Upload
erepublic
View
217
Download
0
Embed Size (px)
Citation preview
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 1/11
© 2015 IBM Corporation
Ohio Digital Government Summit:Cloud-Based Provisioning
September 16th, 2015
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 2/11
© 2015 IBM Corporation
Cloud – and government
“Cloud computing offers limitless
vistas of
– Cheap, utility computing
– Low capital needs
– Rapid application development
– Happy users…
– … and therefore even happier
CIOs…!”
2
Well, not quite!!.
While cloud is undoubtedly a powerful tool for governments, a number of significant
constraints apply. But, these can be addressed – so let’s explore them.
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 3/11
© 2015 IBM Corporation3
“Gentlemen, we have run
out of money. Now we have
to think.”(Ernest Rutherford or Winston Churchill)
Social
Analytics
Mobile Cloud
Social
nalytics
Mobile
Cloud
Big Data
Speed and agility – faster service
delivery.
Scalability.
Efficiency, automation.
Pay in line with usage.
Opex replacing capex.
Certainly, governments areunder continuous pressure todo more with less, and cloud
can play a big role…
“Systems of engagement” for citizens
and workforce.
Targeted services that engage
citizens as individuals, based on
analysis of needs.
Seamless experience – “joined up
government”.
..and certainly, cloud is a majorenabler of mobile computing,big data and many otherbuzzwords
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 4/11
© 2015 IBM Corporation
So governments are becoming highly creative in how they use cloud
4
Cost reduction – Canadian
provinces, many
others
Shared services –
Group of NY statetownships
Mainframe skills
replacement –
(US State)
IaaS platform forpublic sector
entities - California
Economic and skills
development engine
– Singapore, Taiwan
E-governmentplatform - Estonia
Local infrastructure
(for NGOs, private
sector) – Catalonia,
Sunderland (UK),
WuXi (China)
Community
enablement engine
– Norfolk (UK)
Revenue source
– New South
Wales, Australia
Hurricaneresilience –
Caribbean
nations
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 5/11
© 2015 IBM Corporation5
Hi gh s p e e d c omm uni c a t i on s f or a
l l u s er s
UserCounties,
Cities
A shared services model?
Business Process as a Service
Software as a Service
Lead Entity(State?)
Infrastructure/Platform as a Service•Collaboration tools•Billing and metering•Security•etc
P u b l i c
B u s i n e s
s e s ?
I n t er n
al
O p er a t i
on s
P u b l i c
B u s i n e s s e
s ?
I n t er n al
O p er a t i on s
Complex Workflows
(Example - emergency response)
C u s t om
er P or t al
Simple Workflows
(Example - property taxtransaction)
Data Models and Integration
(“Single view of the student/taxparcel/citizen/asset/criminal….”)
Appl ication Catalog
(Multiple vendors)
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 6/11
© 2015 IBM Corporation
But there are decisions to be made…
Opex vs Capex
Data residency
Compliance
Public vs Private vs Hybrid Management and Cyber-Security
6
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 7/11© 2015 IBM Corporation
7
Opex vs capex: the need isn’t always clear cut
Many governments are attracted to
converting capital expense to
operating or revenue expense.
But not all. Some governments are
not capital constrained:
– Example – US State X, and UK
Water Utility Y. Both have tightrevenue budget constraints, but
still find it easy to raise debt.
– But they still want to pay by
usage…they just want a way to
aggregate cloud expenses into a
capital payment. Also, many cloud users are wary of
sudden cost surges if payment is
driven purely by usage.
– They prefer a fixed (or at least
predictable) monthly cost.
OpexCapex
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 8/11© 2015 IBM Corporation8
Data residency and local content requirements are common worldwide. Phillip Snowden and the NSA made them more so.
Many governments have
geographically-defined data
residency requirements.
May be a legal requirement - or
just a tacit preference.
Some countries are data residentbut not “support resident”.
Some have local employment
conditions, to boost economies by
creating skills and jobs.
Restrictions also exist on sharingpublic clouds between specific
countries.
Even in the US, some states want
data to stay within their borders,
while others work with US
borders.
Data residency fundamentally breaks the original
economic model for cloud, of utility computing at
enormous scale. So it implies trade-offs:
– Is there a public cloud vendor in your desired
territory, or do you need a private cloud option?
– How close can you get to cloud benefits with a
private cloud?
– Are all workloads data resident, or just some?
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 9/11© 2015 IBM Corporation
“The appliance of compliance”
Compliance with privacy and security
standards such as FISMA/FedRamp,
HIPAA, CJIS and FFIEC imposes
constraints (and costs) on cloud:
– Premises;
– Staff vetting;
– Hardware/control stack; – Applications – especially if multi-tenant;
– Procedural – risk analysis, process
design, attestation, documentation,
audit.
CJIS is a particular issue. DoJ’s position is
that CJIS data may not co-exist onhardware with non-CJIS data – period.
IBM clients increasingly want compliance
with ISO 27000 series, even for otherwise
non-compliant data, just to demonstrate due
care and stewardship.
9
Most compliance standards are basedat least to some extent on the same
core ISO and NIST standards.
This may mean that ISO 27000 series
is a good “base camp” from which to
additionally comply with the other
standards required.
There is a “superset” of compliance
requirements that once met will apply
to other standards. For example:
– FIPS 140-2 encryption
– HIPAA procedural “superstructure”
– CJIS staff vetting…
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 10/11© 2015 IBM Corporation
Public vs Private vs Hybrid Cloud
10
Public Private
+Ve:
– Low costs – Flexibility and elasticity
– Opex payments
– Back-up capability
– Economies of scale
also apply to security!
-Ve:
– Data residency – Support for compliance
– Some legacy apps and
workloads are not
cloud-suited
– Visibility of security
provisions
+Ve:
– On or off-prem options
– Enables data residency
– May be best option for
legacy workloads
– May be easier to
ensure compliance
– Accountability
– Optimizes return onexisting investments
-Ve:
– Skills availability
– Costs
– Access to public cloud
ecosystem and
development tools
Hybrid
+Ve:
– Optimizes workloads to the best
locations – may be unavoidable
– Retains economics of public cloud
where applicable
– Retains existing investments whereapplicable
-Ve:
– Potentially, organizational and
technical complexity in achieving
required integration (but see
over).
7/17/2019 Williams Cloud-based Provisioning
http://slidepdf.com/reader/full/williams-cloud-based-provisioning 11/11© 2015 IBM Corporation
Management and Cyber-Security - in a hybrid environment, the keyword is “integration”
11
(Traditional IT)
Orchestration (Often multiple cloud environments)
Development environment
Integrated Security and Compliance Management
Management - Visibilit y, Performance, Usage Reporting
Public PrivateHybrid