Enabling the New IT Org
Today’s technology leaders recognize that the cloud is disrupting the way in which they collaborate and deliver technology solutions throughout their enterprise. In this session, experienced and emerging leadership teams will learn how companies are leveraging the cloud to reimagine the traditional people, process, and technology alignment model. Attendees will be presented with key considerations to better enable the alignment of executives, developers, system administrators, and end users with the objective of increasing business value, agility, and innovation.
3. Strategies Enterprises Are Using on AWS…
Development & Testing
New Workloads
Supplement Existing Workloads with the Cloud
Supplement Workloads with Existing On-Premises Infrastructure
Migrating Existing Applications
Data Center Migration
All-in – IT Entirely in the Cloud
1
2
3
4
5
6
7
8. 150K hosted per night 15M guests 1,300 EC2 instances
“We have a 5 person operations team.”
“AWS allows us to devote our resources and mindshare to the core business.”
9. Forces Driving New Resource Models
Increasing Uncertainty
Limited Access to Capital
Growing Abundance
Intensifying Competition
Growing Power of Customers
Decreasing Brand Loyalty
10. Key Benefits of New Resource Models
Acquire Resources On Demand
Release Resources When No Longer
Needed
Pay For What You Use
Turn Fixed Costs Into Variable
Leverage Other’s Core Competencies
11. Enterprises Are Accelerating Time to Market with AWS
Credit-risk
simulation
application
Development & test
environments
Migrated 500 web
properties to AWS in
5 months
Clinical trial
simulations
Decreased
the average
processing time
from 23 hours to
20 minutes
Development and
test seats access
time reduces from
week to 1 day
New product
websites from 2
weeks to 2 days
Simulations time
reduced from 60
hours to 1.2 hours
14. Gartner “Magic Quadrant for Cloud Infrastructure as a Service,” Lydia Leong, Douglas
Toombs, Bob Gill, Gregor Petri, Tiny Haynes, May 28, 2014. This Magic Quadrant graphic
was published by Gartner, Inc. as part of a larger research note and should be evaluated in
the context of the entire report. The Gartner report is available at
http://aws.amazon.com/resources/analyst-reports/. Gartner does not endorse any vendor,
product or service depicted in its research publications, and does not advise technology users
to select only those vendors with the highest ratings. Gartner research publications consist of
the opinions of Gartner's research organization and should not be construed as statements of
fact. Gartner disclaims all warranties, expressed or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purpose.
2014 Magic Quadrant for
Cloud Infrastructure as a Service
19. AWS Private Compute Capabilities
Choose the right level of compute isolation for every workload
Fine grained access roles and
groups
Software-defined network
isolation
Physical isolation
Identity & Access Management
(IAM)
EC2 in a VPC Dedicated Instances
20. AWS Private Storage Capabilities
Amazon S3 Amazon EBS Amazon CloudHSM AWS Direct
Connect
Choose the right level of storage isolation for every workload
Encrypted object
storage
Encrypted block
storage
Private encryption
key management
Single-tenet block
storage
21. AWS Governance
Fine-grained access control over data and resources
Control over regional replication Policies, resource level
permissions, temporary
credentials
In-depth audits
Geographic data locality Fine-grained access control AWS CloudTrail
23. Comprehensive Security Capabilities, Validated by Experts
Customer
Ecosystem
Partner
Ecosystem
Every Customer
Benefits
Physical
Security
People &
Procedures
Network
Security
Platform
Security
24. Which Is The Better Path?
Spend millions to create a
circa-2010 AWS clone that is
largely frozen in time
Satisfy your isolation requirements
No upfront costs
Economies of scale
100s of new features & services a year
26. Many Enterprises Worry That There Are Only Two Choices
Build a
“private” cloud
Rip and replace
with AWS
# 1 # 2
27. But, The Cloud Isn’t An All-or-Nothing Choice
On-Premises
Resources
Cloud
Resources
Integration
(“Hybrid”)
Corporate
Data Centers
28. AWS Enables Hybrid Architectures
Integrated
Networking
Integrated Access
Control
Integrated
Cloud Backups
Integrated
Management
Integrate cloud services with your on-premises resources
29. Use Cloud to Make Existing On-Premises Applications Better
Big Data Analytics Oracle Databases Big Data Analytics
Export operational
data to AWS for
analytics processing
Automated backup
to Amazon S3 with
Oracle RMAN
50% lower costs
with 2x faster
queries using
Amazon Redshift
30. New Cloud Apps that Integrate Back to On-Premises Systems
Corporate
Data Centers
Hybrid
App
AWS serves up
application content &
data
Integration back to
Samsung Data
Centers for financial
transactions
32. Amazon WorkSpaces
Delivering on the promise
of desktop virtualization
Infrastructure &
administration tools
End user desktop and
mobile applications
SPEAKER NOTES
We launched this business eight years ago, and the functionality added between then and now is night and day
A question that we get asked quite a bit, is how are enterprises thinking about the cloud now, in 2014?
There are about seven strategies that we see frequently
SPEAKER NOTES
We are seeing enterprise adopt AWS in a variety of ways, ranging from test and development to enterprises going all-in on AWS.
SPEAKER NOTES
If you ask enterprise why they are using AWS, regardless of the workload, they have a very clear answer.
SPEAKER NOTES
The number one factor is increased agility
SPEAKER NOTES
Agility matters because we’re already seeing established business areas be significantly disrupted by “born in the cloud” companies that are growing to enterprise-scale extremely fast
These companies are focused solely on building better products for their customers
SPEAKER NOTES
You have an organization like Airbnb coming out of nowhere and producing numbers that the traditional hotel chains would kill for…
SPEAKER NOTES
Enterprises can’t afford to be slow; 6 to 25 week procurement timelines just to experiment are no longer sustainable for the pace of business.
Anyone that does a lot of invention will tell you, you need to two things… 1) the ability to try a lot of experiments, and 2) the ability to fail fast and move on
SPEAKER NOTES
First, why is agility such a problem?
Bigger economic challenges happening that drive new resource models
Abundance of products in the market
Increasing competition
Increasing power of the customer to choose exactly what they want
Decreasing brand loyalty; today’s customers are less likely than ever to still be customers tomorrow
SPEAKER NOTES
In a world with limited capital, you need new resource models to be able to deal with uncertainty
Acquire what you need, when you need it, and release it immediately when no longer needed
Pay only for what you use
Benefit from the core competencies of others to focus better on your own
These are principles that apply universally across our businesses today.
For example, in HR, you would hire more people when you need them and may release them when they are no longer required. You hire for particular core competencies to ensure maximum output for a job role.
The success of cloud and AWS is driven mostly by providing a resource model that aligns to what the economy needs, instead of just the next step in technology.
If this were just evolutionary, cloud wouldn’t be this big. But, this is revolutionary, because it allows businesses to innovate and execute faster than ever before.
SPEAKER NOTES
Cloud computing is no longer simply about acquiring raw compute, storage, and networking on demand.
Over the past eight years, AWS has introduced 35 discrete services and released over 950 new features. This year alone, we’ve had over 300 releases.
It is this pace of innovation to constantly expand the breadth and depth of capability that allows AWS to handle a broad array of production scenarios.
SPEAKER NOTES
AWS has been located in the Leader’s quadrant every year since Gartner began the Cloud IaaS MQ four years ago.
Gartner stated that AWS has more than five times the compute capacity in use than the aggregate total of the other fourteen providers in this Magic Quadrant.
Gartner identified AWS as the provider most commonly selected for strategic adoption.
Gartner recommends clients use AWS for all evaluated use cases, including enterprise applications, cloud-native applications, batch computing, e-business hosting, general business applications, and test and development.
Notably, AWS is the only “Leader” recommended for enterprise applications.
SPEAKER NOTES
If you talk to the technology analyst firms, and when we talk to customers, what we find is that the companies that have built private implementations haven’t been so satisfied with the results of what they’ve built so far.
They fall short of the core requirements for cloud: self-service, full automation, tracking and monitoring.
A better question to ask rather than should something be on-premise or in the cloud, is what requirements are you trying to satisfy? A private cloud is not necessarily on-premises…
SPEAKER NOTES
When we talk with customers who have gone on the on-premises route and found it wanting, we ask “what do you think you need that cloud doesn’t provide?”
We typically hear something along the lines of private network, private servers, private storage, strong encryption, and robust management and governance.
The good news is, AWS provides all of these things today.
SPEAKER NOTES
By default, Amazon Virtual Private Cloud creates your instances in a virtual private cloud to provide you with a logically isolated section of the AWS Cloud.
Within the VPC, you maintain complete control over the network configuration. You can even integrate the VPC with your existing network and treat AWS an extension of your existing datacenter.
Additionally, AWS provides the ability to acquire a dedicated, private connection between your datacenter and AWS.
Direct Connect can reduce costs, increase throughput, and provide a more consistent experience than Internet-based connections.
SPEAKER NOTES
Depending on your needs, stages of isolation can be achieved with a username and password, a software-defined network, and dedicated instances for isolation at the hardware level.
Identity and Access Management allows you to implement fine-grained access roles and groups for every workload.
Amazon EC2 works in conjunction with Amazon VPC to provide security and robust networking functionality for your compute resources.
If physical isolation is required, Dedicated Instances let you take full advantage of the benefits of Amazon VPC and the AWS cloud – on-demand elastic provisioning; pay only for what you use; and a private, isolated virtual network, all while ensuring that your Amazon EC2 compute instances will be isolated at the hardware level.
SPEAKER NOTES
Data security is fundamentally important for enterprise workloads, and AWS provides a wide assortment of private storage options.
Designed for 99.999999999% durability and 99.99% availability of objects over a given year, Amazon S3 provides a highly durable storage infrastructure designed for mission-critical and primary data storage.
Amazon S3 supports multiple access control mechanisms, as well as encryption for both secure transit and secure storage on disk.
Amazon EBS provides persistent block level storage volumes for use with Amazon EC2 instances.
Amazon EBS supports running encrypted file systems to protect your application data on Amazon EC2. Additionally, access to Amazon EBS volumes is integrated with AWS IAM to enable role-based access control, and it can even be made single-tenet with dedicated instances
For enterprises with enhanced corporate, contractual, and regulatory compliance requirements, AWS CloudHSM can provide dedicated Hardware Security Module appliances within the AWS Cloud. You can securely generate, store, and manage the cryptographic keys used for data encryption such that they are accessible only by you.
SPEAKER NOTES
You must assign a geographic location for all data on AWS, and it will only move from that geo when you actively change it.
AWS IAM can manage users (federated and non-federated) and their access, as well as roles and permissions across most AWS services.
If you already use a SAML 2.0 supported corporate directory, such as Microsoft Active Directory, AWS is able integrate with it and extend your existing directory into the cloud.
AWS CloudTrail is a fully managed service that enables granular security analysis, resource change tracking, operational troubleshooting, and compliance auditing.
You can answer questions such as, what actions did a given user take over a given time period? For a given resource, which user has taken actions on it over a given time period? What is the source IP address of a given activity? Which activities failed due to inadequate permissions?
SPEAKER NOTES
The security of AWS is underpinned by rock solid physical, network, and platform capabilities; augmented with industry leading people and procedures to maintain the highest levels of internal and external security
A strong customer ecosystem provides constant assessment and validation of the AWS platform
Our partner ecosystem of security providers means that you can continue to use many of tools you use today.
Each enhancement and identified best practice raises the bar for security for every customer on the platform.
SPEAKER NOTES
So, which is the better path? Spend millions for a fixed environment that mirrors the capability of AWS four years ago, or architect a private environment on AWS that improves in real-time and provides the flexibility and cost benefits of the cloud?
SPEAKER NOTES
Many customers worry that a significant investment in cloud presents a binary decision.
SPEAKER NOTES
But it isn’t. We know you have resources you aren’t ready to retire yet, so we want to provide you with the opportunity to more seamlessly run those on-premise resources along with AWS
SPEAKER NOTES
On the networking side we talk about VPC and Direct Connect.
You have access controls, so identities don’t have to create all their own brand new set of identities in the cloud, they can use Active Directory or Samo 2.0 to use those identities in AWS.
We have lots of integrated storage capabilities. An example would be our storage gateway that effectively is a virtual appliance that allows companies to store the hot objects on premise, and then all the rest of the data is asynchronously uploaded to AWS and stored in a format where if you want to spin up EC2 instances to do processing or compute on top of it, it’s easy to do so.
And then we’re working with a number of our ecosystem partners to provide a single pane of glass so you can see your on premise and AWS footprints in one screen
SPEAKER NOTES
To sum up, AWS has developed the broadest collection of services available from any cloud provider.
Our approach to regions, availability zones, and POPs provides global coverage for high availability, low latency applications.
Foundation services across compute, storage, security, and networking offer customers flexibility in their architecture. We have a full spectrum of options to meet most price-to-performance scenarios.
We offer the capability for both managed and unmanaged database options.
The offerings for Analytics and Application Services enable advanced data processing and workloads.
AWS Redshift, our cloud-based data warehouse, is the fastest growing service in the history of AWS.
Our management tools offer a lot of insight and flexibility to let you manage your AWS resources through either our tools or the management tools you’re already familiar with.
Recent expansion into enterprise applications has been entirely driven by customer feedback on where they’d like us to deliver value.
SPEAKER NOTES
I’d like to touch on that last area in more detail, because two very interesting services have launched here in the last few months.
First is Amazon WorkSpaces, delivering cloud-based desktop virtualization
SPEAKER NOTES
Second, is Amazon Zocalo
Secure document storage and collaboration built with an enterprise-first mindset