cloudy with a chance of downtime

This presentation was given during the Spring, 2012 Data Center World Conference and Expo. Contents contained are owned by AFCOM and Data Center World and can only be reused with the express permission of ACOM. Questions or for permission contact: jater@afcom.com.

Interested in learning more cloud?

Learn about the cloud sessions offered at the upcoming Fall 2012 Data Center World Conference at:

www.datacenterworld.com.

Turbulence in the Cloud

Richard L. SawyerStrategist, HP Critical Facilities ServicesAFCOM Spring 2012

Demand drives the market What is the cloud? Impact of the cloud Storm clouds on the horizon What is the risk, really? How do you manage the cloud? Storm cloud checklist

Service demand drives cloud formation

2+ Trillion Users!

• On-line, real time services• Self-service• Automated response• Automated payment• Automated qualification• Digital direct marketing (is your insurance due to renew?)• Digital mass marketing (who needs and actor?)• Digital claims processing

Instantaneous Consumption:

10 Billion iPhone Application downloads WW from Apple alone

Nielsen:

98% of iPhone owners use data services

88% use iPhone for internet

A pool of highly scalable, abstracted infrastructure, capable of hosting end-customer applications, that is billed by consumption.

Implications:◦ “Pool” = shared things◦ “Abstracted infrastructure” = virtualization◦ “Highly scalable” = load sensitive◦ “Hosting” = servicing◦ “Billed” = metered service

USERData CenterNetwork

• Dedicated Data Center, owned, leased, rented• Business specific applications on silo systems• Data and user closely linked

• Data Center anywhere• User anywhere• Shared platforms• Virtual servers• Rented service• User/data link weak

Hybrid delivery mix and cloud

HP Confidential11

PRIVATE ANDPUBLIC CLOUD•Partial automation•New disparate public and private cloud services

TRADITIONAL IT•Minimal automation•Traditional methods of service delivery – internal, outsourcing, hosting

Private

Public

HYBRID DELIVERY• Fully automated self-

service delivery• Orchestrated,

managed & secured hybrid service delivery

• Brokered services based on business requirements

Flavors:

Internal

Hosted

Private

Public

Hybrid

Data center as a utility◦ PODs◦ Modular construction◦ Redundancy as needed

Utilization (cost) driven metrics◦ Server images: from 1 to 8+◦ Metered usage

Access is dependent◦ Network and Internet availability◦ Security and operational stability

More data centers!

Christian Belady, MS Global Foundation Services, Mar 2011 “How big is the data center market?”

Fraud Identity theft Financial immobility Lack of access (911, heath, safety services) Whacking: WAP networking invasions Hacking: Incursion for information Cracking: Incursion for malice (destruction,

financial gain, denial of service, etc.) Government monitoring and control BYOD!

GAO-10-834T

•Federal Budget for Internet Security: $13.3 Billion by 2015

•9.1% growth Y-O-Y

•445% increase in reported attacks between 2006 - 2010

Sources: GAO, Security Week

Item Activity No Yes

People Right employees, right knowledge, right roles

Policies Policies and procedures for service continuity

Process

Models for secure transfer of data between users and providers

Product

Defense-in-Depth technology to manage and mitigate risk

Proof Validation methods, metrics and KPI’s to track security controls

What is your capability maturity level?

Everything depends on network connectivity.

The data, whether business or personal, resides elsewhere.

The ability to process with sufficient capacity, reliability and availability depends, ultimately, on the reliability of the data center.

Three (3) types:◦Loss of

connectivity (no data)

◦Bad connectivity (bad data)

◦Redirection (stolen data)

Strategy to Mitigate risk:1)Diversify access

-Modality -Routing

2)Monitor -Qualitative -Quantitative -Access/Output

3)Operate without network

Your data is your business Your data is your life You are your data Where is your data?

◦ Access controlled◦ Resident copies (stored, electronically or paper)◦ Dedicated data center◦ Backup servers◦ Multi-site storage◦ Encrypted

Unreliable data center = unreliable Cloud Reliable data centers have common

engineering characteristics:◦ Redundant capacity◦ Concurrent maintainability◦ Fault tolerance

Scaling down reliability◦ PODs, Hybrid, Modular data centers◦ The “7-11” Solution◦ “Laptop, Smartphone, HD” to Go◦ “Data Centers on a Chip”

The Cloud is a Service◦ Get your Service Level Agreements right◦ Train your suppliers, train your users

The Cloud is the Data Center◦ Locate, design, build and operate for reliability◦ Leverage reliability methodology no matter what

the scale Low tech business continuity options

◦ Don’t assume high tech is going to be the go-to solution

◦ Build your crash cart

BUILD on-premises cloud services

CONSUME off-premises services securely

TRANSFORM legacy infrastructure, applications, people and process

MANAGE AND SECURE across legacy applications and cloud assets

Are space, power and cooling sufficiently available?

Are there differentiated reliability levels? Are personnel screened and trained? Are vendors and other clients managed

effectively? What is the connectivity capacity and

topography? What is the availability history of the site? Are SLA’s negotiable and meaningful? Do I trust my data to their management?

Do I have more than two ways to communicate?

How long can I operate with no internet? Can I recover data after the internet is

restored? Is my recovery management dependent on

the network? Are my human resources going to be

available and productive? Am I sure my plan is going to work?

Data demand is driving the cloud The data center is the cloud There will be a significant increase in data

centers, worldwide to meet demand. The major risk is loss of access to data to

run the business and service clients. Network, data and physical security need to

be managed to mitigate real risks. Ask the right questions before committing. Have a valid, tested recovery plan.

Credits:

•Ian Jagger, HP Marketing•US Government, office of GAO•Security Weekly•Christian Belady, MS Gobal Foundation Services•Gail Dutton, Contributor, Data Center Management•David Geer, Freelance writer

Richard L. Sawyer, Strategist, HP Critical Facility Services rsawyer@hp.com

This presentation was given during the Spring, 2012 Data Center World Conference and Expo. Contents contained are owned by AFCOM and Data Center World and can only be reused with the express permission of ACOM. Questions or for permission contact: jater@afcom.com.

Interested in learning more cloud?

Learn about the cloud sessions offered at the upcoming Fall 2012 Data Center World Conference at:

www.datacenterworld.com.