4. Emotional vs Factual
• Fear, Uncertainty and Doubt
• Increased Effort
– Evaluation
– Negotiation
– Integration
– Implementation
• Reduce CAPEX benefits
Plan early, think objectively
24/01/2013 John Rhoton – 2013 4
5. Status
• Startups start with cloud
– Small, no legacy, unpredictable growth
• Enterprise
– Short term: Dev/test, Collaboration, Security,
New outbound services
– Long term: Private-> Hybrid -> Public
24/01/2013 John Rhoton – 2013 5
9. Barriers
• Data leakage
• Data loss
• Vendor lock-in
• Service loss
• Compliance
24/01/2013 John Rhoton – 2013 9
10. Risk Treatment
High
Probability
Eliminate
Resilience
Business
Continuity
Low Probability
Low Impact High Impact
24/01/2013 John Rhoton – 2013 10
11. Risk Mitigation Options
Data Leakage Provider Assessment
Data Loss Contract Negotiation
Service Loss Encryption
Service Impairment Additional Backup
Lock-In Standardization
Damaged Reputation Multi-sourcing
24/01/2013 John Rhoton – 2013 11
12. Shifting Trust
Employees
Contractors
• Personal observation
Segmenta(on
• Personal experience
• Insight Access
controls
Partners
Suppliers
Auditors
• Public verification
• Contracts Public
Scru:ny
Encryp(on
• Compensation Access
controls
Experts
Legal
Counsel
Adapt Corporate Culture
24/01/2013 John Rhoton – 2013 12
14. Compliance
Global Internet versus National Laws
Enforce Logical Barriers
24/01/2013 John Rhoton – 2013 14
15. Identity Federation
Identity challenges
• Password
proliferation
• Weak
authentication
• Support costs
• User
productivity
Implement Identity Standards (SAML, SCIM)
24/01/2013 John Rhoton – 2013 15
16. Confidentiality
• Data Governance
– Data loss prevention
• Compartmentalization
• Encryption
Classify data, Select and Combine Options
24/01/2013 John Rhoton – 2013 16
18. Business Continuity
• Cold Site
• Warm Site
• Hot Site
• Double-Active
Multi-dimensional redundancy is critical
24/01/2013 John Rhoton – 2013 18
19. Lock-in vs. Cloud Stacks
Proprietary Proprietary Open Consortium
Hardware Software Source Driven
Balance ease with flexibility
24/01/2013 John Rhoton – 2013 19
20. Summary
• Private cloud is the starting point
• Public cloud is the final destination
• Multiple stages of hybrid cloud in between
• Security challenges real but addressable
• Redundancy is critical for availability
24/01/2013 John Rhoton – 2013 20
21. Contact Details
Feel free to reach out to me at: Contact Beamap:
rhoton@gmail.com Patrick Joubert
+43 699 18662050 Directeur Associé
linkedin/in/rhoton patrick.joubert@beamap.fr
+33 6 64 16 75 20
or look me up at:
amazon.com/author/rhoton
slideshare.net/rhoton
www.beamap.fr
24/01/2013 John Rhoton – 2013 21