The Rise of Cloud Service Brokerage featuring Gartner and BCBS

Rise of the Cloud Service Broker Role for IT

1

Today’s Agenda

• Gartner Definitions
• Applications for IT as a CSB
• Blue Cross Blue Shield Deployment
• Intel Technology-CSB Enablement Platform
Agenda
• Q&A

Application Security and Identity Products 2

Is Your IT Organization Ready For
The Internal Cloud Services
Brokerage Role?

Benoit Lheureux

This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner audience or other
authorized recipients. This presentation may contain information that is confidential, proprietary or otherwise legally protected, and it may not be further copied,
distributed or publicly displayed without the express written permission of Gartner, Inc. or its affiliates.
© 2012 Gartner, Inc. and/or its affiliates. All rights reserved.

Are You Really Prepared for Hybrid IT?
Cloud Provider 1
Required Skills Cloud Provider 2
Public Cloud
• Provisioning • Customization
e.g., Sales Cloud Provider 3
• Billing • Management Automation
e.g., VMI/
• Support • Backups E-commerce
Cloud Provider 4
• APIs • Security e.g., Contact
Verification

• Migration • DR
• Integration • etc. e.g., HR

Who will manage this?
You manage this

Can you manage this?
Traditional
On-Premises Private Cloud

Definition: Cloud Services Brokerage
Aggregation
Brokerage Distributor *

100%

75%

50% Customization
Definition: Brokerage
CSB is composed of three 25%

primary roles in which an ISV*
intermediary adds value to
one or more cloud services
on behalf of consumers of Providers of CSB compete
those services. on the relative strengths of
Integration the three CSB roles
Brokerage
• Are a brokerage
System You •
Enable brokerage
Integrator* Either • Leverage brokerage

* = Alignment with traditional IT services terminology

Aggregation Brokerage
• Definition
- Delivering two or more (can be many) services
to service consumers, or other service providers
• Characteristics
- Deliver cloud in scale to many customers
- No net new services functionality, per se
- No integration or customization of services
- Many-to-one or one-to-many services delivery Example Providers
IT Distributors, Resellers,
• Capabilities etc.
- Ability to support large-scale cloud provisioning •Ingram Micro
•Insight
- Normalized discovery, access, billing, support •Parallels
- Centralized management, SLAs, security, etc. •Synnex
•Tech Data
• Typical Scenarios CSB Enablers
- IT distribution •Avnet
•AppDirect
• e.g., distributors, resellers and VARs doing cloud provisioning
•FullArmor
- App Stores, marketplaces •Jamcracker
• e.g., telcos, cloud providers, companies provisioning cloud •Verecloud

See "Cloud Services Brokerage Is Dominated by Three Primary Roles," G00226509

Integration Brokerage
• Definition
- Making independent designed services work
together as a combined outcome for consumers
• Characteristics
- Can be IT stack or data/process integration
- Substantial new value through integrated result
- One-to-many, many-to-one, many-to-many
- Increasingly implemented via some form of iPaaS
• Capabilities Example Providers
- Messaging, adapters, translation, orchestration Evolving B2B/EC Providers
•GXS
- Community management (think: LinkedIn for e-commerce) •HubSpan
- Governance (e.g., policy and API management) •IBM (Sterling Commerce)
- Shared services (e.g., management and security) •Liaison Technologies
• Typical Scenarios •SAP (Crossgate)
CSB Enablers
- Cloud-to-cloud integration •Dell (Boomi)
• e.g., synchronizing contacts between Gmail, salesforce.com •IBM (Cast Iron)
- Cloud to on-premises integration •Informatica
•Intel
• e.g., synchronizing order-to-cash between NetSuite, Quickbooks
•Jitterbit
- Traditional supply chain integration •Seeburger
• e.g., for large communities of suppliers, customers, 3PLs, etc.

Customization Brokerage
• Definition
- Altering or adding to the capabilities of a service
to change or improve its function
• Characteristics
- Net new functionality via new, modified services
- Original cloud services can be modified, enhanced
- One-to-many or many-to-one service delivery
• Capabilities
- Modifications (services combined, enhanced, etc.) Example Providers
- Implementation (of new services, applications, BPS Providers
•BlinkHR
processes, user interfaces, master data, etc.) •E2open
- Analytics (messages, services, processes, etc.) •eBuilder
• Typical Scenarios •psHealth
•Wipro
- New and composite applications System Integrators
• e.g., new custom reports on Force.com for salesforce.com CRM •Appirio
- Process or data enhancement •Atlantic Technologies
•Celigo
• e.g., price comparing service for "less than truckload" booking •Infosys
- Business process services •Tieto

• Configurable processes (e.g., VMI, delivered on one-to-many basis)

Hype Cycle for Cloud Services Brokerage
Three primary CSB roles
expectations
Cloud Management Private Cloud leads Internal CSB role
Platforms
Integration PaaS CSB enabling technologies
Private Cloud Computing
Communications Service Providers
as Cloud Services Brokerages Application PaaS
Aggregation Brokerage Packaged Integration and Cloudstreams
CSB Integrated Billing
BPaaS
CSB Single Sign-On
Cloud Services Brokerage
Application Service Governance
Cloud-Based Security Services
Cloud Access Security Brokers Multisourcing Service Integrator

Cloud-Based Multienterprise Processes
Customization Brokerage
Pure-Play CSBs Software as a Service (SaaS)
Integration
IT Distributors as CSBs
Brokerage
Cloud-Based Data Identification
and Enrichment Services Internal CSB Infrastructure as a Service (IaaS)
Traditional IT Services
IT Manufacturers as CSBs Providers as CSBs
Federated Help Desk for CSBs

As of July 2012
Peak of
Technology Trough of Plateau of
Inflated Slope of Enlightenment
Trigger Disillusionment Productivity
Expectations
time
Plateau will be reached in: obsolete
less than 2 years 2 to 5 years 5 to 10 years more than 10 years before plateau

See " Hype Cycle for Cloud Services Brokerage, 2012," G00234256 9

Emergence of Internal CSB Role
Attributes of Internal CSB
• Alternative to third-party CSB role:
- You are "prime contractor"
- Think: cloud-enhanced traditional
IT multisourcing
Maximum Public Cloud • IT responsible for all CSB roles:
Internal CSB - Aggregation
Scope - Integration
- Customization
• Scope of internal CSB role:
- Minimally applies only to private
Private Cloud cloud
- Can also apply to private and
Minimum public (hybrid) cloud
Internal CSB - Can include "broker of broker"
Scope role, for cascaded brokerage
- Can optionally also include
Traditional IT traditional IT assets

How the Internal CSB Role Compares to
Traditional IT Multisourcing Integrator Role
Traditional IT Service Emerging
MSI Role Attributes CSB Role
• Smaller ecosystem • Larger ecosystem
- Up to a dozen Ecosystem - Up to hundreds
• Fewer larger services • More smaller services
- More coarsely grained Granularity - More finely grained
• Fewer SLAs, T&Cs • More SLAs, T&Cs
- Fewer KPIs to track Outcome - More KPIs to track
• Fewer, static providers • More, dynamic providers
- Trust, experience lead Dynamics - Value, innovation lead
• More centralized, simple • More federated, complex
- Manual escalation OK Help Desk - Automated escalation
• Limited use, manual • More usage, automated
- Fewer policies to track Governance - More policies to track
• More control of IT assets • Less control of IT assets
- Assets in one DC Control - Assets across cloud

See "Essential Provider Selection Criteria to Use When Outsourcing the CSB Role," G00230681

When to Consider Internal CSB Role
Consider internal CSB when:
• You would prefer to fund the CSB with capex versus opex.
• An internal CSB will reduce your risk of consuming services.
• You have and/or desire the requisite CSB skills and technology.
• An internal CSB can meet time-to-deployment requirements quickly.
• An internal CSB better meets your internal constituents' needs.
• An internal CSB is mandated by management (e.g., for compliance).
• No viable external CSB is available for your IT project requirements.
• You have a strong desire for centralized, internal control of all IT.
• Your full project life cycle TCO will be lower via an internal CSB.
• Being a CSB is considered a required internal core competency.
See "Predicts 2012: Cloud Services Brokerage Will Bring New Benefits and Planning Challenges," G00227370

The Challenge of Integration Brokerage

Integration Brokerage “Basic” Capabilities:
Intermediation Layer
• Messaging Technology FTP/MFT

AS2
FTP/MFT, MOM, HTTP,
SOAP, Proprietary, …
- For secure, reliable communications of SOAP, REST

RosettaNet,…
SOA services, EDI and very large files
• Adapters
- For "last mile" connectivity to apps, Wrapper Wrapper

trading partners, cloud APIs, etc. App Cloud API

• Transformation
- To translate data and messages
• Orchestration
- To disposition messages, tasks and
events within a process context

For more information, see "SOA Infrastructure Selection Criteria, 2009," G00170722.

Integration Brokerage “Scale” Capabilities:
Application Services Governance

Application Services
Governance =
API Management +
SOA Governance

What cloud service policies are likely to be enforced?
•Security
- User/service/API authentication — Fine-grained/role authorization
•Technical SLAs
- Schema validation — service/API throughput, availability, failover
•Business SLAs
- Approve POs of more than $1,000; give "Gold" customers priority routing; archive
invoices from France; encrypt personally identifiable data

Evidence CSB Role Increasingly Matters

Est. Annual IT Spend on
CSB by 2014 (1): Who will be responsible for
end-to-end delivery of
$100 billion cloud services? (3)

Frequency of search for
CSB on Gartner.com via
“cloud” + “broker” terms (2)

#respondents = 322 for those already using or
planning to use cloud computing or cloud services
within 12 months

1 – See “Examining The Magnitude of the Cloud Services Brokerage Opportunity: Carpe Deim!," – research will publish in two weeks.
2 – See “Search Analytics: Cloud Service Brokerage Enters the Search Scene," – research will publish in two weeks.
16
3 – See “Survey Analysis: Cloud Services Brokerage Playing a Larger Role in the Future of IT Services," G00228550

Recommendations
 Recognize that the "service" in CSB has both business and
technical connotations, with the emphasis on "outcome."
 Interpret CSB role through primary three IT services roles:
Aggregation brokerage
 Integration brokerage
 Customization brokerage
 Use Gartner evaluation criteria to help determine if you
should deploy an internal CSB or use an external CSB.
 Leverage providers of CSB-enabling technology where
appropriate to help enable your internal CSB role

Recommended Gartner Research
 Cloud Services Brokerage Is Dominated by Three
Primary Roles
Daryl Plummer, Benoit Lheureux, Michele Cantara
(G00226509)
 Cool Vendors in Cloud Services Brokerages, 2012
Tiffani Bova, Daryl Plummer and others (G00231938)
 Predicts 2012: Cloud Services Brokerage Will Bring New
Benefits and Planning Challenges
Daryl Plummer, Benoit Lheureux and others (G00227370)
 Essential Provider Selection Criteria to Use When
Outsourcing the CSB Role
Benoit Lheureux, Jim Longwood (G00230681)
 The Role of CSB in the Cloud Services Value Chain
Benoit Lheureux, Daryl Plummer, Tiffani Bova (G00218960)
For more information, stop by Gartner Solution Central or e-mail us at solutioncentral@gartner.com.

BCBSA Mediation
Layer Architecture
August 09, 2012

Presentation at Intel / Gartner Webcast

Plamen Petrov
Chief Enterprise Architect
Blue Cross Blue Shield Association

A presentation of the Blue Cross and Blue Shield Association. All rights reserved.

Blue Plans have been leading the industry for 83 years
The Blue Cross and Blue Shield System consists of
38 independently operated Blue Cross and Blue Shield member companies
, a Federal Employee Program® and an Association, which serves the
collective needs of the Blue Cross and Blue Shield Plans.

Cover 100M people – Blues serve
1 in 3 Americans Nationwide access. Local support. 85% of Fortune
100 Companies

Blue Plans contract with Blue Brand is #1 overall
96% of U.S. hospitals and brand equity in the health
91% of all physicians insurance industry
Blues committed to serving local
communities and national
customers
A presentation of the Blue Cross and Blue Shield Association. All rights reserved. 20
12-131-V

BCBS Plan Members Access Many Services and Data Stores

Local
Plan BCBS Plan Local
Member Hospital

Remote
BCBS Plan

BCBSA

Remote
Hospital
Consumer
Services

Plan Member accesses services
provided by different entities and
data stored in many locations

12-131-V

Service Brokering and Mediation Layer
Services Clients
Architecture
Standards
Governance
Analytics

Blue Plan BluesNet 3rd Party Vendor
Cloud Services VPNs Cloud Services
Internet

Infrastructure Master Data Platform
Services Services Services

BCBSA Mediation Layer
BCBSA
PlanConnexion
Cloud Services
Cloud Services

12-131-V

Mediation Services Platform
Browser or M o b i l e
AuthN /Info R e q u e s t

Medical I n f o r m a t i o n
Service Provider P o r t a l

BCBSA Plan A

Doctor I n f o r m a t i o n
Peer Reviews, A w a r d s
• Web S e r v e r
• Mobile T i e r S e r v ic e s M e d ia tio n a n d
Integration Broker SO A P
JS O N
X M L
BCBS Plan B On-prem 3rd P a r t y
Info P r o v i d e r s

Partner A P I
Flat F i l e
Mgt A P I

Security Brokerage Technology ED I
• SSL Termi n ati o n • Data T r a n s f o r m
• Web S e r v e r • Service M e t e r i ng/Monito r i n g • Protocol Mediati o n
• ID trans l ati o n • Service Routi n g/Ver s i o n i ng
• Mobile T i e r

BCBS Plan C
3rd Party C l o u d
Info P r o v i d e r s

• Web S e r v e r
• Mobile T i e r

Service Mediation and Integration Brokerage
12-131-V

Andy Thurai, Chief Architect, Intel

IT CSB TECHNOLOGY
ENABLEMENT
CONSIDERATIONS
24

Mobile and API Service Growth a Driver for IT CSB

Other Internal CSB Deployments
•Online University
•Healthcare Claims Provider
•SI Delivering Composite Apps
•Telco Service Aggregator

Extended Enterprise

IT CSB
Platform

Private & Public Developer & Partner
Cloud Provider Consumers

*Source ProgrammableWeb
CSB Platforms offer way to automate & scale fine-grain service
brokering for composite and mobile apps used by IT 25

IT’s CSB Platform Simplifies Service Consumption
On-prem Service Service/API Providers
Broker PaaS App Services

Enterprise Departments/Developers
Id & Security
Broker HTTP,
Service 1 REST
Global Apps, IDM,
Middleware
SOAP, JMS, DB, App to Cloud
FTP-any Calls Integration
PII Data SaaS Applications
Tokenization
Service 2

HTTP
REST
JSON
Departments 1-n
Developers & API Mgt
Service Admins Service 3
Partners
Simplified, API
Exposed
Create Standardized
Apps that invoke
aggregated services HTTP,
REST/SOAP/
Orchestrate JSON
VM/Services
Service 4

3rd Party CSBs &
Sharing API Descriptions, Tools, Data Enrich Services
Data
Integration
Dev Community Service 5
REST
API Portal

26

Service Gateway Fast Path to Operating as a CSB

Vendor Mgt- Contracts, SLA, Tracking
Responsibilities Monitor Security Standards & Policies
& Enablement Tools
Dev Support & Disaster Recovery
IT CSB Operator
Value Added Custom “Glue” Code

• Consistent policy enforcement for integration, COTs Core
security, compliance across departments CSB Platform

Monetization/Charge Back App Service Gov & Security, Access, Developer Community
Integration Compliance
• Meter usage • • Configuration not code
API management • Edge threat protection
• Throttle per SLAs • • Discovery of aggregated
Policy creation & exe • Data Loss Protection services from IT
• API Analytics • Legacy & SOA integration • Federated ID Brokering • Meta data
• Orchestrate & transform • PCI PII Data Tokenization
• Protocol translation

Move from Line of Business to “Enterprise
Controlled Consumption of Cloud Services 27

Security is Central for IT to Consume and Expose APIs

Trust - API Access Control Threat - Perimeter Defense

IdM
• Denial of Service Protection: Via app
security proxies and gateway capabilities
• Authentication: Enabled through
SSL/TLS, OAuth, SAML, Shared Secret • Code Injection: Via pattern-based
Mechanisms, Custom API Keys, Digital scanning of SQL Injection, XSS, XML
Signature/PKI processing, Database threats, XPath injection
authentication rules • Malware Detection: Via heuristics that
detect malware behavior
• Authorization: Enabled through XACML, • A/V Scanning: Via signature based
authorization decision points, coded in scanning of MIME attachments
policies, custom built rules
• Data Leak Prevention: Via network DLP
scanning for API calls

CSB platforms deliver these capabilities. Standards
based and independently certified 28

More: www.cloudsecurity.intel.com

White Paper Webinars
CSB Research & Case Study
On-demand

• NIST & CSA CSB
• API Management
with ProgrammableWeb
• API DLP Security
• Meet Cloud API

29

The Rise of Cloud Service Brokerage featuring Gartner and BCBS

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie The Rise of Cloud Service Brokerage featuring Gartner and BCBS

Ähnlich wie The Rise of Cloud Service Brokerage featuring Gartner and BCBS (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

The Rise of Cloud Service Brokerage featuring Gartner and BCBS

Hinweis der Redaktion