SlideShare a Scribd company logo
Practical Cloud Adoption
           For ISVs




        Mahesha Pandit
        Insert Your Name
        Managing Director – Xilcion
        Insert Your Title
        Scalable and
        Insert Date Cloud Computing Consultant to ICT KTN
        20.03.2012

© SafeNet Confidential and Proprietary
Current Trends

      Cloud  Cosmic Microwave Background Radiation
              • Uniform, Faint, glow around everything
      Adoption is on the rise
              • And so are the offerings and the noise
              • No clear process, standard or approach
                       • “Go with the trusted CSV” seems to be the popular approach
      CIOs “must deal with cloud”
              • Whether they choose to adopt it or not
      SaaS building process is still haphazard
              • No clear process, standard or approach
              • Application migration myths
              • Who is educating the developers about scalability and
                system design?
© SafeNet Confidential and Proprietary                                                2
Current Needs
      Methodology for Cloud Adoption
              •     Iterative, Customisable, Practical method
              •     Specific guidelines, checklists
              •     Maturity and performance assessment models
              •     Candidate standards
      High Level Process for SaaS
              • Architecture and Design principles based on SOA
              • Reusable in non-cloud environment
      Tools for application exploration and modernisation
              • Understand existing applications
                       • Sub-systems, boundaries, dependencies, complexity
              • Specific methods for SaaS enabling existing applications



© SafeNet Confidential and Proprietary                                       3
A Few Random Myths

           You can “port” the software to cloud
           Legacy applications cannot be taken to the cloud
           SaaS development needs a separate life cycle
           There are no tools that help SaaS development
           All SaaS providers are at same maturity
           SOA and Cloud are different paradigms
           On-premise software use will dwindle significantly very
            soon




© SafeNet Confidential and Proprietary                                4
Ten Steps to Cloud Enable ISV Software
                                                        Expectation
                                                          Setting         Requirements
                            Maintenance                                   Gathering and
                                                            1
                                                                            Modelling
                                                   10                 2

                    Deployment                                                  Partners &
                                             9                              3   Dependencies
                                                          Risk
                                                                                Platform
                      Packaging              8                              4   Selection


                                                   7                  5
                                                            6             Design For
                                         Testing
                                                                          The Cloud
                                                        Development

© SafeNet Confidential and Proprietary                                                         5
Expectation Setting - 1

      What to Expect?
              • Business: End of “Business As Usual” for ISVs.
                       •   There is no maintenance revenue
                       •   Welcome to the service culture
                       •   Increased responsibility for security
                       •   Shared Security Risks
                       •   Equal focus on both ends of SaaS? “Service” not “Software”
              • Product
                       •   Context Aware, Dynamic, Multi-Tenant Architecture
                       •   Performance challenges as software runs on virtualised resources
                       •   Sustained focus on rich features and usability
                       •   Plenty of meta data
                       •   Explosion in number of users
                       •   Licensing constraints
© SafeNet Confidential and Proprietary                                                        6
Expectation Setting - 2

      What Not To Expect?
              •     Automatic performance/scalability
              •     Automatic Acceptance by end users
              •     Low risks
              •     Validity of usual business metrics such as P&L, Revenue
                    etc.
                       • How many are joining? Leaving? QoS?
              • Sales incentives to remain the same




© SafeNet Confidential and Proprietary                                        7
Requirements Gathering and
     Modelling
      Challenges
              • Need to understand existing application
              • Extended stakeholders
                       • Other service providers, even your lawyer
              • Elevated expectations from end users
              • Modelling
      Dos
              • Understand impact of the cloud on the enterprise
                       • ... And plan an answer for each
              • Go beyond UML for modelling requirements
                       • E.g. Use HOOMT for analysing security requirements – Use Cases
                         + Misuse Cases + Mal Activity Swim lane diagrams
              • Try innovative tools for gaining insight from existing apps
      Don’ts
              • Under-estimate requirements from PaaS, IaaS layers and
                other service providers
© SafeNet Confidential and Proprietary                                                    8
Partners & Dependencies

      Challenges
              • Increased dependency on partners
      Dos
              • Research into your partner’s history, technical and non-
                technical capabilities
                       • And also their product roadmap
              • Look for mash-up partners
      Don'ts
              • Under-estimate impact of “shared risks”
              • Under-estimate the need for internal partners
                       • Executive support is still a significant factor


© SafeNet Confidential and Proprietary                                     9
Platform Selection

      Challenges
              • Need for layers of externally procured services
      Dos
              • Compare PaaS offerings
                       • Run “PaaS Selection Checklist”
                       • Choose the platform that comes with many pre-built service
                         layers
              • Select “Service” not “Server”
              • Consider analytical models for performance evaluation
                       • One is available for evaluating server utilization
      Don’ts
              • Re-invent underlying layers. Consume external services
              • Underestimate impact of “shared risks”

© SafeNet Confidential and Proprietary                                                10
Design For The Cloud - 1

      Challenges
              • Reusing existing software components
              • Design for “Availability”, “Scalability”, “Interoperability”,
                “Performance”
              • End user experience design
                       • End users are “used to” the best features
              • Service Design
                       • Not all ISVs are experts in service design
              •     Integration with on-premise and/or legacy applications
              •     Proving “Reliability”
              •     Limitations to customisations
              •     Data Integrity
© SafeNet Confidential and Proprietary                                          11
Design For The Cloud - 2
      Partial List of Solutions
              • Embrace best practices of SOA
              • Adopt open standards
              • Understand your “legacy”
                       • Even the badly written, most recent application is a legacy
              • Try HOOMT: Helps tackle several types of abstractions and NFRs
              • Try model driven development methods
              • Invest in thorough understanding of scalability and performance
                design
              • Try shared database-shared schema models, clustering and
                database segmentation as appropriate
              • Choose data solution based on value-volume analysis
              • Consume other’s services and expose your services
              • Allow end users to customise your SaaS based on tools that work
                on meta data
              • Outsource service design to competent external service providers


© SafeNet Confidential and Proprietary                                                 12
Design For The Cloud - 3

      Watch status of Standards
              • National Institute of Standards and Technology
                       • Defined Cloud Service Models (IaaS, PaaS, SaaS) and
                         Deployment models (Public, Private, Hybrid, Community)
              • Cloud Computing Interoperability Forum
                       • Unique ID for cloud resource: Semantic Cloud Data Model: OWL
                         (Web Ontology Language)/Resource Description Framework
                                • WIP, no draft
              • Open Grid Forum
                       • Interface existing IaaS – OCCI (Open Cloud Computing
                         Interface)
                                • API is available, UML model is pending




© SafeNet Confidential and Proprietary                                                  13
Development

      Challenges
              •     Faster time to market
              •     Complex deployment environment
              •     Lack of skills – design and development
              •     Lack of tools, methodologies and standards
      Partial List of Solutions
              • Go agile
              • Develop your developers
                       • Teach “Computer Science”, “Art of Scalability”, “OOAD”, “Model
                         Driven Development”, HOOMT
                       • Amazon Machine Image, MapReduce, Java, Python, Ruby, C++,
                         PHP, Pearl, .NET, Hibernate, Axis2 ...

© SafeNet Confidential and Proprietary                                                    14
Testing
      Challenges
              •     Too many scenarios of end user usage
              •     Several things to test: Application, Infrastructure, Network
              •     Mandatory “stress test”
              •     Simulating virtualised environments
              •     Expensive
      Dos
              •     Test unit test scripts before coding
              •     Profile your applications before running performance tests
              •     Use “Staging Environments” to simulate clouds
              •     Test Security, Multi-users, Mobile Users, Upgradability, Remote Access,
                    Disaster Recovery, Localisation
      Don’ts
              • Don’t ignore unit testing. It is still important.
              • Don’t expect mature SaaS testing tools to arrive any sooner
                       • There are a few SOASTA, Gomez, uTest
              • Don’t under-estimate impact of SaaS testing on shared infrastructure


© SafeNet Confidential and Proprietary                                                        15
Packaging

      Motivators
              •     Free trials
              •     “Easy to consume” packages
              •     Automated payment tools
              •     Renewal incentives
      Inhibitors
              • Complex package combinations
              • Package re-configuration, re-branding
      Differentiators
              • Smart entitlement management.
                       • Get paid for your value addition
              • Try Innovative concepts
                       • E.g. Cloud Brokering Services
© SafeNet Confidential and Proprietary                      16
Deployment
      Challenges
              • Continuously live environment
              • End user personalisation
              • Piloting subsequent releases
      Dos
              • Strong response plan for expected/unexpected issues
              • Clearly inform end users about new features, releases
              • Support adoption with a separate support service
                       • Paid/Unpaid. But it should be lead by a business change
                         management expert
              • Support data migration, master data setup
      Don'ts
              • Don't surprise the end user
              • Don’t ignore end user’s learning curve.
                       • It might be short but it is still there


© SafeNet Confidential and Proprietary                                             17
Maintenance
      Challenges
              •     SaaS testing isn’t easy. Higher number of defects?
              •     Continuously live environment
              •     Accountability for defects, issues, outages
              •     Outages are more expensive
      Dos
              • Have a strong and unambiguous roadmap for your product
              • Collect and study usage patterns and meta data
                       • Use it enhance your SaaS (of course!)
              • Provide incentives for your end users to influence the next
                version of your SaaS
      Don’ts
              • Don’t ignore end user’s learning curve
              • Don’t ignore your internal users
© SafeNet Confidential and Proprietary                                        18
Risk Assessment
      Application Performance Reliability
              • Delivering the promise
      Integrated Business Functionality
              • Ensuring that whole machinery works .... Continuously
      Compliance Risks
              • Legal, Financial, Technical
      Data Security Related Risks
              • Integrity, Confidentiality, Privacy
      IPR Related Risks
              • Ownership, protection
      Contractual Risks
              • Service quality, liabilities, penalties
      Governance Risks
              • Provisioning, Licensing, Billing

© SafeNet Confidential and Proprietary                                  19
In Summary

      SaaS enabling your software needs effort
              • A lot of preparation
              • And a practical, iterative methodology
      Xilcion’s Ten Steps Process
              • Expectation Setting -- Requirements Gathering and
                Modeling -- Partners & Dependencies -- Platform
                Selection -- Design For The Cloud -- Development --
                Testing -- Packaging -- Deployment – Maintenance
              • At each step – Consider Risks and Mitigation
              • Lather, Rinse, Repeat



© SafeNet Confidential and Proprietary                                20
By the way, Who Are “We”?
•   Industry knowledge and updates
    What’s real? List of service providers, Contacts
•   Independent, Practical Advice
    About managing technology inspired change
    including cloud, tool based legacy modernisation
•   Process Assets
    Procedures, guidelines, checklists, models, metrics
•   Hands-on Technical Service
    Software design, development, integration, testing,
    deployment
•   Innovative Training
    Cloud, non-cloud, management topics




                                                          21
© SafeNet Confidential and Proprietary   22
Cloud Services: A Partial List
     Calendar and Schedulers:                  Project Management: @task –           Cloud Storage: Amazon S3 –
     Calendars on Google, Yahoo,               AceProject – Basecamp –               Egnyte – ElephantDrive – Microsoft
     Microsoft Live, Apple MobileMe,           CopperProject – eStudio               Office Live Workspace – Mosso –
     AOL– AppointmentQuest –                   TaskTracker – onProject –             myDataBus – Nirvanix – StrrkR –
     hitAppoint – Schedulebook –               ProjectDrive – Vertabase – Wrike –    Windows Live SkyDrive
     CalendarHub – Hunt Calendars –            Project Insight – Zoho Projects
     Famundo – eStudio Calendar –                                                    Databases: Blist – Cebase – Dabble
     30Boxes – Trumba – Calendars Net          Collaborative Editing, Reporting:     DB – Lazybase – MyWebDB –
     – Jotlet – Jiffle – Presdo – Diarised –   Google Docs – Adobe Buzzword –        QuickBase – TeamDesk – Trackvia
     Windows Live Events –                     ajaxWrite – Docly – Glide Write –     – Zoho Creator – Zoho DB &
     Schedulebook – Acuity Schedule –          iNetWord – KBdocs – Peepel            Reports
     iPrioritize – Bla-Bla List –              WebWriter – ThinkFree Write –
     Hiveminder – Remember the Milk –          WriteBoard – Zoho Writer – EditGrid   Expense Management: Concur –
     Ta-da List – Tudu List – TaskTHIS –       – eXpresso – Glide Crunch – Num       ExpensAble – ExpensePoint –
     Vitalist – TracksLife – Voo2Do –          Sum – Peepel WebSheet – Sheetser      TimeConsultant
     HiTask – Zoho Planner                     – ThinkFree Calc – ZohoSheet
                                                                                     Budgeting, Financial Statements:
     Event Management: 123 Signup –            Presentations: Google Docs –          Host Budget – Host Consolidator
     Acteva – Conference.com – Cvent –         Preezo – Zoho Show – BrinkPad –
     Event Wax – eventsbot – RegOnline         Empressr – Presentation Engine –
     – Setdot – Tendenci                       PreZentist – SlideRocket –
                                               ThinkFree Show – Thumbstacks
     CRM: Salesforce.com – BigContacts
     – HighRise – bConnections –               Web-based desktops:
     eStudio Contact Manager –                 ajaxWindows – Deskjump –
     AppleMobileMe Contacts –                  Desktoptwo – eyeOS – g.ho.st –
     MyEvents – Plaxo – People Matrix –        Glide – Nivio – StartForce – YouOS
                                                                                     Go Back
     PipelineDeals – SalesBoom –
     SalesJunction.com – SalesNexus –
     Zoho CRM

© SafeNet Confidential and Proprietary                                                                                    23
MS Four Level SaaS Maturity Model



         Adhoc/Custom                                                  Configurable




                                                                        Scalable,
           Configurable,
                                                                       Configurable,
           Multi Tenant
                                                                       Multi Tenant
             Efficient
                                                                         Efficient




     http://msdn.microsoft.com/en-us/library/aa479069.aspx   Go Back
© SafeNet Confidential and Proprietary                                                 24
Complex Hybrid Environment
      Guess where will you be!



                                             Public and
                                             Community
                                               Cloud


                                          Non              Private
                                         Cloud             Cloud



                                                 Go Back
© SafeNet Confidential and Proprietary                               25
Complex Hybrid Environment
      Guess where will you be!



                                             Public and
                                             Community
                                               Cloud


                                          Non              Private
                                         Cloud             Cloud



                                                 Go Back
© SafeNet Confidential and Proprietary                               26

More Related Content

PDF
Building a Strong Foundation for Your Cloud with Identity Management
PDF
SAXOTECH Managed Hosting
PPTX
F5 DevCentral to the Cloud
PDF
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
PPTX
Building a Secure Cloud with Identity Management
PPTX
Thread Fix Tour Presentation Final Final
PPTX
Application HA in Virtual Environments
PDF
Security in a Cloudy Architecture
Building a Strong Foundation for Your Cloud with Identity Management
SAXOTECH Managed Hosting
F5 DevCentral to the Cloud
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Building a Secure Cloud with Identity Management
Thread Fix Tour Presentation Final Final
Application HA in Virtual Environments
Security in a Cloudy Architecture

What's hot (20)

PDF
The Revolution in Licensing - Cloud-Based Licensing
PPTX
OWF12/Java Sacha labourey
PDF
Conversys Profile V1.1.1250511
PDF
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
PDF
21st Century SOA
PDF
Securing Your Cloud Applications with Novell Cloud Security Service
PDF
IT Rationalization: Leveraging Service-Oriented Abstraction
PPTX
Securing Your Infrastructure: Identity Management and Data Protection
PDF
Technology Primer: Software-Defined Networking and Its Impact on Infrastructu...
PDF
Turning your Private Cloud into an Automated Delivery Platform
PDF
Introduction to Crystal and Jasper Reports for Novell Sentinel 6.1
PDF
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
PDF
resumeLF_201503
PDF
Run Book Automation with PlateSpin Orchestrate
PPTX
Designing a Reliable Software Factory for the Cloud
PDF
SaaS Testing on an Agile World
PDF
Managed Hosting
PPTX
Troubleshooting the Most Common Citrix Complaints for Remote Workers
PDF
Open Stack China Trip Sz0922
PDF
Managed Hosting Solutions
The Revolution in Licensing - Cloud-Based Licensing
OWF12/Java Sacha labourey
Conversys Profile V1.1.1250511
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
21st Century SOA
Securing Your Cloud Applications with Novell Cloud Security Service
IT Rationalization: Leveraging Service-Oriented Abstraction
Securing Your Infrastructure: Identity Management and Data Protection
Technology Primer: Software-Defined Networking and Its Impact on Infrastructu...
Turning your Private Cloud into an Automated Delivery Platform
Introduction to Crystal and Jasper Reports for Novell Sentinel 6.1
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
resumeLF_201503
Run Book Automation with PlateSpin Orchestrate
Designing a Reliable Software Factory for the Cloud
SaaS Testing on an Agile World
Managed Hosting
Troubleshooting the Most Common Citrix Complaints for Remote Workers
Open Stack China Trip Sz0922
Managed Hosting Solutions
Ad

Viewers also liked (20)

PDF
Intel IT Open Cloud - What's under the Hood and How do we Drive it?
PDF
OpenNebulaConf 2014 - Understanding the OpenNebula Model for Cloud Provisioni...
PDF
Barcamp Onet. Monitorowanie Chmury Wyzwania i wymagania
PDF
Barcamp Onet. Monitorowanie prędkości ładowania się stron internetowych
PDF
Barcamp Onet. Dlaczego DevOps gwarantuje dobry monitoring?
PDF
Onet barcamp 4 - Usługa w chmurze, Onet Accelerator
PPTX
Onet barcamp 4 - Cloud Storage
PPTX
Onet barcamp 4 - Po co nam chmura
PPTX
Onet barcamp 4 - Public Cloud - VMware Solution
PPTX
Noc informatyka
PPTX
Cloud adoption patterns
PDF
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
PDF
OpenNebulaConf 2016 - Evolution of OpenNebula at Netways by Sebastian Saemann...
PDF
OpenNebulaConf 2016 - Networking, NFVs and SDNs Hands-on Workshop by Rubén S....
PDF
OpenNebulaConf 2016 - Fast Prototyping of a C.O. into a Micro Data Center - A...
PDF
TechDay - Toronto 2016 - Hyperconvergence and OpenNebula
PDF
OpenNebulaConf 2016 - Sunstone integration with FreeIPA using Single Sign by ...
PDF
OpenNebulaConf 2016 - Network automation with VR by Karsten Nielsen, Unity Te...
PPTX
Becomming a cloud governance ninja linthicum interop fall 2013
PDF
Cloud Native Applications Maturity Model
Intel IT Open Cloud - What's under the Hood and How do we Drive it?
OpenNebulaConf 2014 - Understanding the OpenNebula Model for Cloud Provisioni...
Barcamp Onet. Monitorowanie Chmury Wyzwania i wymagania
Barcamp Onet. Monitorowanie prędkości ładowania się stron internetowych
Barcamp Onet. Dlaczego DevOps gwarantuje dobry monitoring?
Onet barcamp 4 - Usługa w chmurze, Onet Accelerator
Onet barcamp 4 - Cloud Storage
Onet barcamp 4 - Po co nam chmura
Onet barcamp 4 - Public Cloud - VMware Solution
Noc informatyka
Cloud adoption patterns
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - Evolution of OpenNebula at Netways by Sebastian Saemann...
OpenNebulaConf 2016 - Networking, NFVs and SDNs Hands-on Workshop by Rubén S....
OpenNebulaConf 2016 - Fast Prototyping of a C.O. into a Micro Data Center - A...
TechDay - Toronto 2016 - Hyperconvergence and OpenNebula
OpenNebulaConf 2016 - Sunstone integration with FreeIPA using Single Sign by ...
OpenNebulaConf 2016 - Network automation with VR by Karsten Nielsen, Unity Te...
Becomming a cloud governance ninja linthicum interop fall 2013
Cloud Native Applications Maturity Model
Ad

Similar to Cloud Adoption - A Practical Approach (20)

PPTX
Cloud migration slides
PDF
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
PDF
What an Enterprise Should Look for in a Cloud Provider
PDF
Cloud computing-insights-from-110-implementation-projects
PDF
Cloud Insights from 110 Projects
PPT
The Cloud and Next Gen IT Gordon Haff - p camp-boston2012
PDF
Open Group Conference Csi V5.1
PPTX
Choosing a Desktop Virtualization (VDI) Partner
PPTX
Intel Cloud Summit 2012 ODCA + NAB
PDF
Estrategias para explotar las tendencias de SaaS y Cloud Computing
PDF
Windstream Webinar: The Latest Trends in Virtualization: Is the cloud right f...
PDF
Running a World Class SaaS Organization
PDF
Are you ready for SaaS?
PDF
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
PDF
Intel Cloud Summit ODCA - NAB Customer presentation
PDF
Cloud Computing for Enterprise Architects
PPTX
Managing Security and Delivering Performance in the Cloud
PPTX
Cloud Computing : Security and Forensics
PDF
The Cloud according to VMware
PDF
2010 Software Licensing and Pricing Survey Results and 2011 Predictions
Cloud migration slides
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
What an Enterprise Should Look for in a Cloud Provider
Cloud computing-insights-from-110-implementation-projects
Cloud Insights from 110 Projects
The Cloud and Next Gen IT Gordon Haff - p camp-boston2012
Open Group Conference Csi V5.1
Choosing a Desktop Virtualization (VDI) Partner
Intel Cloud Summit 2012 ODCA + NAB
Estrategias para explotar las tendencias de SaaS y Cloud Computing
Windstream Webinar: The Latest Trends in Virtualization: Is the cloud right f...
Running a World Class SaaS Organization
Are you ready for SaaS?
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
Intel Cloud Summit ODCA - NAB Customer presentation
Cloud Computing for Enterprise Architects
Managing Security and Delivering Performance in the Cloud
Cloud Computing : Security and Forensics
The Cloud according to VMware
2010 Software Licensing and Pricing Survey Results and 2011 Predictions

More from LicensingLive! - SafeNet (20)

PDF
VSTEP Case Study
PPTX
Cloud Monetization: A Step by Step Guide
PDF
Turning Technology Threats into Opportunities – The Licensing View
PDF
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
PDF
Integrating Billing and Licensing in a Cloud Environment
PDF
VSM Case Study
PDF
Geocap Case Study
PDF
EMS Case Study
PDF
Inea cs en__v4_web
PDF
Key Traffic Systems
PDF
PDF
Build vs. Buy: The Hidden Costs of Licensing
PDF
Sentinel HASP Envelope
PDF
Navigating the Top Six Business Challenges of Delivering Software as a Service
PDF
SaaS Pricing and Packaging Strategies
PDF
Cloudy with a Chance of Insight
PDF
Addressing New Challenges in Software Protection for .NET
VSTEP Case Study
Cloud Monetization: A Step by Step Guide
Turning Technology Threats into Opportunities – The Licensing View
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
Integrating Billing and Licensing in a Cloud Environment
VSM Case Study
Geocap Case Study
EMS Case Study
Inea cs en__v4_web
Key Traffic Systems
Build vs. Buy: The Hidden Costs of Licensing
Sentinel HASP Envelope
Navigating the Top Six Business Challenges of Delivering Software as a Service
SaaS Pricing and Packaging Strategies
Cloudy with a Chance of Insight
Addressing New Challenges in Software Protection for .NET

Recently uploaded (20)

PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
PDF
Modernizing your data center with Dell and AMD
PDF
Unlocking AI with Model Context Protocol (MCP)
PDF
Machine learning based COVID-19 study performance prediction
PDF
Network Security Unit 5.pdf for BCA BBA.
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
PDF
KodekX | Application Modernization Development
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
PDF
Chapter 3 Spatial Domain Image Processing.pdf
PDF
Advanced IT Governance
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
PDF
Advanced Soft Computing BINUS July 2025.pdf
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
DOCX
The AUB Centre for AI in Media Proposal.docx
PDF
cuic standard and advanced reporting.pdf
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Modernizing your data center with Dell and AMD
Unlocking AI with Model Context Protocol (MCP)
Machine learning based COVID-19 study performance prediction
Network Security Unit 5.pdf for BCA BBA.
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
The Rise and Fall of 3GPP – Time for a Sabbatical?
KodekX | Application Modernization Development
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
Chapter 3 Spatial Domain Image Processing.pdf
Advanced IT Governance
CIFDAQ's Market Insight: SEC Turns Pro Crypto
Mobile App Security Testing_ A Comprehensive Guide.pdf
Reach Out and Touch Someone: Haptics and Empathic Computing
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
Advanced Soft Computing BINUS July 2025.pdf
Diabetes mellitus diagnosis method based random forest with bat algorithm
The AUB Centre for AI in Media Proposal.docx
cuic standard and advanced reporting.pdf

Cloud Adoption - A Practical Approach

  • 1. Practical Cloud Adoption For ISVs Mahesha Pandit Insert Your Name Managing Director – Xilcion Insert Your Title Scalable and Insert Date Cloud Computing Consultant to ICT KTN 20.03.2012 © SafeNet Confidential and Proprietary
  • 2. Current Trends  Cloud  Cosmic Microwave Background Radiation • Uniform, Faint, glow around everything  Adoption is on the rise • And so are the offerings and the noise • No clear process, standard or approach • “Go with the trusted CSV” seems to be the popular approach  CIOs “must deal with cloud” • Whether they choose to adopt it or not  SaaS building process is still haphazard • No clear process, standard or approach • Application migration myths • Who is educating the developers about scalability and system design? © SafeNet Confidential and Proprietary 2
  • 3. Current Needs  Methodology for Cloud Adoption • Iterative, Customisable, Practical method • Specific guidelines, checklists • Maturity and performance assessment models • Candidate standards  High Level Process for SaaS • Architecture and Design principles based on SOA • Reusable in non-cloud environment  Tools for application exploration and modernisation • Understand existing applications • Sub-systems, boundaries, dependencies, complexity • Specific methods for SaaS enabling existing applications © SafeNet Confidential and Proprietary 3
  • 4. A Few Random Myths  You can “port” the software to cloud  Legacy applications cannot be taken to the cloud  SaaS development needs a separate life cycle  There are no tools that help SaaS development  All SaaS providers are at same maturity  SOA and Cloud are different paradigms  On-premise software use will dwindle significantly very soon © SafeNet Confidential and Proprietary 4
  • 5. Ten Steps to Cloud Enable ISV Software Expectation Setting Requirements Maintenance Gathering and 1 Modelling 10 2 Deployment Partners & 9 3 Dependencies Risk Platform Packaging 8 4 Selection 7 5 6 Design For Testing The Cloud Development © SafeNet Confidential and Proprietary 5
  • 6. Expectation Setting - 1  What to Expect? • Business: End of “Business As Usual” for ISVs. • There is no maintenance revenue • Welcome to the service culture • Increased responsibility for security • Shared Security Risks • Equal focus on both ends of SaaS? “Service” not “Software” • Product • Context Aware, Dynamic, Multi-Tenant Architecture • Performance challenges as software runs on virtualised resources • Sustained focus on rich features and usability • Plenty of meta data • Explosion in number of users • Licensing constraints © SafeNet Confidential and Proprietary 6
  • 7. Expectation Setting - 2  What Not To Expect? • Automatic performance/scalability • Automatic Acceptance by end users • Low risks • Validity of usual business metrics such as P&L, Revenue etc. • How many are joining? Leaving? QoS? • Sales incentives to remain the same © SafeNet Confidential and Proprietary 7
  • 8. Requirements Gathering and Modelling  Challenges • Need to understand existing application • Extended stakeholders • Other service providers, even your lawyer • Elevated expectations from end users • Modelling  Dos • Understand impact of the cloud on the enterprise • ... And plan an answer for each • Go beyond UML for modelling requirements • E.g. Use HOOMT for analysing security requirements – Use Cases + Misuse Cases + Mal Activity Swim lane diagrams • Try innovative tools for gaining insight from existing apps  Don’ts • Under-estimate requirements from PaaS, IaaS layers and other service providers © SafeNet Confidential and Proprietary 8
  • 9. Partners & Dependencies  Challenges • Increased dependency on partners  Dos • Research into your partner’s history, technical and non- technical capabilities • And also their product roadmap • Look for mash-up partners  Don'ts • Under-estimate impact of “shared risks” • Under-estimate the need for internal partners • Executive support is still a significant factor © SafeNet Confidential and Proprietary 9
  • 10. Platform Selection  Challenges • Need for layers of externally procured services  Dos • Compare PaaS offerings • Run “PaaS Selection Checklist” • Choose the platform that comes with many pre-built service layers • Select “Service” not “Server” • Consider analytical models for performance evaluation • One is available for evaluating server utilization  Don’ts • Re-invent underlying layers. Consume external services • Underestimate impact of “shared risks” © SafeNet Confidential and Proprietary 10
  • 11. Design For The Cloud - 1  Challenges • Reusing existing software components • Design for “Availability”, “Scalability”, “Interoperability”, “Performance” • End user experience design • End users are “used to” the best features • Service Design • Not all ISVs are experts in service design • Integration with on-premise and/or legacy applications • Proving “Reliability” • Limitations to customisations • Data Integrity © SafeNet Confidential and Proprietary 11
  • 12. Design For The Cloud - 2  Partial List of Solutions • Embrace best practices of SOA • Adopt open standards • Understand your “legacy” • Even the badly written, most recent application is a legacy • Try HOOMT: Helps tackle several types of abstractions and NFRs • Try model driven development methods • Invest in thorough understanding of scalability and performance design • Try shared database-shared schema models, clustering and database segmentation as appropriate • Choose data solution based on value-volume analysis • Consume other’s services and expose your services • Allow end users to customise your SaaS based on tools that work on meta data • Outsource service design to competent external service providers © SafeNet Confidential and Proprietary 12
  • 13. Design For The Cloud - 3  Watch status of Standards • National Institute of Standards and Technology • Defined Cloud Service Models (IaaS, PaaS, SaaS) and Deployment models (Public, Private, Hybrid, Community) • Cloud Computing Interoperability Forum • Unique ID for cloud resource: Semantic Cloud Data Model: OWL (Web Ontology Language)/Resource Description Framework • WIP, no draft • Open Grid Forum • Interface existing IaaS – OCCI (Open Cloud Computing Interface) • API is available, UML model is pending © SafeNet Confidential and Proprietary 13
  • 14. Development  Challenges • Faster time to market • Complex deployment environment • Lack of skills – design and development • Lack of tools, methodologies and standards  Partial List of Solutions • Go agile • Develop your developers • Teach “Computer Science”, “Art of Scalability”, “OOAD”, “Model Driven Development”, HOOMT • Amazon Machine Image, MapReduce, Java, Python, Ruby, C++, PHP, Pearl, .NET, Hibernate, Axis2 ... © SafeNet Confidential and Proprietary 14
  • 15. Testing  Challenges • Too many scenarios of end user usage • Several things to test: Application, Infrastructure, Network • Mandatory “stress test” • Simulating virtualised environments • Expensive  Dos • Test unit test scripts before coding • Profile your applications before running performance tests • Use “Staging Environments” to simulate clouds • Test Security, Multi-users, Mobile Users, Upgradability, Remote Access, Disaster Recovery, Localisation  Don’ts • Don’t ignore unit testing. It is still important. • Don’t expect mature SaaS testing tools to arrive any sooner • There are a few SOASTA, Gomez, uTest • Don’t under-estimate impact of SaaS testing on shared infrastructure © SafeNet Confidential and Proprietary 15
  • 16. Packaging  Motivators • Free trials • “Easy to consume” packages • Automated payment tools • Renewal incentives  Inhibitors • Complex package combinations • Package re-configuration, re-branding  Differentiators • Smart entitlement management. • Get paid for your value addition • Try Innovative concepts • E.g. Cloud Brokering Services © SafeNet Confidential and Proprietary 16
  • 17. Deployment  Challenges • Continuously live environment • End user personalisation • Piloting subsequent releases  Dos • Strong response plan for expected/unexpected issues • Clearly inform end users about new features, releases • Support adoption with a separate support service • Paid/Unpaid. But it should be lead by a business change management expert • Support data migration, master data setup  Don'ts • Don't surprise the end user • Don’t ignore end user’s learning curve. • It might be short but it is still there © SafeNet Confidential and Proprietary 17
  • 18. Maintenance  Challenges • SaaS testing isn’t easy. Higher number of defects? • Continuously live environment • Accountability for defects, issues, outages • Outages are more expensive  Dos • Have a strong and unambiguous roadmap for your product • Collect and study usage patterns and meta data • Use it enhance your SaaS (of course!) • Provide incentives for your end users to influence the next version of your SaaS  Don’ts • Don’t ignore end user’s learning curve • Don’t ignore your internal users © SafeNet Confidential and Proprietary 18
  • 19. Risk Assessment  Application Performance Reliability • Delivering the promise  Integrated Business Functionality • Ensuring that whole machinery works .... Continuously  Compliance Risks • Legal, Financial, Technical  Data Security Related Risks • Integrity, Confidentiality, Privacy  IPR Related Risks • Ownership, protection  Contractual Risks • Service quality, liabilities, penalties  Governance Risks • Provisioning, Licensing, Billing © SafeNet Confidential and Proprietary 19
  • 20. In Summary  SaaS enabling your software needs effort • A lot of preparation • And a practical, iterative methodology  Xilcion’s Ten Steps Process • Expectation Setting -- Requirements Gathering and Modeling -- Partners & Dependencies -- Platform Selection -- Design For The Cloud -- Development -- Testing -- Packaging -- Deployment – Maintenance • At each step – Consider Risks and Mitigation • Lather, Rinse, Repeat © SafeNet Confidential and Proprietary 20
  • 21. By the way, Who Are “We”? • Industry knowledge and updates What’s real? List of service providers, Contacts • Independent, Practical Advice About managing technology inspired change including cloud, tool based legacy modernisation • Process Assets Procedures, guidelines, checklists, models, metrics • Hands-on Technical Service Software design, development, integration, testing, deployment • Innovative Training Cloud, non-cloud, management topics 21
  • 22. © SafeNet Confidential and Proprietary 22
  • 23. Cloud Services: A Partial List Calendar and Schedulers: Project Management: @task – Cloud Storage: Amazon S3 – Calendars on Google, Yahoo, AceProject – Basecamp – Egnyte – ElephantDrive – Microsoft Microsoft Live, Apple MobileMe, CopperProject – eStudio Office Live Workspace – Mosso – AOL– AppointmentQuest – TaskTracker – onProject – myDataBus – Nirvanix – StrrkR – hitAppoint – Schedulebook – ProjectDrive – Vertabase – Wrike – Windows Live SkyDrive CalendarHub – Hunt Calendars – Project Insight – Zoho Projects Famundo – eStudio Calendar – Databases: Blist – Cebase – Dabble 30Boxes – Trumba – Calendars Net Collaborative Editing, Reporting: DB – Lazybase – MyWebDB – – Jotlet – Jiffle – Presdo – Diarised – Google Docs – Adobe Buzzword – QuickBase – TeamDesk – Trackvia Windows Live Events – ajaxWrite – Docly – Glide Write – – Zoho Creator – Zoho DB & Schedulebook – Acuity Schedule – iNetWord – KBdocs – Peepel Reports iPrioritize – Bla-Bla List – WebWriter – ThinkFree Write – Hiveminder – Remember the Milk – WriteBoard – Zoho Writer – EditGrid Expense Management: Concur – Ta-da List – Tudu List – TaskTHIS – – eXpresso – Glide Crunch – Num ExpensAble – ExpensePoint – Vitalist – TracksLife – Voo2Do – Sum – Peepel WebSheet – Sheetser TimeConsultant HiTask – Zoho Planner – ThinkFree Calc – ZohoSheet Budgeting, Financial Statements: Event Management: 123 Signup – Presentations: Google Docs – Host Budget – Host Consolidator Acteva – Conference.com – Cvent – Preezo – Zoho Show – BrinkPad – Event Wax – eventsbot – RegOnline Empressr – Presentation Engine – – Setdot – Tendenci PreZentist – SlideRocket – ThinkFree Show – Thumbstacks CRM: Salesforce.com – BigContacts – HighRise – bConnections – Web-based desktops: eStudio Contact Manager – ajaxWindows – Deskjump – AppleMobileMe Contacts – Desktoptwo – eyeOS – g.ho.st – MyEvents – Plaxo – People Matrix – Glide – Nivio – StartForce – YouOS Go Back PipelineDeals – SalesBoom – SalesJunction.com – SalesNexus – Zoho CRM © SafeNet Confidential and Proprietary 23
  • 24. MS Four Level SaaS Maturity Model Adhoc/Custom Configurable Scalable, Configurable, Configurable, Multi Tenant Multi Tenant Efficient Efficient http://msdn.microsoft.com/en-us/library/aa479069.aspx Go Back © SafeNet Confidential and Proprietary 24
  • 25. Complex Hybrid Environment Guess where will you be! Public and Community Cloud Non Private Cloud Cloud Go Back © SafeNet Confidential and Proprietary 25
  • 26. Complex Hybrid Environment Guess where will you be! Public and Community Cloud Non Private Cloud Cloud Go Back © SafeNet Confidential and Proprietary 26