Upload
lydang
View
227
Download
0
Embed Size (px)
Citation preview
1
Forbo – Our Business Cloud in the Future
Thomas Zinniker, CIO Forbo Group
17.06.2015
THE FORBO GROUP
2
THE FORBO GROUP
A GLOBAL LEADER IN FLOORING AND MOVEMENT
SYSTEMS
More than 5,100 employees worldwide
International network of 24 production and distribution companies,
6 fabrication centers as well as 42 pure sales organizations
In a total of 36 countries worldwide
CHF 1,226.8 million net sales in 2014
CHF 123.4 million Group profit from continuing operatings
Forbo Holding is listed on the SIX Swiss Exchange
Stable shareholder base – Board of Directors’ stake in Forbo of more
than 30%
Forbo is a leading producer of floor coverings, building and
construction adhesives, as well as power transmission and
conveyor belt technology.
THE FORBO GROUP
A GLOBAL LEADER IN FLOORING AND MOVEMENT
SYSTEMS
3
Flooring Systems
15 MANUFACTURING SITES IN 6 COUNTRIES
LOCAL ENTITIES IN 24 COUNTRIESChâteau-Renault
Reims
France
Assendelft
Coevorden
Krommenie
Netherlands
Kaluga
Russia
Giubiasco
Switzerland
Bamber Bridge
Cortonwood
Kirkcaldy
Ripley
Telford
United Kingdom
Erfurt
Germany
Wormerveer
Netherlands
Stary Oskol
Russia
Floor Coverings
Building and
Construction Adhesives
Sales offices worldwide
4
Movement Systems
9 ROLL PRODUCTION SITES AND 6 FABRICATION CENTERS
IN 9 COUNTRIES - LOCAL ENTITIES IN 29 COUNTRIES
Shanghai
Shenyang
China
Itapevi
Brazil
Lunderskov
Denmark
Garbsen
Hanover
Germany
Fukuroi
Japan
Tlalnepantla
Mexico
Malacky
Slovakia
Wallbach
Switzerland
Charlotte
Huntersville
USA
Roll Production
and Fabrication
Centers
300 sales and service points worldwide
5
Forbo Today
Forbo is very decentralized organized
– Although our core backbone is centralized (ERP, CRM, BI) most of the local sites still operate their
own local infrastructure for Finance, HR, File services, etc.
– 50% of all sites have 20 or less users
– Global, Regional and Local IT needs to work hand in hand - global service production (e.g. Device
Engineering) local service delivery (IMAC)
Security setup
– The current security setup has been designed 10 years ago where a global WAN with single
perimeter was state of the art
– Decentralization is also an advantage, if a file server fails only a fraction of users is affected
– Mobility scenarios are weakening our setup by using not approved 3rd party cloud applications
17.06.2015
Major Challenges
Being in control who does access what
– Through the open setup and the use of cloud services (IaaS, PaaS, SaaS) which might not be
integrated into our AD, an integrated account management is not possible
– If a local user leaves the company we have difficulties to manage all his accounts
Where is our data stored, who is in charge to manage the data
– Local sites setup cloud services and start using it. A formal operation is in many cases not
established.
What are the new disaster scenarios, what are the influencing risks
– What kind of risks are we facing, does the responsible manager
Either we fight each individual solution and try to make it secure, or we are
reconsidering our setup completely.
17.06.2015
6
The Forbo way into the Cloud
For Forbo it’s not a decision yes or no, its only about when and how
What has lead us to the decision
– The cloud is the future, it is the most flexible and cost effective way of operating IT
– A global cloud provider can provide an integrated solution replacing many small and adhoc
solutions built up in the past, and can easily be managed more centrally
This provides us with a couple of solutions for our major challenges
– Offering a well managed cloud to local sites provides them with the flexible solutions they are
looking for, preventing unmanaged “insecure” maverick solutions
– Having the transparency of local solutions allows a seamless integration into the rest of the
infrastructure including mobility scenarios and managed identities
– Small sites are using solely cloud resources (infrastructure less) is more cost effective
We start with Microsoft O365 and Azure
17.06.2015
Overall Architecture with Office 365
17.06.2015
Office 365 Cloud
Exchange(eMail)
Skype for Business(communication)
OneDrive for Business(My Documents)
SharePoint Online(Workflow, Apps)
Yammer(Social)
Azure Cloud
SharePoint “on Premise”(Workflow, Apps)
File Server
Other
On Premise
SharePoint (Complex Workflow, Apps)
File Server
LoB Applications
SAP
CRM
BI
…
Approved Users with
approved Devices
Only within Forbo
Network
Only within
Forbo Network
User / Device
Mgmt
(AD)Synchronized (Azure AD)
Gateway
VPN Connections
Virtual Desktops
BYOD
Microsoft Clouds
Forbo WAN
7
How Secure is the Cloud – A holistic approach is needed
Just looking at the cloud security is not the right way. To get a holistic view we have to ask
ourselves the following questions
- How secure is our LAN? Single Perimeter Security in the WAN!
- How secure are our Data Centers? do
- How secure is our WAN?
- What about our Users?
… and then the cloud
Looking at the security aspect, all infrastructure above is less secure than the one of the
major cloud service providers.
We consider the weakest link overall the User –
this does not change if we use the cloud.
17.06.2015
Enforcing Cloud Security – Get the right support
• Security Statement Office 365 Cloud
Security Analysis of Office 365
Risks of Cloud Services
Information security recommendations
• Policy enhancements & definition of a cloud handling policy
• Support strong user authentication for cloud services (PKI based)
Implementation and configuration of a Utimaco Security Server
We rely on the experience and support of InfoGuard.
17.06.2015
8
There will be a paradigm shift in the future
17.06.2015
From one Forbo WAN…
… to a Site / User centric approach
17.06.2015Meeting SAP, 16.4.2015