Tag Archives: E.G. Nadhan

The Open Group Cloud Computing Work Group Web Jam on CIO Priorities

By E.G. Nadhan, HP

Recently, I shared my experience leading the first Web Jam within The Open Group Cloud Work Group. We are now gearing up to have another one of these sessions – this time around, the topic being CIO priorities as driven by Cloud Computing. Even though the Web Jam is an internal session held within The Open Group Cloud Work Group, we want to factor in other opinions as well – hence this blog where I share my perspective on how Cloud Computing is defining the priorities for the CIO. I am basing this perspective on the findings from a survey conducted by IDG Research as published in this white paper on IT priorities where I was one of the persons interviewed.

I would categorize the CIO priorities across five drivers: customers, business, innovation, finance and governance.

1. Customers. CIOs must listen to their customers (especially shareholders). Cloud Computing is breeding a new generation of customer-focused CIOs.  Shareholders are driving IT to the Cloud. At the same time, enterprises need to be at least as social as their customers so that they can process the brontobytes of data generated through these channels.

2. Business. CIOs must shift their attention from technical matters to business issues. This is not surprising. As I outlined in an earlier blog post, the right way to transform to Cloud Computing has always been driven by the business needs of the enterprise. When addressing technical requests, CIOs need to first determine the underlying, business-driven root cause of the request.

3. Innovation. CIOs must make innovation part of the IT blood stream. CIOs need to take steps today to innovate the planet for 2020.  For example, the Cloud facilitates the storage of brontobytes of data that can be informationalized through data analysis techniques by those who have the sexiest job of the 21st Century – Data Scientist.

4. Finance. CIOs must have the right mechanisms in place to track the ROI of Cloud Computing.  As fellow blogger from The Open Group Chris Harding states, CIOs must not fly in the Cloud by the seat of their pants.  Note that tracking the ROI is not a one-time activity. CIOs must be ready to answer the ROI question on the Cloud.

5. Governance. CIOs must ensure that there is a robust Cloud governance model across the enterprise. In the past, I’ve explained how we can build upon SOA Governance to realize Cloud governance.  As a co-chair for the Cloud Governance project within The Open Group, I have a lot of interest in this space and would like to hear your thoughts.

So, there you have it. Those are the top 5 priorities for the CIO driven by key Cloud Computing forces. How about you? Are there other CIO priorities that you can share? I would be interested to know and quite happy to engage in a discussion as well.

Once the web jam has taken place, I am planning on sharing the discussions in this blog so that we can continue our discussion.

NadhanHP Distinguished Technologist, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Twitter handle @NadhanAtHP.

2 Comments

Filed under Cloud, Cloud/SOA

Protecting Data is Good. Protecting Information Generated from Big Data is Priceless

By E.G. Nadhan, HP

This was the key message that came out of The Open Group® Big Data Security Tweet Jam on Jan 22 at 9:00 a.m. PT, which addressed several key questions centered on Big Data and security. Here is my summary of the observations made in the context of these questions.

Q1. What is Big Data security? Is it different from data security?

Big data security is more about information security. It is typically external to the corporate perimeter. IT is not prepared today to adequately monitor its sheer volume in brontobytes of data. The time period of long-term storage could violate compliance mandates. Note that storing Big Data in the Cloud changes the game with increased risks of leaks, loss, breaches.

Information resulting from the analysis of the data is even more sensitive and therefore, higher risk – especially when it is Personally Identifiable Information on the Internet of devices requiring a balance between utility and privacy.

At the end of the day, it is all about governance or as they say, “It’s the data, stupid! Govern it.”

Q2. Any thoughts about security systems as producers of Big Data, e.g., voluminous systems logs?

Data gathered from information security logs is valuable but rules for protecting it are the same. Security logs will be a good source to detect patterns of customer usage.

Q3. Most BigData stacks have no built in security. What does this mean for securing Big Data?

There is an added level of complexity because it goes across apps, network plus all end points. Having standards to establish identity, metadata, trust would go a long way. The quality of data could also be a security issue — has it been tampered with, are you being gamed etc. Note that enterprises have varying needs of security around their business data.

Q4. How is the industry dealing with the social and ethical uses of consumer data gathered via Big Data?

Big Data is still nascent and ground rules for handling the information are yet to be established. Privacy issue will be key when companies market to consumers. Organizations are seeking forgiveness rather than permission. Regulatory bodies are getting involved due to consumer pressure. Abuse of power from access to big data is likely to trigger more incentives to attack or embarrass. Note that ‘abuse’ to some is just business to others.

Q5. What lessons from basic data security and cloud security can be implemented in Big Data security?

Security testing is even more vital for Big Data. Limit access to specific devices, not just user credentials. Don’t assume security via obscurity for sensors producing bigdata inputs – they will be targets.

Q6. What are some best practices for securing Big Data? What are orgs doing now and what will organizations be doing 2-3 years from now?

Current best practices include:

  • Treat Big Data as your most valuable asset
  • Encrypt everything by default, proper key management, enforcement of policies, tokenized logs
  • Ask your Cloud and Big Data providers the right questions – ultimately, YOU are responsible for security
  • Assume data needs verification and cleanup before it is used for decisions if you are unable to establish trust with data source

Future best practices:

  • Enterprises treat Information like data today and will respect it as the most valuable asset in the future
  • CIOs will eventually become Chief Officer for Information

Q7. We’re nearing the end of today’s tweet tam. Any last thoughts on Big Data security?

Adrian Lane who participated in the tweet jam will be keynoting at The Open Group Conference in Newport Beach next week and wrote a good best practices paper on securing Big Data.

I have been part of multiple tweet chats specific to security as well as one on Information Optimization. Recently, I also conducted the first Open Group Web Jam internal to The Cloud Work Group.  What I liked about this Big Data Security Tweet Jam is that it brought two key domains together highlighting the intersection points. There was great contribution from subject matter experts forcing participants to think about one domain in the context of the other.

In a way, this post is actually synthesizing valuable information from raw data in the tweet messages – and therefore needs to be secured!

What are your thoughts on the observations made in this tweet jam? What measures are you taking to secure Big Data in your enterprise?

I really enjoyed this tweet jam and would strongly encourage you to actively participate in upcoming tweet jams hosted by The Open Group.  You get to interact with a wide spectrum of knowledgeable practitioners listed in this summary post.

NadhanHP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has more than 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project, and is also the founding co-chair for the Open Group Cloud Computing Governance project. Connect with Nadhan on: Twitter, Facebook, LinkedIn and Journey Blog.

 

2 Comments

Filed under Tweet Jam

Call for Submissions

By Patty Donovan, The Open Group

The Open Group Blog is celebrating its second birthday this month! Over the past few years, our blog posts have tended to cover Open Group activities – conferences, announcements, our lovely members, etc. While several members and Open Group staff serve as regular contributors, we’d like to take this opportunity to invite our community members to share their thoughts and expertise on topics related to The Open Group’s areas of expertise as guest contributors.

Here are a few examples of popular guest blog posts that we’ve received over the past year

Blog posts generally run between 500 and 800 words and address topics relevant to The Open Group workgroups, forums, consortiums and events. Some suggested topics are listed below.

  • ArchiMate®
  • Big Data
  • Business Architecture
  • Cloud Computing
  • Conference recaps
  • DirectNet
  • Enterprise Architecture
  • Enterprise Management
  • Future of Airborne Capability Environment (FACE™)
  • Governing Board Businesses
  • Governing Board Certified Architects
  • Governing Board Certified IT Specialists
  • Identity Management
  • IT Security
  • The Jericho Forum
  • The Open Group Trusted Technology Forum (OTTF)
  • Quantum Lifecycle Management
  • Real-Time Embedded Systems
  • Semantic Interoperability
  • Service-Oriented Architecture
  • TOGAF®

If you have any questions or would like to contribute, please contact opengroup (at) bateman-group.com.

Please note that all content submitted to The Open Group blog is subject to The Open Group approval process. The Open Group reserves the right to deny publication of any contributed works. Anything published shall be copyright of The Open Group.

Patricia Donovan is Vice President, Membership & Events, at The Open Group and a member of its executive management team. In this role she is involved in determining the company’s strategic direction and policy as well as the overall management of that business area. Patricia joined The Open Group in 1988 and has played a key role in the organization’s evolution, development and growth since then. She also oversees the company’s marketing, conferences and member meetings. She is based in the U.S.

1 Comment

Filed under Uncategorized

Build Upon SOA Governance to Realize Cloud Governance

By E.G. Nadhan, HP

The Open Group SOA Governance Framework just became an International Standard available to government and enterprises worldwide. At the same time, I read an insightful post by ZDNet Blogger, Joe McKendrick who states that Cloud and automation drive new growth in SOA governance market. I have always maintained that the fundamentals of Cloud Computing are based upon SOA principles. This brings up the next natural question: Where are we with Cloud Governance?

I co-chair the Open Group project for defining the Cloud Governance framework. Fundamentally, the Cloud Governance framework builds upon The Open Group SOA Governance Framework and provides additional context for Cloud Governance in relation to other governance standards in the industry. We are with Cloud Governance today where we were with SOA Governance a few years back when The Open Group started on the SOA Governance framework project.

McKendrick goes on to say that the tools and methodologies built and stabilized over the past few years for SOA projects are seeing renewed life as enterprises move to the Cloud model. In McKendrick’s words, “it is just a matter of getting the word out.” That may be the case for the SOA governance market. But, is that so for Cloud Governance?

When it comes to Cloud Governance, it is more than just getting the word out. We must make progress in the following areas for Cloud Governance to become real:

  • Sustained adoption. Enterprises must continuously adopt cloud based services balancing it with outsourcing alternatives. This will give more visibility to the real-life use cases where Cloud Governance can be exercised to validate and refine the enabling set of governance models.
  • Framework Definition. Finally, Cloud Governance needs a standard framework to facilitate its adoption. Just like the SOA Governance Framework, the definition of a standard for the Cloud Governance Framework as well as the supporting reference models will pave the way for the consistent adoption of Cloud Governance.

Once these progressions are made, Cloud Governance will be positioned like SOA Governance—and it will then be just a “matter of getting the word out.”

A version of this blog post originally appeared on the Journey through Enterprise IT Services Blog.

HP Distinguished Technologist and Cloud Advisor, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Connect with Nadhan on: Twitter, Facebook, Linkedin and Journey Blog.

1 Comment

Filed under Cloud, Cloud/SOA

Secrets Behind the Rapid Growth of SOA

By E.G. Nadhan, HP

Service Oriented Architecture has been around for more than a decade and has steadily matured over the years with increasing levels of adoption. Cloud computing, a paradigm that is founded upon the fundamental service oriented principles, has fueled SOA’s adoption in recent years. ZDNet blogger Joe McKendrick calls out a survey by Companies and Markets in one of his blog posts – SOA market grew faster than expected.

Some of the statistics from this survey as referenced by McKendrick include:

  • SOA represents a total global market value of $5.518 billion, up from $3.987 billion in 2010 – or a 38% growth.
  • The SOA market in North America is set to grow at a compound annual growth rate (CAGR) of 11.5% through 2014.

So, what are the secrets of the success that SOA seems to be enjoying?  During the past decade, I can recall a few skeptics who were not so sure about SOA’s adoption and growth.  But I believe there are 5 “secrets” behind the success story of SOA that should put such skepticism to rest:

  1. Architecture. Service oriented architectures have greatly facilitated a structured approach to enterprise architecture (EA) at large. Despite debates over the scope of EA and SOA, the fact remains that service orientation is an integral part of the foundational factors considered by the enterprise architect. If anything, it has also acted as a catalyst for giving more visibility to the need for well-defined enterprise architecture to be in place for the current and desired states.
  2. Application. Service orientation has promoted standardized interfaces that have enabled the continued existence of multiple applications in an integrated, cohesive manner. Thanks to a SOA-based approach, integration mechanisms are no longer held hostage to proprietary formats and legacy platforms.
  3. Availability. Software Vendors have taken the initiative to make their functionality available through services. Think about the number of times you have heard a software vendor suggest Web services as their de-facto method for integrating to other systems? Single-click generation of a Web service is a very common feature across most of the software tools used for application development.
  4. Alignment. SOA has greatly facilitated and realized increased alignment from multiple fronts including the following:
    • Business to IT. The definition of application and technology services is really driven by the business need in the form of business services.
    • Application to Infrastructure. SOA strategies for the enterprise have gone beyond the application layer to the infrastructure, resulting in greater alignment between the application being deployed and the supporting infrastructure. Infrastructure services are an integral part of the comprehensive set of services landscape for an enterprise.
    • Platforms and technology. Interfaces between applications are much less dependent on the underlying technologies or platforms, resulting in increased alignment between various platforms and technologies. Interoperability has been taken to new levels across the extended enterprise.
  5. AdoptionSOA has served as the cornerstone for new paradigms like cloud computing. Increased adoption of SOA has also resulted in the evolution of multiple industry standards for SOA and has also led to the evolution of standards for infrastructure services to be provisioned in the cloudStandards do take time to evolve, but when they do, it is a tacit endorsement by the IT industry of the maturity of the underlying phenomenon — in this case, SOA.

Thus, the application of service oriented principles across the enterprise has increased SOA’s adoption spurred by the availability of readily exposed services across all architectural layers resulting in increased alignment between business and IT.

What about you? What factors come to your mind as SOA success secrets? Is your SOA experience in alignment with the statistics from the report McKendrick referenced? I would be interested to know.

Reposted with permission from CIO Magazine.

HP Distinguished Technologist, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Twitter handle @NadhanAtHP.

1 Comment

Filed under Cloud/SOA

The Right Way to Transform to the World of Cloud Computing

By E.G. Nadhan, HP Enterprise Services

There are myriad options available for moving to cloud computing today involving the synthetic realization and integration of different components that enable the overall solution. It is important that the foundational components across the compute, network, storage and facility domains are realized and integrated the right way for enterprises to realize the perceived benefits of moving to the cloud. To that end, this post outlines the key factors to be addressed when embarking on this transformation journey to the cloud:

  • Right Cloud. There are multiple forces at play when the CIOs of today consider moving to the cloud, further complicated by the availability of various deployment models — private, public, hybrid, etc. It is important that enterprises deploy solutions to the right mix of cloud environments. It is not a one-environment-fits-all scenario. Enterprises need to define the criteria that enable the effective determination of the optimal mix of environments that best addresses their scenarios.
  • Right Architecture. While doing so, it is important that there is a common reference architecture across various cloud deployment models that is accommodative of the traditional environments. This needs to be defined factoring in the overall IT strategy for the enterprise in alignment with the business objectives. A common reference architecture addresses the over-arching concepts across the various environments while accommodating nuances specific to each one.
  • Right Services. I discussed in one of my earlier posts that the foundational principles of cloud have evolved from SOA. Thus, it is vital that enterprises have a well-defined SOA strategy in place that includes the identification of services used across the various architectural layers within the enterprise, as well as the services to be availed from external providers.
  • Right Governance. While governance is essential within the enterprise, it needs to be extended to the extra-enterprise that includes the ecosystem of service providers in the cloud. This is especially true if the landscape comprises a healthy mix of various types of cloud environments. Proper governance ensures that the right solutions are deployed to the right environments while addressing key areas of concern like security, data privacy, compliance regulations, etc.
  • Right Standard. Conformance to industry standards is always a prudent approach for any solution — especially for the cloud. The Open Group recently published the first Cloud Computing Technical Standard — Service Oriented Cloud Computing Infrastructure which bears strong consideration in addition to other standards from NIST and other standards bodies.

These factors come together to define the “Right” way of transforming to the cloud. In addition, there are other factors that are unique to the transformation of applications as I outline in the Cloud Computing Transformation Bill of RIghts.

In addition to the publication of the SOCCI standard, the Cloud Work Group within The Open Group is addressing several aspects in this space including the Reference Architecture, Governance and Security.

How is your Transformation to the cloud going? Are there other factors that come to your mind? Please let me know.

HP Distinguished Technologist, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Twitter handle @NadhanAtHP.

1 Comment

Filed under Cloud, Cloud/SOA, Service Oriented Architecture, Standards

Top 5 Tell-tale Signs of SOA Evolving to the Cloud

By E.G. Nadhan, HP Enterprise Services

Rewind two decades and visualize what a forward-thinking prediction would have looked like then —  IT is headed towards a technology agnostic, service-based applications and infrastructure environment, consumed when needed, with usage-based chargeback models in place for elastic resources. A forward thinking tweet would have simply said – IT is headed for the Cloud. These concepts have steadily evolved within applications first with virtualization expediting their evolution within infrastructure across enterprises. Thus, IT has followed an evolutionary pattern over the years forcing enterprises to continuously revisit their overall strategy.

What started as SOA has evolved into the Cloud.  Here are five tell-tale signs:

  • As-a-service model:  Application interfaces being exposed as services in a standardized fashion were the technical foundation to SOA. This concept was slowly but steadily extended to the infrastructure environment leading to IaaS and eventually, [pick a letter of your choice]aaS. Infrastructure components, provisioned as services, had to be taken into account as part of the overall SOA strategy. Given the vital role of IaaS within the Cloud, a holistic SOA enterprise-wide SOA strategy is essential for successful Cloud deployment.
  • Location transparency: Prior to service orientation, applications had to be aware of the logistics of information sources. Service orientation introduced location transparency so that the specifics of the physical location where the services were executed did not matter as much. Extending this paradigm, Cloud leverages the available resources as and when needed for execution of the services provided.
  • Virtualization: Service orientation acted as a catalyst for virtualization of application interfaces wherein the standardization of the interfaces was given more importance than the actual execution of the services. Virtualization was extended to infrastructure components facilitating their rapid provisioning as long as it met the experience expectations of the consumers.
  • Hardware: IaaS provisioning based on virtualization along with the partitioning of existing physical hardware into logically consumable segments resulted in hardware being shared across multiple applications. Cloud extends this notion into a pool of hardware resources being shared across multiple applications.
  • Chargeback: SOA was initially focused on service implementation after which the focus shifted to SOA Governance and SOA Management including the tracking of metrics and chargeback mechanism. Cloud is following a similar model, which is why the challenges of metering and chargeback mechanisms that IT is dealing with in the Cloud are fundamentally similar to monitoring service consumption across the enterprise.

These are my tell-tale signs. I would be very interested to know about practical instances of similar signs on your end.

Figure 1: The Open Group Service Oriented Cloud Computing Infrastructure Technical Standard

It is no surprise that the very first Cloud technical standard published by The Open Group — Service Oriented Cloud Computing Infrastructure – initially started as the Service Oriented Infrastructure (SOI) project within The Open Group SOA Work Group. As its co-chair, I had requested extending SOI into the Open Group Cloud Work Group when it was formed making it a joint project across both work groups. Today, you will see how the SOCCI technical standard calls out the evolution of SOI into SOCCI for the Cloud.

To find out more about the new SOCCI technical standard, please check out: http://www3.opengroup.org/news/press/open-group-publishes-new-standards-soa-and-cloud

 This blog post was originally posted on HP’s Technical Support Services Blog.

HP Distinguished Technologist, E.G.Nadhan has over 25 years of experience in the IT industry across the complete spectrum of selling, delivering and managing enterprise level solutions for HP customers. He is the founding co-chair for The Open Group SOCCI project and is also the founding co-chair for the Open Group Cloud Computing Governance project. Twitter handle @NadhanAtHP.

4 Comments

Filed under Cloud, Cloud/SOA, Service Oriented Architecture, Standards