November 12, 2014 Las Vegas NV

ENT202

Four Critical Things to Consider When Moving Your Core Business Applications to the CloudPam Murphy, COO, Infor

Jim Plourde, VP Cloud Operations, Infor

Amul Merchant, Senior Director Development Operations, Infor

Jim Hoover, Security Officer, Infor

Key topics

Drive innovation as you move to

the cloud

Develop a global, enterprise cloud

architecture

Migrating existing on-premises

applications to AWS

Environmentsecurity and data

security

70+%

growth in SaaS

bookings

3,108new customers

25 Mcloud users

73,000customers

around the world

3rd largestprivate

tech company

12,923employees

Architecture

of the

Internet

Cohesive,

upgrade-proof

applications

Micro-verticals

suites

Deep, last-mile

features for industry

subsectors

Beauty

Compelling user interfaces

and consumer-grade

experiences

Our strategy

Drive innovation as youmove to the cloud

Building for cloud first

Multi-tenancy

Scalability

High availability

ION integrations

Stateless applications

Supports autoscaling

Zero footprint client

Open-source technology

No local device dependency

No security code scanner findings

Supports health check monitors

Single-instance deployment

No source code changes

Meets patching/upgrade reqs

Successful penetration test

s

s

sEAM XM HCM LMS HRSD PA LTM MRM IQM Collect SCM Financials Supplier Exchange Automotive ExchangeAMSI iProcure

Support CertificationTrainingProfessional services

Technology partners Channel partners

Regions Content-delivery POPsAvailability Zones

Infor Industry CloudSuites

Auto Corporate Hospitality HCM Healthcare A&D Business Rhythm Fashion F&B Equipment Distribution Public Sector

EC2 Auto Scaling Route 53 EBS RDS SQS CloudFormation Cloud Watch Workspaces

ELB VPC S3 Glacier DynamoDB CloudTrail Cloud HSM IAM

Database Shared Storage Document Storage Batch Admin Access Logging File Transfer Monitoring

ION IFS Printing Portal d/EPM/BI/BV Local.ly Motion

AWS services

Infor base services

Infor application services

9

2,600Customers globally

ISO & IECFully compliant

40+Applications in

the cloud

10+Years’ experience

in the cloud

99.9%Average historical

uptime

25 M Users

Infor CloudSuite™ operations

ISO 27001

Cloud customers

Develop a global, enterprise cloud architecture

s

s

SEAM XM HCM LMS HRSD PA LTM MRM IQM Collect SCM Financials Supplier Exchange Automotive ExchangeAMSI iProcure

Support CertificationTrainingProfessional services

Technology partners Channel partners

Regions Content-delivery POPsAvailability Zones

Infor Industry CloudSuites

Auto Corporate Hospitality HCM Healthcare A&D Business Rhythm Fashion F&B Equipment Distribution Public Sector

EC2 Auto Scaling Route 53 EBS RDS SQS CloudFormation Cloud Watch Workspaces

ELB VPC S3 Glacier DynamoDB CloudTrail Cloud HSM IAM

Database Shared Storage Document Storage Batch Admin Access Logging File Transfer Monitoring

ION IFS Printing Portal d/EPM/BI/BV Local.ly Motion

AWS services

Infor base services

Infor application services

CloudSuite topology

App security group

Database security

group

APP SUBNET

AVAILABILITY ZONE A

PUBLIC SUBNET

NAT ELBs

APPLICATION

SERVERS

DATABASE

SERVERS

App security group

Database security

group

APP SUBNET

AVAILABILITY ZONE B

PUBLIC SUBNET

NAT ELBs

APPLICATION

SERVERS

DATABASE

SERVERS

App security group

Database security

group

APP SUBNET

AVAILABILITY ZONE C

PUBLIC SUBNET

NAT ELBs

APPLICATION

SERVERS

DATABASE

SERVERS

HTTPS

AWS MT cloud region

VPC VPC

Amazon Virtual Private

Cloud peering

Amazon WorkSpaces

Infor Cloud admin users

HTTPS

Amazon Route 53 Customer’s Internet users

Critical considerations

Highavailability

Disasterrecovery

Automate everything

Scale wide Leverage third-party

tooling

Third-party tooling

PagerDuty

Paging

Trend Micro

Security, IPS, IDS

Boundary

Network visibility and diagnostics

Sumo Logic

Log aggregation, alerting, and analysis

Dynatrace

Application performance monitoring

Migrating existing on-premisesapplications to AWS

Migration to AWS

Motivations and considerations

• Broader reach

• Business agility and flexibility

• Improved availability

• Improved responsiveness

• Reduced and/or reallocated costs

• Easier mobile access

• Improved security

• Better analytics on application usage

Matching AWS computing

characteristics

• Rapid elasticity

• Pay-as-you-go versus install-and-own

• Organization streamlining

Assess your

applications

and

workloads

Build a

business

case

Develop

a technical

approach

Adopt

a flexible

integration

model

Address

security and

privacy

consideration

Manage

the migration

Migration roadmap

Step one: Assess your applications & workloads Application candidates for migration to AWS

Immediate value

Mobile applications

Applications that are run infrequently but require

significant computing resources when they run

Applications that are run in a time zone different from

that where your company's IT personnel are located

Development, testing, and prototyping of application

changes

Service-oriented architecture (SOA) applications

Value with AWS optimization

• Applications with sensitive data that may

require a specific architecture to meet

regulatory and legal requirements

• Applications that rely on traditional NAS

solutions (SMB/NFS)

• Applications that require frequent and/or

voluminous transactions against an on-

premises database

Step two: Build a business case

Service levels

• Application availability

• Privacy

• Application performance

• Application security

• Regulatory compliance

Business impact

• Revenue impact

• Customer acquisition

or engagement impact

• User satisfaction

• Time-to-market improvements

• Cost of handling peak loads

Cost analysis

• Ongoing cloud services costs

• Cost of developing cloud skills

• Service management

• HR and talent management

• License management

• Application integration

• Application redesign

• Application maintenance and administration

• Application deployment and testing

• Lift and shift

• Low effort

• Low skills

• Minimal cloud

benefits

• Some efficiency

through automation

Step three: Develop a technical approach

Cloud

hosted

Cloud

optimized

Cloud

native

• Application

modernization

• High effort

• High skills

• Significant cloud

benefits

• Significant to

complete

application rewrite

• High effort

• High skills

• Most significant

cloud benefits

Cloud enabled 1.0 Cloud enabled 2.0 Cloud enabled 3.0

Cloud scorecardAs of m/d/y

Cloud

enablement

Clo

ud

2.0

Architecture reviewed and approved

Multitenant (common apps server, separate or single DB)

Scalability (will scale wide for all capabilities with no practical limitations)

High availability (no single point of failure)

Zero footprint client (HTML interface for all functionality and customer-facing utilities)

Supports automation of tenant lifecycle and other processes

Meets Infor cloud deployment, patching, and upgrade requirements

Supports health check monitors

No critical security code scanner findings and penetration test performed successfully

Supports customization through UI-driven configuration (no source code changes)

Required integration are using HTTPS/SFTP

No dependency on server access to local devices (example: printers)

Product support organization ready to provide cloud support

Supports Auto Scaling

Clo

ud

3.0

Minimized/no third-party royalty costs

Supports scalable open-source database technologies

Application is stateless (session information stored externally)

Supports a single-version deployment (upgrades are incremental, rapid, scalable)

Cloud 2.0 score / 14

Cloud 3.0 score 0 / 4

Step four: Adopt a flexible integration modelTypes of integration

Process (or control)

integration

where an application invokes another

in order to execute a certain workflow

Data

integration

where applications share common

data, or one application’s output

becomes another application’s input

Presentation

integration

where multiple applications

present their results

simultaneously to a user through

a dashboard or mash-up

Environment securityand data security

Step five: Security requirementsThings to consider

Regulatory/contractual concerns

You vs. cloud provider responsibilities

Layered defenses — design for security

Tools and partners

Compliance and regulatory challenges

Frameworks

• Security management

– ISO 27001, CoBiT, NIST, etc.

• Security controls

– ISO 27002, NIST 800-53, etc.

PCI and PHI

Privacy regulations

• Safe Harbor

• EU Data Protection Act

• 47 different state privacy laws

• Canadian data controls

Many customers = many

framework requirements

Some data types

(e.g., PCI, PHI, PII) have specific

requirements

Overwhelming number of

privacy regulations

AWS cloud = shared responsibility

Infor responsibility

Infor is responsible for the Information

Security Management System providing

oversight of the implementation,

management and monitoring of

the solution.

AWS responsibility

AWS is responsible for the security

of the infrastructure and foundational

services.

Architectural layers and compliance

AWS — infrastructure compliance (http://aws.amazon.com/compliance)

Infor CloudSuite — operations and governance

• HIPAA

• SOC1 /SSAE 16/ISAE 3402

• SOC 2

• SOC 3

• PCI DSS level 1

• ISO 27001

• FedRAMP (SM)

• DIACAP and FISMA

• ITAR

• FIPS 140-2

• CSA

• MPAA

• HIPAA

• SOC1 /SSAE 16/ISAE 3402

• ISO 27001

• PCI (selected apps)

• FIPS 140-2 (some instances)

• FedRAMP (future)

• DIACAP and FISMA (future)

• ITAR (future)

• … And growing

Infor CloudSuite solutions and applications

Compliance to various standards and regulations vary depending upon requirements

Defense-in-depth

Networksecurity

Physicalsecurity

MonitoringOperationssecurity

Applicationsecurity

Design for security

• Understand exactly what data (including what code, since code may

be the confidential asset to protect) will be migrated to the cloud service

• Map this data to your security classification.

• Identify which information raises privacy concerns, for example,

account numbers, dates of birth, addresses, etc.

• Examine applicable regulations

• Review the cloud providers’ security/privacy measures

• Design how to authenticate and authorize users

When required, the security team leverages numerous other AWS tools

AWS security tools and partners

Log

management/SIEM

Host protection with

Trend Micro Deep SecurityAccess

management

Step six: Manage the migration Migration procedure

Deploy the AWS

environment

Install and configure the applications

Harden the production

environment

Execute a mock

migration

Cutover to production

AWS

Key topics

Drive Innovation as you move to

the cloud

Develop a global, enterprise cloud

architecture

Migrating existing on-premise

applications to AWS

Environment security and data

security

http://bit.ly/awsevals