Click here to close now.


@CloudExpo Authors: Deep Bhattacharjee, David Dodd, Anders Wallgren, Liz McMillan, Greg O'Connor

Related Topics: @CloudExpo, Containers Expo Blog

@CloudExpo: Article

Cloud Computing: A Transition Methodology

Roadmap to the Cloud

Cloud computing refers to the practice of leveraging third-party computing resources, such as network grids and server farms, to extend IT capabilities and reduce the cost of ownership. This practice offers numerous potential benefits to organizations that want to centralize software and data storage management while eliminating the costly overhead of in-house hardware and software maintenance and the personnel required to build, support, and maintain enterprise computing solutions.

Cloud computing has emerged as a new computing paradigm that gathers massive numbers of computers in centralized data centers to deliver Web-based applications, application platforms, and services via a utility model. The primary difference between the service models of cloud computing and previous software (e.g., outsourcing or data center consolidation) is scale. The premise is that as the scale of the cloud infrastructure increases, the incremental time and cost of application delivery trends toward zero.

Cloud computing allows users to dynamically and remotely control processing, memory, data storage, network bandwidth, and specialized business services from pools of resources, providing the ability to specify and deploy computing capacity on-demand. If there's a need to scale up to accommodate sudden demand, users can add the necessary resources using a Web browser. The large data center can provide similar services to multiple external customers (multi-tenancy), leveraging its shared resources to increase economies of scale and reducing service costs.

Although cloud computing is in its early stages and definitions vary greatly, the underlying technologies today are consistent. These technologies include the following:

  • Grid computing: A form of distributed parallel computing whereby processes are split up to leverage the available computing power of multiple CPUs acting in concert.
  • Utility computing: A model of purchasing computing capacity, such as CPU, storage, and bandwidth, from an IT service provider, billed based on consumption.
  • Virtualization technologies: Virtual servers and virtual private networks provide the ability to quickly reconfigure available resources on-demand and provide the necessary security assurance.

There are a number of service offerings and implementation models under the cloud computing umbrella, each with associated pros and cons. These models can be grouped into the following three categories: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS). These models target varying levels of services, ranging from general infrastructure services, such as operating systems or database services provided by IaaS vendors to targeted functional services provided by SaaS vendors (e.g., customer relationship management from

The various players in the current market can be differentiated into the following two categories:

  • Cloud Providers: Offer one or more of the cloud models (i.e., IaaS, PaaS, or SaaS) as a service. Examples include Amazon and Google.
  • Cloud Enablers: Provide technology or have adapted existing technology to run on or support cloud computing. A recent example is Oracle's partnership with Amazon to add Oracle 11g database support (technology and licensing) to Amazon's existing EC2 services offering.

We recognize that the transition to a cloud computing paradigm presents a number of challenges. Issues associated with information security, reliability, and service level agreements challenge mission-critical systems. Furthermore, we've identified what we consider the key characteristics of a cloud computing environment:

  • Minimized capital expenditure - infrastructure is provider-owned
  • Device and location independence
  • Multi-tenancy - enables resource and cost sharing among a large pool of users
  • Monitored and consistent performance - can be affected by high network load
  • Reliability via redundant sites - allows for business continuity and disaster recovery
  • Scalability to ever-changing user demands - results in lower costs
  • Improved security from centralized data and increased security-focused resources

My experience has emphasized the importance of "architecting for the cloud" versus simply deploying system components to the cloud to ensure that business requirements are met. Typical software and systems that are not designed to take advantage of the scalability and parallelism of the cloud will likely not achieve the full benefit that is provided by a cloud computing environment. It's also highlighted the need to transition the role of IT managers to brokers and negotiators of IT services rather than the day-to-day management of the operating platform.

My analysis of the benefits and challenges presented by the cloud computing paradigm has resulted in the identification of the following three cloud variations:

  • Commercial Cloud: It consists of deployment to one or more of the commercial cloud providers (e.g., Amazon or Google). It could be a simple integration with an existing SaaS service to support a subset of application functionality or could consist of a complete migration to the cloud. This may be appropriate for non-mission critical systems (e.g., < 99.99% availability) that do not process sensitive data or where sensitive data won't traverse system boundaries to the cloud.
  • On-Premises (Private) Cloud: An on-premises cloud could be created to provide some of the benefits of cloud computing. Booz Allen selected a similar option in our implementation for the FBI to address the security concerns associated with a classified environment; however, the multi-tenancy aspect is then limited to a single agency. Consequently, this option doesn't provide the massive scalability that's characteristic of a true cloud.
  • Government Cloud: The creation of one or more government cloud computing environments. These environments would be designed specifically to address the concerns that are unique to the government. For civilian agencies, this cloud could be an extension of the current eGovernment lines of business (LoBs).

Though many cloud providers proclaim that moving existing applications to the cloud is seamless and doesn't require code changes, my experience has shown that greater analysis and re-engineering are required to achieve the full benefits of a cloud computing environment. Complexities remain that organizations must consider when moving to the cloud, and careful planning is essential.

Based on the lessons learned from previous efforts, a phased Cloud Computing Transition Methodology designed to address the issues and risks associated with migrating an existing system to the cloud is developed. Figure 1 provides an overview of this approach.

The Cloud Strategy and Planning phase (Phase 1) consists of three steps designed to ensure that all aspects of moving to a cloud environment have been appropriately evaluated and agreed upon. The three steps are:

1. Conduct a Strategic Diagnostic
The objective of the strategic diagnostic is to identify the major factors influencing the decision to move to the cloud environment and determine the best approach. During the diagnostic step, we will validate the key objectives of moving to the cloud and the "pain points" that the organization wants to address. The drivers during this step include reducing day-to-day risk, reducing the level of involvement in day-to-day IT management, eliminating overhead, achieving better productivity, reducing or eliminating the cost of adding additional users, and protecting the information system from misuse and unauthorized disclosure.

The primary areas to be addressed during the diagnostic step are security and privacy, technical, business and customer impact, economics, and governance and policy. We will evaluate the implications of moving to the cloud environment in each of these categories and document the key issues and considerations revealed during the diagnostic step. The outcome of this diagnostic will be sufficient analysis to support a "go/no go" decision to move to a cloud computing environment and the development of an agreed-on cloud strategy.

2. Define a Cloud Strategy
To define a cloud strategy, the organization should document a complete understanding of each component of its existing architecture. The analysis examines the required user services, processing services, information security, application software standards, and integrated software down to each component. This can be achieved by leveraging existing architectural documents and ensuring the appropriate level of detail is documented, including system-to-system interfaces, data storage, forms processing and reporting, distributed architecture, access control (authentication and authorization), and security and user provisioning.

3. Create an Implementation Plan
The implementation plan identifies the roles and responsibilities, operating model, major milestones, Work Breakdown Structure (WBS), risk plan, dependencies, and quality control mechanisms to implement the cloud strategy successfully.

After completing Phase 1, the organization will have fully analyzed its options, identified all requirements, thoroughly assessed short-term and long-term costs and benefits, gained executive governance approval, and socialized the solution with stakeholders (including oversight entities). This phase ensures that the organization will have a high degree of confidence in successfully moving to the cloud environment, reap the expected benefits, not constrain future functionality, and avoid hidden future costs.

The Cloud Deployment phase (Phase 2) focuses on implementing the strategy developed in the planning phase. Leveraging the various cloud models helps identify the most effective solution(s) based on the existing organization architecture. Some of the criteria used in recommending a vendor are the vendor's primary service model (i.e., infrastructure, platform, or software), business model, how much existing technology can they leverage, end-user experience, and risks involved in porting to the cloud. Deploying to the cloud involves taking the decision analysis from Phase 1 as input and proceeding with the following four steps:

1.  Assess/Select the Cloud Provider(s)
The assessment step deals with analyzing the components of the architecture and identifying the optimal vendor offerings. One of the main criteria in selecting a provider is its ability to leverage existing technologies. For example, current Oracle customers can use their software licenses on Amazon's EC2 cloud, which allows for reusing existing technologies, whereas current databases can simply be moved to the cloud. In addition, Oracle lets customers deploy on the Amazon cloud through Amazon Machine Images (AMI). This way, a new virtual machine is ready for use with the Oracle database loaded in a matter of minutes.

The assessment step captures three important inputs: the current organization technical architecture, objectives, and the vendor selection criteria that are tailored to meet the organizational objectives. The vendor assessment results in recommendations on the most appropriate cloud vendor, assists in selecting the most effective cloud model, develops deployment strategies, highlights reusable components, and identifies the security options for the cloud architecture.

2. Establish Service Level Agreements (SLAs)
Unlike traditional computing models, where most, if not all, of the components are on-premises and there's direct control over services, cloud computing involves handing off the system to a third-party vendor or vendors. In this case, SLAs address concerns like performance, downtime, provisioning, security, backup, and recovery, and ensure that objectives and established benchmarks are being met. SLAs formalize the contractual agreement between the organization and the selected vendor(s) and will highlight the offerings of the vendor(s), so the expectations on both sides are clear.

A typical SLA will identify service levels for the following:

  • Retention Time: During an emergency/outage, how long would it take for the organization to sustain its operations
  • Uptime: The percent of the time that the system will be available (e.g., 99.9%) and the period over which the measurement is taken
  • Performance and throughput
  • Security and Data protection: Where is the data stored? What precautions are taken by the vendor to ensure the data isn't tampered with?
  • The level of support offered (e.g., 24/7)
  • Service credits if the SLA isn't met
  • The SLA can also address specific concerns like the guarantee of data protection and privacy when other foreign entities are hosted

3. Execute Transition
The execution step involves the actual transition of components identified in earlier steps. Based on the number and type of components that are being ported to the cloud, execution can be an iterative process. One of the primary steps in execution is to establish multiple environments, such as development, testing, production, and training. The preliminary questionnaire to set up an environment can include items like the number of instances required, memory, storage space, and basic software that needs to be installed.

4. O&M and Help Desk
The level of O&M and help desk provided by the cloud vendor may be driven by the selected cloud model(s) and will be determined by the SLAs previously established. If an IaaS is chosen where the vendor just provides the hardware resources and the organization installs the software components and deploys the applications, the maintenance provided by the vendor will be limited. Different vendors provide different support models and at different levels. It's important to ensure the kind of essential support functions that will be provided by vendors for successful continuity of operations (COOP) and to understand how operations will be restored on time at the backup site.

Deploying cloud computing solutions requires both a short-term and a long-term strategy. For example, besides the improved scalability and reliability provided by the cloud, which organizations may achieve through the initial transition, re-engineering some components to take advantage of the parallelism provided by the cloud could improve system performance and overall scalability further. Transitioning an existing system to the cloud requires an approach that addresses not only the technical aspects of cloud computing but also considers the objectives of the organization, the constraints imposed by the existing system, and the impact to its existing customers. As an experienced cloud computing strategist, I believe that corporations and even the government sector are prepared to consider the complexities of cloud computing technologies.

More Stories By Rod Fontecilla

Dr. Rod Fontecilla is a Principal at Booz Allen Hamilton. He has over 25 years of professional experience in the design, development, implementation, and management of Large Information Management Systems. He is an expert in the field of Computer Science within the federal government and private sectors. Dr. Fontecilla has Ph.D. in Applied Mathematics and previously served as a Professor at the University of Maryland Computer Science Department before entering the consulting industry.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@CloudExpo Stories
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty ...
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at, explored the value of Kibana 4 for log analysis and provided a hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He examined three use cases: IT operations, business intelligence, and security and compliance. Asaf Yigal is co-founder and VP of Product at log analytics software company In the past, he was co-founder of social-trading platform Currensee, which...
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, rich desktop and tuned mobile experiences can now be created with a single codebase – without compromising functionality, performance or usability. In his session at DevOps Su...
As organizations realize the scope of the Internet of Things, gaining key insights from Big Data, through the use of advanced analytics, becomes crucial. However, IoT also creates the need for petabyte scale storage of data from millions of devices. A new type of Storage is required which seamlessly integrates robust data analytics with massive scale. These storage systems will act as “smart systems” provide in-place analytics that speed discovery and enable businesses to quickly derive meaningf...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
In his General Session at 17th Cloud Expo, Bruce Swann, Senior Product Marketing Manager for Adobe Campaign, explored the key ingredients of cross-channel marketing in a digital world. Learn how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects).
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
We all know that data growth is exploding and storage budgets are shrinking. Instead of showing you charts on about how much data there is, in his General Session at 17th Cloud Expo, Scott Cleland, Senior Director of Product Marketing at HGST, showed how to capture all of your data in one place. After you have your data under control, you can then analyze it in one place, saving time and resources.
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
In recent years, at least 40% of companies using cloud applications have experienced data loss. One of the best prevention against cloud data loss is backing up your cloud data. In his General Session at 17th Cloud Expo, Sam McIntyre, Partner Enablement Specialist at eFolder, presented how organizations can use eFolder Cloudfinder to automate backups of cloud application data. He also demonstrated how easy it is to search and restore cloud application data using Cloudfinder.
The Internet of Everything is re-shaping technology trends–moving away from “request/response” architecture to an “always-on” Streaming Web where data is in constant motion and secure, reliable communication is an absolute necessity. As more and more THINGS go online, the challenges that developers will need to address will only increase exponentially. In his session at @ThingsExpo, Todd Greene, Founder & CEO of PubNub, exploreed the current state of IoT connectivity and review key trends and t...
As organizations shift towards IT-as-a-service models, the need for managing & protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection & E-Discovery of your data - whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise.
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now ...
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound...
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem"...