Halim Cho, Director of Product Marketing, Covisint
The rapid adoption of cloud-based services and the increasingly compelling business advantages of a hybrid cloud strategy are presenting IT with new and unforeseen challenges around ITSM. In this session, Halim Cho will discuss these trends, technologies and challenges, plus he’ll share his thoughts on how identity bridges can help transform ITSM in a hybrid cloud environment. His presentation will cover three main topics:
1. The challenges: an overview of the most common architectural patterns seen in cloud adoption and the technical and operational challenges that each pattern raises.
2. The future: technical and operational reasons why the hybrid cloud is the most likely path enterprises will take.
3. The technology: a technical overview of the top technologies that identity bridges will be required to manage and integrate in order to meet the ITSM challenges of hybrid cloud adoption.
Apidays New York 2024 - The value of a flexible API Management solution for O...
CIS13: Cloud, Identity Bridges, and ITSM: Three is Not a Crowd
1. Halim Cho, Director, Product Marketing
Cloud, Identity Bridges, and
ITSM: Three is Not a Crowd
2. Covisint Overview
• Cloud platform enabling organizations with complex business relationships to streamline
and automate external mission-critical business processes.
• Driven by the requirements for cloud computing and new models for organizations to
engage with their customers, business partners and suppliers.
• Established leadership in the automotive and healthcare verticals – now expanding
across multiple business segments.
• Robust platform-as-a-service (PaaS) solution proven with large scale industry
deployments.
• Differentiated technologies in cloud-based identity management, integration and
presentation.
“Covisint has been a visionary
in leveraging the Cloud”
“Covisint is a Cloud
Computing Pioneer”
“In a league of their own with
no direct competitors”
3. Covisint Evolution
20112010200920082007200620052004200320022001
Compuware
acquires
Covisint
Deploys platform
in healthcare
industry
2000
BORN: $500M investment in core
platform
CONSORTIUM: GM, Ford, Chrysler,
Nissan, Renault and Peugeot
Adds APAC Office:
Shanghai, China
Deploys platform in oil
& gas industry
Deploys platform across
global automotive supply
chain – largest B2B
exchange in world
Platform
positioned
strategically to
capitalize on cloud
computing surge
Continual investment in core
platform – enhancing IDM
capabilities, and implementing mobile
and analytic technologies –
continuous modernization of platform
2012
BORN OF THE BUBBLE LEADER IN THE CLOUD
2013
Over 13 Years of Innovation and Investment
4. Topics
• The challenges ITSM is currently facing due to the rapid
adoption of cloud-based services.
• Why Hybrid Cloud will be with us for the foreseeable
future.
• What technologies Identity Bridges must have to aid the
transition of ITSM to the Hybrid future.
6. Factors shaping IDaaS and cloud
Changes in
financial models
Changes in
business models
Changes in technology
Changes in IT roles
Changes in the workforce Changes in society
Changes in operations
IAM and Cloud
8. What is ITSM?
Five different lifecycles ranging
from real time to multiple years
Service Operation
Service
Transition
Continual
Improvement
Service Strategy Service Design
9. Changes in business models
Technology integration drives new business models.
MOBILE MANUFACTURING HEALTH
INSURANCE
NFC payments
Square
Manufacturing
as a service
Pricing based
on behavior
10. Changes in technology
2005 2010 2013 2014 202020152011 2012
350M ENTERPRISE USERS IN
MOBILE CLOUD3
8.7B Internet connected
devices2
Revised to 12.5B in 20134
50B “Things” connected to
the Internet4
Human kind creates 150
exabytes of data1
150M ENTERPRISE USERS IN
MOBILE CLOUD3
1) “The data deluge: Businesses, governments and society are only starting to tap its vast potential,” The Economist, Feb. 25, 2010.
http://www.economist.com/node/15579717
2) Cisco, “The Internet of Things: How the Next Evolution of the Internet is Changing Everything” 2011-04
3) Juniper Research, “Mobile Security ~ Safe and Secure Devices” 2012-08-06
4) Cisco, “The Internet of Things” http://share.cisco.com/internet-of-things.html 2013-07-01
11. Changes in workforce
• Social media and consumerization of IT.
– Instant connections to customers, partners & employees.
– End users select technology for business-critical devices.
• Everything as a service.
14. Cloud brings gray skies
• Despite the advantages of going to Cloud applications and
platforms, there are some disadvantages in that some changes
must take place:
• Capacity Management.
• How are costs calculated?
• Change Management process.
• Does the CSP need to include customers?
• Support.
• Will this be transparent to your customer or will you be leveraging a cloud based
service for Level 1?
• What changes for your Level1 support model?
• Do their contact points change?
• Do they have access to any new tools?
• How will they escalate?
• Security Management.
• How will the cloud impact your process of command and control.
• Notification.
• Event correlation.
• Tracking.
17. Cloud is a driver of IT transformation
Focus on transformation
(As-Is)
Current state
Focus on Optimization
(do better what we do)
STRATEGIC DIMENSION
TACTICAL DIMENSION
AUTOMATION
CONSOLIDATE
MODULARIZE
STANDARDIZE
Bringing it together
• Efficiency
• Quality
• Speed
SERVICE TRANSFORMATION
(increase flexibility, ability to adapt)
(TO-BE) FUTURE STATE
SIMPLIFY
18. Enterprise IT was provider of services
CUSTOMERS MOBILE COLLABORATION NEW BUSINESS MODELS
ENTERPRISE IT CUSTOMERS
EMPLOYEES
BUSINESS
PARTNERS
SUPPLIERS
APPLICATIONS
DATA
19. Enterprise IT is now a broker of services
THE EXTENDED ENTERPRISE
CUSTOMERS MOBILE CUSTOMER INTIMACY NEW BUSINESS MODELS
CUSTOMERS
EMPLOYEES
BUSINESS
PARTNERS
SUPPLIERS
APPLICATIONSDATA
20. NIST definition of SaaS
“The capability provided to the consumer is to use the
provider’s applications running on a cloud infrastructure.
The applications are accessible from various client devices
through a thin client interface such as a web browser (e.g.,
web-based email).
The consumer does not manage or control the
underlying cloud infrastructure including network,
servers, operating systems, storage, or even individual
application capabilities…
with the possible exception of limited user-specific
application configuration settings.”
21. Traditional Public/Private or Hybrid
Enterprise
Data Centers
Enterprise #1
Traditional IT & Public Cloud
BO/HO
EXTERNAL
Public Cloud
SaaS Engines
Virtualized Apps
SAP cluster
Hosted UC
Virtual Desktop
INTERNAL
Hybrid
Cloud
Extending Private
Resources
#1
SaaS
Access
Leasing Public
Resources
#3
Virtual Private
Cloud
#3
#3
Private Cloud
#2
Enterprise #2
Private Cloud
Enterprise #3
Hybrid Cloud
Cloud Aware
Network
BO/HO Enterprise
VPN
BO/HO Enterprise
VPN
22. The issues involved
• Control.
– Compliance.
– Privacy.
• Planning.
– Cannot use traditional “Build what I design” approach.
• Predictability.
– Newness of Cloud prevents clarity of demand and
consumption, which is a limiter of adoption due to financial
unpredictability.
• Portability.
– Data portability.
– SLAs and vendor lock-in.
23. 100% Cloud is not feasible, for now…
• Enterprises are going to keep their “systems of record”
within their four walls (either virtual or physical).
• The authoritative sources of critical or private information
can reside in the cloud for maximum extensibility to other
SaaS or cloud services.
26. What is this?
• An on-premises physical or virtual appliance
• Enables users, applications and identity services across
the hybrid cloud
• Can be unidirectional or bidirectional:
– To the cloud (outbound)
– From the cloud (inbound)
- Mark Diodati,
“Identity Bridges: Uniting Users and Applications Across the Hybrid Cloud” 2012-06-22
27. Some additional qualities
• Externalization of enterprise IDs.
• Externalization of authorization.
• Open standards.
– Communication to the cloud should be non-proprietary.
• Extensible.
– Should be able to support multiple standards easily.
– Should be able to bind to multiple types of user registries
and sources of authorization.
• Should provide open API interfaces for integration with
on-premise ITSM tools.
28. Why these qualities?
• Externalization of enterprise IDs.
– This makes SaaS more consumable since IDaaS becomes
the Cloud user registry.
29. Why these qualities?
• Externalization of authorization.
– This externalizes enterprise authorization decisions and
allows reduction of risk in ITIL service management terms.
30. Why these qualities?
• Open standards.
– Communication to the cloud should be non-proprietary.
• This ensures Cloud portability to facilitate risk reduction in
terms of SLA management.
31. Why these qualities?
• Extensible.
– Should be able to support multiple standards easily
• No one has a crystal ball so any standard, may or may not
gain traction.
– Should be able to bind to multiple types of user registries
and sources of authorization.
• Your ITSM planning may determine that user provisioning is
not going to occur from Active Directory, but another user
kind of user registry.
32. Why these qualities?
• Should provide open API interfaces for integration with
on-premise ITSM tools.
– The Identity Bridge is a bridge for ITSM processes and
your on-premise ITSM tools need somewhere to integrate
with the Cloud service.
– Open APIs can also be used for performance and SLA
monitoring of the IDaaS.
– This is particularly true if your IDaaS is the hub for your
SaaS management strategy.
33. Identity Bridges and ITIL service strategy
• Portfolio Management.
– IDaaS is key to adoption of SaaS since it provides for
Security management in terms of externalizing
authorization and enterprise identity.
– IDaaS with an Identity Bridge becomes the common
central repository during the Hybrid phase of cloud
adoption, which paves the way for full Cloud adoption.
34. Identity Bridges and ITIL service strategy
• Demand Management.
– Identity Bridges ensure that enterprise ID counts and cloud
ID counts are in lock step.
– Prevents orphan accounts from running up the bill.
– IDaaS, and hence other SaaS apps, become the “relying
party” of enterprise ITSM practices.
35. Identity Bridges and ITIL service strategy
• Financial Management.
– Identity Bridges, as part of an intelligent IDaaS
implementation, provides an external hub for integration
and adoption of other Cloud services.
– Reduces costs by removing an external service delivery
agent for each additional Cloud service.
36. NIST definition of Hybrid cloud
“The cloud infrastructure is a composition of two or more
clouds (private, community, or public) that remain unique
entities…
but are bound together by standardized or proprietary
technology…
that enables data and application portability (e.g., cloud
bursting for load-balancing
between clouds).”
37. “bound together…”
• Allows Enterprise IT to extend control to the SaaS
model.
• Allows Enterprise IT to centrally manage SLAs to
provision users (internal or external) to on-prem and
SaaS services.
• Aids in moving Enterprise IT to transition to a service-
centric, next-generation model of service management.
• Moves to extend service request lifecycle to include
SaaS services.
• Helps Enterprise IT mature service operations in terms of
optimum usage of available resources and services.
38. Hybrid concept with Identity Bridge
SaaS
PaaS
IaaS
XaaS
DATA
ENTERPRISE IT CLOUD SERVICES
ID BRIDGE