Lessons learned from migrating a major bank’s entire application portfolio to the cloud.

With the ongoing stampede to public cloud platforms, it is worth a clearer look at some of the factors leading to such rapid growth. Amazon, Azure, Google, and IBM and a host of other public cloud services saw continued strong growth in 2018 of 21% to $175B, extending a long run of robust revenue growth for the industry.

It is worth noting though that both more traditional SaaS and private cloud implementations also are expected to grow at near 30% rates for the next decade — essentially matching or even exceeding public cloud infrastructure growth rates over the same time period. The industry with the highest adoption rates of both private and public cloud is the financial services industry where adoption (usage) rates above 50% are common and even rates close to 100% are occurring versus median rates for all industries of 19%.

In my recent experience leading IT and Operations for Danske Bank (a large Nordic Bank), we completed a four-year infrastructure transformation program that migrated the entire application portfolio from proprietary dedicated server farms in five obsolete data centers to a modern private cloud environment in two data centers. Of course, the mainframe complex was migrated and updated as well. And we incorporate some SaaS and public cloud usage as well. The migration effort resulted in the elimination of nearly all of the infrastructure layer technical debt, reduced production incidents (by more than a 95%), and correspondingly improved resiliency, security, access management, and performance.

These are truly remarkable results that now enable Danske Bank to deliver superior service to our customers, as well as reduced infrastructure cost and improve time to market. But how do you get to private or multi-cloud successfully?

Quality over cost

First, it is critical to view cloud as a quality solution versus a cost solution. Any major infrastructure re-platforming should be primarily judged based on improved capabilities, increased quality and reduced risk. Infrastructure re-platforming, done primarily for cost rationale rarely delivers — especially considering that most corporations can achieve far better cost savings by taking the same investment and using it elsewhere (operations, digitalization, consolidation, etc). So start off the project with the right investment rationale — to improve time to market, reduce security vulnerabilities, eliminate technical debt, improve availability, etc. The project objectives are then more relevant and important to the corporation, and they require a higher level of design and execution quality to achieve. These imperatives will actually result in a more focused effort that will yield better results.

Second, the effort must be comprehensive. If you only do a portion of your server estate, and allow myriad legacy systems to remain, then you have not reduced your complexity (in fact, you may have actually increased it). This complexity, coupled with dated systems, is a major contributor to defects and issues that reduce security, availability and performance. Your architecture should incorporate a proper migration of all systems to the appropriate “flavor” of cloud platform.

Standardization matters

Today’s legacy environments are often singular, meaning nearly every server is a custom implementation, with slightly, or even widely, varying configurations and platforms, each requiring custom maintenance and expert care to function and keep current. By architecting a comprehensive set of templates, perhaps 20 or even fewer, the administration and maintenance problems complexity is reduced dramatically.

My experience is that most legacy applications can be easily ported to a suitable server template in your private cloud. The remainder can be tougher, but it is important to work through them to deliver them on the new platform. This definition of the templates, and then the initial deliveries with proper middleware and database stacks, is often the toughest part of the engineering. It should be jointly done by your infrastructure and application engineering teams and piloted at the start of your migrations. But once defined and packaged, you have now reduced the complexity of the new environment enormously.

A third critical principle we followed was to minimize exceptions. This meant we would not just move old servers to the new centers but instead to set up a modern and secure “enclave” private cloud and then migrate all the old to the new. This enabled a far more secure network and a level of data protection than could be built in or overlaid in a typical legacy environment. Further, all applications would migrate to the new server patterns. The exceptions would be sunset with clear time lines.

Last, all new applications had to be built using approved cloud design templates from the start. Of course, this requires proper sponsorship and discipline to properly execute. But the reward is then greater. With far fewer exceptions, design is standardized, maintenance and administration can be made common and automated, security gaps and patch administrations becomes a far lesser task and problem. By minimizing exceptions, you greatly increase standardization, which then increases quality and reduces effort, as well as enabling automation and speed.  – Read more

How do you choose between one cloud of commodity machines and another? You have to get picky, writes Peter Wayner

The cloud began as a commodity business. Oh sure, there were small differences like the size of the RAM or the way the virtual CPUs were measured but the cloud offered a seemingly endless supply of seemingly identical machines. They ran the same distros and responded the same way on the command line. And if you snapped your fingers, the cloud service providers would give you root on another.

Keeping everything the same was the easiest way to lure the developers from the safety of their air-conditioned racks in the same building. Commodity machines mean there are no surprises or glitches. All of the clouds offered the most popular operating systems where all of the bits were arranged exactly the same.

The big problem for managers is choosing. If Ubuntu 18.04 is the same everywhere, what difference does it make whether you select Google, Microsoft or Amazon hardware? If the major distributions are supported everywhere, how do you decide?

To make choosing harder — but consuming easier — the space is very competitive. The developers at the cloud companies come up with clever ideas but they’re quickly copied. Genius becomes average very quickly. Innovation begets disruption which evolves into mundane feature sets that we take for granted.

How can we choose? You cannot just flip a coin. That is not scientific — even if you put on safety goggles and wear a lab coat to do it. If the suits ever notice that you are flipping a coin, they will realise they will not need to wait for artificial intelligence to be good enough to replace purchasing managers. They can replace you right now with a monkey and a coin. The solution is to get pickier. Yes, you could probably make do with any of the commodity products from any of the major clouds — or many of the not-so-major clouds too — but who wants to go through life just getting by? Who wants to settle?

Being picky sounds petty, but it is really the beginning of innovation, the tip of the spear that starts real change. It is really being sensitive to differences that matter and taking them into account.

To help this process, here are 10 different picky reasons to choose one of the major clouds. The reasons are not unequivocal because it is usually possible to accomplish much of the same thing using one of the competitors. But just because it is possible does not mean you should do it.

APIs

The clouds all offer a number of clever and sophisticated APIs like Google’s Cloud Vision, Azure’s Machine Learning service, or Amazon’s GameOn. There are hundreds of them and they make building out your own code that much easier. There is no reason why you cannot invoke these APIs from any cloud, or really any computer on the Internet, but sometimes you will need the performance that comes from running in the same network and even the same data centre. If some cloud offers what you need, it can be just a bit quicker to do much of your computation and data storage there too.

Location

All of the clouds have data centres spread out around the globe. Microsoft Azure, for instance, has 54 regions and they carefully note where the data is “at rest” and which government has sovereignty. Perhaps you have a large collection of customers in one country. Perhaps the legal department has identified a special and particularly lucrative “feature” of the tax law of another one. There are dozens of strange and often quirky reasons why you might want your code running in one country over another. Most of these different data centres are clones of each other and it makes sense to stick with the same stack throughout the world. It just makes things simpler. The only caveat is that not all of the data centres are perfect clones and not all of the products are available in every location. – Read more

Multicloud environments change rapidly. Organizations need a security framework that is purpose-built for the cloud and that aligns with their digital transformation strategy.

Enterprise cloud adoption continues to increase rapidly. According to Gartner, expenditures toward enterprise IT cloud-based offerings is rising at almost triple the rate of spending on traditional, non-cloud solutions. The firm predicts that more than $1.3 trillion in IT spending will move to the cloud by 2022. As organizations increasingly make their digital transformation to the cloud, they are not only adopting cloud applications, they are moving important parts of their IT infrastructure, such as databases, to the cloud for an infrastructure-as-a-service model. But with this rapid shift to the cloud come new security challenges, especially when an organization has a multicloud environment.

Research shows that on average, companies use a mix of four or more public and private clouds. Many security professionals think they can simply take their traditional cybersecurity fundamentals, such as patching and scanning, and apply them to their multicloud environment to make their organization secure. While those fundamentals remain essential, they don’t address the reason that so many organizations today are struggling to secure their multicloud environments. The reason securing a multicloud environment is so difficult is because you have essentially handed off your operating environment to a third-party — Amazon Web Services, Azure, Google Cloud Platform, or another. As a security professional, you no longer have control over the infrastructure; you only have control at the application level or just above the operating system level.

It’s a true paradigm shift. Whereas in the past, security professionals had full control over their servers and data and were able to apply and enforce all their security best practices and principles, now they are at the mercy of the cloud provider. No longer owning the infrastructure or the platform, security professionals are discovering that they may not be able to use the same security tools they would have used in the past. It introduces the question, “What controls can I use in the cloud and at what level?”

Compounding the challenge, each cloud provider is now releasing its own, native security tools. While these native-built security tools may make it easier to secure that particular cloud environment, they can’t be used with the other clouds the organization relies upon. With each cloud provider releasing new tool sets at a rapid pace — often daily — enterprise security teams are racing to keep up. In addition, many security vendors have their own private cloud that runs across public cloud hybrids. Enterprise security teams are challenged with trying to interconnect all these clouds at a business level, as well as at the cloud ecosystem level in order to gain visibility and manage risk across all of them. The multicloud environment is a multiplier of complexity, and as a security professional, you’re held responsible for securing all of it.

Solving the Multicloud Security Puzzle
The first step in securing your multicloud environment is understanding that you have a problem. Many organizations have moved to the cloud so quickly that they’re just beginning to realize they haven’t built the necessary security programs and tools needed to scan and monitor across all their cloud environments. Next, make sure you know where your assets reside in the cloud and put protection around them, using a native approach. The native security tools offered by cloud providers have their advantages, but they don’t work across clouds. In a multicloud environment, you need the ability to bring all your different security tools under a single pane of glass for visibility, monitoring, and centralized control. Using security orchestration, automation, and response (SOAR) technologies, advanced analytics and machine learning, enterprise security teams can gain a single view of the threats, vulnerabilities, and perceived risks across their organization’s entire environment and create a central point for tracking security events and responding to alerts. [Editor’s note: Trustwave is one of a number of vendors that offer such services.]

It’s important to realize that as you bring all these tools together under a single pane of glass, you want to do it without having to send all your data to yet another cloud service. As much as possible, leave your data closest to where it’s being generated. Look for SOAR solutions that are designed to pull just the alert or a summarization of the data. Then, based on insights gained from analysis, pull only the data necessary to make a decision or increase the fidelity of the alert. There are some excellent cloud-native security incident and event management (SIEM) tools, but you want to make sure the data you have feeding into them is configured correctly.

Of course, security fundamentals also remain essential in a multicloud environment. Many organizations today aren’t performing basic security hygiene for their databases, which is alarming. Scan the cloud, and consistently scan and monitor your databases from both an event and log perspective to see if you have open, inherent risks.

Finally, perhaps the most important aspect of securing a multicloud environment is to make sure your security leaders are included in the decision-making process early whenever a business unit is considering adopting a new, cloud-based service or application. Too often, the security team is looped into the process too late, which causes a lot of inefficiencies and rework when an incorrect configuration or security lapse early on in the deployment process cascades to cause security vulnerabilities elsewhere. – Read more

Yair Green, CTO at GlobalDots, explains how artificial intelligence and machine learning changed the Software-as-a-Service industry

There is no single moment when SaaS (Software-as-a-Service) arrived, because SaaS is a concept that involves numerous components. SaaS has evolved to the point where vendors and suppliers manage their own software and no installation is required because software is distributed instantaneously over the internet (via the cloud). Cloud computing allows businesses to consume computing resources over the internet as a utility — in much the same way they consume water or electricity. The SaaS-based cloud model now offers businesses significant efficiencies and cost savings, although different sectors have moved towards SaaS models at different speeds. In technical terms, SaaS relies on cloud delivery at scale, a minimum degree of widely available connectivity and enterprise-grade security.

And SaaS doesn’t sit still. As part of this continuous evolution, both artificial intelligence and machine learning are playing their respective roles as they become an integral part of the SaaS landscape.

Data

Historically, you distributed software to the consumers and customers, but you didn’t get the insight regarding how they leverage your software — which features are in use and those that are not. When providing your Software-as-a-Service, you also have lots of data and insights that can help you improve your service. You can therefore use this information to provide insight to your customers, you are better able to understand usage patterns and, ultimately, be able to use this data to give intelligent feedback. The SaaS era coincides with the almost ubiquitous concept of big data. And SaaS, which is able to leverage AI and ML techniques, has a distinct advantage over the software provision days of old — the software provider now has access to aggregated data from different customers, which he can leverage to build a better service.

Companies now hold significant volumes of data from customers all in one place. Artificial intelligence and machine learning enables a more automated means of mass data processing. Gartner defines big data by not only volume, but also by its variety and velocity.

Variety refers to the different media we use to represent data (beyond simple figures) and velocity is determined by the speed at which data is collected, analysed and implemented. The ultimate reality is that IT teams are dealing with increasing amounts of data and a variety of tools to monitor that data – which can mean significant delays in identifying and solving issues. And with the whole area of IT operations being challenged by this rapid data growth (that must be captured, analysed and acted on), many businesses are turning to AI solutions to help prevent, identify and resolve any potential outages more quickly.

Marketing is particularly well placed to leverage AI and ML techniques. The data SaaS companies collect need to be relevant and recent. The more up to date the data is the more efficiently it can be implemented. Large corporations can access data collected through loyalty programs and cross-promotional activities, and smaller businesses can acquire data through customer surveys, online tracking or by competitor analysis. AI/ML solutions can certainly be a golden opportunity for businesses to broaden their perspective on potential customers.

Automation

For B2B customer-centric businesses, AI allows more functions which may previously have had a manual component to be automated – for example, it enables them to automate many customer experience processes, such as training and onboarding, marketing campaigns and ongoing customer service. Artificial intelligence essentially aggregates large quantities of data for example, customer data and filters it into automatic processes. Customer service AI platforms like chatbots, which respond to and troubleshoot customer inquiries automatically, enable customer service departments to take on additional inquiries. That’s great news for revenue retention and churn reduction, as customers tend to show a heightened interest in a purchase, following a positive customer service experience.

Likewise, negative customer service experience is a good way to get rid of customers. Supplementing AI technology with your customer service team can target the seamless cross-section between convenience, problem-solving and human experience — a typical example here could include using machine learning to automate aspects of customer service (especially self-serve).

The main UX challenge of SaaS is remoteness. Artificial intelligence can help to alleviate that sense of remoteness whilst delivering a more satisfying experience to the customer. There has been a lot of scaremongering with respect to machines taking jobs from humans, and that AI will bring about automation in practically all walks of working life — however, the more likely scenario is that AI will deliver most value when it is deployed in conjunction with human beings. SaaS can, and should, manage those interactions which can be handled automatically (classic SaaS) and those which require human intervention. AI-augmented human interactions can drive SaaS interactions too. – Read more

Have you ever had an idea for a new app or software, but just dropped it because you didn’t know where to begin?

Many people have the same experience. Wouldn’t it be fantastic to turn that idea into a successful app?

Authority Magazine recently interviewed more than fifty founders who had an idea for an app or software and took that idea and created a flourishing business.

Among other topics, the SAAS founders shared the five things you need to know if you want to start a SAAS.

Here are ten highlights of these interviews:

Dennis Cail CEO and Co-founder of Zirtue

How shifting to cloud technology enables enterprises to function in a much better way?

Who is responsible for the security of data stored in the cloud: the business, or the cloud provider?