aws re:invent 2016: governance strategies for cloud transformation (wwps302)
TRANSCRIPT
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Alison Robinson, University of Maryland – Associate VP & Deputy CIO
Dawn Beadle, Monash University – Director, Infrastructure Services
Blake Chism, AWS – Professional Services
November28, 2016
Governance Strategies for
Cloud Transformation
WWPS 302
What to expect from the session
• Definition and Overview of Cloud Governance
• Cloud Center of Excellence (CCoE)
• Stages of Cloud Governance
• Cloud Governance Best Practices
• Monash University
• University of Maryland
• Question and Answer
Why are we talking about
Cloud Governance?
Benefits of Governance
Firms with above-average IT
governance had more than 20% higher
profits than firms with poor
governance*
*Peter Weil and Jeanne W. Ross, IT Governance: How Top Performers Manage IT Decision Rights for
Superior Results (HBS Press, 2004)
Why Cloud Governance in the Public Sector?
1. Reduction in Access and Security Risks
2. Ensures regulatory compliance (HIPAA, PCI, NIST, etc.)
3. Cost Avoidance/Reduction/Optimization
4. Elimination of rogue IT and disparate cloud initiatives
5. Defines automation methods and parameters
6. Increases capacity for Innovation in the Organization
7. Enhanced management of the consumption of cloud resources
What is Cloud Governance?
A Definition of Cloud Governance
The decision making people, criteria, processes,
and policies involved in the planning, architecture,
acquisition, deployment, operation and
management used for operating IT services in the
cloud.
gov·ern·ance - noun
• the action or manner of governing
• the way a company is controlled by the people who run it
Governance
“What would you say…you do here?” –Bob (Office Space 1999)
• Make Laws
• Administrate Laws
• Adjudicate Laws
• Allocate Shared
Assets for Shared
Goals
MAKE GOOD DECISIONS AS A SOCIETY FOR THE SOCIETYWHY
GOV’T
Understanding Governance
MAKE
LAWS
ADMINISTRATE
LAWS
ADJUDICATE
LAWS
ALLOCATE
SHARED
ASSETS FOR
SHARED GOALS
WHAT A
GOV’T
DOES
MAKE GOOD DECISIONS AS A SOCIETY FOR THE SOCIETYWHY
GOV’T
Understanding Governance
MAKE
LAWS
ADMINISTRATE
LAWS
ADJUDICATE
LAWS
ALLOCATE
SHARED
ASSETS FOR
SHARED GOALS
GOVERNANCE IDEOLOGY
WHAT A
GOV’T
DOES
HOW A
GOV’T IS DESIGNED
GOVERNANCE SCOPE
MAKE GOOD DECISIONS AS A SOCIETY FOR THE SOCIETYWHY
GOV’T
Understanding Governance
MAKE
LAWS
ADMINISTRATE
LAWS
ADJUDICATE
LAWS
ALLOCATE
SHARED
ASSETS FOR
SHARED GOALS
GOVERNANCE IDEOLOGY
PROCESSESWHAT ARE THE ACCEPTED
PROCESSES THROUGH WHICH
THE STRUCTURES MAKE,
ADMINISTRATE, ADJUDICATE,
AND ALLOCATE
STRUCTURESWHAT GOVERNANCE BODIES MAKE,
ADMINSTRATE, ADJUDUICATE, AND
ALLOCATE, HOW ARE MEMBERS
CHOSEN, AND WHAT RIGHTS,
ROLES, AND RESPONSIBILITIES DO
THEY HAVE IN THE PROCESSES
WHAT A
GOV’T
DOES
HOW A
GOV’T IS DESIGNED
GOVERNANCE SCOPE
HOW A
GOV’T IS DELIVERED
MAKE GOOD DECISIONS AS A SOCIETY FOR THE SOCIETYWHY
GOV’T
Understanding Governance
MAKE
Policies and
Standards
ADMINISTRATE
Policies and
Standards
ADJUDICATE
Policies and
Standards
Manage Cloud
Services
GOVERNANCE IDEOLOGY – Philosophy for governance
PROCESSESWHAT ARE THE ACCEPTED
PROCESSES THROUGH WHICH THE
STRUCTURES MAKE,
ADMINISTRATE, ADJUDICATE, AND
ALLOCATE
STRUCTURESWHAT GOVERNANCE BODIES MAKE,
ADMINSTRATE, ADJUDUICATE, AND
ALLOCATE, HOW ARE MEMBERS
CHOSEN, AND WHAT RIGHTS,
ROLES, AND RESPONSIBILITIES DO
THEY HAVE IN THE PROCESS
What IT
Governance
Does
How IT
Governance
is Designed
GOVERNANCE SCOPE – Which part of organization?
How IT
Governance
is Delivered
Enjoy Benefits of Good Decisions for the OrganizationWhy IT
Governance
Understanding IT Cloud Governance
Cloud Governance Opportunities
• Speed – Carry out the Mission at cloud speed and cost
• Integration – Complimentary to existing enterprise
IT governance processes, policies and tools
• Balance – Appropriate coverage for key decisions, investments and
risks while achieving the benefits of Cloud
• Proactivity - Anticipate and prevent Shadow Clouds and
unauthorized cloud activities that expose organizational risks
• Enablement - appropriate Cloud decision-making without friction
Cloud Center of Excellence (CCoE)
Cloud Center of Excellence (CCoE)
The Cloud Center of Excellence is a
team of executives and IT area
experts that authors Cloud
Governance to enable Organizational
Units to access a self-service model
and provides a catalog of
standardized and templated patterns
from which to select and auto-
provision.
Stages of Cloud Governance
Levels of Cloud
Governance
L0 – Decentralized
Control
L1 – Centralized
Control
L2 – Decentralized
Control with
Automation
L3 – Centralized
Control with Self-
service
3 Phases of Cloud Governance
Beginning
• Minimal integration
• Reactive environment
• Cost overruns
• Manual deployments
• No Cloud Structure
Adopting
• CCoE is in place and policies are maturing
• Policies matched to process
• Designing for Cost
• Rapid Deployment
Mature
• Full automation and self-service
• Benefits of cloud services realized
• Agility and control
• Optimized for Cost
• Secure and Compliant environment
Phase 1: Beginning
1. Create the CCoE to develop and own Cloud Governance and its policies
2. Develop Governance model and establish policies for:
• Security
• Account Management
• Cost
• Network
• Instance and Storage
• Service Management
• Monitoring and Reporting
3. Begin to modify the deployment process and policies and look to automate
• Develop governing policies to enable automated approval cycles
• Develop financial policies to enable end-users to quickly stage POC’s
Phase 2: Adopting
1. Develop Self-Service Policies
2. Develop Data Governance Policies
3. Develop Continuous Integration / Deployment Policy
4. Develop Design-for-Cost Architecture Guidelines
5. Develop Cloud Audit and Compliance Policies
6. Develop a common API Design Framework
Phase 3: Mature
1. Develop advanced automation techniques and policies to promote
further cost reduction, agility, and resiliency:
• Automated testing and code promotion from each tier to production
• Automated Disaster Recovery testing
• Automated instance power down / power up for non reserved instances
• Utilization of Spot Instances – when and where to use
2. Develop Transition Policies to Define Services
3. Develop Policies Allowing Existing Applications to Test-for-Cost
(scale up / scale out)
Cloud Governance Best Practices
Cloud Governance Best Practices
• Establish a CCoE and begin developing/updating policies for Cloud
• Tailor your governance process to your organization’s particular risk
tolerance (Ideology)
• Decide where to leverage existing processes versus establishing
new ones
• Make the process as light-weight as possible and as informative as
possible to create a positive user experience
• Start early in the Cloud Transformation so you can get business and
IT feedback and support
• Rely on use-case reviews to improve your processes
Monash University
Monash University’s governance
in the cloud
70,071
Number of students
8,936
Potential classes per week
14,869
Number of staff
$350Mil+
Our research income for 2014
Global
Where you will find us
Australia, Malaysia, South
Africa, China, India and Italy.
Top one percent
Of universities worldwide, and consistently listed as a preferred source of graduates by companies the world over.
Research capability
We're active in over 150 fields and accommodate (or are joint
partners in) more than 120 research centres and institutes.
IT at Monash
Vision
to achieve more flexible, cost effective delivery of
IT services, increasing the university’s ability to
compete by enabling greater agility and
innovation
by sourcing our services more appropriately
given the evolution of underlying
technologies & the ability of the market to deliver
cloud based service
programme initiated early 2014
Change Agenda
Governance
Virtual Data Centre
Tools & Automation
Base OS image
Hosted infrastructure
Disk Memory CPU Network
Solution Blueprint Pattern Template
Breast Cancer Clinical Registry
Solution
SOE Shared Drive Solution
Student Submission
Solution
ZedMedTerminal Solution
Blueprint 01 Blueprint 12
Blueprint 01Blueprint 03
Access Control
Need to change culture
Top down
Chain of command
Increased communications
Culture
Lessons
Do something, not nothing Executive sponsorship
Not a slavish approach to Compliance It’s not all about technology
University of Maryland – College ParkAlison Robinson
University of Maryland – College Park
Quick FactsStudents: 39,083
Employees: 13,791
Total Research Awards: $550,384,756
4 Data Centers
225+ Buildings
95,000+ Data Jacks
7239 Wireless Access points
11M+ Feet of Fiber
14M+ Feet of Copper
University of Maryland – College Park
People
• Organizational Structure
• Culture
• Training
University of Maryland–College Park
Support &
Infrastructure
Networking &
Communications
Software
Engineering
Security Learning
Technologies
Research
TechnologiesPlan
Build
Run
Engage with IT in many places to:
1) Order a service
2) Receive help with a service
3) Request a new service
Inefficiency
Silos
Delays
No Agility
University of Maryland–College Park
One “front door” to IT to:
1) Order a service
2) Receive help with a service
3) Request a new service
Streamlined
DevOps Approach
Agility
Cost Savings
University of Maryland – College Park
Governance Framework
• Effective & secure management
• Sourcing & hosting matrix
• RACI
University of Maryland – College Park
RACI Example
University of Maryland – College Park
Cost
• Current Costs
• Modeling Costs in AWS
Research Architecture
Costing Approach Examples
Business Intelligence
Question and Answer
Thank you!
Remember to complete
your evaluations!