AWS FSI Symposium 2017 NYC- CTP & Cloud Migration Best Practices

© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Clint France, VP Principal Architect / Cloud Strategy at CTP

Cloud Migration Best PracticesIn collaboration with Cloud Technology Partners (CTP)

© 2016 Cloud Technology Partners, Inc. / Confidential 2© 2016 Cloud Technology Partners, Inc. / Confidential 2@cloudtp

• Leads the Cloud Adoption

Program Global Practice

• 25+ years of IT experience with

10 in public and private cloud

Clinton France

VP Principal Architect / Cloud Strategy

Hello!

[email protected]

mailto:[email protected]


We Are Enterprise Cloud Experts

400+ Enterprise ProjectsAWS Experts

✓ AWS Premier Consulting Partner

✓ Google Premier Consulting Partner

✓ Microsoft Azure Silver Partner

✓ Gartner Cool Cloud Vendor

● Migration Competency

● IoT Competency

● DevOps Competency

● Financial Services Competency

● NextGen Managed Services Partner

CTP is the premier cloud services

and software company for

enterprises moving to cloud.


R U N

What We Do

From cloud strategy through ongoing operations,

CTP provides end-to-end services to accelerate your cloud transformation.

I N N O V A T EM O V E

Follow a comprehensive and proven

approach to cloud adoption.

● Cloud Strategy & Economics

● Cloud Security

● Portfolio Assessment

● Application Migration

Design, build and run innovative, cloud-

native applications and software.

● Digital Strategy

● New Cloud-Native Development

● Application Optimization

● Managed Operations

Offload the ongoing operations and

maintenance of your cloud.

● Cloud Operations

● Optimization

● Continuous Compliance

● Cost Control

© 2016 Cloud Technology Partners, Inc. / Confidential 5@cloudtp

Let’s Start with “Why”


Why Are You Here?

1) I want to understand how to move to AWS safely


Why Are You Here?

2) I want to understand the economics

Data Center Costs vs. Cloud Costs• Hardware and networking costs

• Downtime costs (planned and unplanned)

• Upgrades cost

• SLA penalties

• Deployment cost

• Operational support cost (day to day operations)

• Performance costs

• Cost of selection of the vendor software

• Requirements analysis cost

• Developer, admin and end-user training cost

• Application designs and development costs

• Cost of integration with other systems

• Quality, user acceptance and other testing costs

• Application enhancement and bug fixes cost

• Replacement costs

• Cost of other risks (including security breaches)

10%

90%


Why Are You Here?

3) I want to protect and accelerate our competitive advantage


Prior to the national grid, all factories generated their own power


It took 20 years to convince businesses that a multi-tenant

power grid was more reliable and cost efficient


Pop Quiz:

What is the average utilization

percentage of virtual CPUs in a

data center?

Answer:


Realization #1

“We must come together in a

shared computer model”


Boston Headquarters

263 Summer Street

Fourth Floor

Boston MA, 02210

Contact

617.674.0874

[email protected]

www.cloudtp.com

However, data center consolidation is a one-time event.

long-term value of cloud lays elsewhere...


The real value of cloud is...

‘The Speed of Innovation’


Infrastructure as Code

• Rapid provisioning

• Compliance through software

• Continuous governance

• Elastic load balancing

• Multi-data center HA

• Geo-distribution failover

• Pay for use

What used to cost millions now cost hundreds

Accelerate Software Deployments

What used to take months now is available in minutes


Realization #2

“Accelerating the software

release process has a massive

impact on the business”

Cloud Adoption can be “The One Thing”


The Tyranny of “How?”

● What used to take months and millions of

$$s...

● Now takes minutes and costs less than

$1,000s

● “How” we move to the cloud is significantly

lower risk and more secure than moving to a

new physical data center.

Don’t let “HOW” get in the way of “WHY”

Learning has very little risk!


Realization #3

“Enterprises are not ready for

the organizational change

necessary to realize the

benefits of the cloud”

We are building new organizational muscles

and making new decisions

Log Jams Will Happen!


Cloud Strategy & Migration

Best Practices


Best Practice #1 - Alignment Workshops

Address the Fear, Uncertainty and Doubt Early

Alignment WorkshopsNot everyone is on the same page!

Lessons Learned:

1. Get GRC involved early

2. Deeply involve all security teams

3. Know your blockers

4. Make Application Teams part of the process

5. Have a clear “WHY CLOUD?” message

© 2017 Cloud Technology Partners, Inc. / Confidential 21

Customer /

Service Strategy

Security / Risk /

Compliance

Financial / Cost

Mgmt.Vendor / Partner Service Portfolio Automation Run / Operate

Staffing / Talent /

Skills

Comm / Culture

Change

Continuous

Service

Optimization

Customer

Centric Service

Threat

Assessment

TCO

Optimization

Unified Supplier

Dashboards

Innovation of

New Cloud

Services

Consistent,

Compliant Cloud

Delivery

Auto Recovery

and

Remediation

Self-Service

ReportingService Culture

Business IT

Leaders

Self-Service -

End-to-End

Automation

Demand

Planning and

Optimization

Proactive

Security

Scanning

Predictable

Cloud and IT

Hosting Bill Back

Common

Commercial

Terms and

Conditions

Governed Intro

of New Cloud

Services

Automated

Provisioning with

IT Control

Framework

Service

Exception

Handling

Automated

Service

Remediation

Succession

Planning

Skill Gaps are

Recruited

Self-Service -

Infrastructure

as Code

Self-Service

Quality and

Consumption

Reports

Automated Audit

Evidence

Collection

Resource

Consumption

Tracking

Integrated

Supplier

Reporting

Cloud Portfolio

Lifecycle Mgmt.

IT Processes

Controls

Automated

Provisioning

from Service

Catalog

Service Quality

Mgmt.

Lifecycle Skill

Development

Global Expert

Core Team

Partially

Automated

Transparent

Service Delivery

Standardized

Audit

Requirements

Hosting Spend

Tracked to

Applications

Spend by

Supplier

Cloud Services

Integrated within

Catalog

Controls /

Outcomes

Defines

Standard

Provisioning

Templates

Services

Tracked within

Config Mgmt.

Systems

New Job Roles

are Introduced

New Global Org

Defined

Manually

Engineered

Service

Availability

Mgmt.

Manual Audit

and Compliance

Reporting

IT Cost Mgmt.Centralized

Supplier Lists

Service

Architecture

IT Processes

Documented

Manual Cloud

Provisioning

Cloud Service

Monitoring

Technical Job

RolesSkills Inventory

Operations Management Technology Human Capital

Process /

Operation ModelLEVEL

Current

State

Desired

State

The Maturity ModelCustomer Self Assessment0-35% 36-65% 66-100%

Percent Complete

Transformation

Gap


Best Practice #2 - Understand the Economics

Perform TCO / ROI to Justify Business Case

Understand the

Economics

Economics are your organization’s “True North”.

Lessons Learned:

1. Those who skipped economic studies lack the

“firepower” to move their projects forward

2. Build an economic model up front

3. Refine your model with each iteration of your cloud

4. Involve finance early in the discussion

5. Automation of governance is critical to maintaining KPIs


Best Practice #3 - Make a Decision

Successful Cloud Initiatives Start with a Decision

Commitment is required.

Lessons Learned:

1. Everyone must agree “Why Cloud”

2. Dedicate a team

3. Gain appropriate funding

4. Continue to educate GRC

5. Leverage your Cloud Business Office as communication hub

Agree on Direction and Why


Best Practice #4 - Establish a CBO

Establish a Cloud Business Office

The move to the cloud touches many parts of the

business. Governance is core to the CBO.

Lessons Learned:

1. Ring-fence the team

2. Central point for decision clearing with SLAs

3. All stakeholders must have full or part time roles

4. Governance is key to CBO

5. Make communications a core function

Cloud Business Office


Third

Parties

AWS, Tools

vendors,

private cloud

providers,

etc.)

Compliance

& Risk

Enterprise

Supplier

Management(Contract management)

Third Parties(AWS, tool vendors, etc.)

Communications

Compliance & Risk

Cloud EngineeringTechnology Center of

Excellence (SMEs)

Best Practice - Cloud Business Office

Cloud Business Office (CBO) Serves

as the central point of decision-making,

communication and cultural change for

your cloud program

Information Security

Operations(Governance & monitoring)

IT Finance(Chargeback, budget, invoicing)

App Owners(LOB, Dev teams, etc.)

HR(Onboarding, Training)

Cloud

Business

Office

✓ Industry best practice for cloud adoption

✓ Seed Cultural change

✓ Decision-making and governing body

– Technology Standards

– Innovation / Lifecycle Management

– Development Standards

– Automation Standard

✓ Process Re-engineering

✓ Security / Compliance framework

✓ Organizational Change oversight

– Training / Skills

– Communications

✓ Business and Vendor Management

– Contract T&C, Legal

– Service Level Management / Reporting

Engage across all stakeholders

More than a Program Office!


Existing Roles

CBO Roles

Full-time

Part-time

Observers

CBO Provides Clarity and Accountability

CBO is focused on “Time to Value”

• Application team onboarding

• Assignments & accountability

• Cloud capabilities / timing

• Vendors and partners

• PMO / PM enablement


Best Practice #5 - Discovery

Dependency Discovery is Required

CMDB & tribal knowledge are not dependable.

Lessons Learned:

1. Electronic discovery is required

2. Dependencies limit ability to move to cloud

3. Hybrid (on-prem to AWS) will exist and creates latency

4. Legacy thinking gets in the way

Discovery


Best Practice #6 - Security Assessment

Know Where You Are

Processes, roles, and technology are

different in the cloud.

Lessons Learned:

1. Assess against CSA / ISO 270XX standard

2. Start with a known secure cloud (MVC) reference architecture

3. Assess against a baseline

4. Find the gaps and plan for the remediation

5. Many existing toolsets may not make the trip

Security Assessment


Best Practice #7 - Establish a Minimum Viable Cloud (MVC)

We Can Iterate Cloud Solutions

Minimum Viable CloudStart with a “Known” MVC Architecture.

Lessons Learned:

1. Start with a foundation on AWS

2. Leverage a known and proven MVC architecture

3. Work the organization’s muscles

4. Select a pilot app that is meaningful

5. Migrate the pilot to the MVC to work the system

6. Learn from the process and iterate


Alignment and planning are core to our methodology and are critical to MVC!

The MVC is the foundation for your 1st meaningful pilot application.

Key Concept: Alignment with Baseline

Networking

VPC

Accounts

Logging

IAM / Security

Encryption

Tools

Image Management

Automation

Applications

Security

CloudOps

Economics

DevOps

Infrastructure

Gather Your

Requirements Build MVC for AWS

Monitoring

Storage


Key Concept: Minimum Viable Cloud (MVC)

App Owner Account - AApp Owner Account - B

Public Cloud Region

Web App

Dev/Test

Web App

Production

IT Central Services

Security,

Governance, Ops

VPC

VPC

VPC

Big Data

Production

Big Data

Dev/Test

VPC

MVC - A secure public cloud environment running at least 1 client application to exercise the organization’s muscle,

demonstrate the viability of cloud services and engage all necessary enterprise organizations.

VPC

● Monitor / Logging

● Security / IAM

● Governance

● Encryption

● Networking

● DR / BC

● Automation


Best Practice #8 - Governance

Automation is Critical to Good Governance

We are able to provision complete systems in

minutes. Strong governance is critical. GovernanceLessons Learned:

1. Dev teams are not good at policing resources

2. Automation is critical for governance

3. Tagging standards are a must

4. Cloud governance is more than Operations

5. Leverage tools wherever possible

6. Financial controls are critical at scale


How will your organization...

• Continuously govern your activities?

• Continuously monitor, manage and

optimize cloud spend?

• Prepare for regulatory audits?

• Ensure applications are meeting

security and governance

requirements?

• Reduce governance, risk and

compliance costs?

Cloud brings tremendous

benefits, as well an

overwhelming number of

questions.

Are you in control of your cloud?


Key Concept: Continuous Compliance

Your single source of truth across GRC.

Continuous monitoring of over 1,000 IT

compliance, corporate governance and

regulatory compliance controls.

✓ Real-time alerting of control failures and

recommendations for remediation

✓ The most up-to-date policies from regulatory

organizations that ensure compliance frameworks

are updated upon release

✓ Continuous synchronization of new cloud services

and capabilities with regulatory compliance

frameworks

✓ Reduced time, cost and complexity of audit

preparation

✓ CTP’s expertise to provide ongoing

recommendations for cloud compliance

Continuous Compliance


Best Practice #9 - Automation and Validation

Infrastructure is Now Software - Control and Validate

Lessons Learned:

1. Teams aspire to automate everything

2. Learn best practices from App Dev teams

3. Educate all parties on new model of infrastructure

4. Reviews will be of code, not physical infrastructure

5. Use tools to validate and test configurations

Deployment is automated. Insert controls and

checkpoints to inspect before making a change. Automate & Validate


Best Practice #10 - Prepare for Migration @ Scale

Migration @ Scale is the Goal - One App at a Time

Lessons Learned:

1. Solid MVC and factory model is critical

2. Checkpoints, not automation, are required

3. Operations and governance must be in place prior to

mass migration

4. Control new services releases

Migration @ Scale is hard. Movement is

accomplished through a factory approach. Factory


Phases 2 & 3 Phase 4 - Migration @ Scale Phase 5 - Operate

App Assessment

and MVC Build

Migration @ Scale

Workbench Paths

REHOST

REPLATFORM

REFACTOR

REPLACE

RETIRE

Applications

Destination

Best Practice #10 - Migration Workbenches


• Define ‘Why’ are we moving to Cloud

• Define critical ‘Success Factors’

• Limit the blast zone (small steps)

• Don’t be afraid to fail fast

• Measure results in both Cost, Performance and Agility

• Iterate based on lessons learned

Summary Slide


Boston Headquarters

263 Summer Street

Fourth Floor

Boston MA, 02210

Contact

617.674.0874

[email protected]

www.cloudtp.com

QUESTIONS?