Ken nt Staate U Univer
Ma
rsity’s
arch 2015
s Clou
5
ud St
rateggy
March 2015 2 | P a g e
Table of Contents
Item Page
1. From the CIO 3
2. Strategic Direction for Cloud Computing at Kent State 4
3. Cloud Computing at Kent State University 5
4. Methodology for Cloud Transition 8
5. Conclusion 14
6. Attachment 1 ‐ What is Cloud Computing? 15
7. Attachment 2 ‐ Benefits of Cloud Computing 17
The adoptio operations w but as a larg deliver serv organization various info capabilities, the universi This cloud st successful im goals enable the overall I matures, ev the division
on of cloud c within the u ge, ever expa
ices. Cloud n. The Inform
rmation tec , and how it
ty.
trategy has mplementat es the divisio IS mission, th volves, and in to impleme
F
computing at niversity. Th anding pool
computing i mation Servi hnology nee is being inte
been develo tions. The al on to succes he division w nnovates, th ent our cloud
From
t Kent State he division lo
of available s helping th ices division eds. An over egrated into
oped to expl lignment of ssfully accom will continue he division w d strategy ar
m the C
University h ooks at clou technologie e division to will become rall understa our operati
ore the clou the Cloud St mplish and m e to refine its will do the sa
re as follows
CIO
has been acc d computing es and servic o become a m
e a service p anding of the
ons is integr
ud model, ide trategy with maintain thos
s cloud strat me. The tac s:
cepted as a w g not as an i ces providin more service provider for t e cloud, its o ral for all wh
entify benef h Information
se goals. Alo tegy, and, as ctical action
way to enha solated tech g a new way e oriented
the universit offerings, ho are involv
fits, use case n Services’ s ong with fur s the cloud m
s taken thus ance
hnology, y to
ty’s ved with
es, and strategic rthering model s far by
Stra
1) Most of years). T standard more qu a) Goal i) R ii) E b) Acco i) T
2) Existing cloud en a) Exam
3) New (re similar t a) Acco
i) T m ii) T
4) While m circumst some re a) Acco
i) A c
ategic a
our existing To prepare t d virtualized uickly introd
ls:
Reach an 80%
Ensure zero omplishment The Banner E applications nvironment.
mple Project placement) to non‐cloud omplishment The KSU pub managemen The Empowe most applicat
tances wher esources are omplishment A tiered stor cloud based
c Dire at Ken
g application hese applica d environme
uce solution
% utilization business im ts:
ERP was mig s that are clo
t: Complete applications d based alter
ts:
blic website i t system.
er timekeepi tions will res re it may be in the data ts:
rage system storage.
Ma
ection nt Sta
ns will not be ations for th
nt in the dat ns into our co n of our IT as
pact from IT grated to a s oud ready ne
an applicatio s should be c rnatives.
is now in a c ing applicati side either in
advantageo center while has been im
arch 2015
n for C ate U
e cloud ready e cloud, KSU ta center. Th omputing en ssets.
T infrastructu tandard virt eed to be ide on assessme cloud based
cloud enviro on was imp n the cloud o ous for an ap
e others are mplemented
Cloud Univer
y in the nea U will be mov he virtualized nvironment.
ure changes tualized envi
entified, prio ent to identi
; assuming t
nment utiliz lemented in or at the dat pplication to in the cloud that include
d Com rsity
r to mid‐ter ving these a d environme .
.
ironment.
oritized, and fy cloud rea the function
zing a PaaS w n AWS IaaS.
ta center, th run in a hyb d.
es both data
mputi
m future (3‐
pplications t ent will allow
d moved to t dy applicatio ality and cos
web content
ere are spec brid model w
center stor
4 | P a g e
ng
‐5 to a w us to
the ons.
sts are
cific where
age and
e
5) In selecting which type of cloud computing should be used for a specific application, consideration must be given to the amount of control that the university needs to maintain over that particular application. Generally the university has less control over a SaaS application and greater control over an application running in an IaaS model, with Paas falling in the middle. Based on the objectives and value propositions, our approach to a new application is based on the following priorities:
a) SaaS, when feasible b) Public IaaS (AWS)
c) Private Cloud (datacenter) d) Physical Hardware
6) To ensure that the university does not become overly dependent on an individual cloud vendor, applications should be designed to run in more than one cloud environment. Just as we test our disaster recovery capabilities by carrying out a disaster recovery exercise annually, we will also test our capability to move cloud applications between cloud providers (or between the cloud provider and our data center) on an annual basis.
7) Cloud computing is similar to current application hosting models in that the university data no longer resides on university owned systems. This makes the evaluation of vendor security a key component of any decision to move applications to the cloud.
a) Accomplishments:
i) Developed a security checklist to be used in evaluating the security of the cloud providers.
ii) Administered the security checklist to existing cloud providers.
Clou
Kent State U deliver serv efforts are s To ensure th Developmen accomplish developing Due to the n purchasing f etc.), rapidly automation technologie throughout In addressin cloud servic change the more dynam for usage, ta maintenanc enabling Ke technologic
A Servic
Extendin The division activities. O The Cloud h combinationd Com
University’s I ices, and inn spent keepin he division e nt Services ( this mission responsive, nature of run
for peak dem y growing st
. Although I es that, when
the departm ng the needs ce delivery m
way IT does mic provision
ackle growin ce activities, nt State Uni al change.
ce Provid
ng IT and n views each Our activities helps us to in n with our omput
Information novate based ng systems r embraces inn
SDS) depart , SDS will ut stateless so nning an IT d mands (whe
orage dema IS is effectiv n implement ment.
s of KSU as a model”. Rese
business, th ning and use ng storage de
increase the versity to fu
der to the
d servicesactivity as a s are seen no ncorporate a
n‐premise s
Ma
ing a
Services Div d on user ne unning and novation and tment has be ilize cloud b lutions that department n KSU exper ands, manag e in managin ted with our
n organizati earch has sh hus maximiz e of resource
emands, inc e pace of de unction more
e Univer
sa service. Th ot as what in additional se
ervices.
arch 2015
t Ken
vision (IS) str eeds and cur delivering se d keeps pace een establish based platfor
scale seaml at a univers riences smal ing complex ng these act r current mo
on, IS has tu hown this ne
ing both tim es. With the
rease oppor velopment, e efficiently
rsity
his focuses o nfrastructure ervices that w
nt Sta
rives to main rrent trends.
ervices, leav e with instit hed with a fo rms to enab
essly and up sity, the hab
ll short peak x systems an tivities, we h odel, will hel
urned to a ne ew service de me and budg
e cloud, IS is rtunity cost, and increas and effectiv
our awarene e we own, b we can then
ate Un
ntain institu . Much of th ving little tim utional dem ocus on inno le a simplifie pgrade autom
its of IS are c k times, such nd having les have recently
p to achieve
ew innovatio elivery mode et. The new s able to pur
reduce time se automatio vely in the fa
ss on the eff but what serv offer to our
nivers
tional system he departme me for innova mands, the Sy ovation. To ed approach matically.
characterize h as registrat ss than desir y identified n e greater eff
on deemed el has the ab w model ena
rchase on‐de e spent on on, thereby ace of rapid
fort and cos vices we pro r users in
6 | P a g e
sity
ms, ent’s ation.
ystems h to
ed by tion, red
new ficiency
“the bility to
bles emand
t of all ovide.
e
Example of IS as a Service Provider User Productivity Tools (Google Docs)
Kent State University has harnessed the power of SaaS productivity tools such as those offered from Google to enable employees and students to work cohesively and interactively despite location or device. Productivity tools have given employees and students the ability to produce quality work more quickly and efficiently together by allowing users to easily share and collaborate on the same documents in real‐time.
Email (Office 365 Exchange and GMail)
Kent State University has harnessed the power of two SaaS email providers to enable employees and students to communicate electronically regardless of location or device.
Support.Kent.Edu
Kent State University has harnessed the power of a SaaS ticketing and knowledgebase system to enable employees and students to search for IT support information, submit a IT support ticket or interactively chat with a helpdesk agent.
Kent.Qaultrics.Com
Kent State University has harnessed the power of a SaaS survey application to enable employees and students to easily design, carry out and analyze a survey.
Lessons Learned So Far
We should build for the cloud – Moving on‐premise systems as is to the cloud usually involves larger challenges than building directly in the cloud. If you move the same application on‐premise and run it in the cloud the same way, the returns suffer. To get the most out of the cloud, applications should harness the benefits of the cloud like bursting, pay only for what you use, etc.
It’s a new world – AWS is only a few years old and building and growing at a fast rate. It is important to invest the time to understand the breadth of AWS’s offerings and develop expertise with the services.
Co‐tenancy is hard – AWS is built around a model of sharing resources; hardware, network, storage, etc. Co‐tenancy can introduce variance in throughput at any level of the stack. Co‐tenancy causes strain on resources; odds are you will go down at some time. Our objective is to build our systems to expect and accommodate failure at any level.
Commitment ‐ keep moving forward – When we look back at what this team has accomplished over the past year in AWS, it’s pretty amazing. But it didn't always feel this good. There were some dark days as we struggled with the scope of the task we'd taken on, and some of the differences between how AWS operates vs. our own data centers.
March 2015 8 | P a g e Cloud Learning is for the future – We currently have a data center that isn’t outdated. When our
hardware becomes outdated… We are building a foundation of cloud learning.
The cloud is a learning process for everyone – Things are new to everyone, a structure needs to be developed. Everyone needs to work together.
Hybrid model can mean different things
We have developed a cloud strategy to continually explore the cloud model, identify costs, benefits, use cases and successful implementation. Our cloud strategy follows our strategic goals and allows us to successfully accomplish and maintain them. Along with the overall IS mission, we will continue to perfect our cloud strategy, and as the cloud model matures, evolves, and grows, we will do the same.
An Efficient, Agile Provider of Innovation
Integration ManagementAdoption of the cloud highlights the importance of maintaining timely, accurate data integration between on‐premise to SaaS, SaaS to SaaS, and even on‐premise to on‐premise applications. We have identified a cloud based Integration Platform (iPaaS) to meet the following objectives:
Simplify approach to vast number of integrations that we maintain
Provide a standard solution for on‐premise application to application, and on‐premise to cloud (SaaS) integrations
Remove integration dependencies from within applications
Enable rapid deployment of new integration requirements (reduce resource development time)
Scale seamlessly for increases in volume and types of data (social, mobile, big data) Gain full visibility and monitoring of integration collection
Innovative Application Development
We maintain a strategic information and applications architecture for applications, services, and solutions, as well as an agile, flexible approach that allows us to keep pace with the rapidly changing and advancing educational and technology environment. A key component of our approach is a cloud based Development Platform (aPaaS) that meets the following objectives:
Enable rapid deployment of custom applications (visual development and data modeling) Empower building of component libraries (reusable components) for efficient development
methodologies
Access to a marketplace of integrated third party applications
Provide responsive design, supporting web, mobile, and social capabilities out‐of‐the‐box Produce applications that can be run stateless so that they are scalable both vertically and
horizontally
Serve as a single point for all major development lifecycle activities (e.g. authentication, scheduling, event logging, caching, exception tracing, analytics, etc.)
Automate hardware and software upgrades
Scale seamlessly for increases in transaction volumes
Focus on User Experience and Features
We strive to provide easy to use applications that are accessible anytime anywhere, with the features and functionality that users desire. SaaS applications that have been born in the cloud provide a superior user experience, innovate more rapidly, and encompass features and functionality that we have historically had to bolt together with multiple applications. We are committed to pursuing the adoption of pure SaaS applications to realize the following value proposition:
Cost effective
o More functionality in baseline product o Reduce bolt‐on footprint
Flexibility
o Integrations o Configuration Ease of Use
o Modern user interface o Mobility
Pace of Innovation
o Efforts dedicated to one version Delivery Model
o Eliminate purchase, implementation, and maintenance of hardware o Eliminate software upgrades and patches
o Quick time‐to‐value
We expect to begin our implementation of SaaS applications with the procurement of an enterprise‐
wide CRM solution in 2015.
M
Using a met essential. T move pre‐ex Gathering P Implementa below:
Five Ph
PhaseGathering
Options, Re
Metho
thodology to The methodo xisting appli Phase; Optio ation Phase;
hases of t
eturns, and C
odolo
o determine ology can be cations and ns, Returns, and Mainte
the Clou
Costing
Ma
ogy fo
which appli e used to bui services to t
and Costing enance Phase
ud Creati
QuestWhat a needed What a Who is If the c located Is the a What i needed What and/or Have w cloud o How m solutio What Does t Does t peaks?
Does t tools a Does t develo Does t infrastr
arch 2015
or Clo
cations can ld new appl the cloud. T g Phase; Dec e. Question
ion and T
tionare the specif d?
are the needs s the owner o current applic
d?
application clo s the timeline d?
are our optio r service?
we identified options?
much does the ns?
are the retur the solution m the solution h
?
the solution s long with the the solution e pment to pro the solution h
ructure?
oud T
and should ications and The methodo cision Phase;
s to be addr
Transitio
fications for t s of the applic or the applicat cation or serv
oud ready?
e for the appl
ons for the en and compare e solution cos ns?
maximize staf help normaliz simplify the d eir transition e enable faster oduction?
help to better
ransi
be moved to d services in
ology is mad
; Strategy Ph ressed for ea
on Metho
he applicatio cation or serv
tion?
vice is live, wh
lication or ser
nvironment, a ed both on‐p st in compari
ff opportunity ze capital exp
evelopment p effort to the
process from r utilize on‐pr
ition
o the cloud i the cloud or de up of five
hase;
ach phase ar
odology
n or service vice?
here is it
rvice
application, remise and son to other
y costs?
enditure process and cloud?
m pre‐
remise
10 | P ag is
r to phases:
re listed
g e
Five Phases of the Cloud Creation and Transition Methodology
Phase Question
Does the solution increase Efficiency?
Does the solution increase Agility?
Does the solution increase the ability to Innovate?
Does the solution fit our business model?
Decision
Based on what we have learned, what decisions are we ready to make?
Do any of the phases need to be reexamined?
What is the proper approval process?
Strategy
Does the department possess the required knowledge and skills to implement the plan?
Does the department need to hire an integrator?
What is our cloud exit strategy if the cloud is chosen is a place to deploy?
Implementation
What are the steps to implement the application or service?
Will we be able to meet our deadlines?
What is our definition of a successful implementation?
What maintenance will we need to do?
Is security properly implemented?
Is everything properly documented?
Are all of the stakeholders informed and updated to the outcome?
Choosing the proper cloud providers for the university
The rapid evolution of the cloud continues to bring new, innovative products and offerings to the table. Each provider is at a different level of maturity regarding individual products and services.
Each use case involves applying what is known about the cost and benefits of each provider against the requested implementation. Security, exit strategy, ease of use and method of implementation must be extensively researched for each cloud provider to ensure appropriate vendor selection.
Ensuring a secure, trustworthy environment (Security)
At Kent State University, we strive to maintain a secure environment. Information Services has an Information Security Checklist which is followed to ensure our technology assets are protected. The check list specifies security requirements in the following categories:
March 2015 12 | P a g e Legal and Electronic Discovery
Compliance and Audit Exit Strategy
Data Center Operations Incident Response Application Security Encryption
Identity and Access Management
A trustworthy cloud provider follows strict compliance audits and provides security information controls just as well, if not better, than we do. However, just like with on‐promise security measures, poor implementation and code will cause security issues. Because of these risks, it is important that code and implementation are constantly reviewed both on‐premise and in the cloud.
Assuring an Exit Strategy
It is important to have an exit strategy for each cloud implementation. Remember, if a provider can no longer provide services, etc., there must be a method in place to eliminate our dependence upon that provider and remove our information from their cloud. Proper strategic planning will result in multiple options for implementation.
Determining Ease of Use and Implementation
Ease of use and implementation for cloud implementations is important. A cloud solution should not be more difficult in the long run to implement. It should improve efficiency and agility, not hinder it.
Researching and Hiring Integrators
Integrators can and should be used for implementations for which the proper understanding and knowledge isn’t known. Because cloud services are relatively knew, it is valuable to have someone who specializes in the service assist with the initial learning and implementation process.
March 2015 14 | P a g e General Order of Departmental Cloud Transition
The division has developed a general order to the cloud transition and has completed an assortment of project transitions. We continue to work towards completing others.
Application Architecture
The following diagram demonstrates how cloud services have been incorporated into the Kent State information and applications architecture.
Cloud Service Types
The following diagram demonstrates the capabilities of the IaaS, PaaS, and SaaS cloud delivery services and our adoption of each.
Kent State U university se on‐premise mature as w budgetary s utilizing tho
University In ervices. The and cloud s well. Looking savings and t ose capabiliti
formation S approach to olutions. As g forward, ou
the service im ies in all suit
Ma
Con
ervices is lev oday is a hyb the cloud co ur Division is mprovemen table techno
arch 2015
nclusio
veraging the brid solution ontinues to s excited by nts made pos ologies and s
on
e cloud to m n which allow
mature, our the potentia ssible by clo services.
ake best pra ws the unive r strategy fo
al the cloud ud capabilit
actice decisio ersity to com
r utilizing it w holds in bot ies, and anti
16 | P a g ons for mbine
will th
icipate
g e
Attachment 1
What is Cloud Computing?
Cloud computing relies on sharing computing resources rather than purchasing application specific servers and storage to run computer applications. The National Institute of Standards and Technology (NIST) defines cloud computing as “a model for enabling ubiquitous, convenient, on‐demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”1
NIST states the cloud model is composed of five essential characteristics, three service models, and four deployment models.
Essential Characteristics:
On‐demand self‐service ‐ A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
Broad network access ‐ Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
Resource pooling ‐ The provider’s computing resources are pooled to serve multiple consumers using a multi‐tenant model, with different physical and virtual resources dynamically assigned and
reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or
datacenter). Examples of resources include storage, processing, memory, and network bandwidth.
Rapid elasticity ‐ Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
Measured service ‐ Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.
March 2015 18 | P a g e Service Models:
Software as a Service (SaaS) ‐ The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure.
Platform as a Service (PaaS) ‐ The capability provided to the consumer is to deploy onto the cloud infrastructure consumer‐created or acquired applications created using programming languages, libraries, services, and tools supported by the cloud provider.
Infrastructure as a Service (IaaS) ‐ The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.
Deployment Models:
Private cloud ‐ The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.
Community cloud ‐ The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.
Public cloud ‐ The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.
Hybrid cloud ‐ The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).2
2 csrc.nist.gov/publications/nistpubs/800‐145/SP800‐145.pdf
Attachment 2
Benefits of Cloud Computing
How Cloud Computing Can Lead to a Growth in Abilities
Cloud computing can help the department grow in capabilities by providing consumption based scalability and elasticity that was previously unavailable. These abilities grow our efficiency, agility, innovation, and help us provide increasing services to the university, as demonstrated in the following:
Efficiency
• On‐demand resources allow the department to cut costs by only paying for capacity used.
• Unlimited computing resources are available for university consumption on‐demand.
• More options are available to recommend and provide services that will control the technological growth at the university (storage demands, capacity demands, etc.) Agility
• The constant availability and ease of deploying cloud services allows the division to respond quickly to the needs of the university as a service provider.
• Quicker access to new features allows for easier and faster deployment of production services.
• Testing, Development, and Quality Assurance are on‐demand and can be used when needed.
Innovation
• The availability of cloud services allows us to tap into and build on the innovations of others and will increase opportunity cost by freeing up time for IS to spend innovating.
Cloud Computing enhances our ability to support our Strategic Goals
Our cloud strategy is aligned with the strategic goals of Information Services (IS) and helps IS to successfully accomplish and maintain these goals. Alignment is as follows:Strategic Goal #1: Enable Student Success
Our cloud strategy enables student success by allowing us to more easily create and support technology services that increase information availability and improve customer service.
Strategic Goal #2: Empower Teaching and Improve Learning
Our cloud strategy empowers teaching and improves learning through increasing the availability of
March 2015 20 | P a g e Strategic Goal #3: Ensure Reliable, Secure and Accessible Systems
Our cloud strategy allows us to provide and maintain systems that are reliable, secure and accessible anytime, anywhere; thereby providing an information technology infrastructure that enhances productivity and enables global access.
Strategic Goal #4: Manage Costs and Improve Business Processes
Our cloud strategy helps to lower the cost of service, Total Cost of Ownership (TCO), and improves administrative and organizational efficiencies (resulting in reduced cost) through process
improvement and organizational alignment.
Strategic Goal #5: Plan and Manage Information Services
Critical to the efficient execution of the university IS mission are the organization, its people and processes. We must have fully engaged and visionary teams in order to facilitate university‐wide information technology strategies, priorities and decisions. Equally, we must deploy processes and disciplines that enhance organizational efficiency, as well as deliver reliable systems and
environments. Our cloud strategy has increased our ability to plan and manage information services.