Upload
brian-hum
View
150
Download
0
Embed Size (px)
Citation preview
1
Binghamton Bank IT SolutionsImplementing the Cloud
SaaS Team
Eugene Br izo , John Montesano, Jess ica Vinokur, Dan ie l Wang
IaaS Team
Br ian Hum, Chr is Lo, Rober t P im, Anna Pr ig l
2
I. BackgroundII. Cloud computing overviewIII. Software-as-a-service (SaaS) overviewIV. Big data utilizationV. Infrastructure-as-a-service (IaaS) overviewVI. Business impact analysis tool overviewVII. TimelineVIII.Conclusion
Agenda
3
Background
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
• Binghamton Bank Corporation, under the head of a new CEO, has a new goal to transform current systems to match business needs• Better understand the future needs of their customers and investors• Track and identify customer buying patterns and investor needs• Upgrade financial applications and underlying infrastructure
• Underwent some technological challenges in the past year• February 2014 – software upgrade froze the bank’s systems• July 2014 – the bank’s web application went down
• CIO suggested to move existing applications to the cloud• Allow flexibility and scalability to better suit the needs of the company
• Stay ahead of competition by working with big data• Reduce costs, increase efficiency, and create insights to customer and investor data
4
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Query Time
Scalability
Cost
Current State With Cloud Computing
One Hour Twenty Minutes
Limited Fast, Efficient
Fixed Pay per use
Data Analytics Slow, Inflexible Fast, Flexible, Visually Appealing
Our Purpose
5
• Cloud computing is the practice of using remote servers over the Internet to store and access data rather than connecting to a local servers
• Cloud computing has three main services:• Infrastructure-as-a-service (IaaS) – the provider offers hardware to the user via a virtualized
interface.• Platform-as-a-service (PaaS) – the provider offers hardware plus a computing platform to
the user.• Software-as-a-service (SaaS) – the user is able to access different types of applications
from the provider.
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Cloud Computing Overview
6
Cloud Computing: Benefits
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
• Cheaper than in-house servers• Smaller IT staffPrice
• Faster, more effective software• Greater computing powerEfficiency
• Able to utilize more cloud resources immediatelyScalability
7
Applications
Runtimes
Security
Databases
Servers
Virtualization
Server Hardware
Storage
Networking
Applications
Runtimes
Security
Databases
Servers
Virtualization
Server Hardware
Storage
Networking
Applications
Runtimes
Security
Databases
Servers
Virtualization
Server Hardware
Storage
Networking
Applications
Runtimes
Security
Databases
Servers
Virtualization
Server Hardware
Storage
Networking
Traditional IT IaaS PaaS SaaS
Managed InternallyManaged by Cloud Provider
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Cloud Computing Overview
8
• SaaS providers host applications which are made available to customers over a network, typically the Internet
• Binghamton Bank has currently implemented SaaS for two Banking Applications:• WeCare• Mobile Banking Application
• With SaaS individuals no longer download and install programs on individual computers
• All programs are updated and maintained by the SaaS cloud provider
• These programs offered on the cloud are accessible from almost anywhere
Cloud Computing: SaaS
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
9
Cloud Computing Risks Mitigation of Risks: SaaS
Data Breaches: • Cloud service providers host information from customers
spread across the world• This makes them large targets for information hackers
• Create long, complex passwords every 60 to 90 days• Encrypt data through the use of keys, digital signatures, and
other security applications
Outages:• Reporting outages due to power failures, natural disasters, etc.
takes longer due to longer lines of communication between the business and the cloud service provider
• Develop a Disaster Recovery/Business Continuity plan, including recovery services
• Keep customers informed throughout the disaster response process
Non-compliance:• The company must follow all legal and regulatory requirements
that apply to its information being stored on the cloud.• These requirements include: PCI DSS, GLBA, ISO, etc.
• Define the services used through the SaaS provider, with any restrictions, regulations or compliance issues that need to be satisfied
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Risks & Mitigation of Cloud Computing
10
Leading Customer Relations Management
Tool$3,000/Month
Private Cloud Offering $4,240/Month
Big Data Analytics Application $2,500/Month
Most Application & Service Offerings to Banking
Industry$1,890/Month
Competitive Advantage CustomersCost Per Office
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
SaaS Cloud Provider List
11
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
SaaS Cloud Provider Comparison
Cost Security Financial Stability Services Provided1
1.5
2
2.5
3
3.5
4
4.5
5
SalesForce Oracle Workday SAP
12
Yes No
No, Offers SaaS Extension on PaaS
Yes, Provides Pre-Built Applications
Yes, Multiple Preventative Security Procedures
Yes, Received TrustE Trusted Cloud Certification & More
$4,240 Per Month $2,500 Per Month
Private Cloud Offering
Standalone SaaS
Security and Disaster-RecoveryPrice Per Office
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
SaaS Cloud: Oracle & Workday
13
• Implemented two methods of data analytics to test the optimization of analyzing large-scale data• Using Binghamton Bank’s customer profiles
• Method 1: Microsoft Excel• Pivot charts were more complicated to calibrate to the exact specifications of a relationship• Visual representations were less cooperative in displaying meaningful trends
• Method 2: Spotfire Data Analytics• Immediately converted data sets into graphical displays that are easily manipulated and customized• Provided significantly more options for creating relationships between different variables in a data set• Increased speed allowed for a more efficient and accurate method of determining trends and drawing
conclusions
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Spotfire Data Analysis
14
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Data Analysis: Service vs. Age
15
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Data Analysis: Services vs. Education
16
• Total Average Services vs. Age• Users of later generations tend to use more of Binghamton Bank’s services• Utilize SaaS mobile banking applications, appealing to more earlier, more technology-focused
generations through increased mobility• Applications should be kept simple and easy to use for sustain current users
• Total Average Services vs. Education• People with less education tend to utilize more of the Bank’s services• Applications should sustain usability to retain that less educated audience• Develop more advanced banking applications in the cloud that cater directly to those with
more education• Maintain the same level of usability and accessibility
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Recommendations from Data Analysis
17
• The use of data analytics in the cloud can be enhanced via a “big data” system• Big data allows for an organization to handle data with velocity, variety and volume
• The use of big data will allow for Binghamton Bank to respond to problems faster while incurring fewer costs • The scalability of computing power will allow Binghamton Bank to run processes faster• The elimination of on-site hardware will allow Binghamton Bank to decrease costs
• Big data will allow for Binghamton Bank to improve customer relations management and make Binghamton Bank more efficient
• Big data providers like Hadoop and Palantir offer unique solutions that can help Binghamton Bank to automate some functions
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Utilization of Big Data
18
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Utilization of Big Data
Good
Inadequate
Failure
19
• IaaS provides the following infrastructure for companies• Hardware• Storage• Memory capacity
• Binghamton Bank has currently implemented IaaS for three Banking Applications• Enterprise Content Management• Development & Testing• BackUp
• With IaaS, users have the ability to scale how much storage and memory they need• Companies have more control over how much they use based upon how much they
need• IaaS is also accessible from any location provided there is an internet connection
Cloud Computing: IaaS
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
20
Cloud Computing Risks Mitigation of Risks: IaaS
Data Breaches: • Cloud service providers host information from customers
spread across the world• This makes them large targets for information hackers
• Extend access management services into the IaaS cloud provider
• Ensure that Binghamton Bank has access to the necessary resources needed to ensure the applications and systems are secure.
Outages:• Reporting outages due to power failures, natural disasters, etc.
takes longer due to longer lines of communication between the business and the cloud service provider
• Develop a Disaster Recovery/Business Continuity plan, including recovery services
• Perform periodic backups of sensitive data
Non-compliance:• The company must follow all legal and regulatory requirements
that apply to its information being stored on the cloud.• These requirements include: SOX, GLBA, ISO, etc.
• Have a team devoted to ensuring the data is under the right encryptions and controls in place
• Make a thorough overview of the IaaS Provider of their security measures as well as level of segregations
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Risk and Mitigation of Cloud Computing
21
Breadth and Integration of Wide Range of Services $70/Month
Supports High Demanding Cloud Applications $428/Month
Suitable Infrastructure for Big Data Analytics $86/Month
Global Servers and Granular Control over
Infrastructure$74/Month
Competitive Advantage CustomersCost Per Instance
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
IaaS Cloud Provider List
22
Cost Security Financial Stability Services Provided2.0
2.5
3.0
3.5
4.0
4.5
5.0
IBM Managed Cloud Services Amazon EC2 Cloud Services Google Compute Engine OpSource
Cloud Provider Comparison
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
23
IBM Cloud Managed Services Elastic Compute Cloud
Ten Data Centers Across Five Continents
Data Centers Across Four Continents
Full Range of Cloud ServicesMigration of Applications
Variety of Services and Monitoring Tools
$428 per Month $70 per
IaaS Provider
Data Spread
Competitive Advantage
Estimated PricePer Instance
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
IaaS Cloud: IBM & Amazon EC2
24
Determines the risks associated with having Binghamton Bank’s applications on the cloud
Calculates impact scores that allow users to easily compare risks and determine which are the most significant
Generates procedures to help mitigate theses risks for Binghamton Bank
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
BIA and Risk Prioritization Tool
25
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Tool Demonstration
26
• Utilized the tool to analyze data on hypothetical cloud failures that were provided by Binghamton Bank• Binghamton Bank provided us with data that described how a certain technology failure would
affect the bank• Found some key applications that were at risk and that should be treated with caution
• Devised a strategy to mitigate the risks associated with moving these applications to the cloud• Detected some key failures that would significantly impact Binghamton Bank
• Created recommendations to ameliorate the risks associated with these impacts
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Data Analysis
27
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Significant Issues and Failures
28
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Significant Data Types
29
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Critical Applications
30
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Insignificant Applications
31
• Move the PayNow application and the Loan Default Management application over to the cloud first will help to limit the risks of migration• These are the only two non-critical applications not on the cloud
• Migrate Change Detect, the Core Banking Application, and Card & ATM Management to the cloud last • This will allow for the IT team to acquire experience before moving significant applications to
the cloud• Use the migration of the Enterprise Content Management application as an example for the
eventual migration of the applications listed above
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Recommendations: Cloud Migration
32
PayNow (SaaS)
Loan Default Management
(SaaS) Card & ATM Management
(IaaS)
Core Banking Application
(IaaS)
Change Detect (SaaS)
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Recommendations: Cloud Migration
33
• Cloud Assessment • Perform an assessment of the cloud in terms of finances, security, and technical capabilities
to determine if the cloud provider is suitable for Binghamton Bank• Proof of Concept
• Select a cloud provider based upon the assessment• Begin deploying small miniature applications to the cloud to ensure the application is running
smoothly on the cloud• Data Migration
• Consider different storage options and develop a data segmentation strategy to effectively migrate sensitive data over to the cloud
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Cloud Migration – Projected Timeline
34
• Application Migration• Determine strategy that will least disrupt current business activities when migrating to the
cloud to ensure that business functions are still operating while applications are moving to the cloud
• Adopt a forklift application strategy or hybrid application strategy• Create a “cloud-aware” code for the application to help adjust the application when moving to
a different computing platform• Leverage the Cloud
• Expand scalability and attempt to automate elasticity to offer the extra benefits of using a cloud versus the legacy system
• Ensure the right encryption and security measures are in place in order to be in compliance with regulations
• Implement a dashboard to help monitor use of cloud resources
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Cloud Migration – Projected Timeline
35
• Optimization Phase• Observe different load patterns to help manage elastic environments more effectively• Continuously run the application over the cloud to find the best practices and update the
application when different regulations are enacted• Employee Integration
• Inform company of success of migration and train employees on how to utilize the application to help employees feel at ease with the new software
• Gather employee feedback to optimize success of cloud applications
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Cloud Migration – Projected Timeline
36
Background Cloud Overview SaaS Overview Big Data IaaS Overview Risk Tool Overview Migration Timeline
Cloud Migration – Projected Timeline
37
Recommendations
SaaS Provider: Oracle and Workday
IaaS Provider: IBM or Amazon
Leverage Big Data into Bank
Migrate PayNow & Loan Default
Management Apps
Conclusion
38
Questions
39
◦ Tableau data analysis and recommendations◦ IBM Managed Cloud Analysis◦ Amazon EC2 Cloud Analysis◦ Google Compute Engine Analysis◦ OpSource Analysis◦ IaaS Cloud Provider Cost Analysis◦ Laws, Regulations & Standards◦ Risk Prioritization Calculations and
Classificaitons
◦ We’ll use this side once we add more to the appendix
Appendix
40
Tableau – Data Analysis
41
Tableau – Data Analysis
42
Tableau – Data Analysis
43
Tableau – Data Analysis
44
• Diversify into other geographical areas• Iowa and New Jersey have the lowest debt to income ratios which shows that they can take
on more debt• District of Columbia and New Hampshire have the highest monthly incomes which shows they
can pay off more loans• Expand the sub-prime credit business
• Make loans to people to the sub-prime segment (625-650 FICO)• Expanding economy will improve the ability for people to make payments• Take advantage of low debt to income ratio trend in sub-prime sector
• Expand loan allocation towards housing and home improvement segment• Take advantage of an improving housing market• Diversifying loan purpose away from debt consolidation and credit card loans
Recommendations from Data Analysis
45
• Very large cloud provider with 10 data centers spread throughout 5 continents• They are looking to expand to 40 data centers located in every major financial center
• Created for enterprises that value security and ease of access • Just opened a Cloud Resiliency Center in North Carolina to cut recovery times by 24-48 hours• Payment Card Industry Certified, HIPPA Compliant• Unique security and authentication model with a firewall with an optional VPN gateway• Data centers use IBM Power Systems and System X servers with Tier-1b storage
• Their cloud environment allows for IT Teams to set up applications within days
• IBM provides compliance services and other IT advisory services
IBM Managed Cloud Offerings
46
• IBM Managed Cloud Services has one of the highest costs• Our comparative cost put it at $428.32 per month• The average billing for a month of services was $7,000• Lost a CIA contract in part due to their billing mechanisms but have fixed the problem
• Having data centers spread throughout the world adds some risk to the platform• If Binghamton Bank stores data overseas then they will have to watch international laws• Having data overseas also opens up Binghamton Bank to data breaches• IBM allows for customers to select which data facilities they want their data in
IBM Managed Cloud Costs and Risks
47
• Very large cloud provider with many data centers spread throughout four continents
• Amazon EC2 has a wide variety of customers• Many start-ups take advantage of Amazon’s cloud services and the CIA also uses Amazon
• The Amazon EC2 Platform also has many built-in security features• Created customer access points that allow for secure HTTP access• AWS Identity and Management tool allows customers to control the level of access for users• Users can also have the data and objects encrypted using Advanced Encryption Standard 256
• Amazon Cloud Watch provides real-time monitoring on resource utilization• Also allows for one to set up an automatic scaling features to manage instances
Amazon EC2 Offerings
48
• Amazon has designed their payment plans so that you pay for what you use• In our comparative cost analysis Amazon charged the typical rate for a cloud provider• Pricing model is extremely scalable and allows for flexibility in computing power
• Amazon has been in the news for data center outages and service problems• In April 2011 the EC2 system crashed and took down many websites of some very prominent
companies and also wiped out some firms’ data• In October 2012 a data center outage took down Foursquare and Flipboard• In August 2013 an EC2 data center in North Virginia experienced a hardware failure and caused
problems for Instagram, Vine, AirBnB, and Flipboard
Amazon EC2 Cloud Costs and Risks
49
• Google Compute Engine is built on the same global infrastructure as their other japplications like YouTube and Gmail• Google also has a built-in load balancing service that spreads heavy workloads over their global
infrastructure• Google’s offers many services and a large global infrastructure which allows for fast processing
speeds throughout the world
• Google’s Auth 2.0 allows you to leverage Google Cloud Storage• Google’s virtual machines run with Linux applications
• Google is certified by ISO 27001 and SSAE-16
• Completed SOC 1 2 and 3
Google Compute Engine Offerings
50
• Google’s pricing is very scalable and is dependent on computing power• In our comparative cost analysis Google was the most expensive excluding IBM
• Google’s security has come into question recently• Google handles large quantities of confidential information (Gmail, Payment Information, etc.)• In March 2011 150,000 accounts were deleted from Google’s system• In September 2014 5 million Gmail usernames and passwords were stolen in a data breach• Brings into question the security of Google’s cloud platform
Google Compute Engine Costs & Risks
51
• OpSource has nine data centers spread over five continents• The services that they offer are called Private Compute as a Service• This service allows for controls over virtual servers, tiered storage, and networking• Allows clients a private cloud environment for computing supported by Dimension Data
• OpSource employs an Applications Programming Interface to automate and control the fvirtual server, storage, and network environment
• The platform has a 99.99% SLA and 24/7 support that assists its cloud services
• OpSource takes many security measures including firewall technology, VPN, and jIntrusion Detection Systems• They also have a Dimension Data Security Incident Response Team• OpSource is compliant with PCI, SSAE 16, and SAS 70 Type 2 certifications
OpSource Offerings
52
• OpSource offers a very scalable monthly pricing model• Pricing is based on storage utilized and processing power• For our comparative pricing calculation OpSource had comparable pricing to Amazon EC2
• OpSource has data centers spread throughout the world which brings up many risks• OpSource limits the risk of having data centers spread throughout the world by having strong
location protections • OpSource builds all of their data centers are built above sea level and are built in areas with
seismic compliance
OpSource Costs & Risks
53
Assumptions:
• 730 hours in an average month
• 264 operating hours (9AM-9PM each
week day; 34 hours of maximum operating
activity per month, 44 high activity, 186
medium activity)
• 174 remaining hours of medium activity
• 292 remaining hours of low activity
Activity Level Hours/Month
Low Activity 292
Medium Activity 360
High Activity 44
Max Activity 34
Comparative Cost Calculation
54
Activity Level Cost/HourLow Activity $0.036Medium Activity $0.133High Activity $0.266Max Activity $0.532
Activity Level Hours/MonthLow Activity 292 Medium Activity 360High Activity 44 Max Activity 34
Activity Level Cost/Hour Hours/Month Cost/Month
Total Cost/Month
$88.184
Low Activity $0.036 292 $10.512Medium Activity $0.133 360 $47.880High Activity $0.266 44 $11.704
Max Activity
$0.532 34 $18.088
Comparative Cost Calculation
55
•Founded 15 years ago
•Designed only to provide Software-as-a-Service
•Public company with market cap of $35.7B
•Increasing revenues but negative net income
•Primarily provides CRM tools
•Service Cloud : $300 Per Month
•Data.com : $165 Per Month
•Total monthly cost per office: $3,000
Provider Overview: Salesforce
56
•Workday is solely a software-as-a-service company which provides a variety of applications
•These applications include human capital management, financial management, and big data analytics
•Workday also has an integration cloud which provides Platform-as-a-Service
•Workday’s revenue is rapidly increasing but it’s profits are becoming more negative
•Security is a top priority for Workday. It has many certifications and is very secure
•Total monthly cost per office: $2,500
Provider Overview: Workday
57
•Oracle is the world’s second-largest software creator after Microsoft, providing cloud-based IT environments including software-as-a-service, platform-as-a-service, infrastructure-as-a-service and data-as-a-service
•Delivers a complete range of production-level business applications for various parts of the enterprises it caters to; a one-stop-shop for corporate software
•Oracle has grown from a net profit of $9.9 billion in 2012, to nearly $11 billion in 2014
•Oracle implemented logical security at every layer of the technology that supports the business applications, as well as physical security in their global centers
•$175/Month for Oracle’s Database Cloud Service, additional $249/month for Oracle Java Cloud Service- SaaS Extension
•Total monthly cost per office: $4,240
Provider Overview: Oracle
58
•SAP offers many different cloud computing services including IaaS, PaaS and SaaS
•SAP provides many software applications designed specifically for financial institutions including SAP Simple Finance and SAP Financial Services
•Cloud computing services has been growing, last year cloud revenues grew nearly 90 percent to $68 million
•Security is a top priority at SAP, some of the security applications include reverse proxy farms, data encryption, multiple firewalls, etc.
•Total monthly cost per office: $1,890
Provider Overview: SAP
59
Standards and Regulations
60
Standards and Regulations
61
Payment Card Industry Data Security Standard• Created to protect cardholder information• Institution must maintain a current diagram that shows how all cardholder data flows
across systems• Outline which requirements are managed by the service provider and which are managed
by the entityFederal Financial Institution Examination Council• Provides a guideline for banks that are deciding to implement cloud computing• The board of directors for a bank is responsible to determine if the provider’s service is
secure, safe, and in compliance with any laws and regulations
Standards and Regulations
62
Input •Breaks all input into four main categories: financial impact, regulatory impact, customer impact, and public image impact•There is a fifth category that is used to label the risk
Calculate •All input regarding each category is quantified on a scale from 0 to 100. With 100 having the most impact•Certain categories are weighted more than others for the total impact score•The order of importance from most to least is as follows: Financial, Customer, Public Image, and Regulatory
Assign •Assigns each risk a rating of significance in a five tier system•These ratings allow for easy comparison between risks
Impact Calculations
63
High
Medium-High
Medium
Medium-Low
Low
ImageMonetaryOperational
Relative Impact
Ris
k Ty
peRisk Classifications