Scot Cloud 2016

Mark Stephen
BBC Scotland
#scotcloud

Rob Wood
Portsmouth City Council
@portsmouthtoday
#scotcloud

The Cloud Landscape - My Background
ROB WOOD – CTO (contract to multi clients), CITY COUNCILLOR
• The Ask: “Can you speak as warm-up @ Scot-Cloud “ { me thinks “young gun go for it!” }
• Then: “as you’ve been around a while and know ‘the old stuff’!” { “ok – youngish old gun ramble on!” }
• Involved in IT and Software then Cloud developments since 1988 { “a personal view of that journey” }
Retailer
Developer
1980 1990 2000 2010
PrincipalTech
CityCouncillor
CTOcontractor
Director
The
“Cloud”

The Cloud Landscape - Past Popular Cultural View
“GREAT SCOTT MARTY! - Everything in the Future is CONNECTED to that Cloud !”
• The Cloud as a metaphor for being Connected
• Not the rise of Machine, Nor Machine induced Virtual Reality – BUT the rise of Social Media induced Reality!
Rise of Machine
vs
Induced Virtual Reality
Worse!
Rise of Social Media!
I’ll be back again and again unless
you like me

The Cloud Landscape - 1980s Cloud 0.01: Modem
RETAIL Commerce advantage was to connect your business Tech Infrastructure was poor!”
• Programmed ZX Spectrum to print POS receipts used Acoustic Modem to transfer stock position between branches
• Painfully slow but Business need was a Driver Technology was not there yet.
+
+
= POS Receipts
Stock Control

The Cloud Landscape - 2000s Cloud 1-2.0: The Web
RETAIL Commerce advantage to connect Customers and Businesses Real-Time !”
• Leasing companies phone around if vehicle not in stock – Complex, Inefficient, Poor Customer experience.
• LEASELINK put details in one place on the Cloud enabling simultaneous multiple views / tick box actions.
• Initially like watching paint dry. Consumers drove bandwidth. Now Europe’s No. 1 Vehicle Procurement Hub.
1. “Black only” No
2. “Not Leather” No
Ready?
“I’d like a RED Ferrari with white leather”
3. “Maserati only” Yes
1. “Black only” X
2. “Not Leather” X
Ready?
“I’d like a RED Ferrari with white leather”
3. “Maserati only”
Ready
OLD sequential and 1-on-1 NEW simultaneous and real-time

The Cloud Landscape - Today: The Cloud
NO BRAINERS One-Stop Services, Slick Business2Businesses APIs, Multi-Channels / Devices”
• Public Sector simplifying Web Access to Information & Services for Multi-channels, Self-Service help One-Stop Shop.
• Businesses simplifying Consumer experience of multiple products and services by joining them all up
• Still an issue around Data. Is it joined up, who owns it, where is it being stored. Blockchain may provide an answer.
Core App
uses
APIs
Post-Code
Lookup
HPI
Registaration
Lookup
Credit Ratings
Online Policy
Registrations
Online Policy
Contracts
Online Product
Selections
Online Money
Transactions
Online e-
signatures via
email
BLOCKCHAIN?

The Cloud Landscape - The Future Cloud
EVERYTHING GETS MORE CONNECTED As infrastructure allows perfect storm Consumer Technology”
• Internet of Things, Artificial Intelligence, Virtual and Enhanced Technology, Blockchain on Improved Infrastructure .
• Businesses need to be ready for Consumer experience of their products and services or fall by the way.
• Security and Privacy of data will be an issue.
Give me
my
sausages!
I wouldn’t
cook them as
Fridge says No!
I can give you
a virtual eating
experience?
I have some in
stock I can sell
You can only
afford them
next week
No! They’re
out of date

Paul Donnelly & Christopher Wroath
NHS Education for Scotland
@pcdonnelly77 @cwroath
#scotcloud

Bruce Catto -Craig Group
Presentation can be found at http://goo.gl/eqSNui
@brucecatto
#scotcloud

James Sturrock
Nutanix
@sturroj
#scotcloud

The Enterprise Cloud Company
James Sturrock
Senior Systems Engineer
James.sturrock@nutanix.com | @sturroj

• IT is touching end-users directly, like never before, IT has to become a business enabler.
No Business Is Immune To The Winds Of Change

Is It Possible To Escape The Winds Of Change?

The Cloud Era Is Well Underway
“I deployed my application
in five minutes.”
Rapid Time to Market
“No more time spent on low-level
infrastructure management.”
One-Click Simplicity
“I use and pay for just what I
need only when I need it.”
Fractional IT Consumption
“New capabilities are available
on a regular basis.”
Continuous Innovation

Is The Public Cloud For All Workloads?
Predictable Workloads
Elastic Workloads
25%
75%
Balance Owning and Renting For
Today’s Enterprise Workloads
Spin up and down resources on
the public cloud
Lower costs with private cloud
infrastructure

Bringing The Cloud To The Enterprise Datacenter
Fractional
Consumption
Invisible
Operations
Instant
Delivery
Frictionless
Tailored SLAs for
Every App
Balance Owning and
Renting
Data Access and
Governance
Choice and Freedom
from Lock-in
Control
Continuous
Innovation

Tomorrow’s Hybrid App Lifecycle
Staging DRProductionDev/Test
Hybrid App Lifecycle
On-Premise On-PremiseCloud Cloud

36
75%
vs
Elasticity Predictability
25%
The Right Cloud for the Right Workload

Every Cloud Has A Silver Lining
Control Is The Key….
The Cloud Era Is Here…..Embrace It!

Questions & Discussion
#scotcloud

Morning Breakouts
Please check rear of badge
#scotcloud

Data Privacy and Sovereignty:
Global Challenges in the Cloud
Sheila M. FitzPatrick
Worldwide Data Governance & Privacy Counsel
Chief Privacy Officer
21 June 2016
© 2016 NetApp, Inc. All rights reserved. --- NETAPP
CONFIDENTIAL ---41

Why the Sense of Urgency?...Because…
CONFIDENTIAL ---42
New business and
business models
Global regulatory
explosion
Intense media and social
media focus on data
breaches
Heightened concerns
over data protection
New technology driving
need for greater attention
Serious privacy risks
associated with new
technology (cloud)

 EU General Data Protection Regulation
(GDPR)
 Country specific data privacy laws
 Cloud computing directive
 Data sovereignty obligations
 Cybersecurity directive
 Anti-SPAM laws
 NIS Regulations
 Data breach regulations
 Industry/Sector Data Protection
Regulations (Financial, Healthcare)
EU Data
Protection Laws
CONFIDENTIAL ---43

General Data Protection Regulation (GDPR) Highlights
 Impacts any company accessing, hosting, processing, storing EU citizen data
regardless of location
 Places greater obligations/accountability on data processors (e.g. cloud providers)
 Establishes EU Data Protection Board
 Greater sanctions – 4% of global annual revenue
 Expands scope of personal data (identifiers, location, genetic, biometrics)
 Explicit freely-given consent – not implied or forced
 Data breach notification obligations – 72 hours
 Security – Privacy by Design
 Documentation – clear and transparent policies and procedures)
 Use of Privacy Impact Assessments (PIAs) – Consultation with DPAs
 Appointment of Data Privacy Officer (DPO) – internal or external
 Transfers w/I groups of companies not exempt from obligations
 Right to be Forgotten/Right of Erasure© 2015 NetApp, Inc. All rights reserved. NetApp Confidential –
Limited Use44

 Federal Privacy Act (Consumer)
 NIST Regulations
 Cybersecurity Executive Order
(Voluntary)
 Data breach regulations
 HIPAA/HITECH
 Regulated industries
 State Regulations
 Proposed Privacy Shield
US Data
Protection Laws
CONFIDENTIAL ---45

EU-US Privacy Shield – “Thumbs Down” by EU
CONFIDENTIAL ---46
 EU Adequacy Ruling
 ECJ possible
invalidation
 Member State
Challenges
 Mistrust of US
Commitment
 “Cosmetic” change to
Safe Harbor
Pros Cons Potential ObstaclesStatus
 No current
enforcement
mechanism in the US
 US self-certification
 Challenges from US
companies
 “Loopholes” in US
Redress Act
 U.S. already violated
no mass surveillance
promise
 No mass surveillance
 EU citizens’ redress
mechanism
 Strong
obligations/robust
enforcement
 Transparency
regarding US Gov’t
access
 Framework recently
approved
 US appointment of an
Ombudsman
 Differing views
between EU and US
 Needs Member
States/EU
Commission
approvals

Challenges in the World of Cloud Computing
 Global restrictions
 Compliance with data privacy/sovereignty laws
 Data location, jurisdiction, and cross-border data flow
 Data control and/or ownership
 Accountability/liability
 Data that could or should live in the cloud (and type of
cloud)
 Data breach remediation and contingency plans
 Security – encryption and tokenization
 Use of third parties
 Litigation and eDiscovery
 Right to be forgotten© 2015 NetApp, Inc. All rights reserved. NetApp Confidential –
Limited Use47

Data Privacy Versus Data Security
© 2016 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL ---
 Data security is NOT data privacy
 Privacy – legal collection, use, sharing , storage
& transfer of data
 Security – fortress around the data
 Companies can have world class security, but no
data privacy
 ISO 27018 addresses security, but not data
privacy
 All cloud vendors can address security – few can
address privacy
 Legal Privacy Impact Assessment - critical
decision mechanism
48

How Do You Mitigate the Risks?
 Clear and explicit policies and procedures
 Data Privacy Impact Assessment (PIA)
 Data Privacy Agreements/Model Contractual Clauses
 Data remains in country of origination
 Use cloud for compute – store in own environment
 Restricted access to data
 Well defined data ownership – Data Controller vs. Data Processor
 Classify data – what should/should not live in the cloud
 Transparency – Opt Ins/Opt Outs
 Vetted Providers/Third Parties
 Security Assessment
CONFIDENTIAL ---49

NetApp®
Addresses These Concerns – Model of Excellence
Insight © 2015 NetApp, Inc. All rights reserved. NetApp Confidential – Limited Use
Only
Business Impacting Decisions
NetApp Expertise: A Model Company for Addressing These Concerns
NetApp Internal Model Program
Global Policies
and Procedures
Monitor and
Advocate
Internal/External
Partnerships
Internal/External
Training
Ensure Products
Mitigate Privacy
Risks
Execute
on Laws
Key Business Needs
Store Data Protect Data
Understand
Legs and Regs
Balance the Risks Manage Costs
Global Data Privacy Cybersecurity Cloud Computing Big Data
50

Summary – Intersection of Trust and Technology
© 2016 NetApp, Inc. All rights reserved. --- NETAPP CONFIDENTIAL ---
 Embrace the laws – don’t run from them
 Understand the legal requirements and
challenges
 Develop data protection savvy program
 Decide what data can reside in the cloud vs. on-
premises data classification
 Understand data privacy and data security are
NOT the same – assess both
 Chose a “trusted advisor” who will partner to
mitigate risks
 Determine your risk acceptance level
Legal
Obligations
Security
Cloud
Privacy
Legal
51

Questions? Visit the NetApp stand
upstairs or contact
Sheila.FitzPatrick@netapp.com
@sheilafitzp
CONFIDENTIAL ---52

Thank you.
CONFIDENTIAL ---53

COMMERCIAL IN CONFIDENCE © Copyright 2016 Fujitsu Limited
Making Cloud Simpler
David.Cairns@uk.Fujitsu.com

55 COMMERCIAL IN CONFIDENCE
We now build Data Centres anywhere in minutes not months or years
Building secure cloud apps in hours not months
Firewalls+Switches+Routers+Load Balancers+ DNS+PROXY+NTP+Storage+ServersL2 L7

So, we built an Application that saves
millions in 72 clicks and in under an hour….
SaaS

So we built an Application that saves me millions in 72 clicks and in under an hour….
What if we had traditionally built this ?

- Obtain Orchestration & Service teams in minutes not months / years
* Security Incident & Event Management & Service Integration & Management
- Take advantage of automation in *SIEM & *SIAM
- Let the Cloud providers do the heavy lifting in ISO*, patch,
security tracking and protection

MCaaS
"Move Country as a Service"
A not so extreme use case for Cloud
Protecting Data in the Cloud

What is Estonia Famous for……?
By becoming one of the most advanced Internet enabled
countries on the planet …..?
Free Wifi & public transport?
Inventing Skype?
Famously failing to turn up for an international
game of football against Scotland allowing
Scotland to kick off against a missing team and
win by default?
E-Beer

What happens when a massive Cyber attack hit’s such a
technologically advanced country….
Source Ben Hammersley – Wired
A Global Bot-Net attack brought down e-estonia via DDoS
How do you protect a whole Country ?

MCaaS Powered by Cloud Data Fabric
"Move Country as a Service”
Create “Data Embassies” across Global Cloud Centers
A government can then continue to operate from abroad
People Systems, Telephony (VOIP), even banking can move and continue to operate

63
“It was the best of times, it was the worst of times, it was the age of
wisdom, it was the age of foolishness, it was the epoch of belief…
Charles Dickens “A Tale of Two Cities”
Cloud Lock-in and Shadow IT

64
Login
Microsoft Azure & Amazon /AWS = ~120+ Services
(each)
You have picked your Cloud vendors…now what ?
500+New releases in the last 12 months

Human Centric Innovation
Cognitive: The mental action of acquiring knowledge and understanding through thought, experience, and the senses.

Making Cloud Simple

Peter Wilcock
Adobe
@petewilcock
#scotcloud

The impact of Cloud on
business culture
Pete Wilcock
DevOps Engineer
Adobe
@petewilcock

Technology & Job Roles
Search Trends: CloudSearch Trends: Internet of Things

Changing trends in career roles and
requirements: Job Titles
• Cloud Automation Engineer
• Cloud Systems Engineer
• Cloud Systems Analyst
• DevOps Engineer
• Infrastructure Architect
• Solutions Architect
• Java Developer
• PHP Developer
• Ruby Developer
• Sales Consultant

Changing trends in career roles and
requirements: Job Description
• ‘Cloud’ experience (AWS 1st , Azure 2nd)
• APIs
• Big Data handling
• Large server estates and automation/scaling awareness
• Logging, logging, logging
• Personal Ownership
• High availability

Problems of modern recruitment
• Struggle for qualified candidates
• Jobs advertised more than once/open ended
• Talent retention
• Catch-22 of skills development
• Career transition path
• Opening offices out of necessity

Addressing the skills gap from both sides
• Employees
• Stretch your current role where possible.
• Learn outside of job. Courses, certifications, open source contributing, home
projects. It’s not expensive!
• Passion & emersion in technology even if you don’t currently use it in work.
• Attend conferences, meet-ups, hackathons, workshops.
• Learn ‘one of’ every essential tool.
• Practice best practice (Git workflow, Kanban, even by yourself).
• Be honest and acknowledge skill gaps.
• Be realistic on salary & benefits.

Addressing the skills gap from both sides
• Employers
• Recognise potential and take more chances
• Scrap technical tests from your interview process
• Masters of all rarely exist, don’t advertise for them
• Be realistic on salary & benefits
• Pay what someone is worth, not just a little more than their last job
• Recognise development and promote accordingly
• Provide meaningful feedback to the candidate

Other ways?
• Government-supported initiatives
• CodeClan(.com)
• “All you need is a willingness to learn, a passion for technology and to think like a
problem solver.”
• Any age, new student or career pivot
• 16-week intensive course resulting in Professional Development Award.
• Self-funded
• Traditional Universities?
• Cost vs. Reward
• Traditional Computer Science vs. Cloud Computing
• AWS can’t keep their own certification tests up to date!

Peter Mowforth
INDEZ
@indezltd
#scotcloud

Eileen McLaren
FanDuel
@fanduel
#scotcloud

| FanDuel Product Development 2016103
Building platform capabilities
for future business needs
Eileen McLaren
VP Engineering

Our story…..the history
We are a daily fantasy sports game originally targeting the US market
We began in 2009 as a small tech start up with 5 co-founders
Met at networking event in 2007 in Edinburgh
Launched Hubdub in 2008 – an online prediction game whereby users could
make predictions on popular events eg next US president
In 2009 FanDuel was born after brainstorming session with Hubdub users at
SXSW in Texas

Our story…..cont’d
Our mission is to make sports more exciting
We have experienced exponential growth, in the last few years

Our story…..cont’d
Completed 5 rounds of funding - $363 million in total – most recently series E
round of $275m in July 2015
In 2015 employee numbers grew from around 100 at start of year to about 400
by end, in offices in Edinburgh, Glasgow, New York, Orlando and LA
Completed a number of acquisitions, including Edinburgh app developer Kotikan
and US sports analysts numberFire
Have partnered with the NBA, 16 NBA teams and 15 NFL teams

We have won many awards too

Growth and the business
As the popularity of DFS has grown in the US, so has the company and the
volume of transactions we process
We utilise Amazon Web Services to help rapid scaling and traffic peaks
We have over 6 million registered users, and still growing
During live games we process scoring updates at a rate of over 250,000 per
second
At peak times transactions are processed at rates equivalent to selling out
Wembley Stadium in minutes

| FanDuel : Idiot’s guide to the platform 2016
History ….
Sport Data
Feeds
HDProd
PHP
Fro
nt
End

Our platform is multi-tier, multi-client
Data layer - All user, game data etc. is stored and read
from here
Infrastructure - eg: 500+ Servers and Network
Infrastructure
Java services - The heavy lifting business logic
API - Exposes capabilities in a consistent way to
multiple clients
Web Application Native clients
fanduel.c
om
iOS Androi
d

Capability-based planning
PLATFORM
API
F1
F
E
A
T
U
R
E
C
A
P
A
B
I
L
I
T
Y
1. Reserve seat without line-
up
2. Create line-up without
entry
3. More flexible ticketing
experience
Time or
Sequence
F2 F3
WEB
MOBI
LE
● Using a capability-based planning approach,
change activities can be sequenced and
grouped in order to provide optimum feature
development throughput
● Capability-first approach facilitates the
construction of an architectural runway
. .
.
✤De-coupling line-ups &
entries

| FanDuel
How we use AWS
11
CloudFormation.
Multi-AZ, Multi-Region
Managed Services
Enterprise Support

| FanDuel
Our relationship with AWS
11
Our Infrastructure team is hundreds of people, but only 12 work for FanDuel
We spin up dozens of mini-FanDuels a week for testing releases and
experiments
The managed technology available, such as ElastiCache, Aurora and Kinesis
materially impacts our business
The AWS management team is always helping us improve our architecture and
reduce our costs in the process

| FanDuel
And some of what we get….
11
Capacity planning can happen just in time - great for a business with seasonal
spikes
We can scale up in real time if we need to
Scale for 3-10x growth EVERY YEAR
100% uptime
Thursday
Sunday

| FanDuel
And some of what we get….
11
Kinesis - we are using to experiment with event driven architecture
ElastiCache - gives us low recovery time for Redis
DynamoDB - used for historical, a continually growing datastore but not highly
transactional
Aurora - ACID compliance, full transactional integrity

Our platform is multi-tier, multi-client (and now multi-
product)
Data layer - All user, game data etc. is stored and read
from here
Infrastructure - eg: 500+ Servers and Network
Infrastructure
Java services - The heavy lifting business logic
API - Exposes capabilities in a consistent way to
multiple clients
Web Application Native clients
fanduel.c
om
iOS Androi
d
fanduel.co.
uk
iOS,
Android

The future...
Launching in the UK for EPL in August
One-day fantasy football product created by UK engineering team
Utilises the existing US DFS platform capabilities but expanded and with
new web and mobile clients
Beta testing is happening right now for the Euros

The future?????

Thank you

Chris Roche
Aridhia
@aridhia
#scotcloud

The AnalytiXagility Platform is built and maintained by Aridhia Informatics Ltd.Copyright © Aridhia Informatics Ltd.
The advanced collaborative platform for healthcare and research analytics

The acceptability of a Scottish or
Northern Ireland banknote as a
means of payment is essentially a
matter for agreement between the
parties involved. If both parties are
in agreement, Scottish and Northern
Ireland banknotes can be used in
England and Wales.
Bank of England

HOW DO YOU
ACCELERATE RESEARCH?

HEALTHCARE RELATED RESEARCH

COLLABORATION

COLLABORATION
€80bn
2014-2020

DATA

ANALYSIS LINKED DATA SETS

INDUSTRIALISATION GOVERNANCE REPRODUCIBILITY SERVICERAPID PROTOTYPING

PLATFORM AS A SERVICE
It’s more than IT

Arnoud van der Maas
CSIO (Chief Science Information Officer)
“It’s not just about managing your data,
it’s about giving you the real digital
research experience!”

Compute / Storage layer
X CPU/MEM
Y Storage
X CPU/MEM
Y Storage
X CPU/MEM
Y Storage
X CPU/MEM
Y Storage
X CPU/MEM
Y Storage
X CPU/MEM
Y Storage
Data management layer
Account
man.
De-identify
data
Access
Management
ETL Audit Data lock Etc.
Research tool layer
SAS SPSS Own development …. ….. …..
Flexibility / scalability
Researches / Studies
Study 1 Study 2 Study 3 Study 4 Study 5 Study 6 Etc.
Flexibility / scalability
Digital Research Environment REFERENCE ARCHITECTURE
….

THE RESEARCH LIFE CYCLE

TRUST / DATA

ANALYTICS / USABILITY

EPAD – Alzheimer's Adaptive Clinical Trial

• Traumatic Brain Injury (TBI) is a leading worldwide problem; the annual incidence
of hospitalization following TBI ranges from 108-332 new cases per 100,000
inhabitants
• 72 million time points of data per patient stay 1.6Gb of data per patient per day
• Near real time integration of high frequency ICU data, research & implement
physiological models & delivery of results back to the bedside
• Delivering a predictive tool for cerebral autoregulation

• Predict disease activity for adults recently diagnosed with relapsing-onset multiple sclerosis
• Real-time data capture across 4 NHS board
• Patient reported outcomes, clinical, genomic analysis and quantitative neuroimaging data
• Enable early intervention and result in focused delivery of the finite disease modifying
treatment drug budget to patients

Drinks & Networking
Sponsored by
#scotcloud

Paul K Jeffrey
Technical Services Director
Paul.jeffrey@iomart.com

Disaster Recovery and The Cloud
Some thoughts on DR in the new Cloud Landscape

• Disaster recovery (DR) involves a set of policies and procedures to
enable the recovery or continuation of vital technology infrastructure
and systems following a natural or human-induced disaster.
• Disaster recovery focuses on the IT or technology systems supporting
critical business functions, as opposed to business continuity, which
involves keeping all essential aspects of a business functioning
despite significant disruptive events.
• Disaster recovery is therefore a subset of business continuity.
https://en.wikipedia.org/wiki/Disaster_recovery
Are we sure we know what DR is?

Disaster recovery plans are put in place for natural disasters, as well as
disasters caused by human and technical error. The solutions are a set
of processes, policies and procedures that handle the preparation for
recovery or continuation of critical technological infrastructure during
and after the occurrence of disasters.
Jennifer Klostermann, CloudTweaks
The key point here is that you can’t always avoid a disaster. By
definition almost they are things you cannot control.
Okay, so what if I just avoid having disasters?

• Peter de Tender, Microsoft Infrastructure Expert, discusses the impact
of disasters on businesses, leveraging statistics from formal sources:
• More than 70% of businesses affected by a major disaster are either unable
to reopen their business, or close within 18 months of the disaster.
• 80% of businesses without a disaster recovery plan that suffer a data center
disaster go out of business.
• Gartner Inc. found that within two years of experiencing data loss, 90% of
companies go out of business.
• These dire figures make the necessity of a disaster recovery plan for
every business certain.
So that’s what it is, why should I care?

Its important to make sure we acknowledge what DR “isn’t”. You’ll
often hear:
• We Backup!
• Backup isn’t DR in itself but forms part of a DR plan
• We replicate!
• This is great but again isn’t DR but forms part of a DR plan
• “I have a spare box in the office where I copy stuff to which I could use in a
pinch if my £1.2million IT environment falls through a hole in the earth”
• Well ok this isn’t DR but… you get the idea.
The pattern is obvious: DR often needs to be a whole kitbag of tools to
be successful.
Okay, so now I’m scared. But I have backup!

Any DR plan needs to form part of your overall Business Continuity (BC)
Planning. DR planning and execution can’t be done in isolation but does form
one of the cornerstones of your BC plan. There are four pillars holding up the
plan:
• Identify and catalogue the IT services you provide to your customers (both
internal and external)
• Understand the risk to your business of those services becoming
unavailable for any reason
• Understand your RPO (Recovery Point Objective) and RTO (Recovery Time
Objective)
• Choose the right technologies
So how do I create THE PLAN?

Organisations have had decades of experience in planning for disaster
recovery.
• We know where the tapes are kept.
• We have spare server hardware on hand.
• We’ve protected installation media in a fire safe.
• We have off-site copies of key backups.
• And – if we’re smart – we’ve made plans with an alternate facility to host
services after a loss.
But there’s a problem here: These are the decades-old plans of a
decades-old IT industry.
Okay, but we’ve got a traditional DR plan in place

• The public cloud provides a great opportunity for IT departments to
implement a business continuity/disaster recovery, or BC/DR, plan
without having to go to the expense of building out a dedicated data
center. The cloud can be used as a basic data repository or even as
the location to run applications when primary systems go down.
• More than this of course is the realisation that by moving your
primary apps to the cloud, DR can be the responsibility of someone
else.
• There are a range of approaches and toolsets which can help your DR
planning.
How can the Cloud help?

• There are multiple service offerings available in the market today for
implementing cloud DR.
• These range from pure replication tools that get the data or VM
image into the cloud, through to fully managed DR as a service
(DRaaS) capabilities.
• Points to consider:
• Location: Where will my data be? Is there a latency issue or a sovereignty
issue here?
• Networking: Latency to a remote DR location or service can be an issue for
some businesses
• Failover/Failback considerations: How easy is it for me to have a disaster and
fix it at the push of a button?
Choosing the right service

• A full DR solution requires everything you have in your IT
environment to be replicated physically and logically. This is expensive
and can be wasteful where there are a range of workloads being
protected.
• If your planning for DR has shown a sliding scale of criticality you’ll
often be able to choose a range of tools to fit each step on the scale
which allow you to focus on the most critical services first.
• Adopting Cloud services for DR can be a gradual process starting at
any point in your journey to DR.
• You don’t have to move everything to the Cloud to enhance your
service availability
How far do I go?

• The easiest first step there are a range of Cloud backup tools which can
integrate into your on-premise or hosted solution
• Immediate benefits are many:
• More complex and resilient back-end architecture is in place with Cloud backup
solutions
• No requirement for discrete backup systems
• Cloud backup services still agent based but come with full, centralised control panel
automation
• No hardware required – you often only pay for the storage costs with the software
costs embedded
• No growth limits – you can retain that data longer where required
• Storage Tiering – the implications of long term storage are often addressed by Cloud
backup vendors
Cloud Backup

• There are a range of tools with varying degrees of complexity and
value to the customer
• Modern Cloud DRaaS solutions are vendor agnostic allowing you to replicate
multiple Operating Systems and workload
• Many replication tools allow you to replicate to any target of your choice
meaning you don’t need multiple solutions to complete the same task
• Can be passive but many Cloud replication tools allow the replicated targets
to become LIVE instances in the event of a major failure event
• A mix of source machines can exist under the same replication system –
physical and virtual
• Some replication products have very aggressive replication scheduling
allowing for a much smaller RPO
Replication to the Cloud

• The most exciting trends for using Cloud for DR is the ability to truly
hybridise your on-premise solution with a public Cloud solution
• Key technologies include:
• Microsoft Azure Site Recovery or ASR
• Automated protection and replication of existing Microsoft based environments
• Replicate and Recover directly into Azure
• Customisable recovery plans
• No downtime recovery testing
• Replication to AWS
• Starts with storage and backup
• Expands to allow interaction with all AWS services
• Needs Pilot Light environment to bring the appropriate levels of failover speed
• Can fully integrate with your own orchestration tools and methodologies
Environment Hybridisation

• One of the areas of greatest growth currently with Application
vendors is the growth in SaaS solutions and versions of their software
being provided as full SaaS or at least Platform as a Service with some
massive benefits
• No architecture requirement onsite to be part of your DR plan
• Existing tools your teams use daily
• Resilience and DR built into the platform
• Cost often simpler and easier to define than under traditional IT builds
• Often certified above the levels of your own IT environments
• Can be issues with where the data is at rest
• Removes vendor lock in after initial investment
Software as a Service

• Its complicated, isn’t it?
• But Cloud can give you a range of options to enhance your DR plan
• Cloud can make DR cheaper and more efficient
• Cloud can keep your business running no matter what happens
Conclusion

Mike Crabbe
RGU
presentation can be found at
http://www.slideshare.net/mikecrabb/teaching-cloud-to-the-
programmers-of-tomorrow
#scotcloud

174Information Classification: Open All Rights recognised
Under Attack!
Mitigating against the $3M risk

The next 20 minutes
 How DDoS Attacks are Evolving
 What this means for your bottom
line
 The impact of Cloud, how it can
hinder, and how it can help

DDoS attacks are on the rise

But now it’s not just big brands

What does a DDoS Attack hope to
achieve?

DDoS isn’t just about bandwidth

And it isn’t just about the Internet

The motivation is changing

The bottom line of DDoS

A big investment

DDoS-as-a-Service

DDoS Customers

So this is a business battle…

How much is it worth to stop them?

What’s the chances of being hit?

So how much?
$200m of revenue = $3m / year
(median business impact)
…with a 5% chance of exceeding $50m
Source: Understanding Your Risk (For Real) From
Distributed Denial Of Service Attacks, Aberdeen Group.

What would it mean to my Board?

Cloud and DDoS

Critical components outside of your control

Contention and neighbours

Critical connectivity…..

Future ready and proven?

The right cloud is open and secure.

A network architected to be DDoS resistant.

Prepared, practiced and ready to respond.

The best things in life are…
…bundled.

Scottish IT Firms standing together

getintouch@brightsolid.com

Our Journey
• Stockport Council’s Challenges
• Budget reductions
– Budget reduced by £54m by 2014. A further £65m required by
2018.
– Reduced staff
– Reduced CAPEX and OPEX
• Loss of specialist skills
– Storage
– Server
– Virtualisation
– Application
• Government Initiatives
– DbD, HSCI

Our Journey
• What We Needed to Achieve
– To provide a scalable, easy to manage IT Infrastructure
– Reduced CAPEX
• Hardware, Software and support
– Reduced ongoing OPEX
• Software licensing and support
• People
• Power
• Cooling
• Space

How we met our goals
• Embrace a “WebScale” methodology
– Hyperconvergence
• Software defined Data Center
• Introduction of generalists
– Reduced Footprint
• Smaller Data Center
• Reduced costs - Power, Cooling, Space
– Simplified Management
• Unified “Single Pane of Glass”
• High levels of Automation
– Benefits of cloud with enterprise IT assurance

Biggest Challenges
• Change
– Re deployment of staff
– Focus on delivering business change benefits
• Justification
– IT as a service
– Reduced OPEX
• Physical Workloads
– Transition toward 100% virtualisation
• Measurable TCO
– How do you show ongoing operational budget savings

Outcomes
• Reduced our live footprint from 9 racks to 1 half height rack
• OPEX budgets reducing by 50%
• DR, Production and Backup in a 2 site deployment
– RTO down from 5 days to 2 hours
– RPO down from 1 day to 30 mins
– Tapeless data backup and recovery
• Breaking existing knowledge silos (3 FTE)
– Redeployed staff to focus on delivering against business needs
– High levels of automation
• Deployed in hours not months
– Time to value accelerated

Outcomes
• Reduced our live footprint from 9 racks to 1 half height rack
• OPEX budgets reducing by 50%
• DR, Production and Backup in a 2 site deployment
– RTO down from days to 2 hours
– RPO down from 1 day to 30 mins
– Tapeless data backup and recovery
• Breaking existing knowledge silos (3 FTE)
– Redeployed staff to focus on delivering against business needs
– High levels of automation
• Deployed in hours not months
– Time to value accelerated

STEP
CHANGE
JON FORSTER
CONSULTANT GLOBAL
PROGRAMME DIRECTOR

Page 211
APPLICATIONS
• In-House and Commercial
• Global and Regional
• Microsoft
• More Digital
• Faster and more consistency from idea to delivery

Page 212
HOSTING STRATEGY
• Reduce number of technologies
• Proven technologies that work together
• Proven solution partners
• Excellent support
“Simplicity – Flexibility – Efficiency - Optionality”

Page 213

Page 214
JOURNEY
Jon Forster
• Old technologies
• Windows 2003, SQL 2005
• Slow & inconsistent development
• Physical, complex, expensive
• New technologies
• Windows 2012, SQL 2014
• Dev Ops process
• Hybrid solution

Page 215
FOOTPRINT REDUCTION
Jon Forster
Rack 1 Rack 2
…............a massive footprint reduction

Page 216
HYBRID NETWORK
Jon Forster
Hosting
Backup
Disaster Recovery
Web site hosting
Azure becomes part of the network

Page 217
‘END STATE’
Jon Forster

Page 218
WHY NUTANIX?
Jon Forster
• Enabled focus on using and not managing infrastructure
• Partnerships with key third parties
• Modular approach – ‘grow as you grow’
• Less moving parts
• Excellent Support

Page 219
THE BENEFITS
Jon Forster
• Reduced Total cost of Ownership
• Automation
• Less moving parts
• Responsive to business demand
• Focus on using infrastructure and not looking after it
“Simplicity-Flexibility-Efficiency-Optionality”

Page 220
THANKYOU
Jon Forster
Thank You

Scot Cloud 2016

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (15)

Similar to Scot Cloud 2016

Similar to Scot Cloud 2016 (20)

More from Ray Bugg

More from Ray Bugg (20)

Recently uploaded

Recently uploaded (20)

Scot Cloud 2016