basics of cloud computing

Basics management aspects of Cloud Computing

Basics management aspects of Cloud Computing

INFOSAFE 17 décembre 2011

Myth & Facts of Cloud computing

• Myths ▫ Cloud computing will eliminate the need for IT

personnel.

▫ Cloud computing will eliminate IT expense

• Facts▫ Cloud technology is real

▫ This technology should not be ignored

What is said:

“Biggest Paradigm Shift in 20 years”

“Game Changers”

“Tremendous Cost Cutting”

“Just On” “Pay As You Go”

Andy Harjanto I’m cloud confused http://www.andyharjanto.com

First, What the heck isCloud Computing

First, what the heck is Cloud Computing?…in simple, plain English please!


Let’s use a simple analogy

Say you just moved to a city, and you’re looking for

a place to live


You can either

Build a house or

Rent an apartment


If you build a house, there are a few

important decisions you have to make…


HowHow big big is the is the house? house?

are you planning to grow a large family?

Remodel, addition typically Remodel, addition typically cost a lot more cost a lot more once the house is builtonce the house is built


But, you get a chance

to customize it

Roof

windows

lightingAndy Harjanto I’m cloud confused http://www.andyharjanto.com

Once the house is built, you’re responsible for

maintenance Hire Landscaper

Electrician

Plumber

Pay property tax

Water

Gutter CleaningHeating and Cooling House Keeping


How about renting?

Consider a builder in your city builds

a massive number of apartment units Andy Harjanto I’m cloud confused http://www.andyharjanto.com

A unit can easily be

converted into a 2,3,4 or more units


You make a fewer,

simpler decisionsYou can start with one unit and grow later, ordownsize


But…You do not

havea lot of options

to customize your

unit


However, builders provide you with very high quality infrastructure

high speed Internet

high capacity electricity

triple pane windowsgreen materials

No need to worry about maintenanceNo need to worry about maintenance


Just pay your

rentand utilities

Pay as You Go


Let’s translate to

Cloud Computing?

As an end-consumer, believe it or not

you’ve been using Cloud for long times


http://images.google.com/imgres?imgurl=http://techreviews.in/wp-content/uploads/2009/10/final_hotmail_logo1.jpg&imgrefurl=http://techreviews.in/tag/microsoft/&usg=__YmmcJdn7_EwyB-DVYCgEt3w35Mc=&h=192&w=355&sz=11&hl=en&start=8&sig2=SxIS-T89ieuDtmYqlCvmpA&um=1&tbnid=dEIx-cCtLROpBM:&tbnh=65&tbnw=121&prev=/images?q=hotmail+logo&hl=en&sa=X&um=1&ei=xwQHS7KBGaiWtgOJn6HBCQ

http://images.google.com/imgres?imgurl=http://ahmadladhani.files.wordpress.com/2009/02/img_115752_gmail-logo.jpg&imgrefurl=http://ahmadladhani.wordpress.com/2009/02/27/tech-gmail-goes-offline/&usg=__Hxs6usJ9Z-MbcJDXvfJJRnH34nI=&h=337&w=450&sz=12&hl=en&start=18&sig2=-15kr-0dmbvY8bunsXPvvQ&um=1&tbnid=Nl9L-6IT_94haM:&tbnh=95&tbnw=127&prev=/images?q=Gmail&hl=en&um=1&ei=4gQHS4e-HIicswO5oujACQ

http://images.google.com/imgres?imgurl=http://dev.aol.com/images/mail/tbird_aolmail.jpg&imgrefurl=http://dev.aol.com/node/455/subscribe&usg=__DzKgRUCq_-AmLD6S8wuRgv9ONUc=&h=215&w=446&sz=25&hl=en&start=6&sig2=qeerobRL59zPAleQulQmdA&um=1&tbnid=h6B5dahOLER73M:&tbnh=61&tbnw=127&prev=/images?q=AOL+Mail&hl=en&um=1&ei=EgUHS_SFPKD8swOS2enACQ

http://images.google.com/imgres?imgurl=http://www.techshout.com/images/yahoo-mail-updated.jpg&imgrefurl=http://gtharaka.blogspot.com/&usg=__bMVG_Dh15TQBS6ZQ7zzJDAzAe80=&h=320&w=320&sz=31&hl=en&start=14&sig2=nKKvcvNEzkEZzsxmE99Qkw&um=1&tbnid=oUwGfSvIR0HKuM:&tbnh=118&tbnw=118&prev=/images?q=Yahoo+Mail&hl=en&um=1&ei=MgUHS4_2KZDStQPb8pXBCQ

http://images.google.com/imgres?imgurl=http://www.tcd.ie/disability/projects/DS3/images/facebook.jpg&imgrefurl=http://www.tcd.ie/disability/projects/DS3/index.php&usg=__T5E5WZy_5_Nn6lRtaKItxLeQ7MY=&h=301&w=800&sz=50&hl=en&start=3&sig2=9ofwmVXumHklK49E9IMpCQ&um=1&tbnid=jGTeQeE8hvY07M:&tbnh=54&tbnw=143&prev=/images?q=Facebook&hl=en&um=1&ei=TgUHS6mtL6XSswPgxJ3BCQ

http://images.google.com/imgres?imgurl=http://rantingraving.files.wordpress.com/2009/03/flickr.jpg&imgrefurl=http://rantingraving.wordpress.com/2009/03/11/got-cupcakes/&usg=__gTEERjZaTKyD3ZMA7SFJNbg8Hjs=&h=300&w=450&sz=35&hl=en&start=6&sig2=6h6EI25DHkLnVSrGHJOmiA&um=1&tbnid=7EXJg66EE8WZhM:&tbnh=85&tbnw=127&prev=/images?q=Flickr&hl=en&um=1&ei=YgUHS6PfOpD0sgOoivX4Bg

http://images.google.com/imgres?imgurl=http://dancull.files.wordpress.com/2009/06/youtube_logo.jpg&imgrefurl=http://dancull.wordpress.com/2009/04/27/exclusive-interview-with-e-conservation/&usg=__6MLq-_yjhvrOckmjYDfz11oUIcM=&h=310&w=413&sz=17&hl=en&start=3&sig2=xtmXBP_xAe-a5pwAKvnn8A&um=1&tbnid=P5L3xns34LJS0M:&tbnh=94&tbnw=125&prev=/images?q=You+TUbe&hl=en&um=1&ei=gQUHS4aqO4zCtAP69rHACQ

http://images.google.com/imgres?imgurl=http://velazquez.house.gov/chc/images/twitter_logo.jpg&imgrefurl=http://velazquez.house.gov/chc/index_.shtml&usg=__UpEmbdGyk9dNt3i6FOpceuc8zFs=&h=294&w=799&sz=41&hl=en&start=7&sig2=3sXaASEo-bKK8ir9ouykqQ&um=1&tbnid=vQrkVYvd7GM_4M:&tbnh=53&tbnw=143&prev=/images?q=Twitter&hl=en&um=1&ei=mgUHS_z5GY3WsgO5svn4Bg

http://images.google.com/imgres?imgurl=http://www.ideachampions.com/weblogs/google-logo.jpg&imgrefurl=http://www.ideachampions.com/weblogs/archives/best_practices/index.shtml&usg=__3olsWJ9huP51nItgd6V6VKtpr_Q=&h=478&w=1197&sz=204&hl=en&start=2&sig2=aScxKj5AoyhuAvDZOJMYFw&um=1&tbnid=ylwf-XkJVe34QM:&tbnh=60&tbnw=150&prev=/images?q=Google&hl=en&um=1&ei=-wUHS6CoLpLStgP1kaHACQ

Yes, most of them are

FreeFree

In return, you’re willing to give away...

your information for ads and other purposes

But you’ve been enjoying

High Reliability Service

Unlimited Storage

Connecting, Sharing

(ok, ok, most of them are)

OK, Now tell that to the business owner

Give up your data, thenyou can use this infrastructure for

free

This is how their CEO would feel

My Business Needs…

Security

Privacy

Reliability

High Availability

Building EnterpriseSoftware

Stone WallFire-proofMoatArmy Death Hole

is like…. Building

Medieval Castle


Let’s Hire an Army of IT Engineers

Software UpgradeSupport

Backup/RestoreService Pack

Development

Network issues


Let’s BuildHuge Data

Center

Capacity Planning

Disaster Plan

Cooling Management

Server Crashes


In the mean time,…

Many things have changed Many things have changed

The enterprise world we live in 2010 and beyond

Global Direct, Open CustomersCommunication

TransparencyWork Remotely

Digital Life Convergence

(e.g. Social Media)

(Work and Personal lines are blurring)

(Customers, Resources, IPs are acquired everywhere)

(Mobility Trend)

(Blogs, Social Computing)

Layoffs

2008-2012Economy is upside down

Excess CapacityBankruptcy

Can we bridge the gap?

Requires a New Way

of

Thinking

Leave it the expertswho have a lot of money to spend to build

giant datacenters across the globe

Your data is replicated3 or 4 times in their data

center

High Availability

Adding “Adding “servers”servers” is a click is a click away. away. Running in just minutes, not Running in just minutes, not daysdaysH

igh

Tra

ffic?

It can even load balance your server traffic

Expect your Cloud

Networkis always up

Yes, you can even pick

where your data and “servers” reside

Business Contraction?

Just reduce your computing power, storage

Wait, What is the catch?

Cloud Computing

is a relatively new technology

Only a handful of major playerscan build

this massive infrastructure

http://images.google.com/imgres?imgurl=http://www.ict.mahidol.ac.th/research/images/partnerLogo/microsoft-logo1.jpg&imgrefurl=http://www.ict.mahidol.ac.th/research/Collaboration.html&usg=__-a8OIOfHVLIjv2_scSRTbKbuTcY=&h=360&w=450&sz=12&hl=en&start=2&sig2=4hSlgysynoc1AmnUfEjGdw&um=1&tbnid=j_WDRg2Y5x_nNM:&tbnh=102&tbnw=127&prev=/images?q=Microsoft&hl=en&sa=N&um=1&ei=ztznSuL-IYfutgPBxuisBQ

http://images.google.com/imgres?imgurl=http://chandrakantha.com/articles/indian_music/filmi_sangeet/media/1998_google.jpg&imgrefurl=http://chandrakantha.com/articles/indian_music/filmi_sangeet/film_song_1998.html&usg=___hLGkwug_AvG4go-BqYwE_KdBRE=&h=300&w=425&sz=34&hl=en&start=2&sig2=mixOMW1TwhGrSycnyzo8-A&um=1&tbnid=cIGPCF08mCk7nM:&tbnh=89&tbnw=126&prev=/images?q=Google&hl=en&um=1&ei=5NznSrvoCZ2ctAP6tpWZBQ

http://images.google.com/imgres?imgurl=http://www.mediabistro.com/galleycat/original/amazon_crave.jpg&imgrefurl=http://www.mediabistro.com/galleycat/bookselling/amazons_direct_attack_against_bookstores_140385.asp&usg=__pPb_DW-Iipf3feCf-Fentq9iB4Q=&h=300&w=350&sz=40&hl=en&start=3&sig2=D5DBZR0_4mZhqMtMaoVFxw&um=1&tbnid=sK54FwL7xw4MTM:&tbnh=103&tbnw=120&prev=/images?q=Amazon&hl=en&um=1&ei=Cd3nSpyCGo3UswO9mo2nBQ

http://aws.amazon.com/

Not many software written yet to take advantage of

cloud infrastructure

Sensitive Data in the Cloud?are there yet?

Data at Rest

Data in Motion

Encryption

Yes, you’re loosing some controls

physical security

some configurations

Let’s clear common

confusions

about Cloud Computing

Who is paying whom?

Typical Scenarios

You(Business, Individual)

Software/ServiceProviders

Cloud/InfrastructureProvider

You may also build softwaredirectly on the provider’s platform andpay them directly

http://images.google.com/imgres?imgurl=http://www.ict.mahidol.ac.th/research/images/partnerLogo/microsoft-logo1.jpg&imgrefurl=http://www.ict.mahidol.ac.th/research/Collaboration.html&usg=__-a8OIOfHVLIjv2_scSRTbKbuTcY=&h=360&w=450&sz=12&hl=en&start=2&sig2=4hSlgysynoc1AmnUfEjGdw&um=1&tbnid=j_WDRg2Y5x_nNM:&tbnh=102&tbnw=127&prev=/images?q=Microsoft&hl=en&sa=N&um=1&ei=ztznSuL-IYfutgPBxuisBQ

http://images.google.com/imgres?imgurl=http://chandrakantha.com/articles/indian_music/filmi_sangeet/media/1998_google.jpg&imgrefurl=http://chandrakantha.com/articles/indian_music/filmi_sangeet/film_song_1998.html&usg=___hLGkwug_AvG4go-BqYwE_KdBRE=&h=300&w=425&sz=34&hl=en&start=2&sig2=mixOMW1TwhGrSycnyzo8-A&um=1&tbnid=cIGPCF08mCk7nM:&tbnh=89&tbnw=126&prev=/images?q=Google&hl=en&um=1&ei=5NznSrvoCZ2ctAP6tpWZBQ

http://images.google.com/imgres?imgurl=http://www.mediabistro.com/galleycat/original/amazon_crave.jpg&imgrefurl=http://www.mediabistro.com/galleycat/bookselling/amazons_direct_attack_against_bookstores_140385.asp&usg=__pPb_DW-Iipf3feCf-Fentq9iB4Q=&h=300&w=350&sz=40&hl=en&start=3&sig2=D5DBZR0_4mZhqMtMaoVFxw&um=1&tbnid=sK54FwL7xw4MTM:&tbnh=103&tbnw=120&prev=/images?q=Amazon&hl=en&um=1&ei=Cd3nSpyCGo3UswO9mo2nBQ

Do I have to start over?

In some cases, you could redirect your data to the cloud

Migrate Data to the Cloud

Before

In some cases, you could redirect your data to the cloud

After

However, to take advantage fully,

migrate all or create new apps on the cloud

Employees

Customers

Suppliers

Source: Wikipedia

SO LET’S START TO GO INTO MORE DETAILS

Definition “A style of computing where scalable and elastic IT-related capabilities are provided “as-a-service” using internet technologies to multiple external customers.” (Gartner)

“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” (National Institute of Standards and Technology)

Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france

Who are the players ?

The different players in the Cloud Computing sectors are:

• New entrants: Terremark (USA), Rackspace, GoGrid (USA), LinkByNet (France), Ghandi (France), etc.• Major IT Companies: Microsoft, IBM, SUN, etc.• Telecommunications companies: Orange Business Services (France), COLT Telecom (Europe),British Telecom, etc.• Constructors and software providers: VMWare, EMC, Citrix, etc.• Internet companies: Google (USA), Amazon Web Services (USA), Salesforce (USA), etc.• Consulting firms: Cap Gemini, Gartner, Forrester, IDC, etc.


Five key characteristics, explained by the Gartner (Plummer, et al., 2009) and the National Institute of Standards and Technologies (Mell, et al., 2009):¢ • A service-oriented technology, where consumer concerns are abstracted

from provider concerns, and that is ready-to-use SERVICE BASED;

¢ • Services scale on-demand to add or remove resources as needed RAPID ELASTICITY AND SCALABILITY;

¢ • Services share a pool of resources to build economies of scale SHARED RESOURCES;

¢ • Services are tracked with usage metrics to enable the “pay-as-you-go model” PAY PER USE;

¢ • Services are delivered through use of Web identifiers, standards, formats and protocols and with an identical access UBIQUITOUS NETWORK ACCESS;


3 types of services


Software as a Service (SaaS)

This is the Top most layer of the cloud computing stack - directly consumed by end user .

On-Premise applications are expensive, affordable only to big enterprises.

Why?

Cause On-Premise applications had a very high upfront CapEx (Capital Expenditure); which results in a high TCO (Total Cost of Ownership). On-Premise apps also require a higher number of skilled developers to maintain the application. In its current avatar SaaS is going to be the best bet for SMEs/SMBs (Small & Mid size businesses). Now, they can afford best software solution for their business without investing anything at all on the infrastructure or development platform or skilled manpower. The only requirement for SaaS is a computer with browser, quite basic. SaaS is a recurring subscription based model delivered to customer on demand – Pay as you use.

http://www.techno-pulse.com/

SaaS (Software as a Service) : concerne les applications d’entreprise : CRM, outils collaboratifs, messagerie, BI, ERP,... Le modèle SaaS permet de déporter une application chez un tiers. Ce modèle convient à certaines catégories d’applications qui se doivent d’être globalement identiques pour tout le monde, la standardisation étant un des principes du cloud. Le terme SaaS évoque bien un service dans le sens où le fournisseur vend une fonction opérationnelle, et non des composants techniques requérant une compétence informatique

Software as a service (SAAS) The service provided makes use of the provider’s

applications accessible through a client interface, such as a web browser (ex: Gmail).

The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system, the storage and cannot add specific development (even if there are limited user specific application configuration settings).

Offers: Billing, Financials, Legal, Sales, Desktop productivity, Human Resources, Content Management, Backup & Recovery, CRM (Customer Relationship Management), Document Management, Collaboration Tools, Social Networks.


Platform as a service (PAAS)

The service provided consists in the deployment of consumercreated applications on the provider’s infrastructure and the use of programming languages and tools supported by the platform (ex: Java or Python available on Google App Engine).

The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system and the storage but he has control over the deployed applications, and occasionally application hosting environment configurations.

Offers: General purpose, Business intelligence, Integration, Development & Testing, Database.Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,

http://www.slideshare.net/cedricmora/cloud-computing-in-france

PaaS (Platform as a Service) : concerne les environnements middleware, de développement, de test,... Le modèle PaaS consiste à mettre à disposition un environnement prêt à l’emploi, l’infrastructure étant masquée. Une plate-forme PaaS permet par exemple d’avoir un environnement de développement immédiatement disponible

Platform as a Service (PaaS)

Now you don’t need to invest millions of $$$ to get that development foundation ready for your developers.

The PaaS provider will deliver the platform on the web, and in most of the cases you can consume the platform using your browser, i.e. no need to download any software.

It has definitely empowered small & mid-size companies or even an individual developer to launch their own SaaS leveraging the power of these platform providers, without any initial investment.

PaaS Examples

Google App Engine and Windows Azure are examples of Cloud OS. OrangesScape & Wolf PaaS are cloud middleware.


INFRASTRUCTURE AS A SERVICE (IAAS)

The service provided gives the possibility to rent resources, such as processing, storage or bandwidth, and allows the consumer to deploy and run anysoftware (operating systems and/or applications).

The consumer doesn’t manage and control the infrastructure but he controls the operating system, the storage, the deployed applications, and occasionally networking components (firewall, load balancing).

Some providers offer to manage the application if the latter is not too specific and is compatible with the perimeter of their offer.

o Offers: Storage, Compute, Services Management.


concerne les serveurs, moyens de stockage, réseau, ... Le modèle IaaS consiste à pouvoir disposer d’une infrastructure informatique disponible via un modèle de déploiement cloud computing. L’accès à la ressource est complet et sans restriction, équivalent de fait à la mise à disposition d’une infrastructure physique réelle. Ainsi une entreprise pourra par exemple louer des serveurs Linux, Windows ou autres systèmes, qui tourneront en fait dans une machine virtuelle chez le fournisseur de l’IaaS.

Infrastructure as a Service (IaaS)This is the base layer of the cloud stack.

It serves as a foundation for the other two layers, for their execution. The keyword behind this stack is Virtualization.

Let us try to understand this using Amazon EC2. In Amazon EC2 (Elastic Compute Cloud) your application will be executed on a virtual computer (instance). You have the choice of virtual computer, where you can select a configuration of CPU, memory & storage that is optimal for your application. The whole cloud infrastructure viz. servers, routers, hardware based load-balancing, firewalls, storage & other network equipments are provided by the IaaS provider. The customer buy these resources as a service on a need basis.


Qui contrôle quoi ?

71© 2009 IDC

IT Cloud Services TaxonomyIT Cloud Services Taxonomy

Cloud Applications

(Apps-as-a-service)

Cloud(Application) Platforms

(Platform-as-a-Service)

Cloud Infrastructure(Infrastructure-as-a-Service)

App Deploy

IT Cloud Services

App Dev/Test

72© 2009 IDC

All Types of IT Software & HardwareAre or Will Be Offered as Cloud Services…All Types of IT Software & HardwareAre or Will Be Offered as Cloud Services…

Application Development SoftwareApplication Server MiddlewareData Access, Analysis, and DeliveryInformation & Data ManagementIntegration & Process Automation MiddlewareOther Application Dev and DeploymentQuality & Life-Cycle ToolsEnterprise Portals

ServersStorageNetworksClients

System and Network Management SoftwareSecurity SoftwareStorage SoftwareSystem Software

Collaborative ApplicationsContent ApplicationsEnterprise Resource Management ApplicationsSupply Chain Management ApplicationsOperations and Manufacturing ApplicationsEngineering ApplicationsCustomer Relationship Management Applications

Cloud Applications

(Apps-as-a-service)

Cloud(Application)

Platforms(Platform-as-a-Service)

Cloud Infrastructure(Infrastructure-as-a-Service)

App Deploy

IT Cloud Services

App Dev/TestApp Dev &

Deployment

SystemsInfrastructure

Software

SystemsStorage

(So

ftw

are-

as-a

-Ser

vice

)

Applications

CorrespondingPrimary Market IDC IT Product

Taxonomy

…many IT and Network Services will

also be transformed and extended to support the cloud service delivery

model…

73© 2009 IDC

Cloud Services Definition - updatedCloud Services Definition - updated

Consumer and Business products, services and solutions delivered and consumed in real-time over the Internet

Cloud Services

Public - open to a largely unrestricted universe of potential users; designed for a market, not a single enterprise

Private - designed for, and access restricted to, a single enterprise (or extended enterprise); an internal shared resource, not a commercial offering; IT Org is the “vendor” of the shared/std service to its users

DeploymentModels

[Note: large gray zones between these

two broad categories]

Shared, standard service – built for a market (public), not a single customer Solution-packaged – a “turnkey” offering, integrates required resources Self-service – admin, provisioning; may require some “on-boarding” support Elastic scaling – dynamic and fine-grained Use-based pricing – supported by service metering Accessible via the Internet/IP – ubiquitous (authorized) network access Standard UI technologies – browsers, RIA clients and underlying technologies Published service interface/API – e.g., web services APIs

Key Attributes

Different type of cloud

•Public clouds•External private clouds•Private clouds•Hybrid clouds•Community clouds

Public clouds Infrastructures are shared with a “Pay-as-you-go” model. This off-premise virtualized infrastructure is easily accessible and can be managed through a portal of the provider. The provider can make economies of scale: the homogeneous infrastructures are shared with all the consumers and managed and updated by the Cloud provider.Consumer can choose the infrastructure they need, and choose all the security elements and the uptime (SLA).


External private cloud We are also seeing an increase number of External

Private Clouds offerings (off-premises): This provides a way for companies to create a logically

separated set of virtual machines, a secure VPN connection to their own networks (Virtual Private Network is a secure tunnel through the Internet from a corporate network to provider’s servers).

It also enables the use of existing security and management policies.


Private clouds Internal pool of resources inside the Date Centers of a

company. Internal Private Clouds are sometimes seen as a

simple evolution of the classic Information System of an organization but have some characteristics of Public Clouds (they use the virtualization and dynamic provisioning).

Private Clouds are companies who only want to use services that are hosted in-house and do not want to share their infrastructure.

This type of Cloud respect the standard process and security policy of the company but doesn’t not offer as much benefits and flexibility to the CIO: he always have to invest in the hardware and software.

Hybrid cloudCombination of different clouds (for example Public and Private Clouds) that allow for transitive information exchange and possibly application compatibility and portability across disparate Cloud service offerings and providers utilizing standard or proprietary methodologies regardless of ownership or location.


COMMUNITY CLOUD

Infrastructures, shared by several organizations, support a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).

The US Government and NASA created a community cloud for all US government agencies.

This type of cloud combines two worlds: Public Cloud (different entities sharing their infrastructure) and Private Cloud (specific organizations use their own Data Centers and know with whom they share their infrastructure).


Impact on the organization

Impact on the organizationStrategy: What are the impacts on the strategy when it goes from controlling an infrastructure to controlling a process? What new strategies are possible now?

• Systems: What happen to the processes of the IT department? (ITIL, Build versus Run, contract management)

• Structure: How can the IT department be aligned with the business strategy? Does a company need a new organization? What happens to the CIO and the decision making?

• Shared values: Can an organization be still working in silos? A key element will be developed in the corporation culture

• Style: Does the managers have to behave differently?

• Staff: What happens to the actual employees? New jobs created?

• Skills: What skills does the employees need in this new model?

QUELQUES CHIFFRES

88© 2009 IDC

IT Cloud Services Forecast Update (preliminary)IT Cloud Services Forecast Update (preliminary)

Applications49%

App Dev/Deploy

10%

Storage9%

Servers12%

Infra-structure Software

20%

Applications38%

App Dev/Deploy

13%

Storage14%

Servers15%

Infra-structure Software

20%

Worldwide IT Cloud Services Revenue* by Product/Service Type

* Includes revenue from delivery of Applications, Application Development & Deployment Software, Systems Infrastructure Software,Server capacity and Disk Storage capacity via the Cloud Services model; AD&D excludes online B2B messaging providers/exchanges

2009

$17.4 billion2013

$44.2 billionSource: IDC, September 2009

89© 2009 IDC

Cloud User Surveys – Adoption AreasCloud User Surveys – Adoption Areas

(Scale: 1 = Very Unlikely 5 = Very Likely)

Q: Rate your likelihood to pursue the cloud model for the following

Source: IDC Enterprise Panel, 3Q09, n = 263, September 2009

48.6%48.6%

49.1%49.1%

49.8%49.8%

50.6%50.6%

51.3%51.3%

52.9%52.9%

54.8%54.8%

55.1%55.1%

55.6%55.6%

59.4%59.4%

66.9%66.9%

67.3%67.3%

0%0% 10%10% 20%20% 30%30% 40%40% 50%50% 60%60% 70%70% 80%80%

IT/Information SecurityIT/Information Security

Application dev/test/deploy platformApplication dev/test/deploy platform

Business Intelligence/AnalyticsBusiness Intelligence/Analytics

Server capacity on demandServer capacity on demand

IT Management softwareIT Management software

Storage capacity on demandStorage capacity on demand

Data/Content Distribution servicesData/Content Distribution services

Personal productivity appsPersonal productivity apps

Business apps (CRM, HR, ERP)Business apps (CRM, HR, ERP)

Data Back-up or Archive servicesData Back-up or Archive services

Web applications/Web servingWeb applications/Web serving

Collaboration applicationsCollaboration applications

90© 2009 IDC

Cloud User Surveys – Vendor RequirementsCloud User Surveys – Vendor Requirements

(Scale: 1 = Not at all important 5 = Very Important)

Q: How important is it that cloud service providers…


72.9%

78.3%

79.2%

81.0%

82.1%

84.5%

86.0%

87.8%

88.6%

91.6%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Have local presence, can come to my offices

Are a technology and business model innovator

Offer both on-premise and public cloud services

Support many of my IT needs

Allow managing on-premise & cloud together

Understand my business and industry

Provide a complete solution

Option to move 'cloud' offerings back on premise

Offer Service Level Agreements (SLAs)

Offer competitive pricing

Is this just Hosting 2.0?

No, they have different architectures

and business model

Cloud Players Hosting Players

Only few can afford billions dollar

investment on data centers

Hundreds of them around

the world

Hosting Players

Often yearly

Your contracts

Cloud Players

Pay As You Go

Pay only what you use

Hosting Players

Reliability, High Availability, Capacity Elasticity

Cloud Players

Built-in Redundancy

Virtually unlimited storage, computing power

You have to manage reliability, fail over yourself

Bring your own or rentservers to increase capacity

Source: Wikipedia

CLOUD BENEFITS

96© 2009 IDC

Cloud User Surveys - BenefitsCloud User Surveys - Benefits

Q: Rate the benefits commonly ascribed to the 'cloud'/on-demand model


(Scale: 1 = Not at all important 5 = Very Important)

54.0%

63.9%

64.6%

67.0%

68.5%

75.3%

77.7%

77.9%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90%

Seems like the way of the future

Sharing systems with partners simpler

Always offers latest functionality

Requires less in-house IT staff, costs

Encourages standard systems

Monthly payments

Easy/fast to deploy to end-users

Pay only for what you use

Cloud Features & Benefits for

Enterprises

Highly virtualized and standardized infrastructures

Massive scalability

Fault tolerant & highly reliable

Intra- & Inter-cloud load balance

Instant application deployment

Simplified, more efficient IT and application management

Deliver more applications to large number of users

Excellent service quality

Higher utilization at reduced cost

Time-to-market

Cloud Features & Benefits for Users

Highly virtualized and standardized infrastructures

Massive scalability

Fault tolerant & highly reliable

Intra- & Inter-cloud load balance

Instant application deployment

No need to install or update SW or HW; access from any browser

Unlimited use

Always on

Access from anywhere

Many services to choose from

Abstraction

Your business should focus on your core competency & should not worry about security, OS, software platform , updates and patches etc. Leave these chores to your provider.

From an end users perspective, you don’t need to care for the OS, the plug-ins, web security or the software platform. Everything should be in place without any worry.


Resource SharingResource Sharing is the beauty of Cloud Computing. This is the concept which helps the cloud providers to attain optimum utilization of resources. Say, a company dealing in gifts may require more server resources during festive season. A company dealing in Payroll management may require more resources during the end or beginning of the month.

The cloud architecture is implemented in such a way that it provides you the flexibility to share application as well as other network resources (hardware etc). This will lead to a need based flexible architecture where the resources will expand or contract with a little configuration changes.


Les avantages du Cloud Computing du point de vue sécurité & gouvernance (1/2)

Possibilité de mettre les données publiques dans un Cloud et de mieux protéger les données sensibles

Fragmentation et dispersion des données Equipe de sécurité dédiée Plus grand investissement dans l’infrastructure de

sécurité Tolérance aux fautes et fiabilité améliorées Meilleure réaction aux attaques Protection des hyperviseurs contre les attaques réseaux

Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX

Les avantages du Cloud Computing du point de vue sécurité & gouvernance (2/2)

Réduction possible des activités de mise en conformité et d’audit Statement on Auditing Standards No. 70: Service Organizations Automated Audit, Assertion, Assessment, and Assurance API (A6)

Données détenues par un tiers impartial Solutions de stockage et de récupération de données à

moindre coût Contrôles de sécurité à la demande Détection en temps réel des falsifications du système

(System Tampering) Reconstitution rapide des services Possibilité accrue de créer des réseaux leurres (honeynet)

La capture d’une machine virtuelle ne compromet pas l’hôte

109


ANALYSE DE RISQUESNEUF RISQUES MAJEURS:

PERTE DE MAÎTRISE DE L’INFRASTRUCTURE ET DES DONNEES

PROBLEMES DE REVERSIBILITE

MAINTIEN DE LA CONFORMITE LEGALE

LOCALISATION DES DONNEES

SECURITE QUANT A L’ISOLEMENT DES DONNEES

MAITRISE DES PERTES ET DESTRUCTIONS DE DONNEES

RECUPERATION DES DONNEES

MALVEILLANCE DE LA PART DES ADMINISTRATEURS DU CLOUD

VOL D’IDENTITE Source: Livre blanc sécurité du Cloud, syntec numérique

LES VERTUS DE LA CERTIFICATION SAS 70

Créée par l'American Institute of Certified Public Accountants, la norme SAS 70 concerne les entreprises qui font appel à des fournisseurs spécialisés pour externaliser leurs services.

Elle se caractérise par des audits indépendants réalisés par des tiers et des vérifications des processus sur site. SAS 70 comporte deux niveaux (Type I et type II).

Le premier porte sur la description des activités de la société et sur la pertinence des contrôles.

Le deuxième niveau évalue leur efficacité à travers des tests dont les résultats sont publiés dans le rapport SAS 70 (type II).

Avantage-clé pour le fournisseur : éviter de multiples audits réalisés régulièrement par ses différents clients. C’est également un moyen important de différenciation commerciale.

Pour les entreprises-clientes, et en particulier celles soumises à la loi Sarbanes-Oxley, la certification SAS 70 garantit notamment la conformité et le « bon ordre » de leurs fournisseurs.

Source: Wikipedia

Les critiques et craintes

Pour aller de l’avant, nous avons tout d’abord besoin de faire un pas en arrière et de nous rappeler que l’objectif fondamental de la

sécurité de l’information, de la gestion des risques et de la gouvernance est d’aligner les objectifs de l’informatique sur ceux

de l’activité de l’entreprise pour protéger les actifs de cette dernière et créer une culture de la responsabilité vis-à-vis de l’information.

C. BiancoVP et General Manager Europe Qualys

http://www.journaldunet.com/solutions/expert/50552/en-2012--la-securite-sera-la-priorite--1-du-cloud-mobile.shtml?utm_source=benchmail&utm_medium=ML5&utm_campaign=E10212871&f_u=1526808

Identity Access Management

Manage Users/GroupsManage security credentialsControl access to applicationsControl access to specific resourcesControl access based on environment variablesCost:zero

110© 2009 IDC

Cloud User Surveys - Challenges Cloud User Surveys - Challenges

(Scale: 1 = Not at all concerned 5 = Very concerned)

Q: Rate the challenges/issues of the 'cloud'/on-demand model


76.0%

76.8%

79.8%

80.2%

81.0%

82.9%

83.3%

87.5%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90%

Not enough ability to customize

Hard to integrate with in-house IT

Bringing back in-house may be difficult

Lack of interoperability standards

On-demand paym’t model may cost more

Performance

Availability

Security

Domaines critiques à étudier pour la gouvernance

Choc culturel - Résistance au changement Gestion des risques de l’entreprise Problèmes légaux

Fuites de données Accès aux données par les organismes gouvernementaux Protection de la vie privée

Mise en conformité et audit Gestion du cycle de vie de l’information

Création, identification, stockage, utilisation, partage, archivage et destruction

Définition des responsabilités

Portabilité et interopérabilité


Domaines critiques à étudier pour la sécurité

Plan de continuité et de reprise d’activités Opérations du ou des centre(s) informatique(s) Réponse, notifications et traitement des incidents Sécurité des applications Chiffrement et gestion des clés Identités et contrôle d’accès Technologie de virtualisation


Les défis du Cloud Computing du point de vue sécurité & gouvernance

Confiance dans le modèle de sécurité du fournisseur souvent opaque

Réponse par le client aux recommandations des audits Aide aux enquêtes après incidents Responsabilité des administrateurs appartenant au

fournisseur Perte du contrôle physique Gestion de l’isolement des machines virtuelles Présence de multi-location (multi-tenancy) Gestion des versions de logiciels


Les défis du Cloud Computing du point de vue sécurité & gouvernance Protection des données personnelles

Traitement dans l’E.E.E. ou la Suisse, le Canada, l’Argentine, Guernesey, Jersey, Man et le Safe Harbour (US)

Règles internes d’entreprise / Corporate Binding rule Clauses contractuelles types Autorisation de transfert

Droit d’accès des organismes gouvernementaux Patriot Act, Regulation of Investigatory Powers Act,

LOPPSI, etc.

Conservation légale des documents et leur production Garantie de la qualité de service


Les défis du Cloud Computing du point de vue sécurité & gouvernance Attirance des hackers Possibilité d’une panne massive Intégration avec l’informatique interne Besoins de chiffrement

Problèmes légaux (import, export, utilisation) Accès chiffré à l’interface de contrôle du Cloud Accès chiffré aux applications Chiffrement des données stockées

Permanence / rémanence des données Agrégation et inférence des données


Les défis du Cloud Computing du point de vue sécurité & gouvernance

Sécurisation des OS virtuels dans le Cloud Dépendance de la sécurité des hyperviseurs Gestion des identités dans le Cloud

Provisioning / déprovisioning Authentification Fédération Gestion des profils utilisateurs et des autorisations d’accès


Les prédictions de C. Biancohttp://www.journaldunet.com/solutions/expert/50552/en-2012--la-securite-sera-la-priorite--1-du-cloud-mobile.shtml?

utm_source=benchmail&utm_medium=ML5&utm_campaign=E10212871&f_u=1526808

Prolifération des appareils mobiles Connection permanante de ces appareils au Cloud => nouvelles solutions de sécurité proposées par les

fournisseurs de Cloud Externalisation de la sécurité vers le Cloud aujourd’hui la sécurité est mauvaise (enquête Ponemon

Institute) Il faudra donc également vérifier et faire des audit de

sécurité des solutions proposées par les fournisseurs de Cloud

L’espoir fait vivre, mais n’oublions pas que l’espoir n’est pas une stratégie de

sécurité.

Sources & credits Some material adapted from

slides by Christophe Bisciglia, Aaron Kimball, & Sierra Michels-Slettvet, Google Distributed Computing Seminar, 2007

Jimmy Lin, The iSchool, University of Maryland B.Singh, www.technopulse.com http://www.andyharjanto.com Gouvernance et sécurité dans le Cloud Computing : avantages et

défis, Yves LE ROUX, CISSP CISM, Principal Consultant; [email protected] Cloud Computing in France – A model that will transform

companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france

Architecture for the Cloud : http://www.slideshare.net/AmazonWebServices/2011-aws-tour-australia-architecting-for-the-cloud-demo-and-best-practices-by-simone-brunozzi

Source: Wikipedia

quelques aspects juridiques

Data protection and transfers, new contractual practices and painful international private law issues are the common issues to be

addressed when analysing the phenomenon from a legal point of view. Furthermore, each entity bound by regulatory compliance

constraints has to assess whether "going into the cloud" is wise, or even allowed, taking into account its activities and the data or

processes that it would like to outsource this way. The aim of the conference is to explore the legal contexts of cloud computing

globally, but also from a sector-oriented perspective.

Questions juridiques liées au Cloud Protection des données personnelles Données personnelles localisées dans des pays ne

proposant pas de niveau de sécurité suffisant Aspect contractuels de sous-traitances de traitement de

données personnelles Contrat d’adhésion (signé en ligne sans négociations) ou

contrat négocié aspects de confidentialité et de sécurité responsabilité, indemnisation, garanties intuitu personae (changement de contrôle) propriété intellectuelle

127127

QUESTIONS ?

128128

basics of cloud computing

Education