AWS and Unisys Join Forces To Help Accelerate and Secure The Rapid Move to Cloud
1. Page 1 of 12
AWS and Unisys Join Forces
To Help Accelerate and Secure
The Rapid Move to Cloud
A discussion on cloud adoption best practices that help businesses cut total costs, manage
operations remotely, and scale operations up and down.
Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and
Amazon Web Services.
Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions and
you’re listening to BriefingsDirect.
A powerful and unique set of circumstances are combining in mid-2020 to make safe
and rapid cloud adoption more urgent and easier than ever.
Dealing with the novel coronavirus pandemic has pushed businesses to not only seek
flexible IT hosting models, but to accommodate flexible work, hasten applications’
transformation and improve overall security while doing so.
This BriefingsDirect cloud adoption best practices discussion examines how businesses
plan to further use cloud models to cut costs, manage operations remotely, and gain
added capability to scale their operations up and down.
To learn more about the latest on-ramps to secure an agile cloud adoption, please join
me now in welcoming our guests, Anupam Sahai, Vice President and Cloud Chief
Technology Officer at Unisys. Welcome, Anupam.
Anupam Sahai: Thank you, Dana. It’s good to be here.
Gardner: We’re also joined by Ryan Vanderwerf, Partner
Solutions Architect at Amazon Web Services (AWS).
Welcome, Ryan.
Ryan Vanderwerf: Hi, Dana. Glad to join.
Gardner: Anupam, why is going to the public cloud an
attractive option more now than ever?
Sahai: There are multiple driving factors leading to these
tectonic shifts. One is that the whole IT infrastructure is
moving to the cloud for a variety of business and
Sahai
2. Page 2 of 12
technology reasons. And then, as a result, the entire application infrastructure -- along
with the underlying application services infrastructure -- is also moving to the cloud.
The reason is very simple because of what cloud brings to the table. It brings a lot of
capabilities, such as providing scalability in a cost-effective manner. It makes IT and
applications behave as a utility and obviates the need for every company to host local
infrastructure, which otherwise becomes a huge operations and management challenge.
So, a number of business and technological factors, along with the COVID-19 pandemic
situation, which essentially makes us work remotely, and having cloud-based services
and applications available as a utility makes them easy to consume and use.
Public cloud on everyone’s horizon
Gardner: Ryan, have you seen in your practice over the past several months more
willingness to bring more apps into the public cloud? Are we seeing more migration to
the cloud?
Vanderwerf: We’ve definitely had a huge uptick in
migration. As people can’t be in an office, things like
workspaces and doing remote desktops, have also seen
a huge increase. People are trying to find ways to be
elastic, cost-efficient, and make sure they’re not spending
too much money.
Following up on what Anupam said, the reasons people
are moving in the cloud haven’t changed. They have just
been accelerated because they need agility and to
speed-up access to the resources they need. They need
cost savings by not having to maintain data centers by
themselves.
By being more elastic, they can provision only for what they’re using and not have stuff
running and costing money when you don’t need to. They can also deploy globally in
minutes, which is a big deal across many regions, and allows people to innovate faster.
And right now, there’s a need to innovate faster, get more revenue, and cut costs –
especially in times where fluctuation in demand goes up and down. You have to be
ready for it.
Gardner: Yes, I recently spoke with a CIO who said that when the pandemic hit, they
had to adjust workloads and move many from a certain set of apps that they weren’t
going to be using as much to a whole other set that they were going to be using a lot
more. And if it weren’t for the cloud, they just never would have been able to do that. So
agility saved them a tremendous amount of hurt.
Vanderwerf
3. Page 3 of 12
Anupam, why when we seek such cloud agility do we also have to think about lower risk
and better security?
Sahai: Risk and security are critical because you’re talking about commercial, mission-
critical workloads that have potentially sensitive data. As we move to the cloud, you
should think three different trajectories. And some of this, of course, is being accelerated
because of the COVID-19 pandemic.
One of the cloud-migration trajectories, as Ryan
said earlier, is the need for elastic computing,
cost savings, performance, and efficiencies when
building, deploying, and managing applications.
But as we move applications and infrastructure
to the cloud, there is a need to ensure that the
infrastructure falls under what is called the
shared responsibility model, where the cloud
service provider protects and secures infrastructure up to a certain level and then the
customers have their responsibility, a shared responsibility, to ensure that they’re
protecting their workloads, applications, and critical data. They also have to comply with
the regulations that those customers need to adhere to.
In such a shared responsibility model, customers need to work very closely with the
service providers, such as AWS, to ensure they are taking care of all security and
compliance-related issues.
You know, security breaches in the cloud -- while less than compared to on-premises-
related deployments -- are still pretty rampant. That’s because some of the cloud
security hygiene-related issues are still not being taking care of. That’s why solutions
have to manage security and compliance for both the infrastructure and the apps as they
move from on-premises to the cloud.
Gardner: Ryan, shared responsibility in practice can be complex when it’s hard to know
where one party’s responsibility begins and ends. It cuts across people, process, and
even culture.
When doing cloud migrations, how should we make sure there are no cracks for things
to fall through? How do we make sure that we segue from on-premises to cloud in a way
that the security issues are maintained throughout?
Stay safe with best-practices solutions
Vanderwerf: Anupam is exactly right about the shared responsibility model. AWS
manages and controls the components from the host operating system and virtualization
layer down to physically securing the facilities. But it is up to AWS customers to build
secure applications and manage their hygiene.
As we move applications
and infrastructure to the
cloud, there is a need to
ensure that the infrastructure
falls under what is called the
shared responsibility model.
4. Page 4 of 12
We have programs to help customers make sure they’re using those best practices. We
have a well-architected program. It’s available on the AWS Management Console, and
we have several lenses if you’re doing specific things like serverless, Internet of things
(IoT), or analytics, for example.
Things like that have to be focused toward the business, but solutions architects can
help the customer review all of their best practices and do a deep-dive examination with
their teams to raise any flags that people might not be aware of and help them find
solutions to remedy them.
We also have an AWS Technical Baseline Review that we do for partners. In it we make
sure that partners are also following best practices around security and make sure that
the correct things are in place for a good experience for their customers as well.
Gardner: Anupam, how do we ensure security-as-a-culture from the beginning and
throughout the lifecycle of an application, regardless of where it’s hosted or resides?
DevSecOps has become part of what people are grappling with. Does the security
posture need to be continuous?
Sahai: That’s a very critical point. But first I want to double-click on what Ryan
mentioned about the shared responsibility model. If you look at the overall challenges
that customers face in migrating or moving to the cloud, there is certainly the security
and compliance part of it that we mentioned.
There is also the cost governance issue and making sure it’s a well-architected
framework architecture. The AWS Well-Architected Framework (WAF), for example, is
supported by Unisys.
Additionally, there are a number of
ongoing issues around optimization,
cost governance, security, compliance
governance, and optimization of
workloads that are critical for our
customers. Unisys does a Cloud
Success Barometer study every year
and, and what we find is very
interesting.
One thing is clear, about 90 percent of organizations are transitioned to the cloud. So no
surprise there. But in the journey to the cloud what we also found is that 60 percent of
the organizations are unable to move to the cloud, or hold on to their cloud migrations,
because of some of these unexpected roadblocks. And so that’s where partners like
Unisys and AWS are coming together to offer visibility and solutions to address them.
Those challenges remain, and, of course, we are able to help address them.
Coming back to the DevSecOps question, let’s take a step back and understand why
DevOps came into being. It was basically because of the migration to the cloud that we
In migrating or moving to the cloud …
there are a number of ongoing issues
around optimization, cost governance,
security, compliance governance, and
optimization of workloads that are
critical for our customers.
5. Page 5 of 12
had the need to break down the silos between development and operations to deploy
infrastructure-as-code. That’s why DevOps essentially brings about faster, shorter
development cycles; faster deployment, faster innovation.
Studies have shown that DevOps leads to at least 60 percent faster innovation and
turnaround time compared to traditional approaches, not to mention the cost savings and
the IT headcount savings when you merge the dev and ops organizations.
But as DevOps goes mainstream, and
as cloud-centric applications are
becoming mainstream, there is a need
to inject security into the DevOps cycle.
So, having DevSecOps is key. You
want to enable developers, operations,
and security professionals to work
together on yet another silo, to break them down and merge with the DevOps team.
But we also need to provide tools that are amenable to the DevOps processes,
continuous integration/continuous delivery (CI/CD) tools that enable the speed and
agility needed for DevOps, but also injecting security -- without slowing them down. It is
a challenge, and that’s why the all-new field of DevSecOps enables security and
compliance injection into the DevOps cycle. It is very, very critical.
Gardner: Right, you want to have security but without giving up agility and speed. How
have Unisys and AWS come together to ease and reduce the risk of cloud adoption
while greasing the skids to the on-ramps to cloud adoption?
Smart support on the journey to the cloud
Sahai: Unisys in December 2019 announced CloudForte capabilities with the AWS
cloud. A number of capabilities were announced that help customers adopt cloud without
worrying about security and compliance.
CloudForte today provides a comprehensive solution to help customers manage their
customer cloud journeys, whether it’s greenfield or brownfield; and there is hybrid cloud
support, of course, for the AWS cloud along with multi-cloud support from a deployment
perspective.
The solution combines production services that enable three primary use cases: Cloud
migration, as we talked about, and apps migration using DevSecOps. We’ve codified
that in terms of best practices, reference architecture, and well-architected principles,
and we have wrapped that in advisory services and deployment services as well.
The third use case is around cloud posture management, which is understanding and
optimizing existing deployments, including hybrid cloud deployments, to ensure you’re
managing costs, managing security and compliance, and also taking care of any other
As DevOps goes mainstream, and as
cloud-centric applications are
becoming mainstream, there is a need
to inject security into the DevOps
cycle. So, having DevSecOps is key.
6. Page 6 of 12
IT-related issues around governance of resources to make sure that you migrate to the
cloud in a smart and secure manner.
Gardner: Ryan, why did AWS get on-board with CloudForte? What was it about it that
was attractive to you in helping your customers?
Vanderwerf: We are all about finding solutions that help our customers and enabling our
partners to help their customers. With the shared responsibility model, that’s kind of on
the customer, and CloudForte has really good risk management and a portfolio of
applications and services to help people get ahold of that responsibility themselves.
Instead of customers trying to go on their own -- or just following general best practices –
Unisys also has the tooling in place to help customers. That’s pretty important because
with DevSecOps, people suffer from a lack of business agility, security agility, and face
the risks around change to their businesses. People fear that.
These tools have really helped customers manage that journey. We have a good feeling
about being secure and being compliant, and the dashboards they have inside of it are
very informative, as a matter of fact.
Gardner: Of course, Unisys has been around for quite a while. They have had a very
large and consistent installed base over the years. Are the tooling, services, and value in
CloudForte bringing in a different class of organization, or different parts of
organizations, into AWS?
Vanderwerf: I think so, especially in the
enterprise area where they have a lot of
things to wrangle on the journey to the
cloud -- and it’s not easy. When you’re
migrating as much as you can to a cloud
setting – seeking to keep control over
assets and making sure there are no
rogue things running -- it’s a lot for an
enterprise IT manager to handle. And so, the more tools they have in their tool-belt to
manage that is way better than them trying to cook up their own stuff.
Gardner: Anupam, did you have a certain type of organization, or part of an
organization, in mind when you crafted CloudForte for AWS?
Sahai: Let’s take a step back and understand the kind of services we offer. Our services
are tailored and applicable for both enterprises and the public sector. We offer advisory
services to begin with, which essentially allows us to pass-through products. You have
the CloudForte Navigator product, which allows us to assess the current posture of the
customer and understand the application capabilities the customer has, whether it needs
a transformation, and, of course, this is all driven by business outcomes that the
customers desires.
When you’re migrating as much as
you can to a cloud setting – seeking
to keep control over assets and
making sure there are no rogue
things running -- it’s a lot for an
enterprise IT manager to handle.
7. Page 7 of 12
Second, through CloudForte we bring best practices, reference architectures, and
blueprints for the various customer journeys that I mentioned earlier. Greenfield or
brownfield opportunities, whatever the stage of adoption, we have created a template to
help with the specific migration and customer journey.
Once customers are able and ready to get on-boarded, we enable DevSecOps using
CI/CD tools, best practices, and tools to ensure the customers use a well-architected
framework. We also have a set of accelerators provided by Unisys that enable
customers to get on-boarded with guardrails provided. So, in short, the security policies,
compliance policies, organizational framework, and the organizational architectures are
all reflected in the deployment.
Then, once it's up and running, we
manage and operate the hybrid cloud
security and compliance posture to
ensure that any deviations, any drifts,
are monitored and remediated to
ensure they are continuously having an
acceptable posture.
Finally, we also have AIOps capabilities, which include AI-enabled outcomes that the
customer is looking for. We use artificial intelligence and machine learning (AI/ML)
technologies to optimize the resources. We drive cost savings through resource
optimization. We also have an instant management capability to bring down costs
dramatically using some those analytics and AIOps capabilities.
So our objective is to drive digital transformation for customers using a combination of
products and services that CloudForte has, and working in close conjunction with what
AWS offers, so that we create a compelling offering that’s complementary to each other,
but very compelling from a business outcomes perspective.
Gardner: The way you describe them, it sounds like these services would be applicable
to almost any organization, regardless of where they are on their journey to the cloud.
Tell us about some of the secret sauce under the hood. The Unisys Stealth technology,
in particular, is unique in how it maintains cloud security.
Stealth solutions for hybrid cloud security
Sahai: The Unisys Stealth technology is very compelling, especially in the hybrid cloud
security sense. As we discussed earlier, the shared responsibility model requires
customers to take care of and share the responsibility to make sure that workloads in the
cloud infrastructure are compliant and secure.
And we have a number of tools in that regard. One is the CloudForte Cloud Compliance
Director solution, which allows you to assess and manage your security and compliance
Once it’s up and running, we manage
and operate the hybrid cloud security
and compliance posture to ensure
that any deviations, any drifts, are
monitored and remediated.
8. Page 8 of 12
posture for the cloud infrastructure. So it’s a cloud security posture management
solution.
Then we also have the Stealth solution, essentially a zero trust, micro-segmentation
capability that leverages the identity, or the user roles, in an organization to establish a
community that’s trusted and is capable of doing certain actions. It creates communities
of interest that allow and secure through a combination of micro-segmentation and
identity management.
Think of that as a policy management and enforcement solution that essentially
manipulates the OS native stacks to enforce policies and rules that otherwise are very
hard to manage.
If you take Stealth and marry that with CloudForte compliance, some of the accelerators,
and Navigator, you have a comprehensive Unisys solution for hybrid cloud security, both
on-premises and in the AWS cloud infrastructure and workloads environment.
Gardner: Ryan, it sounds like zero trust and micro-segmentation augment the many
services that AWS already provides around identity and policy management. Do you
agree that the zero trust and micro-segmentation aspects of something like Stealth
dovetail very well with AWS services?
Vanderwerf: Oh, yes, absolutely. And in addition to that, we have a lot of other security
tools like AWS WAF, AWS Shield, Security Hub, Macie, IAM Access Analyzer and
Inspector. And I am sure under the hood they are using some of these services directly.
The more power you have the better. And it’s tough to manage. Some people are just
getting into cloud and they have challenges. It’s not always technical, sometimes it's just
communications issues at a company or lack of sponsorship or resource allocation or
undefined key performance indicators (KPI). So all these things, or even just timing,
those are all important for a security situation.
Gardner: All those spinning parts, those services, that’s where the professional services
come in so that organizations don’t have to feel like they are doing it alone. How does
the professional services and technical support fit into helping organizations go about
these cloud journeys?
Sahai: Unisys is trusted by our
customers to get things right. So we
say that we do cloud correctly, and
we do cloud right, and that includes
a combination of trusted advisory
services. That means everything from identifying legacy assets, to billing, and to
governance, and then using a combination of products and services to help customers
transform as they move to the cloud.
We do cloud correctly, and we do cloud
right, and that includes a combination of
trusted advisory services.
9. Page 9 of 12
Our cloud-trained people and expertise speeds up the migrations, gives visibility, and
provides operational improvements. Thereby we are able to do the cloud right and in a
secure fashion by establishing security practices, establishing trust through a
combination of micro-segmentation, security, and compliance ops, AIOps, and that
certainly is the combination of products and services that we offer today.
And our customers tell us we are rated very highly, 95 percent-plus in terms of customer
satisfaction. It’s a testament to the fact that our professional services -- along with our
products – complements the AWS services and products that customers need to deliver
their business outcomes.
Gardner: Anupam, do you have any examples of organizations that leveraged both
AWS and Unisys CloudForte? What have they been doing and what did they get from it?
Student success supported by CloudForte, AWS
Sahai: I have a number of examples where a combination of CloudForte and AWS
deployments are happening. One is right here where I live in the San Francisco Bay
Area. The business challenge they faced was to enhance the student learning
experience and deliver technology services critical to student success and graduation
initiatives. And given the COVID-19 scenario, you can understand why cloud becomes
an important factor in that.
Unisys cloud and infrastructure services, using CloudForte, helped them deploy a hybrid
cloud model with AWS. We had Ansible for automation, ServiceNow for IT service
management (ITSM), AIOps, and we deployed a logarithm and a portfolio of tools and
services.
They were then able to accelerate their capability to offer critical administrative services,
such as student scheduling and registration, to about half-a-million students and 52,000
faculty and staff members across 23
campuses. It delivered 30 percent
better performance while realizing
about 33 percent cost savings and
40 percent growth in usage of these
services. So, great outcomes, great
cost savings, and you are talking
about reduction of about $4.5 million in computed storage costs and about $3 million in
cost avoidance.
So this is an example of a customer who leveraged the power of the AWS Cloud and the
CloudForte products and services to deliver these business outcomes, which is a win-
win situation for us. So that’s one example.
Great outcomes, great cost savings, and
you are talking about reduction of about
$4.5 million in computed storage costs
and about $3 million in cost avoidance.
10. Page 10 of 12
Gardner: Ryan, what do you expect for the next level of cloud adoption benefits? Is the
AIOps something that we are going to be doubling-down on? Or are there other
services? How do you see the future of cloud adoption improving?
The future is integrated
Vanderwerf: It’s making sure everything is able to integrate. Like, for example, with a
hybrid cloud situation we now have AWS Outposts. Now people can run a rack of
servers in their data center and be connected directly to the cloud.
Some things don’t make sense always to go to cloud. Perhaps machinery running
analytics, for example, has very low latency requirements. You could still write native
applications to work with the cloud in AWS and run those apps locally.
Also, AIOps is huge because so many people are doing AI/ML in their workloads, from
deciding security posture threats, to finding whether machines are breaking down. There
are so many options in data analytics and then wrangling all these things together with
data lakes. Definitely, the future is about better integrating all of these things.
AI/MLOps is really popular now because there are so many data scientists and people
integrating ML into things. They need some sort of organizational structure to keep that
organized, just like CI/CD did for DevOps. And all of those areas continue to grow. At
AWS, we have 175-plus services, and they are always coming up with new ones every
day. I don’t see that slowing down anytime soon.
Gardner: Anupam, for your future outlook, to this point that Ryan raised about
integration, how do you see organizations like Unisys helping to manage the still growing
complexity around the adoption and operations in the cloud and hybrid cloud
environments?
Sahai: Yes, that is a huge challenge. As Ryan mentioned, hybrid cloud is here to stay.
Not everything will move to the cloud. And while cloud migration trends will continue,
there will be some core set of apps that will be staying on-premises. So leveraging AWS
Outposts, as he said, to help with the hybrid cloud journeys will be important. And Unisys
offers hybrid cloud and multi-cloud offerings that we are certainly committed to.
The other thing is that security and
compliance issues are not going
away, unfortunately. Cloud breaches
are out there. And so there is a need
to actively manage and be proactive
about managing your security and
compliance posture. And so that’s
another area that I think our
customers are going to be working together with AWS and Unisys to help them fortify not
Customers are going to be working
together with AWS and Unisys to help
them fortify not just their defenses, but
also the offense – to be proactive in
dealing with these threats and [cloud]
breaches and preventing them.
11. Page 11 of 12
just their defenses, but also the offense -- to be proactive in dealing with these threats
and breaches and preventing them.
The third area is around AIOps, and this whole notion of AI-enabled CloudForte, and we
see AI and ML to be prorating every path of the customer journey. Not just in AIOps,
which is the operations and management piece, which is a critical part of what we do,
but AI in enabling the customer journeys in terms of predicting.
So let’s say a customer is trying to move to the cloud, we want to be able to use
predictions to predict what their customer journey would look like if they move to the
cloud and to be proactive about predicting and remediating issues that might come up.
And, of course, AI is fueled by the data revolution -- the data lakes, the data buses -- that
we have today to transport data seamlessly across applications, across hybrid cloud
infrastructures, and to tie all of this together. You have the app migration, the CI/CD, and
the DevSecOps capabilities that are part of the CloudForte advisory and product
services.
We are enabling customers to move
to the cloud without compromising
speed, agility, and security and
compliance, whether they are
moving infrastructure to the cloud,
using infrastructure as code, or moving applications to the cloud using applications as
code by leveraging the micro-services infrastructure, the cloud native infrastructure that
AWS provides -- and Kubernetes included.
We have support for a lot of these capabilities today, and we will continue to evolve them
to make sure no matter where the customer is in their customer journey to the cloud --
whatever the stage of evolution -- we have a compelling set of production services that
customers can use to get to the cloud and stay there with the help of Unisys and AWS.
Gardner: I’m afraid we will have to leave it there. You have been listening to a
sponsored BriefingsDirect discussion on the latest on-ramps to secure and agile cloud
adoption.
And we have learned how a partnership between AWS and Unisys allows businesses to
increasingly go to cloud models, cut total costs, manage operations better, and gain
added agility for scaling up and down.
So please join me now in thanking our guests, Anupam Sahai, Vice President and Cloud
Chief Technology Officer at Unisys. Thank you, Anupam.
Sahai: Thank you, Dana. It was great talking to you and Ryan, and I appreciate the
opportunity to be here.
We are enabling customers to move to
the cloud without compromising speed,
agility, and security and compliance.
12. Page 12 of 12
Gardner: And we have also been here with Ryan Vanderwerf, Partner Solutions
Architect at AWS. Thank you, Ryan.
Vanderwerf: Thank you, Dana and Anupam, it’s been great having a chat with you.
Sahai: Same here, friend.
Gardner: And a big thank you as well to our audience for joining this BriefingsDirect
cloud computing adoption best practices discussion. I’m Dana Gardner, Principal Analyst
at Interarbor Solutions, your host throughout this series of Unisys- and AWS-sponsored
BriefingsDirect discussions.
Thanks again for listening. Please pass this along to your IT community, and do come
back next time.
Listen to the podcast. Find it on iTunes. Download the transcript. Sponsor: Unisys and
Amazon Web Services.
A discussion on cloud adoption best practices that help businesses cut total costs, manage
operations remotely, and scale operations up and down. Copyright Interarbor Solutions, LLC,
2005-2020. All rights reserved.
You may also be interested in:
• How modern operational services leads to more self-managing, self-healing, and self-
optimizing for IT
• HPE Pointnext’s Nine-Step Plan for enterprises to attain the new business normal
• As containers go mainstream, IT culture should pivot to end-to-end DevSecOps
• AI-first approach to infrastructure design extends analytics to more high-value use cases
• How Intility uses HPE Primera intelligent storage to move to 100 percent data uptime
• As hybrid IT complexity ramps up, operators look to data-driven automation tools
• Cerner’s lifesaving sepsis control solution shows the potential of bringing more AI-
enabled IoT to the healthcare edge
• How containers are the new basic currency for pay as you go hybrid IT
• HPE strategist Mark Linesch on the surging role of containers in advancing the hybrid IT
estate
• How the Catalyst UK program seeds the next generations of HPC, AI, and
supercomputing