EDC COLLABORATION WHITE PAPER Cloud Computing IT Services Delivery Transformation

(1)

EDC COLLABORATION WHITE PAPER

Cloud Computing

IT Services Delivery Transformation

By W. Fred Rowell

Vice President and Chief Technology Officer Companion Data Services, LLC

(2)

List of Figures

Figure 1 Cloud Watcher's Cheat Sheet ... 1

Figure 2 IT Service Model Evolution ... 3

Figure 3 IT Service Transformation Grid Sample ... 5

Figure 4 IT Service Delivery Model Comparison ... 7

Figure 5 Cloud Computing Capability Matrix [Excerpt] ... 8 Figure 6 IT Service Transformation Grid ... A

(3)

Introduction

Cirrus, Altocumulus, Nimbostratus, Stratocumulus, Contrails, Billow, Mammatus, Orographic, and Pileus are all types of what? You may be scratching your head on this question; so to assist you the answer is— Clouds. As you may recall from grade school not all clouds share all the same features, shapes, or sizes, but they are all considered clouds. However, if you are planning an outdoor event the specific type of clouds becomes very important and critical to your success—so know your cloud types.

Now look at these, SaaS, IaaS, and PaaS are all types of what? Correct—Cloud Computing offerings— a.k.a “Cloud.”

As with the clouds of nature these types of cloud computing do not share all the same features, functionality, security, and cost structures, but are considered an implementation of Cloud. As with knowing the cloud types for a successful outdoor event, knowing which type of Cloud can be leveraged by a consumer is critical to transforming the way IT services are delivered.

Cloud has quickly become an emerging trend that has introduced significant benefits as well as confusion in the IT industry. The term is applied freely to various implementations of IT solutions thereby making it extremely difficult to know if an IT solution, designated as a cloud computing offering, delivers on the promises of Cloud or is just a marketing pitch.

To this end, Companion Data Services (CDS) welcomes the opportunity to provide this document as a reference guide to demystify the world of Cloud.

Cloud DNA

Is Cloud a revolutionary technology or a transformation of traditional IT service delivery?

The last acknowledged revolutionary technology was client/server. This revolution was initiated by the introduction of Intel’s x86 server / workstation hardware into the IT environment that was dominated by mainframes and micro computers. Intel’s entrance into this environment has forever changed the capabilities of computing.

Looking at IT environments that are supporting Cloud, it is clear that the improvements in “virtualization” technologies played a major role in the growth of Cloud. Cloud could technically occur without virtualization, but it would be a difficult economic model to sustain. Other than the improvements noted in virtualization technologies, there is no evidence supporting the entrance of a revolutionary technology that created the Cloud.

This leaves the transformation of traditional IT service delivery as the genesis of the Cloud marketplace, but why?

Common Cloud

Computing Types Description

SaaS Software as a Service IaaS Infrastructure as a Service PaaS Platform as a Service

(4)

In the progression from the traditional IT service delivery model, care must be given to characteristics of the IT services being considered. Specifically, there are two basic types of IT services:

Horizontal: Services that are normally standardized across all consumers like Email, SharePoint, Office Apps, human resource (HR) systems, enterprise resource planning (ERP) and other office automation systems, etc. This similarly affords the Cloud provider the opportunity to leverage a large amount of computer resources in hardware, software, and operational maintenance, thus producing an aggressive cost structure to the consumer. These services are normally the “low-hanging-fruit” where the consumer and Cloud providers can achieve quick successes.

Vertical: Services that are normally different across consumers and require specific environmental customizations, such as specialized security requirements, unique to the consumer, thus making the service unable to be leveraged by the provider across their delivery portfolio. These services are specific to each consumer or a small set of consumers and have less standardization, more customization and a higher subscription usage cost.

As the above discussion explains, horizontal services are highly scalable and share a highly leveraged and standardized infrastructure to provide access to a large population of unrelated users. Vertical services are less standardized and more customized with a smaller population of related users. These generalities hold constant when the Cloud is established as a Public Cloud and not as a Private Cloud.

Public Cloud services are accessible by a limitless number of unrelated consumers; whereas Private Cloud consumers are normally smaller in scope and are related (i.e. employees of a corporation, the federal and state governments). It is this reduction in scope of a Private Cloud that brings features of vertical services into the horizontal services profile:

• Standardized to the smaller related group of consumer’s requirements

• Customization to the smaller related group

• Dedicated infrastructure resources to the services of the Private Cloud

• Increases in the cost structure as compared to the same service provided by a Public Cloud

Figure 2 illustrates how Cloud is delivered as compared to traditional IT services. This figure presents the progression of IT service delivery models from a traditional on-premise delivery model transitioning to an Internet service delivery model.

(5)

Figure 2 IT Service Model Evolution

There are some interesting consequences, worth noting, that occur as a consumer migrates away from a

traditional model. These consequences represent the “promises and concessions” that the Cloud brings to

the marketplace. The following describes these “promises and concessions” from both a consumer’s and

(6)

Consumer Promises

Cost Structure: Consumer is moved from a capital intensive structure to a usage-based

subscription cost structure and incurs a reduction in his internal IT labor costs, thus improving cash flow.

Flexibility / Agility: Consumer can quickly stand up new computing resources, without any capital

expenditures, using the excess capacity made available from the provider as part of the subscription cost.

On-Demand Resources: Consumer can increase / decrease capacity as necessary without

incurring fees.

Consumer Concessions

Less Functionality / Integration: Consumer concedes functionality to achieve a reduction in cost

and flexibility in service delivery. Please note, there is one area that the consumer will have major difficulties in conceding functionality and that is security. In fact, this has been the major area that has restrained the growth of “Public” cloud computing offerings, whereas in a “Private” cloud computing offering, security functionality can be implemented to the consumer’s requirements.

Increased Standardization: Consumer concedes specific technology architecture / configuration

deployments and upgrades.

Less Customization: Consumer concedes to use the service as delivered without specific

organizational modifications.

Provider Promises

Less functionality / integration: The provider normally provides less functionality than what is

installed in an on-premise solution to enable support for the consumer’s cost structure requirements and resource requirements.

Increased standardization: Provider provides a standard resource offering for all consumers.

Less Customization: Provider provides limited customization to reduce maintenance costs to the

consumer.

Provider Concessions

Cost Structure: Provider assumes the risk of acquiring and maintaining the computing resources

for the subscription-based consumers.

Flexibility / Agility: Provider must enable the ability to quickly standup resources for the

consumer’s request.

On-Demand Resources: Provider must be able to handle increases and decreases in resource

requirements.

The IT services delivery model foundation portrayed in Figure 2 serves as the backdrop against which specific IT services can be applied. This is in an effort to determine if from a:

Consumer View: Can a consumer gain an economic and/or competitive position by transforming from a traditional IT service delivery model?

(7)

Provider View: Can a provider gain economic advantage and market positioning by offering other IT service delivery models?

The concept that the Cloud’s DNA is first and foremost the movement to transform the traditional IT service delivery models is more than just a simple thought. To this point, Figure 3 illustrates just one of the transformations from traditional IT service delivery to a Cloud delivery. Specifically, Figure 3 demonstrates the movement of IT services from the Traditional Service Delivery model to the Software-as-a-Service model. To see the complete grid of IT Service Delivery transformations, please review Figure 6 in Appendix A.

Figure 3 IT Service Transformation Grid Sample

Provider

(Remote

)

Consumer

TRADITIONAL IT ENVIRONMENT CLOUD COMPUTING ENVIRONMENT

Benefit _Summary

Services

Resources Contract / Cost Operations

Application Database Administration Network Engineering Server Engineering Development Help Desk

Technical Database Administration Monitoring

Testing Security Engineering Disaster Recovery Backup / Recovery Data Center Storage Hardware Network Applications System Software Multi-Year License Fee + Support Maintenance Contracts

Resources Contract / Cost Multi-Year License Fee + Support Maintenance Contracts Services

Remote Support

Services

Resources Contract / Cost Network Engineering

Help Desk Monitoring Testing Security Engineering

Network Utility Pricing

Services

Resources Contract / Cost Operations

Application Database Administration Server Engineering

Development Help Desk

Testing Security Engineering Disaster Recovery Backup / Recovery Data Center Storage Hardware Applications System Software Utility Pricing SAAS

Software As A Service IT SERVICE TRANSFORMATION GRID SAMPLE

IT SERVICE TRANSFORMATION GRID SAMPLE

Internal IT Service Delivery

Model 1

BENEFIT SUMMARY LEGEND

Cost Structure

Standardization Across Customer Base

Customization and Integration

Flexibility / Agility On Demand Resources Functionality

(8)

When viewed in this manner, the confusion around the various technical implementations of Cloud are replaced with a view of the new IT service delivery models. These models are analyzed on factors such as how they can lower cost, add flexibility and add agility, therefore making Cloud a business choice and not a technology choice.

CMS’ Enterprise Data Centers Through the Lens of a Cloud

Imagine 22+ data centers across the United States all executing the same set of claim systems to process a portion of a larger base of subscriber’s / provider’s claims. Within each data center are dedicated computer resources (hardware and software), labor, power and vendor support to ensure the successful completion of the claims workload.

Looking back at Figure 2 in the Cloud DNA Section, the IT service delivery model for the above scenario would be a traditional IT service delivery model for all 22+ sites. Additionally, the main IT service is vertical in nature because there is no single claim system that can be used for all worldwide companies performing claims processing; however, there can be a set of standardized claims systems for this related group of consumers.

This scenario was in place prior to the establishment of the Enterprise Data Center (EDC) program that CMS began more than five years ago knowing that a transformation in the way IT was being delivered was necessary to reduce the administrative cost of processing claims while improving security.

The ID/IQ for the CMS Enterprise Data Centers contract model has allowed CMS to selectively acquire IT services for claims processing in a new IT service delivery model – the EDC IT service delivery model – that:

• Provides a lower cost of IT services through the consolidation of 22+ Data Centers into two

Enterprise Data Centers

• Provides a centralized set of claims systems accessible by a related group of consumers via a

private network

• Creates a supporting infrastructure standardized to CMS’ requirement as outlined in the Technical

Reference Architecture (TRA)

• Incorporates subscription based pricing by number of claims processed per month

• Provides the flexibility and agility to bring new claims workloads on-board without having to create

another data center that would be necessary if using the traditional IT service delivery model

Should the EDC IT service delivery model be considered as a Cloud solution? The comparison contained in Figure 4 presents a straightforward alignment of the EDC solution to the Cloud’s Software-as-a-Service solution – therefore, showing that the EDC is technically a Private Cloud solution.

EDC IT Service Delivery Model Software-as-a-Service (Private Cloud)

Cost reduction through consolidation of 22+ Data Centers

Reduce cost through standardization and increased scale

Centralization of the Claims Systems via a Private Network

Via the Cloud (aka: Network) provides access to a standard Software service

(9)

EDC IT Service Delivery Model Software-as-a-Service (Private Cloud)

Creation of CMS’ standard infrastructure In a Private Cloud strong standardization, with limited

customization to the related group of consumers

Cost-per-claim Subscription based pricing

More flexibility in adding claims workloads Workload flexibility and agility

Figure 4 IT Service Delivery Model Comparison

Since the start of the EDC program, Companion Data Services has received several additional non-claims workloads that also align to the “Cloud’s” IT service delivery models. For example:

• National Data Warehouse (NDW) – Aligns to Software-as-a-Service

• National Level Repository (NLR) – Aligns to both Software-as-a-Service and Platform-as-a-Service

While the EDC program was not specifically labeled as being a Cloud program by CMS, it unquestionably has the characteristics of the Cloud movement. It is an IT service delivery model that lowers cost, adds flexibility and agility, and provides accessibility to selected consumers.

EDC Program as a Cloud Offering

As shown in section three the EDC program embraces the major foundational element of the Cloud movement. However, there are several other elements of Cloud that should and should not be considered for incorporation in the EDC program.

As for the “should not(s)”, recall from section two that there are horizontal and vertical services that can be offered via the Cloud. The EDC program is well positioned to handle any CMS vertical service that would be transformed from a traditional service delivery model. However, the majority of horizontal services, like collaboration applications, are better served by the larger Cloud vendors, not as the result of the EDC program’s inability to offer the service, but because of the price point provided by large Cloud vendors, like Microsoft and Google, due to their scale.

As for the “should(s)”, the EDC program serves many consumers, but its related consumer group is confined to CMS. This confinement produces a highly customized, standardized, and secured IT infrastructure that conforms to CMS’ Technical Reference Architecture—a CMS Private Cloud. Additionally, as CMS progresses toward its vision of redundant Virtual Data Centers, this will further strengthen the CMS Private Cloud as a “world-class” Cloud offering.

Leveraging the CMS Private Cloud, the EDC program could also offer test and development Private Cloud offerings such as Infrastructure-as-a-Service and Storage-as-a-Service for CMS and its business partners’ consumption in the form of secured virtual guest(s), LPAR(s), and tiers of storage.

As explained in this section, there are a few items that could be incorporated into the EDC program’s Private Cloud offering that would initiate additional Cloud feature utilization. However, it is important to note that the core of the EDC program has already embraced and benefited from the major elements of the Cloud movement—transformation of the traditional IT service delivery models.

(10)

Companion Data Services as a Cloud Vendor

Achieving the designation and recognition that the EDC program is already a Cloud solution has been difficult due to the market hype on what Cloud is and is not. The same is true for Companion Data Services (CDS) in its recognition as a Cloud provider.

The market hype seems to be focused on providing and/or using Public Cloud solutions for the horizontal services—collaboration applications like email and office applications. This focus does not portray the actual activity that is occurring; which is the transformation of the traditional IT service delivery model into new IT service delivery models that lowers cost, adds flexibility and agility, and provides accessibility to selected consumers.

CDS has a proven track record of being able to transform itself into new IT service delivery models in a Private Cloud environment as seen in the IT service delivery transformation of the EDC program. The environment created for the EDC program incorporates all the technology and operational process knowledge necessary to provide Cloud solutions:

• Networking Capabilities

• Virtualization Capabilities

• z/OS – IBM’s top 2% data centers in size and technology

• z/Linux – Top 1 percent install-based in the United States and top 15% in the World

• VMWare – Large deployment of Windows and Linux guests

• Storage – Multi-vendor virtualization and thin provisioning

• Labor – 2,000+ IT Professionals

• Physical Environment – Enterprise Class Data Center

• ITIL Process Adoption

• DOD, CMS, HIPAA, PCI Security Posture

Assessing Cloud competencies from the lens of the EDC program does provide a “yard stick” on which to appraise CDS’ capabilities in the Private Cloud market space; as would evaluating CDS’ capabilities against industry Cloud leaders which provides a comparison of CDS’ capabilities in the Public Cloud market space. Therefore, using Infrastructure-as-a-Service Cloud offering as an example, features offered by industry-leading Cloud providers have been documented for comparison. Figure 5, an excerpt of the matrix, illustrates the alignment between CDS and Public Cloud industry leaders (the entire matrix can be found in Appendix B).

Features CDS Vendor 1 Vendor 2 Vendor 3

Provisioning

Rapid Server Deployment    

Load Balancer (HW/ SW)    

Multi-Tiered Networks   Consumer Responsibility Limited

Shared Servers    

Dedicated Servers    N/A

Hybrid Hosting Solutions    

Private Network Connections    TBD

(11)

Therefore, while CDS does not currently offer Cloud solutions in the horizontal services space, its offerings

in the vertical space, as seen in the EDC program and the comparison to industry Cloud providers,

demonstrate CDS’ capabilities as a Cloud provider.

Summary

There is in fact a movement underway that is changing the method in which IT services are being consumed. This movement is not based on a revolutionary technology, but on a transformation from the traditional IT service delivery models to new IT service delivery models that come with:

• Promises

• Lowers cost

• Adds flexibility and agility

• Concessions, to varying degrees, in

• Customization

• Standardization

• Functionality

The industry is calling this movement “Cloud Computing” or just Cloud. And while the name is catchy, it does cause confusion for consumers that are questioning themselves about their entrance into this brave new world.

Therefore, demystify this world by knowing your “Clouds” and the business impacts / disruptions that each type of Cloud would cause to your organization.

(12)

Appendix A: IT Service Transformation Grid

Figure 6 IT Service Transformation Grid

Provider

(Remote

)

Consumer

TRADITIONAL IT ENVIRONMENT CLOUD COMPUTING ENVIRONMENT

Benefit

Summary

Services

Resources Contract / Cost

Operations Management Application Database Administration Network Engineering

Server Engineering Development Help Desk

Testing Security Engineering Disaster Recovery Backup / Recovery Data Center Storage Hardware Network Applications System Software Multi-Year License Fee + Support Maintenance Contracts Internal IT Service Delivery

Model 1

Services Resources Contract / Cost

Operations

Application Database Administration Network Engineering

Server Engineering Development Help Desk

Testing Security Engineering Disaster Recovery Backup / Recovery Multi-Year

License Fee + Support Maintenance Contracts

Hosting IT Service Delivery Model 2

Services

Help Desk

Testing Multi-YearLicense Fee + Support Maintenance Contracts

Services Resources Contract / Cost

Remote Support Data Center

Storage Hardware Network Applications System Software Multi-Year License Fee + Support Maintenance Contracts

Services

Operations

Application Database Administration Network Engineering

Testing Security Engineering Disaster Recovery Backup / Recovery Network

Applications Utility Pricing

Services

Server Engineer Help Desk Monitoring Security Engineering Data Center Storage Hardware Systems Software Utility Pricing PAAS

Platform As A Service

Services

Application Database Administration Network Engineering Development Help Desk Monitoring Testing Security Engineering Network

Applications Utility Pricing

Services

Operations Server Engineering Help Desk

Security Engineering Disaster Recovery Backup / Recovery Data Center Storage Hardware Systems Software Utility Pricing Services

Network Engineering Help Desk Monitoring Testers Security Engineering

Network Utility Pricing

Services

Operations

Application Database Administration Server Engineering

Testing Security Engineering Disaster Recovery Backup / Recovery Data Center Storage Hardware Applications System Software Utility Pricing IT SERVICE TRANSFORMATION GRID

IAAS Infrastructure As A Service

SAAS

Software As A Service

IT SERVICE TRANSFORMATION GRID

BENEFIT SUMMARY LEGEND Cost Structure

Standardization Across Customer Base

Customization and Integration

Flexibility / Agility On Demand Resources Functionality

(13)

Appendix B: Cloud Computing Capability Matrix

Features CDS Vendor 1 Vendor 2 Vendor 3

Provisioning

Rapid Server Deployment    

Load Balancer (HW/ SW)    

Multi-Tiered Networks   _{Responsibility}Consumer Limited

Shared Servers    

Dedicated Servers    N/A

Hybrid Hosting Solutions    

Private Network Connections    TBD

Security & Compliance

Firewalls (Hardware or Software)   _{Responsibility}Consumer 

VPN Accessibility   _{Responsibility}Consumer 

Network Intrusion Detection   Limited Limited

Host Intrusion Detection _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer Virus / Malware Detection _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer

Operating System Patching  _{Responsibility}Consumer  

Application Patching _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer Infrastructure Audit Compliance PCI, HIPAA, SAS _{70, FISMA (High)} SAS 70, PCI, _HIPAA SAS 70, PCI, _HIPAA

SAS 70, PCI, HIPAA, FISMA(low),

ISO 27001

Application (OS Instances, Application, and Data) Audit Compliance

Consumer

Responsibility Responsibility Consumer Responsibility Consumer Responsibility Consumer

Monitoring

Infrastructure Monitoring    

OS / Application Monitoring _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer _{Responsibility}Consumer

24x7 Consumer Responsibility Service    

Backup and Recovery

Infrastructure (Storage, Network,

Physical Server)    

Application (OS instances, Application, and Data)

Consumer

(14)

Appendix C: NIST Definitions for Cloud Computing

Infrastructure-as-a-Service (IaaS): Provides users [consumers] with processing, storage, networks, and other computing infrastructure resources. The users [consumers] does not manage or control the infrastructure, but has control over the operating systems, applications, and programming frameworks.

Platform-as-a-Service (PaaS): Enables users [consumers] to deploy applications developed using specific programming languages or frameworks and tools onto the Cloud infrastructure. The user [consumer] does not manage or control the underlying infrastructure, but has control over the deployed applications.

Software-as-a-Service (SaaS): Enables users [consumers] to access applications running on a Cloud infrastructure from various end-user devices (generally through a web browser). The user [consumer] does not manage or control the underlying Cloud infrastructure or individual application capabilities other than limited user-specific application settings

(15)