SAP and Security in the Cloud


infosecBy Pete Nicoletti
Chief Information Security Officer, Virtustream

The increased agility that comes with moving to the cloud solves many current technology challenges, but the journey to cloud computing can also accelerate the erosion of perimeter enforcement and trust boundaries. Many companies have been reluctant to deploy mission-critical applications, such as SAP HANA, in hosted cloud environments, due to these security and compliance issues. Enterprise companies looking to leverage all the typical advantages of cloud (cost, agility, scale, etc.) need to consider the following critical areas when considering this computing paradigm:

  1. Experience: SAP systems are typically complex, and require a number of interconnected servers, need correct versioning, and need certified and expert support. If your cloud provider does not have extensive and referenceable experience, with your exact landscape, then you need to keep looking!
  1. Performance: Hundreds, if not thousands, of users, potentially spread all over the planet, may need to access SAP systems, and if response time is slow, users will be inefficient and there will be direct costs. Hosted SAP systems need to use an architecture and WAN access process that balances cost with response time and an optimal design. Your cloud service provider must understand these challenges, offer various approaches and have extensive benchmarking experience to share so there are no surprises.
  1. Migration and On-boarding: This critical phase needs to have a project plan that makes sense and processes that limit the risks and time in transition. The longer a businesses is paying for two environments, the higher the costs, there are more database replication and updating issues, and other risks. Organizations need to see a detailed plan that is based on experience as mentioned above.
  1. Security Related Items:
  • RACI: Who does what? The RACI dilemma must be solved. Companies leveraging the cloud have to understand that there are shared security responsibilities. The cloud service provider typically handles all of the underlying physical, environmental, networking, storage and support systems management. Organizations that have needs for process and tools that include OS patching, scanning, logging, AV/AM, IPS, WAF, archiving, DR and IR Plans and testing, firewalls… on and on! The provider must have a well-defined process for identifying all of the necessary processes and then ensuring delivery of the selected items.
  • Data Sovereignty: Organizations that have PII data and workloads located in countries that have specific laws regarding where that data can and cannot be hosted, have to be supported. The cloud service provider has to have technical measures, contractual obligations and processes that fully support this critical area.
  • Search and Seizure and eDiscovery Issues: Organizations typically have many questions related to how the cloud service provider deals with subpoenas and requests for eDiscovery. The risk is that the cloud service provider hands over businesses data to authorities without the awareness of the data owner. Sophisticated and enlightened cloud users know how to leverage encryption and key management to eliminate this risk. Ensure that your cloud provider offers the tools to fully support the encryption during entire data lifecycle: before move, in transit, in use, in archive and data destruction once the workload is de-provisioned. Companies should be able to fully manage their own encryption keys, so they have exclusive control over who has access to data.
  • Audit and Compliance Support: Organizations should have their compliance framework fully supported by the supplier. ISO 27000, PCI 3.0, GxP, CSA, SOX, SSAE16, SOC2, HIPAA, NIST, FISMA, FedRAMP, etc. independently audited and compliant environments must be available. Audit reports and all of the related artifacts must be made available to the company, and the provider must fully support the business’s “right to audit.” Run, don’t walk, away from providers that don’t have this critical area fully addressed.
  • Security Posture: The organization’s security posture and maturity should improve during a move to the cloud. This is not counterintuitive. The cloud service provider should be using better tools from a very complete portfolio, have more security staff, leveraging threat feeds, and have the stated goal and offer proof of before and after, to demonstrate that the security of the businesses is in better shape after a move to the cloud.
  • Expert Consulting Available: Your cloud provider should have certified and experienced experts that can ensure that all risks are addressed appropriately. Test your potential provider with tough questions and challenges, if you don’t get good answers before the move, then you should not expect good support after the move.
  • Integration with Processes: Incident Response and Disaster Recovery are examples of critical functions that must be supported by the cloud service provider fully, or partially, as determined by the businesses. Testing, documentation and expert support must be in place to ensure continuity of operations during unplanned events.
  • Resilience: Things go wrong, but how the cloud service provider deals with an issue makes all the difference. The provider must have resilient capabilities to ensure that disruptions and costs are minimized during unexpected events.
  • Misconfigurations, Patching, SAP Notes: One of the highest risks for companies running SAP is ensuring the secure configuration of SAP is maintained during the product lifecycle, and risks increase if there are multiple support organizations involved. Ensure the cloud service provider has specialized tools that are specifically designed to scan for, identify, track and manage remediation efforts for SAP. Look to the recent breach of the SAP application at the US Federal Office of Personnel for evidence that vulnerabilities in this area must be addressed.

Support and Language Issues: Many cloud providers either outsource or partner with System Integrators, Basis Support Providers and other third parties. Ensure that your support is provided in a manner that minimizes costs and provides for as comprehensive as desirable support. The cloud provider should also offer those support resources directly and support all the languages that your user community needs.

As organizations continue to deploy complex and collaborative applications in private, public and hybrid cloud environments, and share data with global customers, suppliers and partners, security leaders must figure out how best to protect their entire ecosystem, and not just their organization. This is just a short list of the myriad items that organizations must consider as they contemplate moving critical SAP workloads to the cloud. Hopefully some of the items listed above give you additional considerations as you contemplate leveraging the cloud for your critical SAP workloads.

 

 



Posted in Uncategorized | Leave a comment

Venture Born. Enterprise Proven. [and now] EMC Strong


By Rodney Rogers
CEO, Virtustream

So I’m going to try to sum up the past 6 years in about 1,000 words. This may be a bigger challenge for me than this deal we just signed.

Before getting into it, I want to thank Joe Tucci, Pat Gelsinger, Howard Elias and everyone else that made this bet on us. We could not be more excited to embrace the awesome responsibility of Virtustream becoming the newest company in the EMC Federation.

We will not let you down.

 A Bit of Background:

 When my co-founder Kevin Reid and I started Virtustream in January of 2009, we were the antithesis of Silicon Valley hipsters. We were a couple of 40-something East coast guys whose technical experience came largely from the application services space (our Bios). We were, quite possibly, the least cool guys in the cloud. Further, we were intent on building a start-from-scratch cloud software and services business that would ultimately compete with the industry’s titans. Thankfully, we were foolish.

At that time we admired the core cloud architecture that AWS had built which ultimately ‘made’ the public cloud market that they continue to dominate today. We felt attempting to build a sub-scale AWS model, however, would be venture capital suicide and instead focused on incorporating many of the principles they pioneered in the way of multi-tenancy, elasticity, orchestration, and automation toward solving the engineering problem associated specifically with running I/O-intensive, mission critical enterprise applications (such as SAP and others) in the cloud. Further, we focused on automating many of the system functions required to manage these particular types of enterprise application environments so as to be able to offer a uniquely efficient managed service for the technology landscapes that ran on our cloud. Virtustream was born.

So in the midst of the 2009/2010 U.S. credit crisis we raised venture capital, built a team, and started to design and write xStream, our cloud management platform software. If you are not familiar with our technology you can find short high-level overview here.

We use xStream today to run our own cloud IaaS in North America and Western Europe, make it available as a commercial software product to Service Providers around the world to power their own cloud IaaS offerings, and also make it directly available as a commercial software product to enterprises and government agencies for private cloud builds.

Our Commercials

While there has been some promising IP developed in the venture capital backed cloud software and services space over the past 5 -10 years, it is more rare to find viable/sustainable commercial results. This is what we are most proud of. We were able to separate ourselves from the pack in this regard and as a young company achieve viable commercial results in a relatively short time in a space that is furiously IP-intensive and competitive.

Our business today is on an approximately $100 million annualized revenue run-rate of which approximately 60% is cloud IaaS and 40% is cloud software – the latter of which we primarily license to other Service Providers around the world. I believe we now have just achieved the first inflection point towards scaling this business. Not so much yet in our current revenue run-rate, but rather in the profile of that revenue now being very conducive to high forward recurring revenue growth rates based on major wins within Fortune 500 customers on both the IaaS and software fronts. We have proven to-date that we can win against anyone in our areas of focus without much geographical reach, or much of a balance sheet relative to our competitors. Virtustream did not exist just over 6 years ago, and I believe strongly we are well-positioned to grow within a reasonable timeframe  to a billion dollar revenue business by way of our own growth trajectory and by fully leveraging the Federation’s assets and reach. Yes, you can all now judge me accordingly on that.

This Deal

We had been preparing to take Virtustream public for about a year now. Earlier this year we had evaluated bankers and had received numerous data points on how we may price a public offering. We started down the path of a standard 3-Quarter process of selecting a banker, writing an S-1, and then ultimately filing it with the SEC. Our target IPO date range was Q4-15 to Q1-16.

As is often the case when you take yourself through a process like this, acquisition suitors emerge. We had dialogue with parties we knew well and knew had an interest in us. We received Term Sheets from a number of parties and evaluated our choices. The ultimate valuation ranges of these Term Sheets and the present value of the public offering pricing estimates were all in the same range of in/around $1.2 billion USD. We were in the wonderful position of having options, but also had a great burden of responsibility in making the right choice for our customers, employees and shareholders.

We chose EMC. It was, quite honestly, an easy decision. In addition to the terms EMC proposed, the enterprise-focused technology and service assets within the EMC Federation are, in our opinion, unparalleled. We believe that we help fulfill the EMC vision of being able to run any type of enterprise application in the cloud, anywhere in the world, through ultimately whatever method of consumption makes sense for the customer. EMC’s reach, sales force, commercial model and asset base will literally give us the opportunity to take this precious kernel of IP that we have developed and reach the world with it. Being structured as a new Federation Company affords us the opportunity to fulfill our own dream of changing the world of enterprise IT computing. We’re very excited about what this means in terms of expanding our technology offerings and reach for our customers and partners around the world – who play such an important role not just in shaping our journey, but also in shaping our very products and services.

In closing I will also say that we found every single person we dealt with at EMC to not only be outstanding in their area of professional discipline, but also just great people. That was also of ultimate importance to us.

We are humbled, energized and thrilled to now be EMC strong.



Posted in Uncategorized | 2 Comments

A Quick Overview of Virtustream’s Technology. Go!


By Rodney Rogers,
CEO, Virtustream

I was recently at a Fortune 500 cloud IaaS prospect and a senior technology executive there gave me “one opportunity” to describe what Virtustream did technologically and why she should care. Her two stipulations were that I had to make my case in 5 minutes or less, and without the use of any visual aids. She then just simply said, “Go:”

So I took a breath and went:

xStream, the cloud management software that powers Virtustream’s cloud IaaS, resides as an abstraction-based control plane above the virtual machine management layer in the cloud IaaS Stack. Our software diffuses the definitional bounds of virtual machines so we can size and service technology landscapes to the individual application requirements for compute, RAM, storage IOPs and network bandwidth. We then pool these resources in aggregate and optimally use them individually across our entire estate of hardware to service our entire estate of customers, sizing customer resource pools to specific QoS requirements. This allows us to always ensure that we have the required IOPs to guarantee the latency of the applications that run on our cloud, without over-provisioning hardware to do so.

This is particularly helpful for running heavyweight enterprise apps in the cloud (SAP systems and their residual interface apps, as an example), commercially guaranteeing application response times in production environments, eliminating unnecessary virtual machine “headroom” and ultimately billing customers on the individual resources they consume as opposed to allocation-based instance sizes. This allows us to offer a highly efficient service from both a unit price and volume of purchase perspective, while also being able to commercially assure the performance of mission critical apps running on our cloud.

We have also focused intensely on automating the functions required to maintain enterprise application landscapes. To accomplish this we have written a macro-orchestrator that sits atop an open platform which automates, through a library of digitized blueprints, the inter-dependent and sequenced actions (start, stop, clone, refresh, etc.) and the various system components (app servers, data base servers, web servers, etc.) of that landscape to perform a particular type of action (patching, application maintenance, upgrades, etc.) on the environment. This area is another huge differentiator for us particularly for SAP environments today, with Oracle on our near-term roadmap. We do not just address the automation of these management functions for the SAP or Oracle enterprise apps, but for the full ecosystem of web apps that interface with these core enterprise apps as well. This fundamentally allows us to manage more application landscapes with less system/application admin labor.

Finally, we add to this a rigorous set of security and automated compliance features that have largely been recognized by Gartner as best in class. From the table-stakes stuff of role-based access, the segregation of logical and physical assets, authentication, etc., through to the more complex features of encrypting data without damaging IO performance, through to performing silicon-level system integrity attestation (thru Intel TXT) and providing for the automated ingestion of massive amounts of sensor-generated technology asset data to perform continuous monitoring of assets for vulnerability and compliance-adherence. This area has also been a huge differentiator for us. We run the most secure cloud IaaS in the world.

Summary

We got that deal. Not because of my 5-minute pitch, but because of the real technology described in that 5 minutes.

The above is simply intended as a short introductory overview to Virtustream’s technology. There is a tremendous degree of further detail in the product sections, white papers, case studies, and other areas of our web site. Additional technical content for specific use-case requirements are also available by way of contacting us.



Posted in Business-Critical Applications, Cloud Computing | 1 Comment

Roundup of Virtustream @ SAPPHIRE


SAP_SAPPHIRENOW_K55_C_r_p

Round of Virtustream @ SAPPHIRE
by Michael Hoch
SVP of Cloud Advisory Services, Virtustream

SAP SAPPHIRE is always the biggest event of the year, with over 17,000 customers, prospects, and SAP experts rushing to Orlando to hear the latest and greatest from SAP.

This year, Virtustream @ SAPPHIRE was our biggest event in the history of the company. Our stellar booth sat right in the heart of the conference floor, with four stations where customers and partners could dig into critical topics for SAP customers interested in Enterprise Cloud solutions.

Of the hundreds of customers we spoke with over the three days, here are three themes that kept coming up again and again, by customers in almost every vertical, of almost all shapes and sizes:

  • Is real-time reporting with SAP S/4HANA actually real, or is it SAP hype? SAP’s announcements at Sapphire are often very forward-looking, bleeding edge technologies that have the promise of something great, but are just hitting General Availability. Many attendees wanted to know if S4HANA is real, and should be considered today, or if they should let it “burn in” for a while before putting it on their roadmap.

Virtustream encouraged customers to look at it now, today. A few weeks earlier, Virtustream’s announced the first production S4 HANA Customer in the Cloud with Don Whittington, CIO of Florida Crystals, took the plunge and completed the full migration to S4HANA in just 4 weeks. Also, Virtustream and its partner, Infosys, were demoing a real-life S4 Simple Finance solution that is being used today for by major automotive customer.

SAP users should be cautious about going too far, too fast with S4 Simple Finance – to use it does required a database migration for ECC onto HANA. However, SAP users should charge ahead with its close cousin S4 Central Finance – this can be deployed in a sidecar manner, without requiring a full ECC migration to HANA. It can connect to non-SAP systems using SLT. And it can greatly improve the speed, accuracy, and flexibility of financial reporting.

  • How can a CTO transform their on-premise infrastructure to become a real “IT-as-a-Service” provider? The enterprise cloud market has matured incredibly rapidly over the last 2 years, including support for SAP HANA. When Virtustream announced the very first ECC on HANA in the cloud, and launched its Cloud Service for SAP HANA at Sapphire 2013, we spent 95% of our sales efforts educating customers about how to buy SAP and HANA from a cloud provider, including what a true utility model is (as opposed to managed hosting), what kinds of SLAs to expect, how DR can be architected, which security frameworks could be supported, and so on.

Now, just 2 years later, most customers know what they want, and how they want to buy it. The big question is: Can we do this ourselves, in our own DCs? Or is “cloud” only available via a third-party? Large and small IT shops have always wanted to be able to provide fast-to-deploy, easy to manage, utility-based services for their internal groups. There’s a large existing investment in hardware and operations expertise that can’t be thrown away. And, despite the advanced security capabilities of many enterprise cloud services companies (including Virtustream), there are still many situations where the data must remain on-premise.

Virtustream’s Position: The full enterprise cloud IS available in an on-premise model today. A major manufacturing firm had a 0-minute recovery point requirement for their SAP HANA systems, which could only be met with a dual-site private cloud deployment within a metro region. Virtustream, Infosys, and VCE combined forces to provide a true enterprise cloud solution: utility-based multi-tenant for use by dozens of internal business units, highly secure, scalable, with near on-demand deployment capabilities for new projects sponsored by the business. Once fully deployed, the customer will be able to offer full “IT-as-a-service”.

  • Can a company with PCI, HIPAA, ISO, FedRAMP or other high security and compliance requirements really make use of an Enterprise Cloud? Ever since Amazon first launched their public cloud, there’s been concern about security in the cloud. Customers are rightly paranoid about maintaining their security frameworks. And in today’s climate, audit and compliance is not only a critical security capability, but a high cost of doing business. This is still the number 1 reason some customers say they may do test/dev in the cloud, but never run production.

Virtustream’s Position: It’s time to take a fresh look at security, both on-premise and in the cloud. With advancements in database encryption at rest, in motion, and in use, improvements in security hardening and user auditing, and mature end-to-end risk and compliance management offerings, and the ability to know where your data can and can’t move to using geo-fencing, the cloud is often *more* secure and compliant than an on-premise environment. It’s not easy, it’s not simple, but with sufficient expertise and experience, and the right tools and processes, a highly secure enterprise cloud is available and in use by major commercial and private sector companies today.

The approach we recommend to customers is to be as specific as possible about the security, audit, and compliance requirements for your SAP and non-SAP workloads. Use that as your calling card to evaluate enterprise cloud providers. Then collaborate with your cloud vendor on the design, risk profile, management processes, RACI, etc. The cost should be the last area to review: Once you have a design that meets your requirements, 9 times out of 10, your cloud vendor will work with you on how to get it at an attractive price. Of our 170+ SAP customers, we have not once met a security profile that we couldn’t meet or exceed. The cost was sometimes high, but the savings from moving the cloud generally far outweighed the additions for the extra security.

 About the author

MichaelHochMichael Hoch is Virtustream’s SVP of Cloud Advisory Services



Posted in Uncategorized | Leave a comment

Hybrid Cloud is the New Black


Hybrid-Cloud-is-the-new-Black

Hybrid Cloud is the New Black
by Chris Hale
Vice President of Technical Marketing, Virtustream

Flexible, dynamic IT is all the talk, and Cloud Computing (especially the hybrid cloud) appears set to become the new business network.

The challenge for large enterprises is that they are time poor, yet information and demand rich.  While cloud-native start-ups can leapfrog traditional IT architectures and jump straight into the cloud, enterprises cannot. Investments in equipment, software, personnel, and data center facilities cannot simply be written off in favor of ‘asset light’ public cloud services.

Build a Roadmap to Cloud Transformation

The reality is that building and managing a hybrid cloud is not as simple as sometimes portrayed. For one thing, the migration path involves a lot more than just deploying a private cloud and linking to a public service. Even the initial assessment phase involves multiple tasks like evaluating changes to existing infrastructure, determining appropriate public resources and setting the proper migration parameters.

There’s also more to hybrid cloud than just interconnection and movement of workloads. Onsite and in-the-cloud systems must be orchestrated to work together as a single system, and workloads should be able to run in the public cloud domain without rewriting the application code or redesigning the network architecture, security policies, or business logic.

Enterprise IT leaders also face the increased challenges of managing enterprise governance, security and risk management associated with unsanctioned consumer apps creeping into the workplace, or supporting the myriad of devices that come with BYOD.  Compatibility and interoperability issues come into play as well, given that the public and private components of the hybrid solution feature different architectures, tool sets, management frameworks, and service catalogs. Disparities among these elements must be abstracted away just to ensure proper migration — not to mention seamless “inside” and “outside” application development and execution environments.

Dynamically Orchestrate, Manage and Scale

The hybrid cloud can provide self-service ‘stretch’ resources that augment what’s already in the enterprise data center, delaying or even eliminating the need for additional CAPEX in favor of an OPEX approach. Enterprises need to be able to quickly, seamlessly and securely, move workloads, including those that are mission-critical, to and from the public cloud.

Hybrid cloud offers a way to satisfy the resource requirements of line-of-business managers, application developers, and IT operations personnel, with on-demand access, self-service rapid provisioning, and scalability – combined with the need to maintain a secure, reliable, policy-driven IT infrastructure.

Complex Hybrid Graphic

Putting the “Hybrid” in Hybrid Cloud
For enterprises, getting the most out of a hybrid cloud implementation will take more than just swiping a credit card to order some cloud virtual machines.  For better or worse, by focusing primarily on the distinct infrastructures which form the hybrid cloud, simple definitions of the concept serve to obscure both the power and challenge inherent in enterprise hybrid cloud.

It is, in fact, the “hybridization”—really, the integration—of distinct cloud infrastructures, rather than simply the distinctness of those infrastructures, that allows enterprises to see benefits or return on investment.

A true hybrid cloud provides an integrated operational and user experience that allows enterprises to maximize benefits such as speed and agility, reliability, utilization, capacity and cost reduction.

In order to deliver a true hybrid cloud, businesses must consider how they will integrate disparate infrastructures while providing a common approach to meeting the security, governance, and administrative challenges that such an environment presents

As a leading provider of enterprise-grade cloud software, infrastructure and services, Virtustream is uniquely positioned for hybrid cloud computing that meets the needs of businesses running large and complex applications, including SAP, Oracle and other legacy systems.

Download our Hybrid Cloud whitepaper and find out how Virtustream can help you manage and orchestrate a hybrid cloud transformation.

About the author

Chris Hale (Krystle Waters's conflicted copy 2015-04-18)

Chris Hale is Virtustream’s Vice President, Technical Marketing.

 



Posted in Uncategorized | Leave a comment

Virtustream Launches First Annual Cloud Conference in Lithuania


Picture1

Virtustream held its first annual cloud conference in Lithuania at the Kaunas University of Technology (KTU), on Thursday, March 26th. The event offered local businesses and students the chance to understand the security, compliance, performance and efficiency requirements needed to migrate and manage the most complex applications across hybrid, private or public cloud environments.

Van Williams, CIO and Chief of Product Engineering at Virtustream and the host of the conference, said, “This conference further emphasizes Virtustream’s commitment to the Lithuanian technology industry.  It is a great chance to build on our relationship with KTU. It is also a chance to show local businesses and students how the work that we are doing in Lithuania can greatly benefit them and offer exciting career prospects in the cloud computing industry.”

In addition to the relationship with KTU, Virtustream hosts its research and technological development center in Kaunas, employing IT specialists to develop future releases of xStream, the company’s cloud management platform software. The event drew on the latest customer and partner experiences of the Virtustream team and encouraged local businesses and students to work in the cloud.

Some highlights included Kelly Bryant, Vice President of Product Management at Virtustream, kicking off the event with a presentation charting the beginnings and evolution of cloud computing, then later hosting a session focused on building a career in the cloud computing industry. Peter Jaeger, Senior Vice President of Product Management at Virtustream, reviewed the technicalities of moving an enterprise to the cloud and how businesses can take full advantage of rapidly evolving cloud technologies.

The event concluded with an expert panel comprised of industry leaders discussing the current cloud computing landscape. Van Williams moderated the discussion. Panel members included Robertas Balkys, Head of Research and Innovations Technology at TEO LT; Alasdair Hodge, Development Manager and CEO at Cloudsoft; Kęstas Liaugminas, Head of Product Development at Blue Bridge; Mindaugas Pranskevičius, CEO at Baltnetos Komunikacijos; and Donatas Zaveckas, CEO of BTT Group.

Please visit our Facebook Album to see photos of the event.

 



Posted in Uncategorized | Leave a comment

The Road to SAP HANA in the Cloud: Best Practices for CIOs


Matt Clemente_2015

 

 

 

 by Matt Clemente, Senior Vice President of Cloud Cover Services at Virtustream ,and founder/creator of the SAP HANA Migration and management factory methodology.

SAP-HANA-logoSAP has come a long way with its SAP HANA offering, touting the ability to significantly improve enterprise operations via more effective business operations, improved efficiency, and previously unachievable speed via the “in-memory” database technology. To put this in perspective, consider that 2 years ago, SAP HANA was really only relevant and popular for business reporting usage. Over the past 24 months, it has become mainstream for use across nearly any industry verticals, and widely adopted by any companies running the core SAP Suite, as well as Business Objects, SAP HANA Live, and HADOOP integration as businesses strive to understand and profit from the real time processing, and real time large quantities of business data running through their systems. More and more organizations are looking to deploy SAP HANA in the cloud for its scalability and ease-of-use as they transition to cloud deployments. To do so effectively, though, CIOs must consider several factors to ensure a seamless migration path and truly capitalize on and expedite the tangible business benefits that SAP HANA can deliver.

While organizations from across the board are increasing their investment and roadmap into the cloud for its simplicity, flexibility and cost savings potential, the migration process can be anything but simple. Deploying and running SAP HANA in the cloud is particularly complex. It requires a strong understanding of the deployment process and should involve a partner that has experience with standing up SAP HANA POC’s. The provider must also have deep SAP HANA experience and understand the challenges and potential project show “stoppers/gotchas” that may arise throughout the installation or migration process. A team with a solid background around proper tuning and who follows OS, DB, SAP (and where applicable) Virtualization best practices, businesses can achieve a 20 to 40 percent gain in performance from their SAP HANA deployments.

Questions CIOs Must Ask To Maximize and Prepare for a SAP HANA Deployments

Before even going down the road of an SAP HANA migration, it’s important to understand the solution’s full capabilities and roadmap the technologies capabilities with the specific needs and priorities of the business. When correctly aligned, the SAP HANA technology enables near real-time reporting and data delivery at a scale never before achievable. This was very evident during a recent Go-Live when end users claimed report functions were not working when in reality they were so used to the 2-5 minute processing time that when the data was delivered in milliseconds they just assumed there program or query was not working properly!

Creating a thorough blueprint of your business model gives you visibility into your organization’s needs, and should be the first step in any SAP HANA deployment. You can analyze how hard month-ends and year-ends are, see where your business is being hit the hardest, and pinpoint how SAP HANA’s intelligence and analytics can be used to improve your efficiency. For example, a global food manufacturer struggled to integrate disparate sources of data running across its high number of on-premises business intelligence platforms. By mapping out these various data sources and deploying SAP HANA in the cloud, they gained granular, real-time visibility into their sales data, allowing them to address problem areas and boost sales.

Other challenges organizations typically face when looking at migrating to SAP HANA, or implementing SAP HANA is finding a simplified migration path. SAP provides some starting tools and best practices “cookbooks”, but there is no standardization and optimization when it comes to deploying SAP HANA in the cloud. Furthermore, any third party software must be reviewed for compatibility with SAP HANA for a successful deployment. The key to overcoming these challenges comes down to working with a service provider that has true SAP HANA enterprise implementation, migration, and ongoing management experience. The investment will pay itself in dividends, as it will expedite the implementation timeline, mitigate the potential risks to your projects success, and enable the best use of the robust SAP HANA “in memory” technology.

After implementation, the SAP journey isn’t quite over – and IT must be on tap to monitor and maintain the solution. This is commonly overlooked, and takes a partner or service provider with proven Enterprise management experience in maintaining SAP HANA including: dealing with revision upgrades, SAP HANA DB refreshes, and understanding of the various methods in which SAP HANA High availability can be used to minimize downtime to give a few examples.

Once SAP HANA is in place, the ability to obtain business level results in actual real time is invaluable, and the return on the investment is demonstrated almost immediately. Typically businesses on average will see operations such as Month-end processing, Year-end processing, and Payroll run 45-75% faster, and average core reporting, transactions, and batch jobs can potentially run 35-1000% faster. The enablement of real time date and live visibility into data drastically changes the business, and enables business leaders to make intelligent, data-driven decisions.

While the migration journey to SAP HANA can seem complicated, with the right business process alignment, and an established and experienced Cloud implementation partner (thus also eliminating the CapEx cost), a significant ROI can be realized almost immediately upon going live. As an example, Global Fortune 500 organizations have migrated to SAP “Powered by HANA” running on Virtustream’s xStream cloud platform and have realized improvements in their productivity right off the bat.



Posted in Uncategorized | Leave a comment

2015: The Year of Real-Time Collaboration, Cloud Globalization and End-to-End Trust


By Kevin Reid
CEO & CTO, Virtustream

As cloud computing adoption rates continue to soar in 2015, IT leaders will look to address the growing challenges of security and compliance, performance and financial control. Coupled with external factors such as the threat of data breaches and pending regulation changes around the globe, the enterprise IT landscape will continue to grow in complexity and opportunity in the year ahead.

predictions

To keep up with these changes, IT leaders will adopt real-time collaboration techniques, geotrust-supported technology, greater transparency with vendors and SLAs, and make strides toward an end-to-end trusted compute platform. Here are four predictions that look at how these issues will pan out in 2015:

  1. Real-time collaboration will address cyber threats: IT leaders will address the growing cyber security threats in the cloud with new and improved real-time collaboration capabilities, particularly in the federal space. Groups will share knowledge to quickly triangulate the source of cyber threats and form a satisfactory action as a joint initiative, rather than spending significant resources to do it independently. Given the massive amount of data breaches and security threats that emerged in 2014, this collaborative approach will provide IT leaders a more efficient way to identify and address threats rather than the siloed, independent processes taking place today.
  1. Global data sharing becomes easier, safer: Along with the growing pains of scaling cloud infrastructure for a global business comes the inevitable question of how to protect data across borders. Enterprises must adopt technology that supports the restriction of data or applications moving into territories that are forbidden, based on security or compliance requirements. This concept, called “geotrust,” will continue to proliferate among enterprises as countries promote an increasing amount of privacy laws and concerns.
  1. Greater demand for visibility and transparency: As new technology is adopted, IT leaders require greater visibility into security, performance and cost when it comes to managing these tools. Service level agreements (SLAs) and vendors must provide greater transparency into average and expected costs in order for IT to gain back financial control. This will also allow for planning and accounting for infrastructure changes, new resource requirements or the ability to quickly scale an app on-demand via consumption-based models that eradicate the fear of a shocking bill at the end of the month.
  1. The end-to-end trusted compute platform: To date, most companies have focused on the security of the data center and the applications/infrastructure it runs on. The reality is applications and networks are being accessed by a myriad of devices. In the Bring Your Own Device era, we’ll begin to see more emphasis on creating secure connections and assuring the integrity of the client side (smartphone, PC, etc). Multi-factor authentication and security between the device and the data center/applications that talk to that device will support the vision of a trusted, end-to-end compute platform.

New trends around BYOD, real-time collaboration and the globalization of the cloud will surface and define cloud computing in 2015. Successful IT leaders will address these trends by responding with a collaborative approach to security and compliance, a greater eye toward performance, and an increase in transparency to better manage these new tools.



Posted in Uncategorized | Leave a comment

The Misadventures of Cloud Computing: When Reliability Matters


Virtustream.highres.referral

When Reliability Matters

We love funny cat pictures just as much as the next person- and our family vacation albums are among our most valued possessions- but those are personal priorities. We generally think about business priorities in a different light, with minimal overlap with the likes of Mr. Whiskers. Keeping personal and business priorities largely separate is a natural and understandable inclination. Given that, why should your cloud service provider be any different?

The consumer cloud works exceptionally well for just that – consumers. But when it comes to the enterprise, a cloud solution is about much more than just data storage. It’s about what you are storing and how you are using it. It’s about backup reliability and business continuity. The lack of adequate security or an ERM strategy with continuous threat monitoring results in consequences far greater than data loss for an Enterprise. It can seriously impact customers and have a direct impact on corporate welfare. Simply put, enterprise-class data and information needs an enterprise-class cloud infrastructure to support and protect it.

Want to see more? Take a look at our other marketoons!

When Reliability Matters: Part 1
When Reliability Matters: Part 2
When Reliability Matters: Part 3
When Security Matters
When Performance Matters

 



Posted in Uncategorized | Leave a comment

The Misadventures of Cloud Computing: When Security Matters


Virtustream.web.enterprise

Fathers and sons. Start-ups and enterprises. Will they ever understand each other? As it is in life, when companies grow and mature they become responsible for more sensitive information, operate under higher stakes and restrictions and require more complex services to run their businesses and keep them at peak performance.

While he doesn’t see it, the alpha developer and his enterprise-IT  dad, though they are both in the same field technically, have vastly different needs. The advantages a web-scale solution brings to a host of use cases including a video-game start-up are very real, but the cloud is not one size fits all. There is a complexity that comes with the legacy mission critical apps and sensitive data inherent in an enterprise. Albeit not sexy, security, compliance, and reliability are non-negotiable for the Enterprise customer.

Want to see more? Take a look at our other marketoons!

When Reliability Matters: Part 1
When Reliability Matters: Part 2
When Reliability Matters: Part 3
When Security Matters
When Performance Matters


Posted in Cloud Computing, GRC, Mission-Critical Applications, Private Cloud, Public Cloud, SAP, SAP HANA, Security, Trust, Trusted Cloud | Leave a comment

The Misadventures of Cloud Computing: When Reliability Matters


Virtustream.web.backupplan copy

When Reliability Matters

While no cloud service provider can claim 100 percent uptime – not all cloud services are created equal when it comes to performance and reliability.

The issue of reliability becomes exponentially more important for large enterprises that are migrating their mission critical business applications to the cloud. For these organizations, downtime is not an option.

Virtustream is independently recognized for its commitment to assuring our enterprise customers the highest possible levels of reliability and performance. According to a recent report by independent analyst Cloud Spectator, we outperformed 14 of the leading infrastructure-as-a-service (IaaS) cloud providers worldwide, as defined by the 2013 Gartner IaaS Magic Quadrant.

While reliability is of the utmost importance, recovery is a close second. That’s why we have aggressive recovery point and recovery time objectives to ensure that if something does go wrong, downtime is at an absolute minimum.

Your recovery plan should be more than bemoaning the latest instance of downtime to your Twitter followers. It’s about reliability and service.  Because in the enterprise, we know if you wait – more than just ice cream will start to melt down.

Want to see more? Take a look at our other marketoons!

When Reliability Matters: Part 1
When Reliability Matters: Part 2
When Reliability Matters: Part 3
When Security Matters
When Performance Matters


Posted in Backup, Cloud Computing, Cloud Spectator, Disaster Recovery, Enterprise Workload, Hybrid Cloud | Leave a comment

The Misadventures of Cloud Computing: When Performance Matters


Virtustream.highres.whiteboard

When Performance Matters

We know as well as anyone that the cloud solutions market is crowded, and getting more so every day. Nowadays everyone seems to be a cloud provider; everyone has a solution they want to sell you, from legacy hardware providers with “platinum new cloud capabilities” to purists who pressure you to adopt “real” scalable cloud technologies.

But buyer beware: Not all cloud service providers are created equal. Many can generalize solutions or pontificate idealisms, but do they really have the right software and services for your particular enterprise needs?

Enterprise cloud users require a much more sophisticated level of performance than a personal user or smaller business. In an enterprise, the data is sensitive, and the stakes are high. It’s vital that a cloud provider that considers themselves “enterprise grade” can guarantee a high level of performance and availability and provides the SLAs to back it up. If its mission critical apps do not consistently run well in the cloud, any other promises just don’t matter.

Want to see more? Take a look at our other marketoons!

When Reliability Matters: Part 1
When Reliability Matters: Part 2
When Reliability Matters: Part 3
When Security Matters
When Performance Matters


Posted in Backup, Cloud Computing, Compliance, Disaster Recovery, Enterprise Workload, Mission-Critical Applications, On-Demand, Performance | Leave a comment