Tag Archives: Cloud services

First Open Group Webjam — Impact of Cloud Computing on our Resumes

By E.G. Nadhan, HP

The Open Group conducted its first ever webjam within The Cloud Work Group last month. A Webjam is an informal mechanism for the members within a particular work group with a common interest to have an interactive brainstorming debate on a topic of their choice. Consider it to be a panel discussion — except everyone on the call is part of the panel! I coordinated the first webjam for The Cloud Work Group — the topic was “What will Cloud do to your resume?”

The webjam was attended by active members of the Cloud work group including

  • Sanda Morar and Som Balakrishnan from Cognizant Technologies
  • Raj Bhoopathi and E.G.Nadhan from HP.
  • Chris Harding from The Open Group

We used this post on the ECIO Forum Blog to set the context for this webjam. Click here for recording. Below is a brief summary of the key takeaways:

  • Cloud Computing is causing significant shifts that could impact the extent to which some roles exist in the future—especially the role of the CTO and the CIO. The CIO must become a cooperative integrator across a heterogeneous mix of technologies, platforms and services that are provisioned on or off the cloud.
  • Key Cloud characteristics—such as multi-tenancy, elasticity, scalability, etc.—are likely to be called out in resumes. There is an accelerated push for Cloud Architects who are supposed to ensure that aspects of the Cloud are consistently addressed across all architectural layers.
  • DevOps is expanding the role of the developer to transcend into operations. Developers’ resumes are more likely to call this experience out in Cloud Computing environments.
  • Business users are likely to call out their experience directly procuring Cloud services.
  • Application testers are more likely to address interoperability between the services provided—including the validation of the projected service levels—which could, in turn, show up on their resumes.
  • Operations personnel are likely to call out their experience with tools that can seamlessly monitor physical and virtual resources.

The recording provides much more detail.

I really enjoyed the webjam. It provided an opportunity to share the perspectives of individuals from numerous member companies of The Open Group on a topic germane to us as IT professionals as well as to The Cloud Work Group.

Are there other roles that are impacted? Are there any other changes to the content of the resumes in the future? Please listen to the recording and let me know your thoughts.

If you are a member of the Cloud Work Group, I look forward to engaging in an interesting discussion with you on other topics in this area!

A version of this blog post was originally published on HP’s Journey through Enterprise IT Services blog.

NadhanHP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has more than 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project, and is also the founding co-chair for the Open Group Cloud Computing Governance project. Connect with Nadhan on: Twitter, Facebook, LinkedIn and Journey Blog.

 

Comments Off

Filed under Cloud, Cloud/SOA

How Should we use Cloud?

By Chris Harding, The Open Group

How should we use Cloud? This is the key question at the start of 2013.

The Open Group® conferences in recent years have thrown light on, “What is Cloud?” and, “Should we use Cloud?” It is time to move on.

Cloud as a Distributed Processing Platform

The question is an interesting one, because the answer is not necessarily, “Use Cloud resources just as you would use in-house resources.” Of course, you can use Cloud processing and storage to replace or supplement what you have in-house, and many companies are doing just that. You can also use the Cloud as a distributed computing platform, on which a single application instance can use multiple processing and storage resources, perhaps spread across many countries.

It’s a bit like contracting a company to do a job, rather than hiring a set of people. If you hire a set of people, you have to worry about who will do what when. Contract a company, and all that is taken care of. The company assembles the right people, schedules their work, finds replacements in case of sickness, and moves them on to other things when their contribution is complete.

This doesn’t only make things easier, it also enables you to tackle bigger jobs. Big Data is the latest technical phenomenon. Big Data can be processed effectively by parceling the work out to multiple computers. Cloud providers are beginning to make the tools to do this available, using distributed file systems and map-reduce. We do not yet have, “Distributed Processing as a Service” – but that will surely come.

Distributed Computing at the Conference

Big Data is the main theme of the Newport Beach conference. The plenary sessions have keynote presentations on Big Data, including the crucial aspect of security, and there is a Big Data track that explores in depth its use in Enterprise Architecture.

There are also Cloud tracks that explore the business aspects of using Cloud and the use of Cloud in Enterprise Architecture, including a session on its use for Big Data.

Service orientation is generally accepted as a sound underlying principle for systems using both Cloud and in-house resources. The Service Oriented Architecture (SOA) movement focused initially on its application within the enterprise. We are now looking to apply it to distributed systems of all kinds. This may require changes to specific technology and interfaces, but not to the fundamental SOA approach. The Distributed Services Architecture track contains presentations on the theory and practice of SOA.

Distributed Computing Work in The Open Group

Many of the conference presentations are based on work done by Open Group members in the Cloud Computing, SOA and Semantic Interoperability Work Groups, and in the Architecture, Security and Jericho Forums. The Open Group enables people to come together to develop standards and best practices for the benefit of the architecture community. We have active Work Groups and Forums working on artifacts such as a Cloud Computing Reference Architecture, a Cloud Portability and Interoperability Guide, and a Guide to the use of TOGAF® framework in Cloud Ecosystems.

The Open Group Conference in Newport Beach

Our conferences provide an opportunity for members and non-members to discuss ideas together. This happens not only in presentations and workshops, but also in informal discussions during breaks and after the conference sessions. These discussions benefit future work at The Open Group. They also benefit the participants directly, enabling them to bring to their enterprises ideas that they have sounded out with their peers. People from other companies can often bring new perspectives.

Most enterprises now know what Cloud is. Many have identified specific opportunities where they will use it. The challenge now for enterprise architects is determining how best to do this, either by replacing in-house systems, or by using the Cloud’s potential for distributed processing. This is the question for discussion at The Open Group Conference in Newport Beach. I’m looking forward to an interesting conference!

Dr. Chris Harding is Director for Interoperability and SOA at The Open Group. He has been with The Open Group for more than ten years, and is currently responsible for managing and supporting its work on interoperability, including SOA and interoperability aspects of Cloud Computing. He is a member of the BCS, the IEEE and the AEA, and is a certified TOGAF practitioner.

1 Comment

Filed under Cloud, Conference

Flying in the Cloud by the Seat of Our Pants

By Chris Harding, The Open Group

In the early days of aviation, when instruments were unreliable or non-existent, pilots often had to make judgments by instinct. This was known as “flying by the seat of your pants.” It was exciting, but error prone, and accidents were frequent. Today, enterprises are in that position with Cloud Computing.

Staying On Course

Flight navigation does not end with programming the flight plan. The navigator must check throughout the flight that the plane is on course.  Successful use of Cloud requires, not only an understanding of what it can do for the business, but also continuous monitoring that it is delivering value as expected. A change of service-level, for example, can have as much effect on a user enterprise as a change of wind speed on an aircraft.

The Open Group conducted a Cloud Return on Investment (ROI) survey in 2011. Then, 55 percent of those surveyed felt that Cloud ROI would be easy to evaluate and justify, although only 35 percent had mechanisms in place to do it. When we repeated the survey in 2012, we found that the proportion that thought it would be easy had gone down to 44 percent, and only 20 percent had mechanisms in place. This shows, arguably, more realism, but it certainly doesn’t show any increased tendency to monitor the value delivered by Cloud. In fact, it shows the reverse. The enterprise pilots are flying by the seats of their pants. (The full survey results are available at http://www.opengroup.org/sites/default/files/contentimages/Documents/cloud_roi_formal_report_12_19_12-1.pdf)

They Have No Instruments

It is hard to blame the pilots for this, because they really do not have the instruments. The Open Group published a book in 2011, Cloud Computing for Business, that explains how to evaluate and monitor Cloud risk and ROI, with spreadsheet examples. The spreadsheet is pretty much the state-of-the-art in Cloud ROI instrumentation.  Like a compass, it is robust and functional at a basic level, but it does not have the sophistication and accuracy of a satellite navigation system. If we want better navigation, we must have better systems.

There is scope for Enterprise Architecture tool vendors to fill this need. As the inclusion of Cloud in Enterprise Architectures becomes commonplace, and Cloud Computing metrics and their relation to ROI become better understood, it should be possible to develop the financial components of Enterprise Architecture modeling tools so that the business impact of the Cloud systems can be seen more clearly.

The Enterprise Flight Crew

But this is not just down to the architects. The architecture is translated into systems by developers, and the systems are operated by operations staff. All of these people must be involved in the procurement and configuration of Cloud services and their monitoring through the Cloud buyers’ life cycle.

Cloud is already bringing development and operations closer together. The concept of DevOps, a paradigm that stresses communication, collaboration and integration between software developers and IT operations professionals, is increasingly being adopted by enterprises that use Cloud Computing. This communication, collaboration and integration must involve – indeed must start with – enterprise architects, and it must include the establishment and monitoring of Cloud ROI models. All of these professionals must co-operate to ensure that the Cloud-enabled enterprise keeps to its financial course.

The Architect as Pilot

The TOGAF® architecture development method includes a phase (Phase G) in which the architects participate in implementation governance. The following Phase H is currently devoted to architecture change management, with the objectives of ensuring that the architecture lifecycle is maintained, the architecture governance framework is executed, and the Enterprise Architecture capability meets current requirements. Perhaps Cloud architects should also think about ensuring that the system meets its business requirements, and continues to do so throughout its operation. They can then revisit earlier phases of the architecture development cycle (always a possibility in TOGAF) if it does not.

Flying the Cloud

Cloud Computing compresses the development lifecycle, cutting the time to market of new products and the time to operation of new enterprise systems. This is a huge benefit. It implies closer integration of architecture, development and operations. But this must be supported by proper instrumentation of the financial parameters of Cloud services, so that the architecture, development and operations professionals can keep the enterprise on course.

Flying by the seat of the pants must have been a great experience for the magnificent men in the flying machines of days gone by, but no one would think of taking that risk with the lives of 500 passengers on a modern aircraft. The business managers of a modern enterprise should not have to take that risk either. We must develop standard Cloud metrics and ROI models, so that they can have instruments to measure success.

Dr. Chris Harding is Director for Interoperability and SOA at The Open Group. He has been with The Open Group for more than ten years, and is currently responsible for managing and supporting its work on interoperability, including SOA and interoperability aspects of Cloud Computing. He is a member of the BCS, the IEEE and the AEA, and is a certified TOGAF practitioner.

10 Comments

Filed under Cloud/SOA

Data Governance: A Fundamental Aspect of IT

By E.G. Nadhan, HP

In an earlier post, I had explained how you can build upon SOA governance to realize Cloud governance.  But underlying both paradigms is a fundamental aspect that we have been dealing with ever since the dawn of IT—and that’s the data itself.

In fact, IT used to be referred to as “data processing.” Despite the continuing evolution of IT through various platforms, technologies, architectures and tools, at the end of the day IT is still processing data. However, the data has taken multiple shapes and forms—both structured and unstructured. And Cloud Computing has opened up opportunities to process and store structured and unstructured data. There has been a need for data governance since the day data processing was born, and today, it’s taken on a whole new dimension.

“It’s the economy, stupid,” was a campaign slogan, coined to win a critical election in the United States in 1992. Today, the campaign slogan for governance in the land of IT should be, “It’s the data, stupid!”

Let us challenge ourselves with a few questions. Consider them the what, why, when, where, who and how of data governance.

What is data governance? It is the mechanism by which we ensure that the right corporate data is available to the right people, at the right time, in the right format, with the right context, through the right channels.

Why is data governance needed? The Cloud, social networking and user-owned devices (BYOD) have acted as catalysts, triggering an unprecedented growth in recent years. We need to control and understand the data we are dealing with in order to process it effectively and securely.

When should data governance be exercised? Well, when shouldn’t it be? Data governance kicks in at the source, where the data enters the enterprise. It continues across the information lifecycle, as data is processed and consumed to address business needs. And it is also essential when data is archived and/or purged.

Where does data governance apply? It applies to all business units and across all processes. Data governance has a critical role to play at the point of storage—the final checkpoint before it is stored as “golden” in a database. Data Governance also applies across all layers of the architecture:

  • Presentation layer where the data enters the enterprise
  • Business logic layer where the business rules are applied to the data
  • Integration layer where data is routed
  • Storage layer where data finds its home

Who does data governance apply to? It applies to all business leaders, consumers, generators and administrators of data. It is a good idea to identify stewards for the ownership of key data domains. Stewards must ensure that their data domains abide by the enterprise architectural principles.  Stewards should continuously analyze the impact of various business events to their domains.

How is data governance applied? Data governance must be exercised at the enterprise level with federated governance to individual business units and data domains. It should be proactively exercised when a new process, application, repository or interface is introduced.  Existing data is likely to be impacted.  In the absence of effective data governance, data is likely to be duplicated, either by chance or by choice.

In our data universe, “informationalization” yields valuable intelligence that enables effective decision-making and analysis. However, even having the best people, process and technology is not going to yield the desired outcomes if the underlying data is suspect.

How about you? How is the data in your enterprise? What governance measures do you have in place? I would like to know.

A version of this blog post was originally published on HP’s Journey through Enterprise IT Services blog.

NadhanHP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has more than 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project, and is also the founding co-chair for the Open Group Cloud Computing Governance project. Connect with Nadhan on: Twitter, Facebook, LinkedIn and Journey Blog.

1 Comment

Filed under Cloud, Cloud/SOA

2013 Open Group Predictions, Vol. 1

By The Open Group

A big thank you to all of our members and staff who have made 2012 another great year for The Open Group. There were many notable achievements this year, including the release of ArchiMate 2.0, the launch of the Future Airborne Capability Environment (FACE™) Technical Standard and the publication of the SOA Reference Architecture (SOA RA) and the Service-Oriented Cloud Computing Infrastructure Framework (SOCCI).

As we wrap up 2012, we couldn’t help but look towards what is to come in 2013 for The Open Group and the industries we‘re a part of. Without further ado, here they are:

Big Data
By Dave Lounsbury, Chief Technical Officer

Big Data is on top of everyone’s mind these days. Consumerization, mobile smart devices, and expanding retail and sensor networks are generating massive amounts of data on behavior, environment, location, buying patterns – etc. – producing what is being called “Big Data”. In addition, as the use of personal devices and social networks continue to gain popularity so does the expectation to have access to such data and the computational power to use it anytime, anywhere. Organizations will turn to IT to restructure its services so it meets the growing expectation of control and access to data.

Organizations must embrace Big Data to drive their decision-making and to provide the optimal service mix services to customers. Big Data is becoming so big that the big challenge is how to use it to make timely decisions. IT naturally focuses on collecting data so Big Data itself is not an issue.. To allow humans to keep on top of this flood of data, industry will need to move away from programming computers for storing and processing data to teaching computers how to assess large amounts of uncorrelated data and draw inferences from this data on their own. We also need to start thinking about the skills that people need in the IT world to not only handle Big Data, but to make it actionable. Do we need “Data Architects” and if so, what would their role be?

In 2013, we will see the beginning of the Intellectual Computing era. IT will play an essential role in this new era and will need to help enterprises look at uncorrelated data to find the answer.

Security

By Jim Hietala, Vice President of Security

As 2012 comes to a close, some of the big developments in security over the past year include:

  • Continuation of hacktivism attacks.
  • Increase of significant and persistent threats targeting government and large enterprises. The notable U.S. National Strategy for Trusted Identities in Cyberspace started to make progress in the second half of the year in terms of industry and government movement to address fundamental security issues.
  • Security breaches were discovered by third parties, where the organizations affected had no idea that they were breached. Data from the 2012 Verizon report suggests that 92 percent of companies breached were notified by a third party.
  • Acknowledgement from senior U.S. cybersecurity professionals that organizations fall into two groups: those that know they’ve been penetrated, and those that have been penetrated, but don’t yet know it.

In 2013, we’ll no doubt see more of the same on the attack front, plus increased focus on mobile attack vectors. We’ll also see more focus on detective security controls, reflecting greater awareness of the threat and on the reality that many large organizations have already been penetrated, and therefore responding appropriately requires far more attention on detection and incident response.

We’ll also likely see the U.S. move forward with cybersecurity guidance from the executive branch, in the form of a Presidential directive. New national cybersecurity legislation seemed to come close to happening in 2012, and when it failed to become a reality, there were many indications that the administration would make something happen by executive order.

Enterprise Architecture

By Leonard Fehskens, Vice President of Skills and Capabilities

Preparatory to my looking back at 2012 and forward to 2013, I reviewed what I wrote last year about 2011 and 2012.

Probably the most significant thing from my perspective is that so little has changed. In fact, I think in many respects the confusion about what Enterprise Architecture (EA) and Business Architecture are about has gotten worse.

The stress within the EA community as both the demands being placed on it and the diversity of opinion within it increase continues to grow.  This year, I saw a lot more concern about the value proposition for EA, but not a lot of (read “almost no”) convergence on what that value proposition is.

Last year I wrote “As I expected at this time last year, the conventional wisdom about Enterprise Architecture continues to spin its wheels.”  No need to change a word of that. What little progress at the leading edge was made in 2011 seems to have had no effect in 2012. I think this is largely a consequence of the dust thrown in the eyes of the community by the ascendance of the concept of “Business Architecture,” which is still struggling to define itself.  Business Architecture seems to me to have supplanted last year’s infatuation with “enterprise transformation” as the means of compensating for the EA community’s entrenched IT-centric perspective.

I think this trend and the quest for a value proposition are symptomatic of the same thing — the urgent need for Enterprise Architecture to make its case to its stakeholder community, especially to the people who are paying the bills. Something I saw in 2011 that became almost epidemic in 2012 is conflation — the inclusion under the Enterprise Architecture umbrella of nearly anything with the slightest taste of “business” to it. This has had the unfortunate effect of further obscuring the unique contribution of Enterprise Architecture, which is to bring architectural thinking to bear on the design of human enterprise.

So, while I’m not quite mired in the slough of despond, I am discouraged by the community’s inability to advance the state of the art. In a private communication to some colleagues I wrote, “the conventional wisdom on EA is at about the same state of maturity as 14th century cosmology. It is obvious to even the most casual observer that the earth is both flat and the center of the universe. We debate what happens when you fall off the edge of the Earth, and is the flat earth carried on the back of a turtle or an elephant?  Does the walking of the turtle or elephant rotate the crystalline sphere of the heavens, or does the rotation of the sphere require the turtlephant to walk to keep the earth level?  These are obviously the questions we need to answer.”

Cloud

By Chris Harding, Director of Interoperability

2012 has seen the establishment of Cloud Computing as a mainstream resource for enterprise architects and the emergence of Big Data as the latest hot topic, likely to be mainstream for the future. Meanwhile, Service-Oriented Architecture (SOA) has kept its position as an architectural style of choice for delivering distributed solutions, and the move to ever more powerful mobile devices continues. These trends have been reflected in the activities of our Cloud Computing Work Group and in the continuing support by members of our SOA work.

The use of Cloud, Mobile Computing, and Big Data to deliver on-line systems that are available anywhere at any time is setting a new norm for customer expectations. In 2013, we will see the development of Enterprise Architecture practice to ensure the consistent delivery of these systems by IT professionals, and to support the evolution of creative new computing solutions.

IT systems are there to enable the business to operate more effectively. Customers expect constant on-line access through mobile and other devices. Business organizations work better when they focus on their core capabilities, and let external service providers take care of the rest. On-line data is a huge resource, so far largely untapped. Distributed, Cloud-enabled systems, using Big Data, and architected on service-oriented principles, are the best enablers of effective business operations. There will be a convergence of SOA, Mobility, Cloud Computing, and Big Data as they are seen from the overall perspective of the enterprise architect.

Within The Open Group, the SOA and Cloud Work Groups will continue their individual work, and will collaborate with other forums and work groups, and with outside organizations, to foster the convergence of IT disciplines for distributed computing.

3 Comments

Filed under Business Architecture, Cloud, Cloud/SOA, Cybersecurity, Enterprise Architecture

Discover the World’s First Technical Cloud Computing Standard… for the Second Time

By E.G. Nadhan, HP

Have you heard of the first technical standard for Cloud Computing—SOCCI (pronounced “saw-key”)? Wondering what it stands for? Well, it stands for Service Oriented Cloud Computing Infrastructure, or SOCCI.

Whether you are just beginning to deploy solutions in the cloud or if you already have existing cloud solutions deployed, SOCCI can be applied in terms of each organization’s different situation. Where ever you are on the spectrum of cloud adoption, the standard offers a well-defined set of architecture building blocks with specific roles outlined in detail. Thus, the standard can be used in multiple ways including:

  • Defining the service oriented aspects of your infrastructure in the cloud as part of your reference architecture
  • Validating your reference architecture to ensure that these building blocks have been appropriately addressed

The standard provides you an opportunity to systematically perform the following in the context of your environment:

  • Identify synergies between service orientation and the cloud
  • Extend adoption of  traditional and service-oriented infrastructure in the cloud
  • Apply the consumer, provider and developer viewpoints on your cloud solution
  • Incorporate foundational building blocks into enterprise architecture for infrastructure services in the cloud
  • Implement cloud-based solutions using different infrastructure deployment models
  • Realize business solutions referencing the business scenario analyzed in this standard

Are you going to be SOCCI’s first application? Are you among the cloud innovators—opting not to wait when the benefits can be had today?

Incidentally, I will be presenting this standard for the second time at the HP Discover Conference in Frankfurt on 5th Dec 2012.   I plan on discussing this standard, as well as its application in a hypothetical business scenario so that we can collectively brainstorm on how it could apply in different business environments.

In an earlier tweet chat on cloud standards, I tweeted: “Waiting for standards is like waiting for Godot.” After the #DT2898 session at HP Discover 2012, I expect to tweet, “Waiting for standards may be like waiting for Godot, but waiting for the application of a standard does not have to be so.”

A version of this blog post originally appeared on the Journey through Enterprise IT Services Blog.

HP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Connect with Nadhan on: Twitter, Facebook, Linkedin and Journey Blog.

Comments Off

Filed under Cloud, Cloud/SOA

Build Upon SOA Governance to Realize Cloud Governance

By E.G. Nadhan, HP

The Open Group SOA Governance Framework just became an International Standard available to government and enterprises worldwide. At the same time, I read an insightful post by ZDNet Blogger, Joe McKendrick who states that Cloud and automation drive new growth in SOA governance market. I have always maintained that the fundamentals of Cloud Computing are based upon SOA principles. This brings up the next natural question: Where are we with Cloud Governance?

I co-chair the Open Group project for defining the Cloud Governance framework. Fundamentally, the Cloud Governance framework builds upon The Open Group SOA Governance Framework and provides additional context for Cloud Governance in relation to other governance standards in the industry. We are with Cloud Governance today where we were with SOA Governance a few years back when The Open Group started on the SOA Governance framework project.

McKendrick goes on to say that the tools and methodologies built and stabilized over the past few years for SOA projects are seeing renewed life as enterprises move to the Cloud model. In McKendrick’s words, “it is just a matter of getting the word out.” That may be the case for the SOA governance market. But, is that so for Cloud Governance?

When it comes to Cloud Governance, it is more than just getting the word out. We must make progress in the following areas for Cloud Governance to become real:

  • Sustained adoption. Enterprises must continuously adopt cloud based services balancing it with outsourcing alternatives. This will give more visibility to the real-life use cases where Cloud Governance can be exercised to validate and refine the enabling set of governance models.
  • Framework Definition. Finally, Cloud Governance needs a standard framework to facilitate its adoption. Just like the SOA Governance Framework, the definition of a standard for the Cloud Governance Framework as well as the supporting reference models will pave the way for the consistent adoption of Cloud Governance.

Once these progressions are made, Cloud Governance will be positioned like SOA Governance—and it will then be just a “matter of getting the word out.”

A version of this blog post originally appeared on the Journey through Enterprise IT Services Blog.

HP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Connect with Nadhan on: Twitter, Facebook, Linkedin and Journey Blog.

1 Comment

Filed under Cloud, Cloud/SOA

SOA Provides Needed Support for Enterprise Architecture in Cloud, Mobile, Big Data, Says Open Group Panel

By Dana Gardner, BriefingsDirect

There’s been a resurgent role for service-oriented architecture (SOA) as a practical and relevant ingredient for effective design and use of Cloud, mobile, and big data technologies.

To find out why, The Open Group recently gathered an international panel of experts to explore the concept of “architecture is destiny,” especially when it comes to hybrid services delivery and management. The panel shows how SOA is proving instrumental in allowing the needed advancements over highly distributed services and data, when it comes to scale, heterogeneity support, and governance.

The panel consists of Chris Harding, Director of Interoperability at The Open Group, based in the UK; Nikhil Kumar, President of Applied Technology Solutions and Co-Chair of the SOA Reference Architecture Projects within The Open Group, and he’s based in Michigan, and Mats Gejnevall, Enterprise Architect at Capgemini and Co-Chair of The Open Group SOA Work Group, and he’s based in Sweden. The discussion is moderated by Dana Gardner, Principal Analyst at Interarbor Solutions.

The full podcast can be found here.

Here are some excerpts:

Gardner: Why this resurgence in the interest around SOA?

Harding: My role in The Open Group is to support the work of our members on SOA, Cloud computing, and other topics. We formed the SOA Work Group back in 2005, when SOA was a real emerging hot topic, and we set up a number of activities and projects. They’re all completed.

I was thinking that the SOA Work Group would wind down, move into maintenance mode, and meet once every few months or so, but we still get a fair attendance at our regular web meetings.

In fact, we’ve started two new projects and we’re about to start a third one. So, it’s very clear that there is still an interest, and indeed a renewed interest, in SOA from the IT community within The Open Group.

Larger trends

Gardner: Nikhil, do you believe that this has to do with some of the larger trends we’re seeing in the field, like Cloud Software as a Service (SaaS)? What’s driving this renewal?

Kumar: What I see driving it is three things. One is the advent of the Cloud and mobile, which requires a lot of cross-platform delivery of consistent services. The second is emerging technologies, mobile, big data, and the need to be able to look at data across multiple contexts.

The third thing that’s driving it is legacy modernization. A lot of organizations are now a lot more comfortable with SOA concepts. I see it in a number of our customers. I’ve just been running a large Enterprise Architecture initiative in a Fortune 500 customer.

At each stage, and at almost every point in that, they’re now comfortable. They feel that SOA can provide the ability to rationalize multiple platforms. They’re restructuring organizational structures, delivery organizations, as well as targeting their goals around a service-based platform capability.

So legacy modernization is a back-to-the-future kind of thing that has come back and is getting adoption. The way it’s being implemented is using RESTful services, as well as SOAP services, which is different from traditional SOA, say from the last version, which was mostly SOAP-driven.

Gardner: Mats, do you think that what’s happened is that the marketplace and the requirements have changed and that’s made SOA more relevant? Or has SOA changed to better fit the market? Or perhaps some combination?

Gejnevall: I think that the Cloud is really a service delivery platform. Companies discover that to be able to use the Cloud services, the SaaS things, they need to look at SOA as their internal development way of doing things as well. They understand they need to do the architecture internally, and if they’re going to use lots of external Cloud services, you might as well use SOA to do that.

Also, if you look at the Cloud suppliers, they also need to do their architecture in some way and SOA probably is a good vehicle for them. They can use that paradigm and also deliver what the customer wants in a well-designed SOA environment.

Gardner: Let’s drill down on the requirements around the Cloud and some of the key components of SOA. We’re certainly seeing, as you mentioned, the need for cross support for legacy, Cloud types of services, and using a variety of protocol, transports, and integration types. We already heard about REST for lightweight approaches and, of course, there will still be the need for object brokering and some of the more traditional enterprise integration approaches.

This really does sound like the job for an Enterprise Service Bus (ESB). So let’s go around the panel and look at this notion of an ESB. Some people, a few years back, didn’t think it was necessary or a requirement for SOA, but it certainly sounds like it’s the right type of functionality for the job.

Loosely coupled

Harding: I believe so, but maybe we ought to consider that in the Cloud context, you’re not just talking about within a single enterprise. You’re talking about a much more loosely coupled, distributed environment, and the ESB concept needs to take account of that in the Cloud context.

Gardner: Nikhil, any thoughts about how to manage this integration requirement around the modern SOA environment and whether ESBs are more or less relevant as a result?

Kumar: In the context of a Cloud we really see SOA and the concept of service contracts coming to the fore. In that scenario, ESBs play a role as a broker within the enterprise. When we talk about the interaction across Cloud-service providers and Cloud consumers, what we’re seeing is that the service provider has his own concept of an ESB within its own internal context.

If you want your Cloud services to be really reusable, the concept of the ESB then becomes more for the routing and the mediation of those services, once they’re provided to the consumer. There’s a kind of separation of concerns between the concept of a traditional ESB and a Cloud ESB, if you want to call it that.

The Cloud context involves more of the need to be able to support, enforce, and apply governance concepts and audit concepts, the capabilities to ensure that the interaction meets quality of service guarantees. That’s a little different from the concept that drove traditional ESBs.

That’s why you’re seeing API management platforms like Layer 7Mashery, or Apigee and other kind of product lines. They’re also coming into the picture, driven by the need to be able to support the way Cloud providers are provisioning their services. As Chris put it, you’re looking beyond the enterprise. Who owns it? That’s where the role of the ESB is different from the traditional concept.

Most Cloud platforms have cost factors associated with locality. If you have truly global enterprises and services, you need to factor in the ability to deal with safe harbor issues and you need to factor in variations and law in terms of security governance.

The platforms that are evolving are starting to provide this out of the box. The service consumer or a service provider needs to be able to support those. That’s going to become the role of their ESB in the future, to be able to consume a service, to be able to assert this quality-of-service guarantee, and manage constraints or data-in-flight and data-at-rest.

Gardner: Mats, are there other aspects of the concept of ESB that are now relevant to the Cloud?

Entire stack

Gejnevall: One of the reasons SOA didn’t really take off in many organizations three, four, or five years ago was the need to buy the entire stack of SOA products that all the consultancies were asking companies to buy, wanting them to buy an ESB, governance tools, business process management tools, and a lot of sort of quite large investments to just get your foot into the door of doing SOA.

These days you can buy that kind of stuff. You can buy the entire stack in the Cloud and start playing with it. I did some searches on it today and I found a company that you can play with the entire stack, including business tools and everything like that, for zero dollars. Then you can grow and use more and more of it in your business, but you can start to see if this is something for you.

In the past, the suppliers or the consultants told you that you could do it. You couldn’t really try it out yourself. You needed both the software and the hardware in place. The money to get started is much lower today. That’s another reason people might be thinking about it these days.

Gardner: It sounds as if there’s a new type of on-ramp to SOA values, and the componentry that supports SOA is now being delivered as a service. On top of that, you’re also able to consume it in a pay-as-you-go manner.

Harding: That’s a very good point, but there are two contradictory trends we are seeing here. One is the kind of trend that Mats is describing, where the technology you need to handle a complex stack is becoming readily available in the Cloud.

And the other is the trend that Nikhil mentioned: to go for a simpler style, which a lot of people term REST, for accessing services. It will be interesting to see how those two tendencies play out against each other.

Kumar: I’d like to make a comment on that. The approach for the on-ramp is really one of the key differentiators of the Cloud, because you have the agility and the lack of capital investment (CAPEX) required to test things out.

But as we are evolving with Cloud platforms, I’m also seeing with a lot of Platform-as-a-Service (PaaS) vendor scenarios that they’re trying the ESB in the stack itself. They’re providing it in their Cloud fabric. A couple of large players have already done that.

For example, Azure provides that in the forward-looking vision. I am sure IBM and Oracle have already started down that path. A lot of the players are going to provide it as a core capability.

Pre-integrated environment

Gejnevall: Another interesting thing is that they could get a whole environment that’s pre-integrated. Usually, when you buy these things from a vendor, a lot of times they don’t fit together that well. Now, there’s an effort to make them work together.

But some people put these open-source tools together. Some people have done that and put them out on the Cloud, which gives them a pretty cheap platform for themselves. Then, they can sell it at a reasonable price, because of the integration of all these things.

Gardner: The Cloud model may be evolving toward an all-inclusive offering. But SOA, by its definition, advances interoperability, to plug and play across existing, current, and future sets of service possibilities. Are we talking about SOA being an important element of keeping Clouds dynamic and flexible — even open?

Kumar: We can think about the OSI 7 Layer Model. We’re evolving in terms of complexity, right? So from an interoperability perspective, we may talk SOAP or REST, for example, but the interaction with AWS, SalesforceSmartCloud, or Azure would involve using APIs that each of these platforms provide for interaction.

Lock-in

So you could have an AMI, which is an image on the Amazon Web Services environment, for example, and that could support a lab stack or an open source stack. How you interact with it, how you monitor it, how you cluster it, all of those aspects now start factoring in specific APIs, and so that’s the lock-in.

From an architect’s perspective, I look at it as we need to support proper separation of concerns, and that’s part of [The Open Group] SOA Reference Architecture. That’s what we tried to do, to be able to support implementation architectures that support that separation of concerns.

There’s another factor that we need to understand from the context of the Cloud, especially for mid-to-large sized organizations, and that is that the Cloud service providers, especially the large ones — Amazon, Microsoft, IBM — encapsulate infrastructure.

If you were to go to Amazon, Microsoft, or IBM and use their IaaS networking capabilities, you’d have one of the largest WAN networks in the world, and you wouldn’t have to pay a dime to establish that infrastructure. Not in terms of the cost of the infrastructure, not in terms of the capabilities required, nothing. So that’s an advantage that the Cloud is bringing, which I think is going to be very compelling.

The other thing is that, from an SOA context, you’re now able to look at it and say, “Well, I’m dealing with the Cloud, and what all these providers are doing is make it seamless, whether you’re dealing with the Cloud or on-premise.” That’s an important concept.

Now, each of these providers and different aspects of their stacks are at significantly different levels of maturity. Many of these providers may find that their stacks do not interoperate with themselves either, within their own stacks, just because they’re using different run times, different implementations, etc. That’s another factor to take in.

From an SOA perspective, the Cloud has become very compelling, because I’m dealing, let’s say, with a Salesforce.com and I want to use that same service within the enterprise, let’s say, an insurance capability for Microsoft Dynamics or for SugarCRM. If that capability is exposed to one source of truth in the enterprise, you’ve now reduced the complexity and have the ability to adopt different Cloud platforms.

What we are going to start seeing is that the Cloud is going to shift from being just one à-la-carte solution for everybody. It’s going to become something similar to what we used to deal with in the enterprise context. You had multiple applications, which you service-enabled to reduce complexity and provide one service-based capability, instead of an application-centered approach.

You’re now going to move the context to the Cloud, to your multiple Cloud solutions, and maybe many implementations in a nontrivial environment for the same business capability, but they are now exposed to services in the enterprise SOA. You could have Salesforce. You could have Amazon. You could have an IBM implementation. And you could pick and choose the source of truth and share it.

So a lot of the core SOA concepts will still apply and are still applying.

Another on-ramp

Gardner: Perhaps yet another on-ramp to the use of SOA is the app store, which allows for discovery, socialization of services, but at the same time provides overnance and control?

Kumar: We’re seeing that with a lot of our customers, typically the vendors who support PaaS solution associate app store models along with their platform as a mechanism to gain market share.

The issue that you run into with that is, it’s okay if it’s on your cellphone or on your iPad, your tablet PC, or whatever, but once you start having managed apps, for example Salesforce, or if you have applications which are being deployed on an Azure or on a SmartCloud context, you have high risk scenario. You don’t know how well architected that application is. It’s just like going and buying an enterprise application.

When you deploy it in the Cloud, you really need to understand the Cloud PaaS platform for that particular platform to understand the implications in terms of dependencies and cross-dependencies across apps that you have installed. They have real practical implications in terms of maintainability and performance. We’ve seen that with at least two platforms in the last six months.

Governance becomes extremely important. Because of the low CAPEX implications to the business, the business is very comfortable with going and buying these applications and saying, “We can install X, Y, or Z and it will cost us two months and a few million dollars and we are all set.” Or maybe it’s a few hundred thousand dollars.

They don’t realize the implications in terms of interoperability, performance, and standard architectural quality attributes that can occur. There is a governance aspect from the context of the Cloud provisioning of these applications.

There is another aspect to it, which is governance in terms of the run-time, more classic SOA governance, to measure, assert, and to view the cost of these applications in terms of performance to your infrastructural resources, to your security constraints. Also, are there scenarios where the application itself has a dependency on a daisy chain, multiple external applications, to trace the data?

In terms of the context of app stores, they’re almost like SaaS with a particular platform in mind. They provide the buyer with certain commitments from the platform manager or the platform provider, such as security. When you buy an app from Apple, there is at least a reputational expectation of security from the vendor.

What you do not always know is if that security is really being provided. There’s a risk there for organizations who are exposing mission-critical data to that.

The second thing is there is still very much a place for the classic SOA registries and repositories in the Cloud. Only the place is for a different purpose. Those registries and repositories are used either by service providers or by consumers to maintain the list of services they’re using internally.

Different paradigms

There are two different paradigms. The app store is a place where I can go and I know that the gas I am going to get is 85 percent ethanol, versus I also have to maintain some basic set of goods at home to make that I have my dinner on time. These are different kind of roles and different kind of purposes they’re serving.

Above all, I think the thing that’s going to become more and more important in the context of the Cloud is that the functionality will be provided by the Cloud platform or the app you buy, but the governance will be a major IT responsibility, right from the time of picking the app, to the time of delivering it, to the time of monitoring it.

Gardner: How is The Open Group allowing architects to better exercise SOA principles, as they’re grappling with some of these issues around governance, hybrid services delivery and management, and the use and demand in their organizations to start consuming more Cloud services?

Harding: The architect’s primary concern, of course, has to be to meet the needs of the client and to do so in a way that is most effective and that is cost-effective. Cloud gives the architect a usability to go out and get different components much more easily than hitherto.

There is a problem, of course, with integrating them and putting them together. SOA can provide part of the solution to that problem, in that it gives a principle of loosely coupled services. If you didn’t have that when you were trying to integrate different functionality from different places, you would be in a real mess.

What The Open Group contributes is a set of artifacts that enable the architect to think through how to meet the client’s needs in the best way when working with SOA and Cloud.

For example, the SOA Reference Architecture helps the architect understand what components might be brought into the solution. We have the SOA TOGAF Practical Guide, which helps the architect understand how to use TOGAF® in the SOA context.

We’re working further on artifacts in the Cloud space, the Cloud Computing Reference Architecture, a notational language for enabling people to describe Cloud ecosystems on recommendations for Cloud interoperability and portability. We’re also working on recommendations for Cloud governance to complement the recommendations for SOA governance, the SOA Governance Framework Standards that we have already produced, and a number of other artifacts.

The Open Group’s real role is to support the architect and help the architect to better meet the needs of the architect client.

From the very early days, SOA was seen as bringing a closer connection between the business and technology. A lot of those promises that were made about SOA seven or eight years ago are only now becoming possible to fulfill, and that business front is what that project is looking at.

We’re also producing an update to the SOA Reference Architectures. We have input the SOA Reference Architecture for consideration by the ISO Group that is looking at an International Standard Reference Architecture for SOA and also to the IEEE Group that is looking at an IEEE Standard Reference Architecture.

We hope that both of those groups will want to work along the principles of our SOA Reference Architecture and we intend to produce a new version that incorporates the kind of ideas that they want to bring into the picture.

We’re also thinking of setting up an SOA project to look specifically at assistance to architects building SOA into enterprise solutions.

So those are three new initiatives that should result in new Open Group standards and guides to complement, as I have described already, the SOA Reference Architecture, the SOA Governance Framework, the Practical Guides to using TOGAF for SOA.

We also have the Service Integration Maturity Model that we need to assess the SOA maturity. We have a standard on service orientation applied to Cloud infrastructure, and we have a formal SOA Ontology.

Those are the things The Open Group has in place at present to assist the architect, and we are and will be working on three new things: version 2 of the Reference Architecture for SOA, SOA for business technology, and I believe shortly we’ll start on assistance to architects in developing SOA solutions.

Dana Gardner is the Principal Analyst at Interarbor Solutions, which identifies and interprets the trends in Services-Oriented Architecture (SOA) and enterprise software infrastructure markets. Interarbor Solutions creates in-depth Web content and distributes it via BriefingsDirect™ blogs, podcasts and video-podcasts to support conversational education about SOA, software infrastructure, Enterprise 2.0, and application development and deployment strategies.

Comments Off

Filed under Cloud, Cloud/SOA, Service Oriented Architecture

I Thought I had Said it All – and Then Comes Service Technology

By E.G. Nadhan, HP

It is not the first time that I am blogging about the evolution of fundamental service orientation principles serving as an effective foundation for cloud computing. You may recall my earlier posts in The Open Group blog on Top 5 tell-tale signs of SOA evolving to the Cloud, followed by The Right Way to Transform to Cloud Computing, following up with my latest post on this topic about taking a lesson from history to integrate to the Cloud. I thought I had said it all and there was nothing more to blog about on this topic other than diving into more details.

Until I saw the post by Forbes blogger Joe McKendrick on Before There Was Cloud Computing, There was SOA. In this post, McKendrick introduces a new term – Service Technology – which resonates with me because it cements the concept of a service-oriented thinking that technically enables the realization of SOA within the enterprise followed by its sustained evolution to cloud computing. In fact, the 5th International SOA, Cloud and Service Technology Symposium is a conference centered around this concept.

Even if this is a natural evolution, we must still exercise caution that we don’t fall prey to the same pitfalls of integration like the IT world did in the past. I elaborate further on this topic in my post on The Open Group blog: Take a lesson from History to Integrate to the Cloud.

I was intrigued by another comment in McKendrick’s post about “Cloud being inherently service-oriented.” Almost. I would slightly rephrase it to Cloud done right being inherently service-oriented. So, what do I mean by Cloud done right. Voila:The Right Way to Transform to Cloud Computing on The Open Group blog.

So, how about you? Where are you with your SOA strategy? Have you been selectively transforming to the Cloud? Do you have “Service Technology” in place within your enterprise?

I would like to know, and something tells me McKendrick will as well.

So, it would be an interesting exercise to see if the first Technical standard for Cloud Computing published by The Open Group should be extended to accommodate the concept of Service Technology. Perhaps, it is already an integral part of this standard in concept. Please let me know if you are interested. As the co-chair for this Open Group project, I am very interested in working with you on taking next steps.

A version of this blog post originally appeared on the Journey through Enterprise IT Services Blog.

HP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Connect with Nadhan on: Twitter, Facebook, Linkedin and Journey Blog.

Comments Off

Filed under Cloud/SOA

Take a Lesson from History to Integrate to the Cloud

By E.G. Nadhan, HP

In an earlier post for The Open Group Blog on the Top 5 tell-tale signs of SOA evolving to the Cloud, I had outlined the various characteristics of SOA that serve as a foundation for the cloud computing paradigm.  Steady growth of service oriented practices and the continued adoption of cloud computing across enterprises has resulted in the need for integrating out to the cloud.  When doing so, we must take a look back in time at the evolution of integration solutions starting with point-to-point solutions maturing to integration brokers and enterprise services buses over the years.  We should take a lesson from history to ensure that this time around, when integrating to the cloud, we prevent undue proliferation of point-to-point solutions across the extended enterprise.

We must exercise the same due-diligence and governance as is done for services within the enterprise. There is an increased risk of point-to-point solutions proliferating because of consumerization of IT and the ease of availability of such services to individual business units.

Thus, here are 5 steps that need to be taken to ensure a more systemic approach when integrating to cloud-based service providers.

  1. Extend your SOA strategy to the Cloud. Review your current SOA strategy and extend this to accommodate cloud based as-a-service providers.
  2. Extend Governance around Cloud Services.   Review your existing IT governance and SOA governance processes to accommodate the introduction and adoption of cloud based as-a-service providers.
  3. Identify Cloud based Integration models. It is not a one-size fits all. Therefore multiple integration models could apply to the cloud-based service provider depending upon the enterprise integration architecture. These integration models include a) point-to-point solutions, b) cloud to on-premise ESB and c) cloud based connectors that adopt a service centric approach to integrate cloud providers to enterprise applications and/or other cloud providers.
  4. Apply right models for right scenarios. Review the scenarios involved and apply the right models to the right scenarios.
  5. Sustain and evolve your services taxonomy. Provide enterprise-wide visibility to the taxonomy of services – both on-premise and those identified for integration with the cloud-based service providers. Continuously evolve these services to integrate to a rationalized set of providers who cater to the integration needs of the enterprise in the cloud.

The biggest challenge enterprises have in driving this systemic adoption of cloud-based services comes from within its business units. Multiple business units may unknowingly avail the same services from the same providers in different ways. Therefore, enterprises must ensure that such point-to-point integrations do not proliferate like they did during the era preceding integration brokers.

Enterprises should not let history repeat itself when integrating to the cloud by adopting service-oriented principles.

How about your enterprise? How are you going about doing this? What is your approach to integrating to cloud service providers?

A version of this post was originally published on HP’s Enterprise Services Blog.

HP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Twitter handle @NadhanAtHP.

1 Comment

Filed under Cloud, Cloud/SOA

Secrets Behind the Rapid Growth of SOA

By E.G. Nadhan, HP

Service Oriented Architecture has been around for more than a decade and has steadily matured over the years with increasing levels of adoption. Cloud computing, a paradigm that is founded upon the fundamental service oriented principles, has fueled SOA’s adoption in recent years. ZDNet blogger Joe McKendrick calls out a survey by Companies and Markets in one of his blog posts - SOA market grew faster than expected.

Some of the statistics from this survey as referenced by McKendrick include:

  • SOA represents a total global market value of $5.518 billion, up from $3.987 billion in 2010 – or a 38% growth.
  • The SOA market in North America is set to grow at a compound annual growth rate (CAGR) of 11.5% through 2014.

So, what are the secrets of the success that SOA seems to be enjoying?  During the past decade, I can recall a few skeptics who were not so sure about SOA’s adoption and growth.  But I believe there are 5 “secrets” behind the success story of SOA that should put such skepticism to rest:

  1. Architecture. Service oriented architectures have greatly facilitated a structured approach to enterprise architecture (EA) at large. Despite debates over the scope of EA and SOA, the fact remains that service orientation is an integral part of the foundational factors considered by the enterprise architect. If anything, it has also acted as a catalyst for giving more visibility to the need for well-defined enterprise architecture to be in place for the current and desired states.
  2. Application. Service orientation has promoted standardized interfaces that have enabled the continued existence of multiple applications in an integrated, cohesive manner. Thanks to a SOA-based approach, integration mechanisms are no longer held hostage to proprietary formats and legacy platforms.
  3. Availability. Software Vendors have taken the initiative to make their functionality available through services. Think about the number of times you have heard a software vendor suggest Web services as their de-facto method for integrating to other systems? Single-click generation of a Web service is a very common feature across most of the software tools used for application development.
  4. Alignment. SOA has greatly facilitated and realized increased alignment from multiple fronts including the following:
    • Business to IT. The definition of application and technology services is really driven by the business need in the form of business services.
    • Application to Infrastructure. SOA strategies for the enterprise have gone beyond the application layer to the infrastructure, resulting in greater alignment between the application being deployed and the supporting infrastructure. Infrastructure services are an integral part of the comprehensive set of services landscape for an enterprise.
    • Platforms and technology. Interfaces between applications are much less dependent on the underlying technologies or platforms, resulting in increased alignment between various platforms and technologies. Interoperability has been taken to new levels across the extended enterprise.
  5. AdoptionSOA has served as the cornerstone for new paradigms like cloud computing. Increased adoption of SOA has also resulted in the evolution of multiple industry standards for SOA and has also led to the evolution of standards for infrastructure services to be provisioned in the cloudStandards do take time to evolve, but when they do, it is a tacit endorsement by the IT industry of the maturity of the underlying phenomenon — in this case, SOA.

Thus, the application of service oriented principles across the enterprise has increased SOA’s adoption spurred by the availability of readily exposed services across all architectural layers resulting in increased alignment between business and IT.

What about you? What factors come to your mind as SOA success secrets? Is your SOA experience in alignment with the statistics from the report McKendrick referenced? I would be interested to know.

Reposted with permission from CIO Magazine.

HP Distinguished Technologist, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Twitter handle @NadhanAtHP.

1 Comment

Filed under Cloud/SOA

2012 Open Group Predictions, Vol. 2

By The Open Group

Continuing on the theme of predictions, here are a few more, which focus on enterprise architecture, business architecture, general IT and Open Group events in 2012.

Enterprise Architecture – The Industry

By Leonard Fehskens, VP of Skills and Capabilities

Looking back at 2011 and looking forward to 2012, I see growing stress within the EA community as both the demands being placed on it and the diversity of opinions within it increase. While this stress is not likely to fracture the community, it is going to make it much more difficult for both enterprise architects and the communities they serve to make sense of EA in general, and its value proposition in particular.

As I predicted around this time last year, the conventional wisdom about EA continues to spin its wheels.  At the same time, there has been a bit more progress at the leading edge than I had expected or hoped for. The net effect is that the gap between the conventional wisdom and the leading edge has widened. I expect this to continue through the next year as progress at the leading edge is something like the snowball rolling downhill, and newcomers to the discipline will pronounce that it’s obvious the Earth is both flat and the center of the universe.

What I had not expected is the vigor with which the loosely defined concept of business architecture has been adopted as the answer to the vexing challenge of “business/IT alignment.” The big idea seems to be that the enterprise comprises “the business” and IT, and enterprise architecture comprises business architecture and IT architecture. We already know how to do the IT part, so if we can just figure out the business part, we’ll finally have EA down to a science. What’s troubling is how much of the EA community does not see this as an inherently IT-centric perspective that will not win over the “business community.” The key to a truly enterprise-centric concept of EA lies inside that black box labeled “the business” – a black box that accounts for 95% or more of the enterprise.

As if to compensate for this entrenched IT-centric perspective, the EA community has lately adopted the mantra of “enterprise transformation”, a dangerous strategy that risks promising even more when far too many EA efforts have been unable to deliver on the promises they have already made.

At the same time, there is a growing interest in professionalizing the discipline, exemplified by the membership of the Association of Enterprise Architects (AEA) passing 20,000, TOGAF® 9 certifications passing 10,000, and the formation of the Federation of Enterprise Architecture Professional Organizations (FEAPO). The challenge that we face in 2012 and beyond is bringing order to the increasing chaos that characterizes the EA space. The biggest question looming seems to be whether this should be driven by IT. If so, will we be honest about this IT focus and will the potential for EA to become a truly enterprise-wide capability be realized?

Enterprise Architecture – The Profession

By Steve Nunn, COO of The Open Group and CEO of the Association of Enterprise Architects

It’s an exciting time for enterprise architecture, both as an industry and as a profession. There are an abundance of trends in EA, but I wanted to focus on three that have emerged and will continue to evolve in 2012 and beyond.

  • A Defined Career Path for Enterprise Architects: Today, there is no clear career path for the enterprise architect. I’ve heard this from college students, IT and business professionals and current EAs. Up until now, the skills necessary to succeed and the roles within an organization that an EA can and should fill have not been defined. It’s imperative that we determine the skill sets EAs need and the path for EAs to acquire these skills in a linear progression throughout their career. Expect this topic to become top priority in 2012.
  • Continued EA Certification Adoption: Certification will continue to grow as EAs seek ways to differentiate themselves within the industry and to employers. Certifications and memberships through professional bodies such as the Association of Enterprise Architects will offer value to members and employers alike by identifying competent and capable architects. This growth will also be supported by EA certification adoption in emerging markets like India and China, as those countries continue to explore ways to build value and quality for current and perspective clients, and to establish more international credibility.
  • Greater Involvement from the Business: As IT investments become business driven, business executives controlling corporate strategy will need to become more involved in EA and eventually drive the process. Business executive involvement will be especially helpful when outsourcing IT processes, such as Cloud Computing. Expect to see greater interest from executives and business schools that will implement coursework and training to reflect this shift, as well as increased discussion on the value of business architecture.

Business Architecture – Part 2

By Kevin Daley, IBM and Vice-Chair of The Open Group Business Forum

Several key technologies have reached a tipping point in 2011 that will move them out of the investigation and validation by enterprise architects and into the domain of strategy and realization for business architects. Five areas where business architects will be called upon for participation and effort in 2012 are related to:

  • Cloud: This increasingly adopted and disruptive technology will help increase the speed of development and change. The business architect will be called upon to ensure the strategic relevancy of transformation in a repeatable fashion as cycle times and rollouts happen faster.
  • Social Networking / Mobile Computing: Prevalent consumer usage, global user adoption and improvements in hardware and security make this a trend that cannot be ignored. The business architect will help develop new strategies as organizations strive for new markets and broader demographic reach.
  • Internet of Things: This concept from 2000 is reaching critical mass as more and more devices become communicative. The business architect will be called on to facilitate the conversation and design efforts between operational efforts and technologies managing the flood of new and usable information.
  • Big Data and Business Intelligence: Massive amounts of previously untapped data are being exposed, analyzed and made insightful and useful. The business architect will be utilized to help contain the complexity of business possibilities while identifying tactical areas where the new insights can be integrated into existing technologies to optimize automation and business process domains.
  • ERP Resurgence and Smarter Software: Software purchasing looks to continue its 2011 trend towards broader, more intuitive and feature-rich software and applications.  The business architect will be called upon to identify and help drive getting the maximum amount of operational value and output from these platforms to both preserve and extend organizational differentiation.

The State of IT

By Dave Lounsbury, CTO

What will have a profound effect on the IT industry throughout 2012 are the twin horses of mobility and consumerization, both of which are galloping at full tilt within the IT industry right now. Key to these trends are the increased use of personal devices, as well as favorite consumer Cloud services and social networks, which drive a rapidly growing comfort among end users with both data and computational power being everywhere. This comfort brings a level of expectations to end users who will increasingly want to control how they access and use their data, and with what devices. The expectation of control and access will be increasingly brought from home to the workplace.

This has profound implications for core IT organizations. There will be less reliance on core IT services, and with that an increased expectation of “I’ll buy the services, you show me know to knit them in” as the prevalent user approach to IT – thus requiring increased attention to use of standards conformance. IT departments will change from being the only service providers within organizations to being a guiding force when it comes to core business processes, with IT budgets being impacted. I see a rapid tipping point in this direction in 2012.

What does this mean for corporate data? The matters of scale that have been a part of IT—the overarching need for good architecture, security, standards and governance—will now apply to a wide range of users and their devices and services. Security issues will loom larger. Data, apps and hardware are coming from everywhere, and companies will need to develop criteria for knowing whether systems are robust, secure and trustworthy. Governments worldwide will take a close look at this in 2012, but industry must take the lead to keep up with the pace of technology evolution, such as The Open Group and its members have done with the OTTF standard.

Open Group Events in 2012

By Patty Donovan, VP of Membership and Events

In 2012, we will continue to connect with members globally through all mediums available to us – our quarterly conferences, virtual and regional events and social media. Through coordination with our local partners in Brazil, China, France, Japan, South Africa, Sweden, Turkey and the United Arab Emirates, we’ve been able to increase our global footprint and connect members and non-members who may not have been able to attend the quarterly conferences with the issues facing today’s IT professionals. These events in conjunction with our efforts in social media has led to a rise in member participation and helped further develop The Open Group community, and we hope to have continued growth in the coming year and beyond.

We’re always open to new suggestions, so if you have a creative idea on how to connect members, please let me know! Also, please be sure to attend the upcoming Open Group Conference in San Francisco, which is taking place on January 30 through February 3. The conference will address enterprise transformation as well as other key issues in 2012 and beyond.

9 Comments

Filed under Business Architecture, Cloud, Cloud/SOA, Data management, Enterprise Architecture, Semantic Interoperability, Standards

New Cloud Computing book from The Open Group helps organizations develop the case for key Cloud operating metrics and ROI

By Mark Skilton, Capgemini

Cloud Computing is more than just a utility cost reduction exercise of your IT storage and computing assets through subscribing or purchasing to an on-demand, pay-as-you-go model. Cloud Computing is evolving into an ecosystem of services from storage, computing and network infrastructure to impacting the integration and application software to transform the business processes and market service models. The many public discussions on search engines, edge networks and the myriad of mobile and tablet device technologies and operating systems are some of the many visible indicators of the high profile Cloud Computing has achieved today.

From an international perspective, The Open Group is well placed to see these large-scale effects on architecture in IT sourcing and delivery of on-demand, “always on” services. Major public Clouds provide significant social networking, computing and productivity services reaching across all industries.

A key challenge for companies is to understand key business and IT metrics that Cloud Computing can help achieve in operating cost efficiency savings, and how it can drive revenue and growth potential. This applies across the industry from private to public federal sectors.

Key challenges include:

  • How to identify the key model definitions for Cloud Computing?
  • Why is Cloud creating new business opportunities for large and small companies?
  • How to define key metrics for both the risk and value of Cloud Computing?
  • What are the successful case studies for a strong and sustainable business case for Cloud Computing?

The Open Group recently published a new book, Cloud Computing for Business: The Open Group Guide  to address these issues through specific guidance on business drivers for Cloud; defining the Cloud vision and buying requirements criteria; assessing  risk; and building the return on investment metrics and case for Cloud Computing. The book gives managers reliable and independent guidance that will help to support decisions and actions in this key operational area.

Download the book now (Open Group members only)
Buy a hard copy
Read the press announcement
Read an excerpt of the book
Read the blog post announcing the book, or Mark’s previous blog post on the book

Mark Skilton, Director, Capgemini, is the Co-Chair of The Open Group Cloud Computing Work Group. He has been involved in advising clients and developing of strategic portfolio services in Cloud Computing and business transformation. His recent contributions include the publication of Return on Investment models on Cloud Computing widely syndicated that achieved 50,000 hits on CIO.com and in the British Computer Society 2010 Annual Review. His current activities include development of a new Cloud Computing Model standards and best practices on the subject of Cloud Computing impact on Outsourcing and Off-shoring models and contributed to the second edition of the Handbook of Global Outsourcing and Off-shoring published through his involvement with Warwick Business School UK Specialist Masters Degree Program in Information Systems Management.

Comments Off

Filed under Cloud

Adoption of Cloud Computing raises key challenges for the industry

By Mark Skilton, Capgemini

Recently, The Open Group published the book, Cloud Computing for Business: The Open Group Guide, to help businesses navigate the complexities of the value and ROI that can be gained from Cloud Computing. While there are aspirations and evidence that Cloud Computing is now a mainstream business and IT strategic paradigm for operations and services, for most organizations there still remains the challenge of making the right selection and choice of Cloud services, and the question of what savings and potential benefits may be achieved from making this shift as a customer or provider.

Many large and small companies are seeking similar benefits from Cloud Computing, but with a different emphasis on coordination and control. Core services such as risk and security management, service level management, and demand and supply availability have weighed heavily on all companies in assessing options in committing key operations to private or public Cloud services. Specific software and platform workloads also need to be identified and matched to real company needs. The alignment, coordination and transition to new business on-demand models can also take effect in the back office IT function as well as with front- end users consuming the services,  particularly in larger corporations made up of many departments and disparate business units.

Yet the Cloud phenomenon is not just corporate enterprise; it is also now part of mobility and social networking and network media. Companies are seeing new supply and customer channels being created through online social networks and web portals that can fundamentally alter provisioning strategies, restructuring operations and competitive advantage positions for customers and providers alike.  This “ecosystem” effect is the long-tail — sourcing and utility computing turning full circle as companies and customer expectations become catalog and on-demand oriented.

Key challenges include:

  • What are the growth markets and opportunities for Cloud Computing?
  • How is Cloud Computing changing the business and IT services landscape?
  • How do I define a robust Cloud risk assessment method for transitioning to Cloud Computing?
  • What are the cost, time and performance metrics that matter for Cloud Computing?

Cloud Computing for Business: The Open Group Guide offers specific guidance that address many of Cloud Computing’s key challenges, which include choosing the appropriate Cloud solution, buying requirements and measuring return on investment. The book also gives managers reliable and independent guidance that will help to support decisions and actions in this key operational area.

Download the book now
Buy a hard copy
Read the press announcement
Read an excerpt of the book
Read the previous blog post announcing the book

Mark Skilton, Director, Capgemini, is the Co-Chair of The Open Group Cloud Computing Work Group. He has been involved in advising clients and developing of strategic portfolio services in Cloud Computing and business transformation. His recent contributions include the publication of Return on Investment models on Cloud Computing widely syndicated that achieved 50,000 hits on CIO.com and in the British Computer Society 2010 Annual Review. His current activities include development of a new Cloud Computing Model standards and best practices on the subject of Cloud Computing impact on Outsourcing and Off-shoring models and contributed to the second edition of the Handbook of Global Outsourcing and Off-shoring published through his involvement with Warwick Business School UK Specialist Masters Degree Program in Information Systems Management.

2 Comments

Filed under Cloud

Introducing our new book: Cloud Computing For Business

By Stuart Boardman, Getronics

Today was a dream day for cloud spotters. In the course of a 90-minute drive I could have ticked off at least 10 of the distinct cloud types documented in my “Cloud Collector’s Handbook” (No, I’m not a cloud nerd – it was given to me as a joke). It doesn’t do to stretch a metaphor too far but it’s quite interesting how what I saw could reflect the variety of situations with which a consumer (or even provider) of Cloud services might be confronted: well-defined shapes with a clearly substantial content; fine-grained but still well-defined little packages; vast, vague shapes that require great expertise to understand what they promise; thin, wispy layers linking other things together; but also every type mixed through and layered on each other. At the end I experienced (thanks to an immense downpour) what it’s like to be right inside a cloud – you can’t see a damn thing – including the other folks you’re sharing the service with – but they’re there and one way or another they might have an effect on you.

What I really want to talk about is The Open Group’s new book, Cloud Computing For Business, which you can download from The Open Group online bookstore or buy in hardback from van Haren Publishing. There’s no shortage of books about Cloud, so you might reasonably ask what could make this one so interesting. Well, that’s partly down to what it is and partly to what it isn’t. The title ought to give a clue. It’s not a Cloud collector’s handbook. It’s not interested in tying down the fine-grained differences between different types of Cloud service. It’s not concerned with marginal decisions about exactly what is and is not a Cloud service.

It IS concerned with helping you understand what you might be able to get out of a Cloud service, and how to ensure that it really delivers what you expect.

This book is concerned with value, as you might expect from a book with the word “Business” in the title. The sub-title is “The Open Group Guide”. That word Guide is also important. The book’s goal is to be a guide that will help you make your own decisions. It doesn’t offer potted solutions. It looks at the different kinds of value you could obtain from the Cloud and how to develop a strategy for Cloud that is correct for your own organization’s specific situation and goals. The main sections are about understanding what your organization might gain from using Cloud services (and why), how to select the right service (and provider), how to identify and manage risk and how to go about setting, measuring and assuring ROI expectations. There is, of course, an introduction explaining the key features of Cloud. The basis for this is the NIST definition. The Open Group promotes standards, so it’s natural that it makes the maximum use of standards developed elsewhere. In this case that’s the NIST definition – the models and characteristics. What the book adds to this is an exploration of what the different elements of the definition actually mean to Cloud users – why you should care, and also where you should not care.

What makes this book special, though, is the fact that it pulls together the knowledge and experience of a broad group of people from provider and consumer organizations, from business, government and education and from multiple geographies. It’s a product of The Open Group Cloud Computing Work Group and has therefore been the subject of discussion, review and improvement even before it appeared in the book. The Work Group is a focus for exchange of experiences and insights, for collaborative development of practical material and a forum for good, honest debate in a non-partisan environment. Its various projects have produced a series of white papers and reference documents, which in turn have contributed to the development of the book.

The book itself was actively reviewed by an even broader group. So what you get is something that reflects the experiences and opinions of a considerable number of people, who have nothing to gain from these activities apart from what they learn from each other in the process. There aren’t many books of which that can be said and certainly not your typical technical book.

And what I also admire is the refreshing lack of fluff. So many technical books seem to suffer from a need to be priced by weight. The result is that you might as well start reading at page 100, because you won’t have missed anything. This book get straight down to business.

If you’ll bear with me stretching my metaphor a bit further, in the end there is perhaps a similarity to the Cloud Collector’s Handbook (really a rather admirable and amusing little book, by the way) because both will help you to read the Cloud landscape and know what to expect – and that’s what really matters, isn’t it?

Download the book now
Buy a hard copy
Read the press announcement
Read an excerpt of the book

Stuart Boardman is a Senior Business Consultant with Getronics Consulting where he co-leads the Enterprise Architecture practice as well as the Cloud Computing solutions group. He is co-lead of The Open Group Cloud Computing Work Group’s Security for the Cloud and SOA project and a founding member of both The Open Group Cloud Computing Work Group and The Open Group SOA Work Group. Stuart is the author of publications by the Information Security Platform (PvIB) in The Netherlands and of his previous employer, CGI. He is a frequent speaker at conferences on the topics of Cloud, SOA, and Identity. 

11 Comments

Filed under Cloud

What does the Amazon EC2 downtime mean?

By Mark Skilton, Capgemini

The recent announcement of the Amazon EC2 outage in April this year triggers some thoughts about this very high-profile topic in Cloud Computing. How secure and available is your data in the Cloud?

While the outage was more to do with the service level availability (SLA) of data and services from your Cloud provider, the recent, potentially more concerning risk of Epsilon e-mail data stolen, and as I write this the Sony email theft is breaking news, further highlights this big topic in Cloud Computing.

My initial reaction on hearing the about the outage was that it was due to over-allocation due to high demand in the US EAST 2 region, which led to a cascade system failure. I subsequently read that Amazon said it was a network glitch, which triggered storage backups to automatically create more than needed, consuming the elastic block storage. This in turn, I theorized, seems to have created the supply unavailability problem.

From a business perspective, this focuses on the issues of using a primary Cloud provider. The businesses like Quora.com and foursquare.com that were affected “live in the Cloud,” yet backup and secondary Cloud support needs are clearly important.  Some of these are economic decisions, trade-offs between loss of business and business continuity. It highlights the vulnerability of these enterprises even though a highly successful organization like Amazon makes this a rare event. Consumers of Cloud services need to consider taking mitigating actions such as disruption insurance; having secondary backups; and the issues of assurances of SLAs, which are largely out of the hands of SMB Market users. A result of outages in Cloud providers has been the emergence of a new market called “Cloud Backup,” which is starting to gain favor with customers and providers in providing added levels of protection of service fail over.

While these are concerning issues, I believe most outage issues may be addressed by taking due diligence in the procurement and usage behavior of any service that involves a third party. I’ve expanding the definition of due diligence in Cloud Computing to include at least six key processes that any prospective Cloud buyer should be aware and make contingency for, as you would with any purchase of a business critical service:

  • Security management
  • Compliance management
  • Service Management (ITSM and License controls)
  • Performance management
  • Account management
  • Ecosystem standards management

I don’t think publishing a bill of rights for consumers is enough to insure against failure. One thing that Cloud Computing design has taught me is that part of the architectural shift brought about by Cloud is the emergence of automation as an implicit part of the operating model design to enable elasticity. This automation may have been a factor, ironically, in the Amazon situation, but overall the benefits of Cloud far outweigh the downsides, which can be re-engineered and resolved.

A useful guide to address some of the business impact can be found in a new book by The Open Group on Cloud Computing for Business that we plan to publish this quarter. The topics of the book address many of these challenges in understanding and driving the value of the Cloud Computing in the language of business. The book covers chapters relating to business use of cloud and includes topics of risk management of the Cloud. Check The Open Group website for more information on The Open Group Cloud Computing Work Group and the Cloud publications in the bookstore at http://www.opengroup.org.

Cloud Computing isa key topic of discussion at The Open Group Conference, London, May 9-13, which is currently underway. 

Mark Skilton, Director, Capgemini, is the Co-Chair of The Open Group Cloud Computing Work Group. He has been involved in advising clients and developing of strategic portfolio services in Cloud Computing and business transformation. His recent contributions include the publication of Return on Investment models on Cloud Computing widely syndicated that achieved 50,000 hits on CIO.com and in the British Computer Society 2010 Annual Review. His current activities include development of a new Cloud Computing Model standards and best practices on the subject of Cloud Computing impact on Outsourcing and Off-shoring models and contributed to the second edition of the Handbook of Global Outsourcing and Off-shoring published through his involvement with Warwick Business School UK Specialist Masters Degree Program in Information Systems Management.

1 Comment

Filed under Cloud/SOA

Creation of a strategy for the consumption and management of Cloud Services in the TOGAF® Preliminary Phase

By Serge Thorn, Architecting the Enterprise

In an article on my blog, Cloud Computing requires Enterprise Architecture and TOGAF 9 can show the way I described the need to define a strategy as an additional step in the TOGAF 9 Preliminary Phase. This article describes in more detail what could be the content of such a document, specifically, what are the governance activities related to the Consumption and Management of Cloud Services.

Before deciding to switch over to Cloud Computing, companies should first fully understand the concepts and implications of an internal IT investment or buying this as a service. There are different approaches, which may have to be considered from an enterprise level when Cloud Computing is considered: Public Cloud vs. Private Clouds vs. Hybrid Clouds. Despite the fact that many people already know what the differences are, below are some summaries of the various models:

  • A public Cloud is one in which the consumer of Cloud services and the provider of Cloud services exist in separate enterprises. The ownership of the assets used to deliver Cloud services remains with the provider
  • A private Cloud is one in which both the consumer of Cloud services and the provider of those services exist within the same enterprise. The ownership of the Cloud assets resides within the same enterprise providing and consuming Cloud services. It is really a description of a highly virtualized, on-premise data center that is behaving as if it were that of a public Cloud provider
  • A hybrid Cloud combines multiple elements of public and private Cloud, including any combination of providers and consumers

Once the major Business stakeholders understand the concepts, some initial decisions may have to be made and included in that document. The same may also apply to the various Cloud Computing categorisations such as diagrammed below:

The categories the enterprise may be interested in related to existing problems can already be included as a section in the document.

Quality Management

There is need of a system for evaluating performance, whether in the delivery of Cloud services or the quality of products provided to consumers, or customers. This may include:

  • A test planning and a test asset management from business requirements to defects
  • A Project governance and release decisions based on some standards such as Prince 2/PMI and ITIL
  • A Data quality control (all data uploaded to a Cloud Computing service provider must ensure it fits the requirements of the provider). This should be detailed and provided by the provider
  • Detailed and documented Business Processes as defined in ISO 9001:
    • Systematically defining the activities necessary to obtain a desired result
    • Establishing clear responsibility and accountability for managing key activities
    • Analyzing and measuring of the capability of key activities
    • Identifying the interfaces of key activities within and between the functions of the organization
    • Focusing on the factors such as resources, methods, and materials that will improve key activities of the organization
    • Evaluating risks, consequences and impacts of activities on customers, suppliers and other interested parties

Security Management

This would address and document specific topics such as:

  • Eliminating the need to constantly reconfigure static security infrastructure for a dynamic computing environment
  • Define how services are able to securely connect and reliably communicate with internal IT services and other public services
  • Penetration security checks
  • How a Security Management/System Management/Network Management teams monitor that security and the availability

Semantic Management

The amount of unstructured electronic information in an enterprise environment is growing rapidly. Business people have to collaboratively realise the reconciliation of their heterogeneous metadata and consequently the application of the derived business semantic patterns to establish alignment between the underlying data structures. The way this will be handled may also be included.

IT Service Management (ITIL)

IT Service Management or IT Operations teams will have to address many new challenges due to the Cloud. This will need to be addressed for some specific processes such as:

  • Incident Management
    • The Cloud provider must ensure that all outages or exceptions to normal operations are resolved as quickly as possible while capturing all of the details for the actions that were taken and are communicated to the customer.
  • Change Management
    • Strict change management practices must be adhered to and all changes implemented during approved maintenance windows must be tracked, monitored, and validated.
  • Configuration Management (Service Asset and…)
    • Companies who have a CMDB must provide this to the Cloud providers with detailed descriptions of the relationships between configuration items (CI)
    • CI relationships empowers change and incident managers need to determine that a modification to one service may impact several other related services and the components of those services
    • This provides more visibility into the Cloud environment, allowing consumers and providers to make more informed decisions not only when preparing for a change but also when diagnosing incidents and problems
  • Problem Management
    • The Cloud provider needs to identify the root cause analysis in case of problems

  • Service Level Management
    • Service Level Agreements (or Underpinning contracts) must be transparent and accessible to the end users.  The business representatives should be negotiating these agreements. They will need to effectively negotiate commercial, technical, and legal terms. It will be important to establish these concrete, measurable Service Level Agreements (SLAs). Without these, and  an effective means for verifying compliance, the damage from poor service levels will only be exacerbated
  • Vendor Management
    • Relationship between a vendor and their customers changes
    • Contractual arrangements
  • Capacity Management  and Availability Management
    • Reporting on performance

Other activities must be documented such as:

Monitoring

  • Monitoring will be a very important activity and should be described in the Strategy document. The assets and infrastructure that make up the Cloud service is not within the enterprise. They are owned by the Cloud providers, which will most likely have a focus on maximizing their revenue, not necessarily optimizing the performance and availability of the enterprise’s services. Establishing sound monitoring practices for the Cloud services from the outset will bring significant benefits in the long term. Outsourcing delivery of service does not necessarily imply that we can outsource the monitoring of that service. Besides, today very few Cloud providers are offering any form of service level monitoring to their customers. Quite often, they are providing the Cloud service but not proving that they are providing that service.
  • The resource usage and consumption must be monitored and managed in order to support strategic decision making
  • Whenever possible, the Cloud providers should furnish the relevant tools for management and reporting and take away the onerous tasks of patch management, version upgrades, high availability, disaster recovery and the like. This obviously will impact IT Service Continuity for the enterprise.
  • Service Measurement, Service Reporting and Service Improvement processes must be considered

Consumption and costs

  • Service usage (when and how) to determine the intrinsic value that the service is providing to the Business, and IT can also use this information to compute the Return On Investment for their Cloud Computing initiatives and related services. This would be related to the process IT Financial Management.

Risk Management

The TOGAF 9 risk management method should be considered to address the various risks associated such as:

  • Ownership, Cost, Scope, Provider relationship, Complexity, Contractual, Client acceptance, etc
  • Other risks should also be considered such as : Usability, Security (obviously…) and Interoperability

Asset Management and License Management

When various Cloud approaches are considered (services on-premise via the Cloud), hardware and software license management should be defined to ensure companies can meet their governance and contractual requirements

Transactions

Ensuring the safety of confidential data is a mission critical aspect of the business. Cloud Computing gives them concerns over the lack of control that they will have over company data, and does not enable them to monitor the processes used to organize the information.

Being able to manage the transactions in the Cloud is vital and Business transaction safety should be considered (recording, tracking, alerts, electronic signatures, etc…).

There may be other aspects, which should be integrated in this Strategy document that may vary according to the level of maturity of the enterprise or existing best practices in use.

When considering Cloud Computing, the Preliminary phase will include in the definition of the Architecture Governance Framework most of the touch points with other processes as described above. At completion, touch-points and impacts should be clearly understood and agreed by all relevant stakeholders.

This article has previously appeared in Serge Thorn’s personal blog.

Cloud will be a topic of discussion at The Open Group Conference, London, May 9-13. Join us for best practices, case studies and the future of information security, presented by preeminent thought leaders in the industry.

Serge Thorn is CIO of Architecting the Enterprise.  He has worked in the IT Industry for over 25 years, in a variety of roles, which include; Development and Systems Design, Project Management, Business Analysis, IT Operations, IT Management, IT Strategy, Research and Innovation, IT Governance, Architecture and Service Management (ITIL). He has more than 20 years of experience in Banking and Finance and 5 years of experience in the Pharmaceuticals industry. Among various roles, he has been responsible for the Architecture team in an international bank, where he gained wide experience in the deployment and management of information systems in Private Banking, Wealth Management, and also in IT architecture domains such as the Internet, dealing rooms, inter-banking networks, and Middle and Back-office. He then took charge of IT Research and Innovation (a function which consisted of motivating, encouraging creativity, and innovation in the IT Units), with a mission to help to deploy a TOGAF based Enterprise Architecture, taking into account the company IT Governance Framework. He also chaired the Enterprise Architecture Governance worldwide program, integrating the IT Innovation initiative in order to identify new business capabilities that were creating and sustaining competitive advantage for his organization. Serge has been a regular speaker at various conferences, including those by The Open Group. His topics have included, “IT Service Management and Enterprise Architecture”, “IT Governance”, “SOA and Service Management”, and “Innovation”. Serge has also written several articles and whitepapers for different magazines (Pharma Asia, Open Source Magazine). He is the Chairman of the itSMF (IT Service Management forum) Swiss chapter and is based in Geneva, Switzerland.

8 Comments

Filed under Cloud/SOA, TOGAF®

The Cloud, multiple Platforms within Platforms

By Mark Skilton, Capgemini

I recently attended The Open Group India Conference in March. This was the first time that The Open Group India had launched such an event, and they had the ambitious target of visiting three cities in the week. The event itself was a platform for discussion of Indian perspectives on all aspects of Architect Best Practices, and in particular, the India market on Enterprise Architecture and Cloud Computing. It drew a significant cross section of public and private industry sector professionals at all the venues, with keen debate and presentations demonstrating industry-leading thought leadership and case study.

The highly successful event raised important questions and discussion on significant topics of the moment in architecture and the Indian perspective. One that stands out in Cloud Computing was the development of Cloud Architectures and the role of Cloud as a platform for services.

Significant Cloud Computing commentary from the Cloud panel sessions included:

  • The role Indian government IT services strategy development could play in applying Cloud Computing, Grid and SOA concepts to the public sector services to the federated and regional citizenship
  • How the Indian market could exploit the SMB and youth demographic that see the Cloud as a rapid resource delivery platform, and huge potential for services in the Cloud to local and international markets
  • The evolution of Cloud services, notably in Big Data and content as a service and in applications software development in the Cloud using PaaS. Both need further focus on master data semantics and interoperability standards to help versioning, persistence of data and support of multiple Cloud virtual environments to drive the potential reality going forward

The debate of Cloud Architectures and Platforms ran throughout the three-city Conference, with notable observations and lessons learnt, including:

  • Support of multiple locations by “location-aware Clouds” was an interesting aspect when developing shared platforms that need to recognize the delivery and localization of “last mile logistics” and end-user experience of the service. One-size-fits-all needed some abstraction of end point use in enabling adoption flexibility and relevancy
  • Cloud Architectures had to be “platforms” that “evolved” like the ecosystem that made up its internal and external components and services. This was a fact as many Clouds and integration adaptor strategies using open source and proprietary technologies where driving ahead with different standards and speeds of development. Understanding the solution options needed to “design for change” was a matter of urgency in architectural design practice for Cloud
  • Mobile Cloud, including the Internet of things (IoT) and the spread of mobile channel services everywhere, drew considerable interest as a strong potential second wave of the Cloud as it enters the next stage of added-value services, virtual communities and multi-Cloud service marketplaces

The underlying theme seemed to be the emergence of service platforms and services enabled by the Cloud and its pervasiveness into social media and social networks underpinned by Cloud infrastructure and data centers. Platforms enabling other platforms in a distributed regional, wireless, global bandwidth enabled world.

I remembered that, at the same time as the Indian event, there was a shining example of technological inspiration right above our heads orbiting 200 miles around the Earth: the STS133 mission and final space flight of the Space Shuttle Discovery. This in itself was an inspiring magnificent achievement. The shuttle had flown more missions than any other — 39 in the 25-year flight history — but that was not the whole picture. Discovery was the platform that launched another platform, the Hubble Space Telescope, into the heavens. And look what discoveries came of that: the first pictures of the now-famous Eagle Nebula stellar nurseries, new insights into the distribution of galaxies and the universal constant, and the list goes on. One platform borne upon another; how much further will our children see tomorrow?

Cloud Computing will be a topic of discussion at The Open Group Conference, London, May 9-13. Join us for best practices, case studies and the future of information security, presented by preeminent thought leaders in the industry.

Mark Skilton, Director, Capgemini, is the Co-Chair of The Open Group Cloud Computing Work Group. He has been involved in advising clients and developing of strategic portfolio services in Cloud Computing and business transformation. His recent contributions include the publication of Return on Investment models on Cloud Computing widely syndicated that achieved 50,000 hits on CIO.com and in the British Computer Society 2010 Annual Review. His current activities include development of a new Cloud Computing Model standards and best practices on the subject of Cloud Computing impact on Outsourcing and Off-shoring models and contributed to the second edition of the Handbook of Global Outsourcing and Off-shoring published through his involvement with Warwick Business School UK Specialist Masters Degree Program in Information Systems Management.

1 Comment

Filed under Cloud/SOA

Transforming your business operating model for outsourcing and off-shoring with strategic Cloud Computing

By Mark Skilton, Capgemini

Strategic planning has traditionally been a game of numbers and decision scenarios. The make-versus-buy-versus-alliance-versus-acquisition process has remained the tool of the trade in building options to improve capital efficiencies or revenue contribution and gross operating profit. Many non-core and some core services may be moved to a buy-in model or to a shared service that reduces operating costs. Alliances have been forged with outsourcing and out-tasking of IT and business services to further improve the conditions of business performance. These are well-established practices, but how does Cloud Computing change this strategy?

A consideration that is now growing in many markets is how outsourcing and off-shoring has been affected by the emergence of Cloud Computing as a kind of alternative option to hosting services.

Traditional hosting of services involves on-premise and off-premise choices of key network, storage, computer software applications and business services. Typically this includes the movement of technical and staff resources to an off-premise model managed by a third party. This may further include a shift from on-shore to off-shore locations of these services, which is driven by the desire for operational cost improvements, as well as access to managed resources and skills.

Cloud Computing is also a shift to a kind of outsourced model and off-shore model which may be either located on-premise or off-premise, and may offer a private, community or a public Cloud service. But how does this actually alter the balance of strategic choice in a business and its chosen markets? Cloud Computing is a business operating model shift, as well as a technology transition.

Cloud changes the competitive dynamics of a market because it changes the competitive barriers to entry and choice. Some examples of key business driver shifts brought about by Cloud Computing can include:

Cloud impact on GOP Operating Profit

  • Lowers cost of asset ownership reductions – asset investment can be shifted from a “one” to “many” model
  • Lowers barriers to provisioning — self-service provisioning enabling a new kind of on-demand purchasing
  • Lowers collaborative barriers, enabling convenience to exchange ideas, brokering and business transactions

Cloud impact on revenue contribution

  • Increases speed of change to transform business activities because you can take new products and services to market faster or can expand into new markets faster
  • Increases revenue share through new products and services provisioning, and rapid market entry, to sell commodity or custom products and services

Cloud impact on risk and cost of ownership overhead

  • Increases access controls and certification security risks
  • Increases the compliance and audit costs and risks from movement of services on- and off-shore to specified or unspecified locations
  • Increases cost of knowledge acquisition and learning to manage Cloud
  • Creates changes in lock-in and impediments to portability and interoperability, as a commitment to Cloud platforms may come with associated conditions of service and limits on accessibility to move and change providers

Cloud Computing is a very direct challenge to current outsourcing and off-shoring models in a number of fundamental ways, which are huge opportunities and areas that need to be managed and their risk assessed in the strategic planning process.

  • Self-service changes the “window” to request management of services. In outsourcing, these may be facilitation through portals, service desk and service account communication; but in Cloud, self-service means that direct contact and ownership can be done remotely. It may also mean that different consumers and buyers of Cloud services may not necessarily contact the IT provider directly.
  • On-demand collaboration services changes the way sourcing and selection of services are achieved. Online catalogues of predefined services and options to seek out other Cloud services and solutions alter the scope and range of sourcing solutions. These are no longer just constrained to the particular outsourcing or multi-sourcing situation. Contractual conditions and alternative sourcing and innovation strategies are introduced due to the influence of Cloud Computing models.
  • Cloud Service management changes the way ITSM help desk and service monitoring work with Cloud Computing. The role of the service desk changes as it is no longer only considering the requests, issues and problem resolutions; it also needs to be aware of the catalogues and availability management of the Cloud environment to answer service level requests and changes. It moves from a request service to a demand-and-supply management service.

Self –service enables business and IT users to select the Cloud-hosted services needed to expand or change as their business needs change, rather than go through a provisioning cycle with local or central IT.

On-demand collaboration service model improves the quality of support as Cloud-hosted services are defined through a catalogue and an account management process, enabling business and IT users to get better visibility and control of usage and requests. Conversely, it enables variations and maverick buying to be monitored to encourage the development of further common IT service reuse and specific development of new capabilities based on actual usage demand patterns. Hitherto, commercial contracts locked customers and vendors into longer-term contractual solutions, limiting options for change. Cloud Computing catalogues and services aim to create a looser coupling between buyers, consumers and users of IT services.

Cloud service management changes the concept of request-and-response service into a marketplace driven perspective of services.

The shifting onshore/off-shore model

Cloud Computing changes the concept of outsourcing and off-shoring as a physical exchange of services into one of virtual services whose location becomes a “one to many” paradigm, which may be a combination of internal and external marketplaces.  To illustrate this point, consider the following scenario:

Current information technology hardware and software assets and staff skills may be typically consolidated into a business unit or regional data centers which are connected by a corporate network.

A small, central, corporate IT function may coordinate policy and strategy, which is largely distributed down to the many operating companies and individual IT functions to meet local market and business service requirements. Currently, controlling the data center access for the business units and selected partners for security and certification is essential to controlling data center service operations and compliance regulations.

The usage and development of the business applications and infrastructure are focused onshore by business unit, region and individual business operating company. Large-scale corporate systems such as ERP, CRM and SCM and secure certified systems are developed in each data center and may be replicated across other regional data centers. Significant investment in virtualization has typically already been completed or is in progress, and is used to addressed the operational efficiencies of the data centers while the external business market environment forces continue to change rapidly with marketing product launches and demand changes within each market and region seasonal competitive pressures.

Moving to Cloud Computing can potentially redefine the need for each region and business unit to develop certain types of IT service onshore. Common services hosted in a secure Cloud data center provide the possibility to move to an off-shore shared model for many business units. Individual market and business unit agility is still essential for competitive response, but this can be supported by targeting Cloud Computing services for specific business activity needs. The off-shore move also enables service management and capabilities to be invested in shared regions to further improve the operating model organizational efficiency.

Mark Skilton, Director, Capgemini, is the Co-Chair of The Open Group Cloud Computing Work Group. He has been involved in advising clients and developing of strategic portfolio services in Cloud Computing and business transformation. His recent contributions include the publication of Return on Investment models on Cloud Computing widely syndicated that achieved 50,000 hits on CIO.com and in the British Computer Society 2010 Annual Review. His current activities include development of a new Cloud Computing Model standards and best practices on the subject of Cloud Computing impact on Outsourcing and Off-shoring models and contributed to the second edition of the Handbook of Global Outsourcing and Off-shoring published through his involvement with Warwick Business School UK Specialist Masters Degree Program in Information Systems Management.

1 Comment

Filed under Cloud/SOA

Cloud security and risk management

by Varad G. Varadarajan, Cognizant Technology Solutions

Are you ready to move to the Cloud?

Risk management and cost control are two key issues facing CIOs and CTOs today. Both these issues come into play in Cloud Computing, and present an interesting dilemma for IT leaders at large corporations.

The elastic nature of the Cloud, the conversion of Capex to Opex and the managed security infrastructure provided by the Cloud service provider make it very attractive for hosting applications. However, there are a number of security and privacy issues that companies need to grapple with before moving to the Cloud.

For example, multi-tenancy and virtualization are great technologies for lowering the cost of hosting applications, and the service providers that would like to use them. However, these technologies also pose grave security risks because companies operate in a shared infrastructure that offers very little isolation. They greatly increase the target attack surface, which is a hacker’s dream come true.

Using multiple service providers on the Cloud is great for providing redundancy, connecting providers in a supply chain or handling spikes in services via Cloud bursts. However, managing identities across multiple providers is a challenge.  Making sure data does not accidentally cross trust boundaries is another difficult problem.

Likewise, there are many challenges in the areas of:

  • Choosing the right service / delivery model (and its security implications)
  • Key management and distribution
  • Governance and Compliance of the service provider
  • Vendor lock-in
  • Data privacy (e.g. regulations governing the offshore-ability of data)
  • Residual risks

In my presentation at The Open Group India Conference next week, I will discuss these and many other interesting challenges facing CIOs regarding Cloud adoption. I will present a five step approach that enterprises can use to select assets, assess risks, map them to service providers and manage the risks through contract negotiation, SLAs and regular monitoring.

Cloud Computing will be a topic of discussion at The Open Group India Conference in Chennai (March 7), Hyderabad (March 9) and Pune (March 11). Join us for best practices and case studies in the areas of Enterprise Architecture, Security, Cloud and Certification, presented by preeminent thought leaders in the industry.

Varad is a senior IT professional with 22 years of experience in Technology Management, Practice Development, Business Consulting, Architecture, Software Development and Entrepreneurship. He has led consulting assignments in IT Transformation, Architecture, and IT Strategy/Blueprinting at global companies across a broad range of industries and domains. He holds an MBA (Stern School of Business, New York), M.S Computer Science (G.W.U/Stanford California) and B.Tech (IIT India).

Comments Off

Filed under Cloud/SOA