Home > Blogs > VMware Accelerate Advisory Services > Monthly Archives: October 2012

Monthly Archives: October 2012

VMworld Barcelona: CIO musings with Carl Eschenbach and Rob Jenkins

Carl Eschenbach, VMware COO, and Rob Jenkins, EMEA Executive of Accelerate Services, discuss CIO’s main barrier to cloud. HINT: it’s not the technology.

Aligning our Cloud Vision to Customer Strategies

by: Reid Engstrom

In our experience, enterprise customers the VMware Accelerate team works with are looking to a number of specific cloud-related initiatives to address these business and IT objectives and strategies, including how to:

  • Drive to a more virtualized data center infrastructure
  • Start a private cloud
  • Address the increasing number of new client devices within the stakeholder community
  • Determine how to develop applications using a more modern, cloud and mobility capable approach

Gartner recently reported the top three business and IT strategies for 2012:

Top three business strategies in 2012:

  •  Increase business growth
  •  Attract and retain new customers
  •  Reduce enterprise costs

Top three IT strategies in 2012:

  •  Deliver business solutions
  •  Reduce the cost of IT
  •  Develop or manage a flexible infrastructure

When we first talk to customers, we find they tend to focus their interest in terms of these initiatives and projects, but they do not necessarily refer to the business benefits and value as a result of a successful implementation.

By not probing for the business and strategy drivers for these cloud initiatives, as a CIO, you failure to understand the linkage that may put your project/proposal in jeopardy.  Senior management has many project requests in their queue, and the ones that usually rise to the top are the ones with clear alignment to moving the key business strategies and value dials.  This is good value-selling practice that can be used to get buy-in to your overall IT initiatives from your peers as well as the board of directors.

VMware’s Accelerate Advisory Services consultants have delivered business cases and implementation roadmaps to address the key cloud initiatives enterprise customers are undertaking across many industries.  And, we have developed standard and modular statements of work that align to these unique projects and reflect the type of deliverables that customers have found very beneficial in supporting their strategies and initiatives.

Accelerate has also developed strategy blueprints that illustrate the component execution roadmaps and architecture necessary to make effective progress within these key cloud initiatives our customers are undertaking.  The blueprints are based on our experience over a wide range of customer situations across multiple industries and are typically combined based on the customer’s scope. .

These strategy blueprints include how to:

  1.  Evolve to an optimized virtual data center
  2.  Leverage the cloud to deliver Infrastructure as a Service (IaaS)
  3.  Drive to an end-user centric computing model
  4.  Develop on an optimized cloud application platform
  5.  Drive virtualization infrastructure management maturity
  6.  Design a comprehensive cloud security model
  7. Virtualize business critical applications

We expect to see more and are starting to get several requests for future-looking customer initiatives that include: Leveraging the public cloud where it makes sense, extending virtualization across the data center with the software defined data center (SDDC), and developing IT capabilities that run as a service provider or broker to enterprise stakeholder and subsidiary organizations.

VMware will continue to develop and extend the component strategy blueprints to address these new requests and cover other common customer initiatives as required.

As CIO, when you begin looking at your virtualization cloud strategy or the need for an implementation roadmap to address one of the key initiatives listed above, look to the VMware Accelerate team for a proven and collaborative engagement process that can help you realize the benefit of aligning your staff and stakeholders to a target state built on current market perspective, and, a roadmap that leverages the VMware vision

Accelerate can help you undertake your journey to the cloud and IT transformation. Visit our Web site to learn more about our offerings, or reach out to us today at: accelerate@vmware.com for more information

Want to continue the conversation with your C-level executive peers?  Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”

IaaS, then PaaS, then SaaS, then… We’ll See

AUTHOR: Enrico Boverino

It‘s been a few years now since companies started to implement and use cloud computing. It’s been an interesting journey so far that is probably only at the beginning of what cloud computing can really mean to our lives, to the way we interact with each other, to the technology that will enable the creation and diffusion of applications and services.

And in this journey, we went through some usual stages of Darwinian IT evolution. We all remember the time when the main messages were around the definition of cloud, and what the IT industry could agree with. Deployment models, delivery models, management capabilities and above all, strong voices that explained how cloud was not only technology, but that it represented new economic models that companies could use to provision IT compute and services. Despite a few differences, the industry came to an agreement on private, public and hybrid as well as on IaaS, PaaS, SaaS and “every letter you can think of” as a service.

Now most organizations have started at least one cloud project, with the promise of costs savings and faster time to revenue tangible, but the attention shifted from “WHAT cloud is” to “HOW can we do it?”:

  • How can we implement a private cloud?
  • How can we exploit hybrid cloud resources?
  • How can we reshape our application portfolio with new cloud-ready apps?
  • How can we enable our users’ mobility?

Now that the attention is on implementing cloud projects and the resulting measurable benefits, it’s probably worth considering how most of the companies approached and began to transform IT.

Results from CIO Customer Solutions Group’s  2011 Global Cloud Computing Adoption Survey showed that the majority of IT organizations started a cloud project from islands within their organization, labs for test and development purposes, or from non-critical applications like email, CRM and help desks. Some put the attention on re-architecting the infrastructure to standardize the compute power and reduce operating costs. Very few, below 10 percent of those interviewed, defined an IT strategy and a phased roadmap to transform IT in a cost-efficient and flexible engine able to deliver what the business requires to grow or to produce services that can improve revenue streams and customer satisfaction.

Further, findings showed that moving forward on cloud projects without a phased roadmap, justified in many cases due to shortage of resources, existing contracts, risk-adverse organizations, and security threats-frequently resulted with implementations of siloed services likely to deliver only partially their real value.

It’s very common today for those of us on the VMware Accelerate team to see many IT organizations with infrastructure as a service (IaaS) implemented, some in a very mature state with end-to-end provisioning time in the order of hours, and close to 100 percent virtualization. Admittedly fewer organizations have chargeback and capacity under control, but still very advanced.

However, surprisingly these same organizations are then working on platform as a service (PaaS), and  they are often still in the “what is it” stage as a totally new and distinct initiative. Similarly after PaaS, these organizations will be focusing of SaaS and then ?aaS, when the initial letter of the acronym will be coined by someone. In most situations there are already SaaS applications in use, with the least-effective examples started by the lines of business that have bypassed IT, especially when we look into sales and marketing applications.

All this could generate duplication of efforts, redundancy of technology, new large lines of budget and likely longer projects to have it up and running. Maybe it’s been the quest to define the cloud and categorize delivery models and services that led to this, maybe because of recent economic conditions that IT had to concentrate on innovating IT in order for IT to reduce costs first. The challenge of demonstrating tangible value of IT to the business and customers, of innovate the business through IT in a consistent and enduring way still remains.

The definition of a cloud strategy to lead IT transformation can be the right approach to capture the company direction and create an IT function as broker of IT services over time. Through the use of internal and external resources, this service broker function will be able to have the agility to fully generate business value while controlling operating costs.

A cloud strategy should describe where IT organizations will need to grow, how to mitigate risks from business changes, how IT investments can be efficient and predictable. The result will likely be that IaaS, PaaS and SaaS will not be separate initiatives with redundant resources but guided by an overall IT Transformation plan that can be defined in five key areas:

  • On-demand services: Service portfolio and catalog with standardized offerings and tiered SLAs, actively managed and governed throughout its lifecycle, and with end-user access via a self-service portal
  • Automated provisioning and deployment: Automated provisioning, release, and deployment of infrastructure, platform, and end-user compute services
  • Proactive incident and problem management: Monitoring and filtering of events, automatic incident resolution, and problem diagnosis
  • Cloud security, compliance, and risk management: Security, compliance, and risk management policies embedded into standard configurations enabling policy-aware applications and automation of security, audit, and risk management processes
  • IT financial management for cloud: IT cost transparency and service-level usage-based ‘showbacks’ or ‘chargebacks’ using automated metering and billing tools

VMware is introducing, in collaboration with many partners in the Cloud Ops Forum, Cloud Operations Services to frame these five areas as critical management capabilities to unlock the full value of cloud computing for efficiency, agility and reliability benefits and transfer knowledge to the end-customer community.

VMware Accelerate Advisory Services can help address the challenges of moving strategically to the cloud by predicting and defining the many impacts to your organization, as well as providing architectural knowledge and operational strategies. Visit our Web site to learn more about our offerings, or reach out to us today at: accelerate@vmware.com for more information

Enrico Boverino is Business Solution Strategist for VMware Accelerate Advisory Services based in Italy. You can follow him on Twitter @eboverino.

Want to continue the conversation with your C-level executive peers?  Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”

 

 

Eight Simple Rules for Protecting My Corporate Data Assets

AUTHOR: Blair Hicks

When my daughter was eight, she promised that she wouldn’t date boys until she was 30.  Now my daughter is 15, and it turns out that I didn’t have as much time as I’d hoped.  If you are a parent, you can probably appreciate how I feel.  We all want our children to be safe and there is no safer place for them to be than at home.  But the reality is that our children have to venture out into the real world if they are to ever grow into productive members of society.

By the same token, I agree that there is no safer place for my company’s information assets than in a Tier 4 secure data center with complete air gap isolation.  However, the reality is that my data has to be accessible in order for my business to operate.  If your job is to secure my data assets, you may have thought you had 15 more years before you had to worry about securing that data in a virtualized data center—I’m here to tell you that you don’t.

I have defined “Eight Simple Rules for Protecting My Corporate Data Assets,” which I’d like to share with you.  Follow these, and we might just get through the next few years:

1.       Firewall rule changes should not delay my time to market.

  • I appreciate that my expanding business is introducing all sorts of complexity into the security environment. That expanding business is also how I can pay for all those firewalls.  Bottom line—when my team requests a new service, that service should be delivered rapidly and fully operational—inclusive of any firewall rule changes needed to support the requested service.

2.       Changes to another department’s or another tenant’s firewall rules should not impact my business.

  • If your firewall strategy relies on periodic maintenance windows to implement changes, then there are two major problems.  First, business opportunities don’t wait for maintenance windows.  Second, establishing a maintenance window presumes that the change poses a risk to existing services.  The business demands driving the adoption of cloud technology necessitate dynamic changes that can be performed without disruption of existing services in a global 24×7 environment.

3.       Make sure my information is secure following infrastructure changes.

  • Infrastructure components are leveraged to meet dynamically changing application requirements. Information security policies cannot be contingent on specific infrastructure components.  Subsequently, infrastructure changes such as migration to a different server, data store, or even datacenter must not expose the application to additional risk.  Requisite protections must remain in place.

4.       Make sure my information is available following infrastructure changes.

  • In addition to continuing to protect the information following an infrastructure change, the security policy must also permit authorized access to the application immediately after a server or datacenter change.  As the infrastructure components can change dynamically, security appliances should be intelligent enough to align to the new structure dynamically as well.  Balancing availability and security in the face of changing infrastructure is a challenge, but necessary in the modern business environment.

5.       Don’t tell me that the safety of the business data depends on your employees.

  • You know the certain type of employee – he likes to purchase his consumer electronics in the mall, he is occasionally forgetful as he passes through airport security, and he’s clicked on a few links in unsolicited email messages.  However, this employee generates a great deal of revenue for my business – I need he/she to continue to focus on growing my business and serving my clients.  You need to make sure that your data protection standards cannot be thwarted by their actions – or by the actions of an employee whose motivation may be less honorable.

6.       When a breach does occur, provide me with the forensic data I need to fully assess the problem.

  • Securely Hardened Information Transgression happens – that is to say that breaches happen, no matter how many preventative measures are put in place.  When it does, the viability of my business depends on being able to immediately assess the nature of the breach, identify the causes, and initiate steps to remediate the damage.  A complete audit trail of all actions must be maintained along with the ability to deliver verified reports for management, clients, and law enforcement.

7.       Make it simple for my employees to be productive wherever they work.

  • My business operates in a global 24×7 environment  – I want to leverage the best talent and most productive work effort whenever and wherever it occurs.  Security policies should enable employees to access my corporate data assets from a range of location and devices.  Unless a negotiated security policy prohibits access to data outside an accredited facility, construct tools that permit authenticated access from a diverse range of locations and devices.

8.       If leveraging cloud infrastructure is going to open up new business opportunities and help my bottom line, then I am going to leverage it.

  • Regardless of whether your title is an information security officer or security engineer, if you work for me, your job is to grow my business.  I depend on my security experts to chart a safe course, but our destination is fixed.  If security restrictions are too cumbersome, motivated and well-meaning employees will find a way to circumvent them.  Listen to what my developers, DBAs, and systems engineers are requesting and find a way to accommodate them.  Decisions regarding my company’s data assets are business decisions – those decisions must be made with regard to my company’s mission, reputation, and bottom line.

If you are a managing a business, then you can appreciate the challenge of keeping your data secure while at the same time leveraging that data to drive your business.   Your data has to be protected – that requirement never changed.  The challenge is in protecting your data in today’s environment.  At VMware, we understand that challenge – and that it’s not about trading accessibility for security.  It’s about improving both security and accessibility in ways never before possible.  VMware’s Accelerate Advisory Services can help clarify the business opportunities associated with a virtualized data center environment, and we can work with your security teams to extend their ability to protect your data.  Visit our Web site to learn more about our offerings, or reach out to us today at: accelerate@vmware.com for more information.

As for help with boys dating your daughter, like all parents, you’re going to have to work that out on your own…

Want to continue the conversation with your C-level executive peers?  Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”