-horiz.png• http://en.wikipedia.org/wiki/File:Apple_II_tranparent_800.png• http://www-03.ibm.com/ibm/history/exhibits/vintage/vintage_4506VV2236.html • http://upload.wikimedia.org/wikipedia/commons/f/f1/Ibm_pc_5150.jpg• http://www.youtube.com/watch?v=aXV-yaFmQNk• http://en.wikipedia.org/wiki/File:IPhone_2G_PSD_Mock.png• http://en.wikipedia.org/wiki/File:IPad_1_PSD_Mockup.png • http://secrets-of-self-sufficiency.com/how-to-install-a-plug-socket-outlet • http://www.gartner.com/technology/reprints.do?id=1-1IMDMZ5&ct=130819&st=sb• http://en.wikipedia.org/wiki/File:Transistor_Count_and_Moore%27s_Law_-_2011.svg• http://clearslide.com/view/mail?iID=UA7WEVJ8XPWPYSG62QW6• http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909024• http://xkcd.com/927/• http://cloud-standards.org• https://ec.europa.eu/digital-agenda/en/european-cloud-computing-strategy• http://www.fokus.fraunhofer.de/en/fokus/publikationen/presse/mitteilungen/20130704_cloud_europe.html • http://www.comparethecloud.net/6179/patriot-act-and-data-security/• http://www.comparethecloud.net/7085/help-nsa-has-my-data/ • www.ibm.com/services/us/en/c-suite/ceostudy2012/ • http://mashable.com/2012/12/11/responsive-web-design/
Contact details
David TerrarD2C | EuroCloud | techUK | Cloud Industry Forum
p: +44 (0)1727 866309 m: +44 (0)7715 159423
e: [email protected]: www.d2c.org.ukskype: david_terrartwitter: http://twittter.com/DT @DT linkedin: http://www.linkedin.com/in/davidterrar
blog: http://biztwozero.com