Archive for March, 2011
Posted: March 31, 2011, 10:15 am
With continuing concern surrounding the damaged nuclear plants, the global community continues to watch the turmoil unfolding in Japan. In the twenty days since the Sendai earthquake and the resulting tsunami brought unimagined devastation to the Japanese nation, we are seeing just how small planet earth really is.
Global Dependencies are Felt Locally
Moving beyond the destructive impact on whole communities and the human toll too quickly seems to trivialize the impact, but at the same time, it is important that organizations on a global level recognize our interdependence. These dependencies can be seen clearly in the examination of global supply chains. Companies such as Boeing, Sony, Caterpillar and John Deere have been referenced in the news as enterprises that are feeling the supply chain impact, or anticipating parts shortages within a very short time frame. General Motors has announced production impacts from Louisiana to Spain to Germany related to dwindling supplies of Japanese components.
Forrester Research mentioned yesterday that business continuity is “… back on the agenda …” for business executives. Today the Wall Street Journal reported that the disaster plan from Tokyo Electric Power was inadequate, especially for the combined impact or earthquake and tsunami.
Earlier this week, in a conversation with Gartner Research about testing recovery plans, the point was raised that more than just worst case scenarios, planning for the combination of events raises maturity to a best practice level.
While the Japanese continue their struggle to recover on a massive scale, much of the world has begun to consider “lessons learned.” We did this following the attacks of 9-11-01, following Hurricane Katrina, and similar action is demanded to review plans as to whether the assumptions made are grounded in the new reality unfolding in the news and within the lives of the Japanese people. Business processes and interdependency have become more reliant on automation, built around more complex trading partner and business models, and subject to more rapid impacts for disruptions due to “just-in-time” processes and inventory levels.
Lesson #1: Acknowledge Increased Risk Levels
My point today is simple: resilience and risk managers in organizations of every size must acknowledge the increased risk, and adjust plans accordingly. The lessons gained from examining events in Japan should stir internal reviews by every organization with trading partners concerning risks, logistics, capitalization, insurance and diversification.
For most of us, it is difficult to fully comprehend the impact on the ground in Japan. But all businesses need to examine how complex supply relationships – from raw materials to manufacturing capacity to transportation and selling channels – would be impacted from disruptive events that threaten such relationships. The imperative becomes determining appropriate mitigating actions and procedures in light of what we see in new light following the natural disasters in Japan and other global regions.
Tags: BC/DR, business continuity, continuity, Continuity Planning, crisis management, disaster recovery, Forrester Research, gartner, InformationWeek, Japanese Earthquake, Lessons Learned, resilience, risk, risk management, supply chain, Wall Street Journal
Posted in Uncategorized
Add a Comment
Posted: March 30, 2011, 2:12 pm
Even though Cloud may be a relatively new phenomenon for your company, you can still begin to measure your return on investment (ROI) if not in real numbe, at least in the ways it is changing your organization. Here are a few examples.
New Opportunities
More new opportunities become viable. First and foremost, the IT investment to support a new product is greatly reduced. IT resources can flex with a project—robust during development, then reduced, then scaled up as a product takes off. From a business plan perspective, this means the Number-of-Sales-to-Breakeven is lower, and the Time-To-Breakeven is sooner.
Better Planning
Likewise, lower IT costs mean your Pricing Structure can have more flexibility and/or better margins. Because the IT resources to support each new sale is a known cost—rather than a “best we can tell” allocation of blanket IT costs—Profitability-Projections are more reliable. Finally, no Point-of-Diminishing-Returns exists where IT hardware and staff are max-ed out and a CapEx infusion is needed for future sales.
Faster Start-up
The time between approval of a project and the start of work is shorter. Provisioning the resources takes less time. No more waiting for a purchase order to go through before the servers can be delivered, installed, configured and integrated. As sales escalate, the elastic and flexible cloud environment provides the needed support in perfect step with your product’s success.
A Cost Transformation
Long after you have garnered cost reduction from the move to the cloud, you will benefit from the way cloud computing aligns IT costs with revenues. Consequently, more business plans can meet your criteria as viable product opportunities.
What previous business ideas would pass profitability requirement in your company if you used cloud computing?
Download SunGard’s white paper, “All clouds are not created equal.”
Tags: cloud computing, cloud computing accounting, cloud computing analysis, cloud computing benefits, cloud computing companies, cloud computing company, Cloud computing comparison, Cloud computing costs, cloud computing explained, cloud computing information, Cloud computing leader, cloud computing measurement, cloud computing model, cloud computing ongoing benefits, cloud computing overview, cloud computing provider, Cloud computing resource, cloud computing return on investment, cloud computing ROI, cloud computing service provider, cloud computing services, cloud computing solution, cloud computing strategy, cloud computing vendors, Cloud computing white paper, enterprise cloud computing, top cloud computing
Posted in Uncategorized
Add a Comment
Posted: March 17, 2011, 12:15 pm
Solutions Marketing Manager Janel Ryan discusses how to evaluate your organization’s readiness for cloud – Carl M
As companies evaluate cloud computing as part of an overall business delivery model, deciding which applications are candidates to move to cloud and which need to remain in legacy environments is part of the planning process. Identifying business requirements up front creates the right basis for planning cloud projects, timelines, and resources.
The demand for consulting services designed around cloud readiness is being driven by customers looking for solutions that can get cloud technologies and legacy technologies – dedicated hosting or on-premise – to work together.
Discovery Phase
A cloud readiness assessment can be viewed as a series of stages. During the Discovery phase, a thorough examination of your current IT infrastructure gathers details about your business systems, their usage, performance, capacity, and application interdependencies, etc. Due to the complexity of IT environments and numerous IT demands, many large companies may not have a complete documentation or understanding of all their application environments. Most companies use a consultant during the assessment process because the specific expertise needed for this type of evaluation is not something an IT department normally has available to spare.
Analysis Phase
During the Analysis phase, you and the consultant review the data on each application and confirm its continued need, use and importance with users. You also need to confirm access, performance, security, compliance and other special requirements for each application. From there, you can discern and compile the infrastructure requirements.
Validation Phase
In the Validation phase the initial findings are laid out and you determine a strategic vision for using cloud computing. You and the consultant explore different scenarios and options, and you determine which applications are ready to deploy, which could be ready if security, compliance and other requirements can be met by a vendor and which cannot be moved for whatever reason. Your consultant should be able to articulate how various vendors deliver their technology and should identify those vendors that could potentially meet your needs.
Migration Planning Phase
Based on your strategic vision, you select your vendor and proceed to the Migration Planning phase. Here you lay out a plan for preparing migrating, testing and moving to live production for each application. You also set critical requirements for security, storage, performance, etc. along with the timeline for accomplishing each move.
Some companies take longer than others to plan and execute their moves to cloud computing. Regardless of the time it takes, the more meticulously you perform these four tasks, the more smoothly your migrations will go and the better your cloud computing experience will be.
Download SunGard’s white paper, “All clouds are not created equal.”
Tags: cloud computing, cloud computing analysis phase, cloud computing application, cloud computing blog, cloud computing companies, Cloud computing comparison, cloud computing discovery phase, cloud computing information, Cloud computing leader, cloud computing migration phase, cloud computing model, cloud computing overview, cloud computing provider, cloud computing security, cloud computing service provider, cloud computing services, cloud computing solution, cloud computing strategy, cloud computing system, cloud computing validation phase, cloud computing vendors, enterprise cloud computing, security in cloud computing, top cloud computing
Posted in Cloud Adoption, Cloud Business Drivers, Cloud Consulting
7 Comments
Posted: March 15, 2011, 4:31 pm
Today we hear from Gregory Smith, Senior Product Architect, Cloud Computing
Many companies have a virtualized infrastructure, but in reality, a virtualized data center is not the same as a private cloud. Most virtualized data centers lack the automation and processes to manage them as private clouds.
In the ‘90s when Fortune 500 companies implemented VMware’s virtual infrastructures, their equipment became more efficient and cost-effective, but because most companies kept the same practices, policies, procedures and methods in place, IT’s ability to respond to user needs did not change much.
For example, provisioning did not get simplified or faster. For most it still involves a string of people to purchase the hardware, deliver the hardware, lay down the company image, create the user account, update the asset management system, obtain the login information and load the appropriate software (a list of applications that may or may not exist on paper).
Even when they added VCloud Director or VCenter Orchestrator, IT added them on top of the environment to track the current policies more exactly. Nothing streamlined or improved the procedures and processes.
A private cloud offered by a trusted vendor is designed from the ground up to support the most efficient processes for the user in addition to the most efficient use of resources. A private cloud contains intelligent software for requesting resources and having those resources allocated rapidly. It also should come with a service level agreement (SLA) that specifies a certain level of availability and/or performance, with penalties for default. Few companies have this type of guarantee or recourse.
A private cloud also comes with actual prices (i.e., chargebacks) for services. This enables a company to see the exact cost of resources used by a particular business unit, not just estimated costs based on a formula or a cost model that must be revamped every year as hardware depreciates and is refreshed and expanded.
Could a Fortune 500 company bring in the expertise to build request, allocation, and chargeback software; revamp its procedures, and run as efficiently as a private cloud? Yes, but virtually no CFO would foot the bill for that upgrade. Especially when he or she could leverage the investment a cloud provider has already made—and save costs while he does it.
Tags: cloud computing, Cloud computing comparison, Cloud computing costs, cloud computing information, cloud computing model, cloud computing provider, cloud computing security, cloud computing services, cloud computing solution, cloud computing vendor, private cloud computing, top cloud computing
Posted in cloud models
2 Comments
Posted: March 14, 2011, 1:56 pm
Today we hear from Nik Weidenbacher, Product Engineering at SunGardAS – Carl M.
Most people have a general understanding of public and private clouds and the differences between the two offerings.
When talking about Infrastructure as a Service (IaaS), typically a private cloud is in a company’s data center while a public cloud is operated by a provider and shared by multiple companies. That is a good start, but neither definition explains what an Enterprise Cloud is.
An Enterprise Cloud offers a virtualized, multi-tenant infrastructure that can provide many of the same benefits as running a private cloud for your company, without requiring the same up-front investment. Unlike most public clouds, an Enterprise Cloud also lets you control many of the resources and policies you are used to controlling, such as IP addresses, network layout, network transport (in addition to internet), and monitoring and backup policies. In addition, all VMs can be protected by an enterprise-class firewall.
Most public clouds require you to provide your own firewall protection, as well as determine how to secure your data on disk and as it traverses the network. Most also provide a “self-service” portal that lets you configure your own server with OS, RAM, etc., run your own programs and make everything work yourselves. These features are good for companies that have high-level technical people and want to save money on computing power.
For companies that want to focus less on IT operations and use their high-level technical people for important business goals, an Enterprise Cloud is more appropriate. The Enterprise cloud offers management and systems monitoring services just as your own staff would. If an application hangs or crashes, the Enterprise Cloud technicians take action to restore it. They also install patches and new software releases, take back-up copies, and proactively monitor uptime, storage capacity, usage, etc.
In short, an Enterprise Cloud provides the infrastructure and computing resources you need for today and tomorrow, along with the management and monitoring services you need to make sure your operations is up and running smoothly. Just as you leverage cloud hardware, you can leverage cloud expertise for your competitive advantage.
What advantages could you company reap with Enterprise Cloud services?
Download SunGard’s white paper, “All clouds are not created equal.”
Tags: Best cloud computing companies, cloud computing, cloud computing blog, cloud computing companies, Cloud computing comparison, cloud computing information, Cloud computing leader, cloud computing model, cloud computing provider, cloud computing providers, cloud computing services, cloud computing vendors, Cloud computing white paper, Enterprise Cloud computing overview, Enterprise Cloud computing solution, private cloud computing, top cloud computing
Posted in cloud models, IaaS
2 Comments
Posted: March 11, 2011, 5:05 pm
Satish Hemachandran just returned from Cloud Connect 2011
This week’s Cloud Connect 2011 was the place to be to discuss all things Cloud. I spent two days at a packed convention center where the session topics conveyed the attendees’ interest in deciphering the challenges faced by enterprises in Cloud adoption. The consistent theme for this year’s event was about how Cloud for the enterprise needs to be built with availability, manageability, and security in mind – an area that we within SunGard are most passionate about.
I had the opportunity to present SunGard’s vision of the Enterprise Cloud on Tuesday – this session was focused on the risks that IT departments face as they embark on the Cloud path and how these perceived and actual risks can be addressed through systematic mitigation. This risk mitigation takes the form of both products and processes that need to follow industry best practices but fine tuned for the Cloud based on your specific enterprise requirements.
The majority of enterprise customers though, are unable to solve this problem on their own since they are faced with diminished IT budgets, personnel resource constraints, or a lack of suitable Cloud technology vendors who offer these capabilities out of the box. For instance, one of the people I spoke to at Cloud Connect was looking to introduce Cloud to his enterprise but was needed a partner who could not only understand his business and technical challenges, but was ready to address them. Specifically, as a large consumer company, he had data security and governance requirements that none of the commodity Clouds offered or even had thought about.
Another attendee was looking to build a hybrid Cloud that would allow his company to connect an IaaS with a tiered storage service with the kind of bandwidth and SLAs he needed while maintaining security. We also had a number of businesses ask about how change control took place in an enterprise Cloud and if/how Enterprise Cloud could help with meeting compliance requirements. These questions are what you would expect any enterprise to have before committing to adopt a major technology shift.
At SunGard, we believed that a Cloud done right can indeed offer the benefits of cost optimization and flexibility along with all characteristics around security, monitoring, management, integration/connectivity that makes it enterprise ready…it was good to hear these same sentiments expressed over and over again at Cloud Connect.
What did you learn at Cloud Connect?
Tags: cloud compliance, cloud connect, Cloud security, coud adoption, enterprise cloud, hybrid cloud, IaaS
Posted in Cloud Adoption, IaaS
1 Comment
Posted: March 9, 2011, 5:39 pm
The more physically fit we are, the more resilient our muscles and bodies are to stress and strain. The same can be said for organizational resilience programs. They may need a “trainer” to help us get them in shape, but even without that expert resource, they certainly need regular exercises.
The risks companies face today are varied, and much like exercising different muscle groups, they call for different activities to examine and strengthen against these threats. In 2010, natural disasters had an estimated $109 billion impact, more than triple the previous year; that number doubles when you add the costs of man-made disasters, such as the Gulf Oil Spill, and we quickly see the cost justification for planning for worst case scenarios.
What Shape Is Your Resilience Program In Today?
Consider: data breaches become a violation of expectations of privacy by your employees or customers. When information is exposed to the outside world that should not have been revealed, both a technical and a communications response is needed; both factor into the estimated cost, which reached $214 per breached record in 2010 according to the Ponemon Institute. The same could be said for protected health information that needs to be kept confidential, and accessed only by authorized personnel. In a conversation this week with the president of a local hospital chain, she mentioned that they have dismissed employees over HIPAA rules violations. We operate in a world where transparency is demanded (SOX), and prohibited (HIPAA). Remaining resilient in the face of such risks calls for balance between privacy and authorized access in our highly connected world.
On another level, consider the recent WikiLeaks episodes. The public disclosure of confidential information gave a new meaning to transparency, and a caution to information security managers. I’ll not debate the layers of questions that these actions triggered concerning the breach of confidence, under the claim that the public had a right to know; what is clear to me is that all organizations, both public and private, need to make certain their information security programs are up to today’s challenges and threats.
Relevant in this blog space is the impact on organizations and their resiliency, and how best to mitigate such impacts. The cyber activity following the release of confidential information led to DOS cyberattacks and the outages for major credit card networks, which had a subsequent disruptive impact on numerous businesses and their e-commerce. This risk is real, and calls for every organization to review the effectiveness of their information security programs in dealing with such incidents. GLB and HIPAA regulations call for the periodic assessment of electronic security against anticipated risks or hazards. Given the demonstrated impact to systems these past few months, this is now a risk that must be anticipated (GLB: 16 CFR 314; HIPAA: 45 CFR 160-164).
Different Risks, Different Training
Resilience and crisis management each depend on responses to risks, both actual and anticipated. Beyond the technical programs for information security and the capability to recover your operations at an alternate facility, resilience and crisis management call for effective emergency communications programs, something frequently overlooked. If your plans don’t include guidance on who should speak in the face of a disaster, what they will say and how you will preview any statements before release to the public, then it is time to update your plans. Consider drafting sample statements for the anticipated risks; the internal review of these sample statements not only better prepare your spokespeople, but also help uncover additional elements of your plan that may need to be updated.
Continued Monitoring and Exercising
Ongoing monitoring of risks and mitigation programs is important – and required by regulations. As any fitness trainer will advise you, you need to keep at your exercise program, or you will quickly fall behind.
Tags: BC/DR, business continuity, compliance, continuity, Crisis Communication, crisis management, information security, regulations, resilience, risk, risk management, SunGard Availability
Posted in Uncategorized
14 Comments
