(ent202) four critical things to consider when moving your core business applications to the cloud |...
DESCRIPTION
Does moving core business applications to AWS make sense for your organization? This session covers key business and IT considerations gathered from industry experts and real-world enterprise customers who have chosen to move their mission critical ERP applications to the AWS cloud, resulting in lower costs and better service. This session covers the following: - Insights from industry experts and analysts, who explain how the cloud affects costs from three angles: launch, operations, and long-term infrastructure expense - Review of how time-to-value and cloud launch processes differ from on-premises infrastructure - How AWS offers increased security and reliability over what some enterprises can afford on their own Sponsored by InforTRANSCRIPT
![Page 1: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/1.jpg)
November 12, 2014 Las Vegas NV
ENT202
Four Critical Things to Consider When Moving Your Core Business Applications to the CloudPam Murphy, COO, Infor
Jim Plourde, VP Cloud Operations, Infor
Amul Merchant, Senior Director Development Operations, Infor
Jim Hoover, Security Officer, Infor
![Page 2: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/2.jpg)
Key topics
Drive innovation as you move to
the cloud
Develop a global, enterprise cloud
architecture
Migrating existing on-premises
applications to AWS
Environmentsecurity and data
security
![Page 3: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/3.jpg)
![Page 4: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/4.jpg)
70+%
growth in SaaS
bookings
3,108new customers
25 Mcloud users
73,000customers
around the world
3rd largestprivate
tech company
12,923employees
![Page 5: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/5.jpg)
Architecture
of the
Internet
Cohesive,
upgrade-proof
applications
Micro-verticals
suites
Deep, last-mile
features for industry
subsectors
Beauty
Compelling user interfaces
and consumer-grade
experiences
Our strategy
![Page 6: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/6.jpg)
Drive innovation as youmove to the cloud
![Page 7: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/7.jpg)
Building for cloud first
Multi-tenancy
Scalability
High availability
ION integrations
Stateless applications
Supports autoscaling
Zero footprint client
Open-source technology
No local device dependency
No security code scanner findings
Supports health check monitors
Single-instance deployment
No source code changes
Meets patching/upgrade reqs
Successful penetration test
![Page 8: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/8.jpg)
s
s
sEAM XM HCM LMS HRSD PA LTM MRM IQM Collect SCM Financials Supplier Exchange Automotive ExchangeAMSI iProcure
Support CertificationTrainingProfessional services
Technology partners Channel partners
Regions Content-delivery POPsAvailability Zones
Infor Industry CloudSuites
Auto Corporate Hospitality HCM Healthcare A&D Business Rhythm Fashion F&B Equipment Distribution Public Sector
EC2 Auto Scaling Route 53 EBS RDS SQS CloudFormation Cloud Watch Workspaces
ELB VPC S3 Glacier DynamoDB CloudTrail Cloud HSM IAM
Database Shared Storage Document Storage Batch Admin Access Logging File Transfer Monitoring
ION IFS Printing Portal d/EPM/BI/BV Local.ly Motion
AWS services
Infor base services
Infor application services
![Page 9: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/9.jpg)
9
![Page 10: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/10.jpg)
2,600Customers globally
ISO & IECFully compliant
40+Applications in
the cloud
10+Years’ experience
in the cloud
99.9%Average historical
uptime
25 M Users
Infor CloudSuite™ operations
ISO 27001
![Page 11: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/11.jpg)
Cloud customers
![Page 12: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/12.jpg)
Develop a global, enterprise cloud architecture
![Page 13: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/13.jpg)
s
s
SEAM XM HCM LMS HRSD PA LTM MRM IQM Collect SCM Financials Supplier Exchange Automotive ExchangeAMSI iProcure
Support CertificationTrainingProfessional services
Technology partners Channel partners
Regions Content-delivery POPsAvailability Zones
Infor Industry CloudSuites
Auto Corporate Hospitality HCM Healthcare A&D Business Rhythm Fashion F&B Equipment Distribution Public Sector
EC2 Auto Scaling Route 53 EBS RDS SQS CloudFormation Cloud Watch Workspaces
ELB VPC S3 Glacier DynamoDB CloudTrail Cloud HSM IAM
Database Shared Storage Document Storage Batch Admin Access Logging File Transfer Monitoring
ION IFS Printing Portal d/EPM/BI/BV Local.ly Motion
AWS services
Infor base services
Infor application services
![Page 14: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/14.jpg)
CloudSuite topology
App security group
Database security
group
APP SUBNET
AVAILABILITY ZONE A
PUBLIC SUBNET
NAT ELBs
APPLICATION
SERVERS
DATABASE
SERVERS
App security group
Database security
group
APP SUBNET
AVAILABILITY ZONE B
PUBLIC SUBNET
NAT ELBs
APPLICATION
SERVERS
DATABASE
SERVERS
App security group
Database security
group
APP SUBNET
AVAILABILITY ZONE C
PUBLIC SUBNET
NAT ELBs
APPLICATION
SERVERS
DATABASE
SERVERS
HTTPS
AWS MT cloud region
VPC VPC
Amazon Virtual Private
Cloud peering
Amazon WorkSpaces
Infor Cloud admin users
HTTPS
Amazon Route 53 Customer’s Internet users
![Page 15: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/15.jpg)
Critical considerations
Highavailability
Disasterrecovery
Automate everything
Scale wide Leverage third-party
tooling
![Page 16: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/16.jpg)
Third-party tooling
PagerDuty
Paging
Trend Micro
Security, IPS, IDS
Boundary
Network visibility and diagnostics
Sumo Logic
Log aggregation, alerting, and analysis
Dynatrace
Application performance monitoring
![Page 17: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/17.jpg)
Migrating existing on-premisesapplications to AWS
![Page 18: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/18.jpg)
Migration to AWS
Motivations and considerations
• Broader reach
• Business agility and flexibility
• Improved availability
• Improved responsiveness
• Reduced and/or reallocated costs
• Easier mobile access
• Improved security
• Better analytics on application usage
Matching AWS computing
characteristics
• Rapid elasticity
• Pay-as-you-go versus install-and-own
• Organization streamlining
![Page 19: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/19.jpg)
Assess your
applications
and
workloads
Build a
business
case
Develop
a technical
approach
Adopt
a flexible
integration
model
Address
security and
privacy
consideration
Manage
the migration
Migration roadmap
![Page 20: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/20.jpg)
Step one: Assess your applications & workloads Application candidates for migration to AWS
Immediate value
Mobile applications
Applications that are run infrequently but require
significant computing resources when they run
Applications that are run in a time zone different from
that where your company's IT personnel are located
Development, testing, and prototyping of application
changes
Service-oriented architecture (SOA) applications
Value with AWS optimization
• Applications with sensitive data that may
require a specific architecture to meet
regulatory and legal requirements
• Applications that rely on traditional NAS
solutions (SMB/NFS)
• Applications that require frequent and/or
voluminous transactions against an on-
premises database
![Page 21: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/21.jpg)
Step two: Build a business case
Service levels
• Application availability
• Privacy
• Application performance
• Application security
• Regulatory compliance
Business impact
• Revenue impact
• Customer acquisition
or engagement impact
• User satisfaction
• Time-to-market improvements
• Cost of handling peak loads
Cost analysis
• Ongoing cloud services costs
• Cost of developing cloud skills
• Service management
• HR and talent management
• License management
• Application integration
• Application redesign
• Application maintenance and administration
• Application deployment and testing
![Page 22: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/22.jpg)
• Lift and shift
• Low effort
• Low skills
• Minimal cloud
benefits
• Some efficiency
through automation
Step three: Develop a technical approach
Cloud
hosted
Cloud
optimized
Cloud
native
• Application
modernization
• High effort
• High skills
• Significant cloud
benefits
• Significant to
complete
application rewrite
• High effort
• High skills
• Most significant
cloud benefits
Cloud enabled 1.0 Cloud enabled 2.0 Cloud enabled 3.0
![Page 23: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/23.jpg)
Cloud scorecardAs of m/d/y
Cloud
enablement
Clo
ud
2.0
Architecture reviewed and approved
Multitenant (common apps server, separate or single DB)
Scalability (will scale wide for all capabilities with no practical limitations)
High availability (no single point of failure)
Zero footprint client (HTML interface for all functionality and customer-facing utilities)
Supports automation of tenant lifecycle and other processes
Meets Infor cloud deployment, patching, and upgrade requirements
Supports health check monitors
No critical security code scanner findings and penetration test performed successfully
Supports customization through UI-driven configuration (no source code changes)
Required integration are using HTTPS/SFTP
No dependency on server access to local devices (example: printers)
Product support organization ready to provide cloud support
Supports Auto Scaling
Clo
ud
3.0
Minimized/no third-party royalty costs
Supports scalable open-source database technologies
Application is stateless (session information stored externally)
Supports a single-version deployment (upgrades are incremental, rapid, scalable)
Cloud 2.0 score / 14
Cloud 3.0 score 0 / 4
![Page 24: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/24.jpg)
Step four: Adopt a flexible integration modelTypes of integration
Process (or control)
integration
where an application invokes another
in order to execute a certain workflow
Data
integration
where applications share common
data, or one application’s output
becomes another application’s input
Presentation
integration
where multiple applications
present their results
simultaneously to a user through
a dashboard or mash-up
![Page 25: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/25.jpg)
Environment securityand data security
![Page 26: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/26.jpg)
Step five: Security requirementsThings to consider
Regulatory/contractual concerns
You vs. cloud provider responsibilities
Layered defenses — design for security
Tools and partners
![Page 27: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/27.jpg)
Compliance and regulatory challenges
Frameworks
• Security management
– ISO 27001, CoBiT, NIST, etc.
• Security controls
– ISO 27002, NIST 800-53, etc.
PCI and PHI
Privacy regulations
• Safe Harbor
• EU Data Protection Act
• 47 different state privacy laws
• Canadian data controls
Many customers = many
framework requirements
Some data types
(e.g., PCI, PHI, PII) have specific
requirements
Overwhelming number of
privacy regulations
![Page 28: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/28.jpg)
AWS cloud = shared responsibility
Infor responsibility
Infor is responsible for the Information
Security Management System providing
oversight of the implementation,
management and monitoring of
the solution.
AWS responsibility
AWS is responsible for the security
of the infrastructure and foundational
services.
![Page 29: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/29.jpg)
Architectural layers and compliance
AWS — infrastructure compliance (http://aws.amazon.com/compliance)
Infor CloudSuite — operations and governance
• HIPAA
• SOC1 /SSAE 16/ISAE 3402
• SOC 2
• SOC 3
• PCI DSS level 1
• ISO 27001
• FedRAMP (SM)
• DIACAP and FISMA
• ITAR
• FIPS 140-2
• CSA
• MPAA
• HIPAA
• SOC1 /SSAE 16/ISAE 3402
• ISO 27001
• PCI (selected apps)
• FIPS 140-2 (some instances)
• FedRAMP (future)
• DIACAP and FISMA (future)
• ITAR (future)
• … And growing
Infor CloudSuite solutions and applications
Compliance to various standards and regulations vary depending upon requirements
![Page 30: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/30.jpg)
Defense-in-depth
Networksecurity
Physicalsecurity
MonitoringOperationssecurity
Applicationsecurity
![Page 31: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/31.jpg)
Design for security
• Understand exactly what data (including what code, since code may
be the confidential asset to protect) will be migrated to the cloud service
• Map this data to your security classification.
• Identify which information raises privacy concerns, for example,
account numbers, dates of birth, addresses, etc.
• Examine applicable regulations
• Review the cloud providers’ security/privacy measures
• Design how to authenticate and authorize users
![Page 32: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/32.jpg)
When required, the security team leverages numerous other AWS tools
AWS security tools and partners
Log
management/SIEM
Host protection with
Trend Micro Deep SecurityAccess
management
![Page 33: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/33.jpg)
Step six: Manage the migration Migration procedure
Deploy the AWS
environment
Install and configure the applications
Harden the production
environment
Execute a mock
migration
Cutover to production
AWS
![Page 34: (ENT202) Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud | AWS re:Invent 2014](https://reader033.vdocuments.mx/reader033/viewer/2022042816/55935da01a28ab5e648b469a/html5/thumbnails/34.jpg)
Key topics
Drive Innovation as you move to
the cloud
Develop a global, enterprise cloud
architecture
Migrating existing on-premise
applications to AWS
Environment security and data
security