Does moving core business applications to AWS make sense for your organization? This session covers key business and IT considerations gathered from industry experts and real-world enterprise customers who have chosen to move their mission critical ERP applications to the AWS cloud, resulting in lower costs and better service. This session covers the following: - Insights from industry experts and analysts, who explain how the cloud affects costs from three angles: launch, operations, and long-term infrastructure expense - Review of how time-to-value and cloud launch processes differ from on-premises infrastructure - How AWS offers increased security and reliability over what some enterprises can afford on their own Sponsored by Infor

1. November 12, 2014 Las Vegas NV
ENT202Four Critical Things to Consider When Moving Your Core Business Applications to the Cloud
Pam Murphy, COO, Infor
Jim Plourde, VP Cloud Operations, Infor
Amul Merchant, Senior Director Development Operations, Infor
Jim Hoover, Security Officer, Infor

2. Key topics
Drive innovation as you move to the cloud
Develop a global, enterprise cloud architecture
Migrating existing on-premises applications to AWS
Environmentsecurity and datasecurity

4. 70+%
growth in SaaS bookings
3,108
new customers
25 M
cloud users
73,000
customers around the world
3rdlargest
private
tech company
12,923
employees

5. Architecture
of the
Internet
Cohesive, upgrade-proof
applications
Micro-verticals
suites
Deep, last-mile features for industry subsectors
Beauty
Compelling user interfaces and consumer-grade experiences
Our strategy

6. Drive innovation as youmove to the cloud

7. Building for cloud first
Multi-tenancy
Scalability
High availability
ION integrations
Stateless applications
Supports autoscaling
Zero footprint client
Open-source technology
No local device dependency
No security code scanner findings
Supports health check monitors
Single-instance deployment
No source code changes
Meets patching/upgrade reqs
Successful penetration test

8. s
s
s
EAM XM HCM LMS HRSD PA LTM MRM IQM Collect SCM Financials Supplier Exchange AMSI Automotive Exchange iProcure
Support Professional services Training Certification
Technology partners Channel partners
Regions Availability Zones Content-delivery POPs
Infor Industry CloudSuites
Auto A&D Corporate Business Hospitality HCM Rhythm Fashion F&B Equipment Distribution Healthcare Public Sector
EC2 Auto Scaling Route 53 EBS RDS SQS CloudFormation Cloud Watch Workspaces
ELB VPC S3 Glacier DynamoDB CloudTrail Cloud HSM IAM
Database Shared Storage Document Storage Batch Admin Access Logging File Transfer Monitoring
ION IFS Printing Portal d/EPM/BI/BV Local.ly Motion
AWS services
Infor base services
Infor application services

9. 9

10. 2,600
Customers globally
ISO & IEC
Fully compliant
40+
Applications in
the cloud
10+
Years’ experience
in the cloud
99.9%
Average historical
uptime
25 M Users
Infor CloudSuite™ operations
ISO 27001

11. Cloud customers

12. Develop a global, enterprisecloud architecture

13. s
s
S
EAM XM HCM LMS HRSD PA LTM MRM IQM Collect SCM Financials Supplier Exchange AMSI Automotive Exchange iProcure
Support Professional services Training Certification
Technology partners Channel partners
Regions Availability Zones Content-delivery POPs
Infor Industry CloudSuites
Auto A&D Corporate Business Hospitality HCM Rhythm Fashion F&B Equipment Distribution Healthcare Public Sector
EC2 Auto Scaling Route 53 EBS RDS SQS CloudFormation Cloud Watch Workspaces
ELB VPC S3 Glacier DynamoDB CloudTrail Cloud HSM IAM
Database Shared Storage Document Storage Batch Admin Access Logging File Transfer Monitoring
ION IFS Printing Portal d/EPM/BI/BV Local.ly Motion
AWS services
Infor base services
Infor application services

14. CloudSuite topology
App security group
Database securitygroup
APP SUBNET
AVAILABILITY ZONE A
PUBLIC SUBNET
NAT
ELBs
APPLICATIONSERVERS
DATABASESERVERS
App security group
Database securitygroup
APP SUBNET
AVAILABILITY ZONE B
PUBLIC SUBNET
NAT
ELBs
APPLICATIONSERVERS
DATABASESERVERS
App security group
Database securitygroup
APP SUBNET
AVAILABILITY ZONE C
PUBLIC SUBNET
NAT
ELBs
APPLICATIONSERVERS
DATABASESERVERS
HTTPS
AWS MT cloud region
VPC
VPC
Amazon Virtual Private Cloud peering
Amazon WorkSpaces
Infor Cloud admin users
HTTPS
Amazon Route 53
Customer’s Internet users

15. Critical considerations
Highavailability
Disasterrecovery
Automate everything
Scale wide
Leverage third-party tooling

16. Third-party tooling
PagerDutyPaging
Trend MicroSecurity, IPS, IDS
Boundary Network visibility and diagnostics
Sumo LogicLog aggregation, alerting, and analysis
DynatraceApplication performance monitoring

17. Migrating existing on-premisesapplications to AWS

18. Migration to AWS
Motivations and considerations
•Broader reach
•Business agility and flexibility
•Improved availability
•Improved responsiveness
•Reduced and/or reallocated costs
•Easier mobile access
•Improved security
•Better analytics on application usage
Matching AWS computing characteristics
•Rapid elasticity
•Pay-as-you-go versus install-and-own
•Organization streamlining

19. Assess your applicationsand workloads
Build a businesscase
Developa technical approach
Adopta flexible integration model
Address security and privacy consideration
Managethe migration
Migration roadmap

20. Step one: Assess your applications & workloads Application candidates for migration to AWS
Immediate value
Mobile applications
Applications that are run infrequently but require significant computing resources when they run
Applications that are run in a time zone different from that where your company's IT personnel are located
Development, testing, and prototyping of application changes
Service-oriented architecture (SOA) applications
Value with AWS optimization
•Applications with sensitive data that may require a specific architecture to meet regulatory and legal requirements
•Applications that rely on traditional NAS solutions (SMB/NFS)
•Applications that require frequent and/or voluminous transactions against an on- premises database

21. Step two: Build a business case
Service levels
•Application availability
•Privacy
•Application performance
•Application security
•Regulatory compliance
Business impact
•Revenue impact
•Customer acquisitionor engagement impact
•User satisfaction
•Time-to-market improvements
•Cost of handling peak loads
Cost analysis
•Ongoing cloud services costs
•Cost of developing cloud skills
•Service management
•HR and talent management
•License management
•Application integration
•Application redesign
•Application maintenance and administration
•Application deployment and testing

22. •Lift and shift
•Low effort
•Low skills
•Minimal cloud benefits
•Some efficiency through automation
Step three: Develop a technical approach
Cloud
hosted
Cloud optimized
Cloud
native
•Application modernization
•High effort
•High skills
•Significant cloud benefits
•Significant to complete application rewrite
•High effort
•High skills
•Most significant cloud benefits
Cloud enabled 1.0
Cloud enabled 2.0
Cloud enabled 3.0

23. Cloud scorecard
As of m/d/y
Cloud enablement
Cloud 2.0
Architecture reviewedand approved
Multitenant (commonapps server, separate or single DB)
Scalability (will scale wide for all capabilities with no practical limitations)
High availability(no single point of failure)
Zero footprintclient (HTML interface for all functionality and customer-facing utilities)
Supports automationof tenant lifecycle and other processes
MeetsInfor cloud deployment, patching, and upgrade requirements
Supports health check monitors
No critical security code scanner findings and penetration test performed successfully
Supportscustomization through UI-driven configuration (no source code changes)
Required integration are usingHTTPS/SFTP
No dependencyon server access to local devices (example: printers)
Product supportorganization ready to provide cloud support
Supports Auto Scaling
Cloud 3.0
Minimized/nothird-party royalty costs
Supports scalable open-source database technologies
Applicationis stateless(session information stored externally)
Supports a single-version deployment (upgrades are incremental, rapid, scalable)
Cloud 2.0 score
/ 14
Cloud 3.0 score
0 / 4

24. Step four: Adopt a flexible integration modelTypes of integration
Process (or control) integration
where an application invokes another in order to execute a certain workflow
Dataintegration
where applications share common data, or one application’s output becomes another application’s input
Presentationintegration
where multiple applications present their results simultaneously to a user througha dashboard or mash-up

25. Environment securityand data security

26. Step five: Security requirementsThings to consider
Regulatory/contractual concerns
You vs. cloud provider responsibilities
Layered defenses —design for security
Tools and partners

27. Compliance and regulatory challenges
Frameworks
•Security management
–ISO 27001, CoBiT, NIST, etc.
•Security controls
–ISO 27002, NIST 800-53, etc.
PCI and PHI
Privacy regulations
•Safe Harbor
•EU Data Protection Act
•47 different state privacy laws
•Canadian data controls
Many customers = many framework requirements
Some data types (e.g., PCI, PHI, PII) have specific requirements
Overwhelming number of privacy regulations

28. AWS cloud = shared responsibility
Inforresponsibility
Infor is responsible for the Information Security Management System providing oversight of the implementation, management and monitoring ofthe solution.
AWS responsibility
AWS is responsible for the securityof the infrastructure and foundational services.

29. Architectural layers and compliance
AWS —infrastructure compliance (http://aws.amazon.com/compliance)
Infor CloudSuite—operations and governance
•HIPAA
•SOC1 /SSAE 16/ISAE 3402
•SOC 2
•SOC 3
•PCI DSS level 1
•ISO 27001
•FedRAMP(SM)
•DIACAP and FISMA
•ITAR
•FIPS 140-2
•CSA
•MPAA
•HIPAA
•SOC1 /SSAE 16/ISAE 3402
•ISO 27001
•PCI (selected apps)
•FIPS 140-2 (some instances)
•FedRAMP(future)
•DIACAP and FISMA (future)
•ITAR (future)
•… And growing
Infor CloudSuitesolutions and applications
Compliance to various standards and regulations vary depending upon requirements

30. Defense-in-depth
Network
security
Physical
security
Monitoring
Operations
security
Application
security

31. Design for security
•Understandexactly what data (including what code, since code maybe the confidential asset to protect) will be migrated to the cloud service
•Mapthis data to your security classification.
•Identifywhich information raises privacy concerns, for example, account numbers, dates of birth, addresses, etc.
•Examineapplicable regulations
•Reviewthe cloud providers’ security/privacy measures
•Designhow to authenticate and authorize users

32. When required, the security team leverages numerous other AWS tools
AWS security tools and partners
Log management/SIEM
Host protection with Trend Micro Deep Security
Access management

33. Step six: Manage the migration Migrationprocedure
Deploy the AWS environment
Install and configure the applications
Harden the production environment
Execute a mock migration
Cutover to production AWS

34. Key topics
Drive Innovation as you move to the cloud
Develop a global, enterprise cloud architecture
Migrating existing on-premise applications to AWS
Environment securityand datasecurity

35. http://bit.ly/awsevals