CSM - Unit Ii

Download as pdf or txt
Download as pdf or txt
You are on page 1of 26

CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

UNIT II CLOUD SERVICES STRATEGY


Cloud Strategy Fundamentals, Cloud Strategy Management Framework, Cloud Policy, Key
Driver for Adoption, Risk Management, IT Capacity and Utilization, Demand and Capacity
matching, Demand Queueing, Change Management, Cloud Service Architecture.
CLOUD STRATEGY FUNDAMENTALS
Introduction
Businesses move to the cloud for several reasons. For some, moving to the cloud means gaining
access to the best enterprise-level technology without the associated costs of handling,
maintaining, and managing the underlying infrastructure. For others (like startups), the ability to
scale quickly and respond faster to market demands are top of the list.
Whatever the reasons, every business that decides to make the move needs a cloud implementation
strategy to operate successfully and profitably in this environment.
Table of Contents
 What Is A Cloud Strategy?
 Benefits Of A Cloud Strategy
 How To Develop A Cloud Strategy For A Startup
 How To Develop A Cloud Strategy For Traditional/On-Premise Business
 Cloud Strategy Planning: An Example In Action

What is a Cloud Strategy?


A cloud strategy is an action plan for achieving success in the cloud. Your strategy will define
the role of cloud within your organization — and should exist in a living document that you update
and share with the rest of your team. Your strategy will differ depending on the stage of your
business and your reasons for moving to the cloud. If you’re a new business, for example, your
goal might be to move fast and grow your customer base as quickly as possible. A more established
business might have different expectations.

Benefits Of Developing A Cloud Strategy


A cloud strategy helps you to:
 Clearly define how you intend to use cloud services and the reason for a specific approach
 Communicate your cloud approach to your teams
 Ensure that cloud-related actions are aligned with organizational goals
 Increase productivity and find ways to reduce costs while working in the cloud
Now that we’ve covered the definition and benefits of a cloud strategy, let’s look at the paths for
a new company adopting the cloud versus a traditional business that already has a considerable
technological footprint on-premise.

Developing A Cloud Strategy For A Startup


If you’re a startup, you’re focused on building your product and improving the value you deliver
to your customers. The faster you do that, the faster you’ll find success in the market.
Therefore, your strategy should be to move fast, avoid undifferentiated heavy lifting — work that
brings no value to your business — and adopt as many managed cloud services as possible. This
will save you a lot of costs.

1
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

For instance, instead of maintaining servers, use serverless services; instead of creating and
managing custom/bespoke systems, think about containers and Kubernetes; instead of managing
your own database, use managed database systems like RDS Aurora from AWS or a Snowflake
data warehouse product that can increase your customer growth. These are generally better, easier,
and faster alternatives.

Developing A Cloud Strategy For Traditional/On-Premise Business


If you’re part of a more traditional/on-premise company that has not yet migrated to the cloud,
first consider if your product is profitable, functioning, doesn’t require a lot of changes, and is
already delivering a profit back to your business.
In this case, your strategy might be to leave everything the way it is and only consider the cloud
for new initiatives. However, if you already feel the burden of operating your own systems because
you have to continuously innovate and iterate on your solutions or you’re under a lot of competitive
pressure, then it probably makes a lot of sense to migrate to the cloud.
Note, you should not expect that things will initially be cheaper or less expensive in the cloud. In
fact, you should expect things to be a little bit more expensive before they improve.

For a traditional business moving to the cloud, the three-step process below applies.

Step 1: Lift and shift/rehost


Most traditional businesses start their journey to the cloud by taking what they have in their data
center and lifting and rehosting it in the cloud. Lift and shift is the most expensive way of migrating
your data to the cloud, but it’s also one of the fastest.
One note of caution: Avoid trying to maintain a product by having one leg in your data center and
the other leg in the cloud. Operating in two worlds could cause a lot of stress, instability, and
challenges. Therefore, choose a cloud service provider and commit to the cloud for the long run.

Step 2: Iterate rapidly


Once you have moved your applications to the cloud, focus on iteration. Look at the costs
associated with operating your system and identify which features, products, or unit costs are most
expensive for the operation of your system.
Why? Because what was cheap in the data center might not be cheap in the cloud, although there
may be cheaper alternatives. There may be managed services from your cloud provider that you
can use. However, you should base your iteration and your development work on what it costs to
deliver your products and features to the market.
Adopt tools that will give you full insight into your cloud costs in a context that is relevant to your
business. For example, CloudZero’s cloud cost intelligence platform allows you to map costs to
product features, teams, and customer segments. This helps you to quickly calculate your margins
and understand your most profitable products/features.

Step 3: Adopt a philosophy of elasticity and flexibility


As you become cloud-native, your team will automatically start to think of managed services and
cloud services they can leverage/use to go faster than they could ever go when the company was
on-premise.

2
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

The next step is to adopt a philosophy of elasticity and flexibility for rapid change. At this stage,
your systems and the costs associated with those systems should scale dynamically up and down
based on customer load.
The closer you get to a curve where your customer activity is aligned with your system activity,
which is aligned with your costs, the better you can see a real indication of how efficiently your
systems are running

Cloud Computing Strategy Planning: An Example Of Moving A Legacy Application To The


Cloud
Say you have a legacy application that processes digital photos that you would like to move to the
cloud. Once you’ve made the commitment to move, your strategy should be as follows:
 Lift and shift/rehost the application in the cloud
 Adopt a culture of rapid iteration and development/improvement
 Integrate the development and operations functions so they are indistinguishable from one another
 Prepare for new services and capabilities as you become more cloud-native
It’s important to set aside time to consider using those new services because if you don’t, your
competitors certainly will. In particular, you should consider how to:
 Increase your gross margins
 Deliver features and functions faster to market
 Leverage the services of your cloud provider so you can deliver more value than your competitors
can in the same amount of time
For example, if you can process a photo for 20 cents a photo, that’s your unit cost. If your
competitors can process a photo for 5 cents, they have a real advantage over you.
Your strategy should be about bridging that gap and increasing profitability.

Summing It Up: 2 Key Things To Keep in Mind When Developing Cloud Strategy

1. Identify your goals for moving to the cloud


For companies that haven’t yet moved to the cloud, first consider if you need to make the move.
Do not adopt cloud services because they are trendy.
You may not need to move to the cloud if you’re not in an industry or business where your products
or services need to rapidly change, or if your system scales well and doesn’t need to operate in the
cloud, or if your customer growth deals with delivering a service that doesn’t change.
Unfortunately, these use cases are fast disappearing.

2. Keep cost in mind


Make cost management a key part of your strategy. Avoid thinking about your cloud computing
bill from a total-dollar point of view. Instead, think of cost in terms of per feature or cost per
product, or what it costs to deliver the value to your customers.
Ultimately, consider that in terms of your gross margins to the business, if you’re successful, your
costs will go up over time. However, if you’re tracking your cost per feature or product, you will
see that those costs match your customer growth. Then you should align that with key metrics for
your business. This is called unit cost tracking.
Adopting this philosophy of tracking unit costs early on as part of your strategy versus focusing
on your overall cloud bill will enable you to better focus on delivering profitable innovation to
your market.
3
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

CLOUD STRATEGY MANAGEMENT FRAMEWORK

A cloud strategy framework is a structured approach that organizations use to plan, implement,
and manage their cloud adoption efforts. It provides guidance on how to align business objectives,
technical activities, and people within the organization to achieve successful cloud adoption. Let’s
explore a few aspects of cloud strategy frameworks:

1. Defining Motivations and Business Outcomes:

A cloud strategy team plays a crucial role in defining motivations and business outcomes for
cloud adoption.

 This team ensures alignment between business priorities and cloud adoption efforts.
 Ideally, the strategy team ties technical activities to specific business goals.
 Key roles within this team include finance, line of business, human resources, operations,
enterprise architecture, IT infrastructure, application groups, and project managers.
 Their collective efforts guide prioritization and discovery during cloud adoption,
potentially triggering changes in processes, operations, customer interactions, and product
development.

2. Guiding Principles for Cloud Strategy:

When planning a cloud strategy, consider these principles:

 Trust: Establish trust in cloud services and providers.


 Enablement: Enable teams to leverage cloud capabilities effectively.
 Enterprise Risk: Address risks associated with cloud adoption.
 Capability: Build necessary skills and competencies.
 Cost-Benefit: Evaluate costs and benefits of cloud solutions.
 Accountability: Ensure accountability for cloud-related decisions and actions.

3. Creating a Concise Cloud Strategy:

 A cloud strategy is a viewpoint on the role of cloud computing within an organization.


 Unlike a detailed implementation plan, it focuses on the “what” and “why” rather than the
technical “how.”
 It doesn’t attempt to solve everything or move everything to the cloud.
 Instead, it outlines the organization’s approach to leveraging cloud services effectively.

4. Roadmaps and Action Plans:


 Organizations can develop concise cloud strategy documents by following steps such as:
 Aligning objectives related to the cloud.
 Creating a cloud action plan.
 Preparing the organization for execution.
4
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

 Establishing governance and risk mitigation.


 Optimizing and scaling cloud adoption efforts.

In summary, a cloud strategy framework provides a structured way to align business, technology,
and people for successful cloud adoption. It ensures that cloud initiatives are driven by business
goals and supported by the right roles and principles.

CLOUD POLICY
This policy is a set of rules and principles that protect cloud assets. It provides guidelines for
users to follow, allowing them to access workloads securely. And it sets out ways to handle cloud
security threats. Let’s delve into the topic of cloud policy within the context of a cloud service
strategy framework.
Cloud Governance Overview:
Cloud governance establishes guardrails that regulate cloud interactions. These guardrails consist
of policies, procedures, and tools designed to maintain control over cloud usage.
Policies define what is considered acceptable and unacceptable in terms of cloud activity, while
the associated procedures and tools ensure that all cloud usage aligns with these policies.
Corporate Policy for Cloud Governance:
Corporate IT policy plays a crucial role in making the transition to the cloud. It serves as the
foundation for governance.
In traditional governance and incremental governance, corporate policy defines the working
framework for governance. Most IT governance actions aim to implement technology that
monitors, enforces, operates, and automates corporate policies.
Cloud governance builds upon similar concepts, adapting them to the cloud environment.
The Five Disciplines of Cloud Governance help manage interactions and realize the overall
strategy. These disciplines include:
 Cost Management: Ensuring cost-effective cloud usage.
 Security Baseline: Defining security standards.
 Resource Consistency: Maintaining consistent configurations.
 Identity Baseline: Managing identity and access.
 Deployment Acceleration: Facilitating cloud adoption.
Cloud governance is an ongoing process, and lasting transformation takes time. An incremental
approach is often more effective than attempting complete governance upfront.
Reviewing Existing Policies:
Regularly review your existing policies with IT staff and stakeholders. Ensure that resources
hosted in the cloud remain compliant with overall corporate goals and requirements.

5
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

Consider new risks and acceptable tolerance levels during policy reviews. If your organization
collaborates with vendors or trusted partners, assess risks related to regulatory compliance by these
external entities.
Cloud Policy Definition:
A cloud policy is a clear statement of intent. It describes how specific cloud-related activities
should be executed, following a standard model designed to deliver business value. These policies
guide decisions related to cloud architecture design and implementation processes.
By defining and adhering to cloud policies, organizations can achieve better governance, improved
adherence rates, and automated enforcement of policy changes.
Remember, effective cloud policy and governance contribute to a successful cloud adoption
journey.
Example: Cloud Policy service for Microsoft 365

Let me provide you with an overview of the Cloud Policy service for Microsoft 365. This service
allows you to enforce policy settings for Microsoft 365 Apps for enterprise on a user’s device,
even if the device isn’t domain joined or otherwise managed. Here are the key points:
1. Policy Settings Roaming:

 When a user signs into Microsoft 365 Apps for enterprise on a device, the policy settings
roam to that device.
 Policy settings are available for devices running Windows, macOS, iOS, and Android.
However, not all policy settings are available for all operating systems.
 You can also enforce some policy settings for Office for the web and Loop, both for guest
users who are signed in and for users who access documents anonymously.

2. Similar to Group Policy:

 Cloud Policy includes many of the same user-based policy settings that are available in
Group Policy.
 You can use Cloud Policy directly in the Microsoft Intune admin center, under Apps >
Policy > Policies for Office apps.

3. Requirements:

To use Cloud Policy with Microsoft 365 Apps for enterprise, you need:

 A supported version of Microsoft 365 Apps for enterprise.


 User accounts created in or synchronized to Microsoft Azure AD.
 The user must be signed into Microsoft 365 Apps for enterprise with a Microsoft Azure
AD-based account.
 Cloud Policy supports Microsoft 365 Groups and Microsoft Azure AD Security Groups.

6
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

 Properly configured URLs and IP address ranges on your network (Cloud Policy doesn’t
support authenticated proxies).
 Specific roles in Microsoft Azure AD: Global Administrator, Security Administrator,
or Office Apps Admin.
 Note that Cloud Policy isn’t available for certain plans like Office 365 operated by
21Vianet, Office 365 GCC, or Office 365 GCC High and DoD.
 Also, policy configurations can’t be applied to volume licensed versions of Office that use
Click-to-Run (e.g., Office LTSC Professional Plus 2021 or Office Standard 2019).

4. Creating a Policy Configuration:

Sign in to the Microsoft 365 Apps admin center.

Under Customization, select Policy Management.

On the Policy configurations page, select Create.

Remember that Cloud Policy helps you manage policy settings effectively across various devices
and platforms within your Microsoft 365 environment.

KEY DRIVER FOR ADOPTION


With the advent of technology, the organizations are moving with technological implementations
in the mainframe of the business. The rise in exponential data arises the need and demand to
segregate the approach in a zipped and convenient manner without any risk of data loss, pricing
and hardware installation.
The organizations are continuously adopting the practice of cloud adoption as the services of cloud
computing. With the amount of interest, the cloud has created, is constantly encouraging the
organizations to adopt cloud services from cloud hosting providers such as software services,
platform services and cloud infrastructure services to design the set of associated benefits.
What Do You Understand by Cloud Adoption?
Cloud Adoption is the strategical move taken by an organization in order to bring the services at
one common platform pertaining to the responsibilities of an organization, with the motive to clear
the cost, access the cloud storage, mitigates the risk factors and deliver scalable services.
Once, the organization decide to move with cloud adoption, it becomes a prominent job to
understand the requirement of an organization. The decision should be based on the size of the
organization and its requirement. The enterprise can adopt the cloud in three distinguished forms
i.e; software as a service, platform as a service and cloud infrastructure services.
Why Organizations Are Adopting Cloud Services?
The prime reason to cull the adoption of cloud services is to lie in the race amid the competitors
of the same domain.

7
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

According to Cloud Sherpa’s Enterprise Cloud Report, quotes revealed that Cloud as a
technology is a prominent part of the IT strategy for 82% of associations and organizations,
worldwide.
Today, the organizations are adopting every means meant to propagate the cores of business. The
reliable and scalable factors of the cloud are one of the major reason to access the services from
cloud hosting providers in the favour of an organization.
The data integrity and data security are another set of drooling services, responsible for attracting
the business owner in order to escalate the business.
Cloud computing as a term is powered with the offering of inevitable productivity due to Pandora
of cloud storage and its related services. The organizations are pacing with progressing moves, to
follow the trial of technology and extract maximum output with minimal risk and cost inputs.
Key Drivers– Organizations Adopting Cloud Services:
Understanding the ground for business is the vital need to step up the pace with technology. When
the organizations decide to cull the adoption of cloud, rather than swinging on ruthless options,
sinking the money and efforts of an individual.
Let’s discuss 5 key drivers, driving the need to escalate the business with the implementation
of cloud services:
1.Business Hike:
Analyzing your moves gives fabricated results. Thus, if you view a certain range of hike in your
business, it might be one of the cloud drivers. The growth in business is one of the major
obligations, that any organization could ever rate.
Therefore, based on the steps of the plan for driving the cloud services, it is prominent to boil out
the business strategy by the consideration of cloud adoption.
2.Balanced Cost Structure:
This is one of the most recognized factors, acting as a driver for cloud adoption. The number of
organizations has witnessed that employing the cloud bolsters in cutting the cost, resulting in
turning down of license for legacy systems.
Depending on the cloud for acquiring cloud storage services, reduction in office space and
attaining the quality, domes as the driver for cloud adoption.
3.Improvised Productivity:
When the organizations are adopting the means of fabricated technology, it is believed to view
tremendous change in the range of productivity.
Productivity is the factor, often considered as a driver of cloud adoption. If the cloud is structured
at a significant rate, it could produce imitable results, in favour of an organization.
4.Efficiency:
Improved Efficiency, with minimal errors, is one of the key drivers, propagating the reasons for
adoption of the cloud.
When the organization adopts any newer means of technology, it always has an underlying motive
to access the medium for fulfilling the business requirement, with a hike in business and optimized
cloud solutions.
5.Scalability:
The scalable service of the cloud is one the biggest key driver, acting in the favour of organizations.
The cloud-enabled services are swaddled in such a manner that one can scale the range of services
as per its requirement.

8
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

One can add on more number of services with customized features if the organization feels ready
to step up. Also, the organization can step down in terms of services, if it finds it as the far-reaching
target.
In Conclusion:
The obligation to attain visible success, with optimized results can only be attained if the
organization aims to meet with the pace of technology.
The cloud services can be adopted, based on the scalable requirement from trusted cloud hosting
providers. The cloud adoption surely opens up the belvedere

RISK MANAGEMENT

Cloud Risk Management (CRM) is the practice of managing, prioritizing, and acting on risks
within the large scale of modern multi-cloud environments. Context is a critical driver of that
prioritization; namely, understanding the potential impact of a particular risk and its
likelihood of exploitation.

CRM can be an ephemeral concept – much like cloud operations themselves – to understand.
At its core though, you should be able to leverage a single CRM solution to secure hi ghly
ephemeral, cloud-native apps, as well as your entire on-prem footprint. It’s not an easy thing
to find, but the need is there for today’s risk-laden operations and environments.

Cloud Risk vs. On-Prem Risk

With more than half of respondents to a recent survey believing risks are higher with cloud
operations vs on-prem, it’s easy to see why there is such a booming need for CRM. In fact,
five key risk areas that came to light: runtime, identity management, potential for
misconfigurations, unaddressed vulnerabilities, and audits.

Each of those areas feature personnel and systems that must work hand-in-hand with one
another – often at a fast pace – to remain productive. A single miscommunication or
misconfiguration could create risk exposure analysts or developers aren’t even aware of until
it’s too late. Yes, managing risk in the cloud is very complex, but there are frameworks in
place Security Operations Center (SOC) teams can leverage to research, remediate, and
reduce risk.

How Do You Assess Risk in the Cloud?

You assess risk in the cloud by first determining who is responsible for cloud security and
risk management: you or your cloud service provider (CSP)? The shared responsibility
model (SRM) stipulates that CSPs are typically responsible for managing risks to the
underlying cloud infrastructure on which your business’ operations are running.

9
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

Internal security teams are typically responsible for security of those operations in the cloud,
meaning they are responsible for making sure their own data – and their customers’ data – is
properly secured. Once a team determines where their responsibilities lie and what exactly
they’ll need to take a hard look at, it’s important to take into account that the assessment will
need to take place in real-time.

4 Steps of Cloud Risk Assessments


1. Identify assets: Which cloud assets would have the most significant impact on your
organization if their confidentiality, integrity or availability were compromised?
2. Identify threats: What are some of the potential causes of assets or information becoming
compromised? Threat modeling is an important activity that helps add context by tying
risks to known threats and vulnerabilities and the different ways threats can exploit risks
and disrupt an entire company’s operations.
3. Prioritize risks: Reporting is typically built and disseminated during the first two steps, so
that context can be taken into account during this phase. Key criteria one must keep in mind
when adding context is knowledge of the existing threat landscape and consideration of
how threats may evolve.
4. Act: Now would be the time to implement remediation controls: applying a patch for a
vulnerability, instituting a firewall rule, ensuring identity and access management
(IAM) protocols are in place and updated.

Best Practices to Manage Risks in the Cloud

Choose a reputable Cloud Service Provider

It's important to choose a CSP that not only holds up its end of the SRM, but also one that is
backed by several years of experience, solid regulatory and compliance standards, consistent
performance over time, and how closely their services/architectures match your needs. A
security team must also ensure their scanning tools can fit into the workflow you define within
that CSPs platform.

Things happen fast in the cloud, and risks are typically exploited within two minutes of first
exposure, meaning you should be able to access real-time visibility into your environment at
any given time instead of waiting for a scheduled scan.

Conduct a thorough risk assessment

Regularly conduct risk assessments via the steps outlined in the previous section. The data
gleaned from the first two steps in the process, however, still faces the reality that the scale,
speed, and complexity of cloud environments creates a situation where the amount of risk
signals/alerts is so vast you simply can't address everything at once.

10
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

As such, it’s imperative to prioritize the risk signals that present the most risk to the business
and have the highest likelihood of exploitation. This needs to be done in real-time and with
complete context, as a risk signal alone won’t provide the thorough detail needed to act.

Monitor for anomalies

Extend coverage into runtime and monitor for anomalous activity based on an established
baseline of what "normal" looks like. Detecting anomalous behavior – and thus potential
threats – into runtime helps to correlate behaviors across multiple logged activities. It’s best
to target a solution that can consolidate runtime threat detections and provide context by
associating the findings with the affected cloud resource.

Findings and context are nothing, however, if no one is alerted to the fact there is something
anomalous happening. Teams should calibrate notifications and alerts to go to specific
personnel who can most quickly remediate the issue.

Encrypt data in transit and at rest

Data is sensitive at any state, so it’s important to implement risk - management tools as early
in the development process as possible. This can help to avoid friction between teams, but
also to continuously protect data during key build and runtime processes. Data should always
be encrypted at rest by default.

In this way of protecting data at all times, it’s probably a good idea to also establish a least
privilege access (LPA) protocol. This helps to set the minimum amount of access a person or
machine will need to do the job, while also protecting data throughout its lifecycle.

Business Continuity in Cloud Risk Management

In the event of a significant cloud-security incident, it won’t be business as usual. However,


business can and should certainly continue to whatever extent possible. Therefore, it’s critical
to have a business-continuity plan in place in the event of just such an incident. Some key
components of such a plan can include:

 Disaster recovery: This is the time for a SOC to restore normal business operating
procedures. If data is not available when stakeholders and analysts need it, there needs to
be a plan in place to restore it as quickly as possible. Documentation is key to disaster
planning so teams can understand what will and will not be part of your backup system. It
is very expensive to maintain a full-systems replica, so a disaster-recovery plan might
account for only a partial recovery.
 Backup and restore procedures: Having an automated, offline backup can help to
smoothly recover from a destructive virus or ransomware attack. The key here is to have
scheduled backups that are usable for restore operations. Outdated backups are less
valuable than recent ones – though better than nothing – and backups that don’t restore

11
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

properly are of no value. No one wants to engage in stressful, frantic scrambling and costly
downtime/data-loss.
 Incident response planning: An incident response plan should include buy-in from key
stakeholders; clearly defined roles, responsibilities, and processes; and technologies and
partnerships to enable quick action. When an anomaly is detected or a breach occurs, it’s
certainly worth it to know the steps that need to be taken and who needs to take them.

Perhaps the most important aspect of business continuity is reporting and communication
of risk to all stakeholders in the organization, both up the chain to leadership and
horizontally to other teams.

IT CAPACITY AND UTILIZATION


IT capacity and utilization play a pivotal role in effective cloud service strategy. The cloud has become
the backbone of successful modern-day businesses. It powers everything from data storage to
application, but (as with any resource) the cloud is finite. For tech startups, the ability to predict
and manage cloud resources isn’t just a cost-savings measure—it’s a competitive advantage.
This is where cloud capacity planning comes into play.
Cloud capacity planning is the art and science of budgeting for the right amount of cloud resources
for your startup. No more, no less. It’s about balancing performance and cost, keeping your
applications running smoothly without breaking the bank.
Let’s explore some strategies and best practices to optimize your cloud resources:
1. Demand Forecasting:
o Analyze historical data and current trends to anticipate future cloud resource needs.
o Understand your workload patterns, user bases, and data volumes.
o Accurate forecasting helps prevent over-provisioning or under-provisioning.
2. Performance Analysis:
o Regularly monitor resource performance using tools like DigitalOcean
Monitoring or similar solutions.
o Track metrics such as CPU utilization, memory usage, and network traffic.
o Adjust capacity based on real-time performance data.
3. Regular Review and Adjustment:
o Cloud environments are dynamic; adaptability is crucial.
o Regularly review and adjust your capacity plans to align with changing demands.
o Embrace automation and auto-scaling to handle fluctuations efficiently.
4. Invest in Monitoring and Analytics Tools:
o Utilize monitoring tools to gain insights into resource utilization.
o Identify bottlenecks, optimize performance, and allocate resources effectively.
5. Collaborate Across Departments:
o Involve stakeholders from IT, finance, and business units.
o Align capacity planning with organizational goals and budget constraints.
6. Test Different Scenarios:

12
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

o Simulate various scenarios (e.g., traffic spikes, seasonal demand) to assess resource
requirements.
o Conduct load testing to validate capacity assumptions.
7. Plan for Data Transfer Costs:
o Consider data transfer costs between cloud services and regions.
o Optimize data movement to minimize expenses.
8. Future-Proofing:
o Anticipate technological shifts and plan for long-term agility.
o Ensure your capacity strategy aligns with scalability and competitiveness.
Below, we’ll walk you through tried-and-true strategies that demystify cloud capacity planning
and empower you to unlock the full potential of your cloud resources.
1. Regularly review and adjust plans
Cloud environments are dynamic, and your capacity plans need to be, too. Regularly reviewing
your current usage against your forecasts will help you identify trends and make necessary
adjustments.
Set up monthly or quarterly review sessions to assess and recalibrate your capacity plans based on
actual usage data.
2. Embrace automation and auto-scaling
Modern cloud platforms offer auto-scaling features that automatically adjust resources based on
demand. This prevents your performance from dropping when there’s a spike in traffic or user
demands.
For example, Digital Ocean’s autoscaling dynamically adjusts your computing resources based on
the current workload. This helps you meet demands without overpaying for what you don’t need.
3. Invest in monitoring and analytics tools
Without data and analysis, you’re just guessing at your startup’s cloud demands. Real-time
monitoring provides insights into resource utilization, helping in proactive adjustments—AKA
making changes before something goes wrong.
4. Train and upskill your team
A well-informed team can make better capacity planning decisions and quickly address issues.
Invest in training sessions, workshops, or online courses to keep your team up-to-date with the
latest cloud capacity management techniques.
5. Test different scenarios
Simulating different usage scenarios can help you understand how your cloud infrastructure
responds to various loads. Periodically run stress tests or load testing to simulate high-demand
scenarios and see how your cloud resources cope.
6. Study workload patterns
Different applications and services have varying usage patterns. Some might experience steady
traffic, while others have peak periods. Understanding these patterns helps in making informed
capacity management decisions.
13
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

For example, if performance drops on the weekends or holidays, you know you might be
experiencing increased traffic to your websites or applications.
Analyze historical data to identify patterns. Use this information to allocate resources to handle
peak loads without overcommitting during off-peak times.
7. Plan for data transfer costs
While most focus is on cloud computing and storage costs, data transfer costs can also be
significant. If you’re moving large volumes of data in and out of the cloud, this is a metric you’ll
want to keep an eye on.
Monitor data transfer volumes and costs. Consider strategies like data compression or caching to
reduce transfer costs.
8. Collaborate across departments
Capacity planning shouldn’t be an isolated IT function. Collaborate with other departments, such
as sales and marketing, to understand upcoming campaigns or product launches that might impact
cloud resource needs.
Hold cross-departmental meetings to discuss upcoming initiatives and their potential impact on
cloud resources.
9. Document your plan
Having a well-documented capacity plan makes it easier to onboard new team members and serves
as a reference for future planning. Maintain a centralized documentation repository, detailing your
capacity management, decisions made, and lessons learned for future reference.
Conclusion:
Cloud capacity planning isn’t just a technical exercise—it’s a strategic move that sets your
startup’s growth trajectory. While the cloud offers limitless possibilities, the meticulous planning
behind the scenes unlocks its power.

DEMAND AND CAPACITY MATCHING


Introduction
When an organization has a clear grasp of its capacity constraints and an understanding of
demand patterns. It is in a good position to develop strategies for matching supply and demand.
There are two general approaches for accomplishing demand and capacity.

 The first is to smooth the demand fluctuations themselves by shifting demand to match the
existing supply.

 The second general strategy is to adjust capacity to match fluctuations in demand.


14
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

Shifting demand and capacity


By shifting demand and capacity an organization seeks to shift customers away from periods in
which demand exceeds capacity. Perhaps by convincing them to use the service during periods of
slow demand. This may be possible for some customers but not for others.
Communicate with customers
Another approach for shifting demand and capacity is to communicate with the customers. It helps
them know the times of peak demand so that they can choose to use the service at alternative times
and avoid crowding or delays.
Example
Signs in banks and post offices letting customers know their busiest hours and busiest days of the
week can serve as a warning. This allows customers to shift their demand to another time if
possible.
Forewarning customers about busy times and possible waits can have added benefits. Many
customer service phone lines provide a similar warning by informing waiting customers of
approximately how long it will be until they are served. Those who don’t want to wait may choose
to call back later when the lines are less busy. Research in a bank context found that customers
who were forewarned about the bank’s busiest hours were more satisfied. Even when they had to
wait than were customers who were not forewarned.
In addition to signage communicating peak demand times to customers, advertising and other
forms of promotion can emphasize different service benefits during peak and slow periods.
Advertising and sales messages can also remind customers about peak demand times.
1.Why is it important?
Matching cloud demand and capacity is important for several reasons. First, it can improve your
performance and user experience, by avoiding issues such as latency, downtime, or errors. Second,
it can reduce your costs, by optimizing your resource utilization and avoiding overprovisioning or
under provisioning. Third, it can enhance your sustainability, by minimizing your environmental
impact and carbon footprint.
2.What are the challenges?
Matching cloud demand and capacity is not always an easy task, due to the various factors and
variables involved. To successfully do so, you must first estimate how much traffic, data, and
processing power you will need at different times and scenarios, which can be affected by
seasonality, trends, events, or user behavior. Then you need to decide how much resources to
allocate to your cloud services such as compute, storage, network, or memory, taking into account
availability, performance, reliability, or security. Finally, you need to monitor your usage by
tracking how much resources you are using and comparing them to your demand and capacity with
the help of metrics, alerts, dashboards, or reports.
3.What are the strategies?
To match your cloud demand and capacity, you can use different strategies, such as scaling,
resizing, and scheduling. With scaling, you can adjust your capacity up or down manually,
15
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

automatically, or dynamically. Manual scaling involves changing your capacity yourself based on
your judgment or plans. Automatic scaling involves setting rules or thresholds that trigger your
capacity changes based on metrics or events. Dynamic scaling uses AI or machine learning to
predict your demand and optimize your capacity using data or patterns. Resizing allows you to
change the size or type of resources vertically or horizontally. Vertical resizing involves increasing
or decreasing the power of resources like CPU, RAM, disk. Horizontal resizing involves adding
or removing the number of resources such as instances, nodes, containers. Scheduling can help
you reduce costs and improve efficiency by turning off or on resources when needed. You can
schedule capacity changes daily, weekly, monthly, or custom.
4.What are the tools?
To implement your strategies, you can use different tools depending on your cloud provider or
platform. For example, Amazon Web Services offers Auto Scaling, EC2 Instance Types,
CloudWatch, and Trusted Advisor. Microsoft Azure offers Azure Autoscale, Virtual Machine
Sizes, Azure Monitor, and Azure Advisor. Similarly, Google Cloud offers Cloud Run, Compute
Engine Machine Types, Cloud Monitoring, and Cloud Recommendations AI. These tools can help
you match your cloud demand and capacity.
5.How do you measure your success?
Measuring your success in matching your cloud demand and capacity can be done by using various
metrics, depending on your goals. Cost can be measured through billing reports, cost management,
or cost optimization. Performance can be measured with latency, throughput, availability, or error
rate. Sustainability can be monitored with carbon emissions, energy efficiency, or renewable
energy. All of these tools can help you ensure that your cloud resources are delivering the desired
outcomes and having a minimal environmental impact.

DEMAND QUEUEING
Demand queuing is a fundamental strategy in cloud service management that optimizes resource
allocation and responsiveness to varying demand levels. By organizing tasks, assigning priorities,
and dynamically allocating resources, cloud services can deliver consistent performance, meet user
expectations, and ensure efficient use of resources1.
In the context of cloud computing, queuing models play a crucial role in understanding and
managing service performance. Let’s delve into this topic further:
Cloud Service Performance Analysis with Queuing Models:
Cloud computing is a novel paradigm for providing services on demand. Ensuring quality of
service (QoS) is essential for the commercial success of cloud computing centers.
A cloud service differs from traditional hosting in several ways:
 It is provided on demand.

16
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

 Virtualization-based cloud centers allow multiple virtual machines (VMs) to run on the
same physical server.
 VM live migration is widely used to improve system reliability.
 Researchers have evaluated cloud computing services using micro-benchmarks and
application kernels. High-performance computing (HPC) and many-tasks scientific
computing are commonly used for performance analysis.
 Stochastic analytical models and network models have been employed to evaluate cloud
centers, considering metrics like utilization, responsiveness, and waiting time.
Queuing Models for Cloud Services:
One approach to analyzing cloud service performance is through queuing models.
 A queuing model considers the impact of resources sharing among VMs. It relaxes service
requests, dividing them into subtasks served by individual VMs.
 Key performance indicators include average response time and blocking probability.
 By modeling the queuing behavior, cloud providers can optimize resource allocation and
enhance user experience.
Service Reliability and Performance Evaluation:
 Researchers have evaluated both service reliability and performance for cloud centers using
queuing models.
 These models consider factors such as inter-arrival time distribution, service times, finite
capacity, and batch arrival.
 The goal is to predict the corresponding quality of service experienced by cloud users.
In summary, demand queuing strategies in cloud service management enable efficient resource
utilization and responsiveness, ultimately contributing to a better user experience in the dynamic
world of cloud computing

CHANGE MANAGEMENT
Organizations are linking digital transformation strategies to goals around the adoption of a cloud-
first approach for cost optimization and risk management. Gartner suggests that by 2024, over
45% of the IT spend will be towards the cloud.

However, with cloud migration such a complex change management exercise, it requires dedicated
cloud change management strategies to ensure minimum incident occurrences.

In this topic, we discuss cloud change management, its impact on the business, and how to solve
the associated cloud transformation challenges.

What is Cloud Change Management?


Cloud change management facilitates changes to IT systems to minimize risks to the production
environment while adhering to change management policies, audits, and risk controls.

17
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

Organizations leverage cloud change management for the following use cases:
 Data migration to the cloud
 Maintaining updated compliance requirements
 Accomplishing IT change goals
How the Cloud Impacts Change Management?
Change management is a continuous process and delivers value to an organization only if dealt
with agility. Cloud change management allows change leaders to anticipate and accommodate the
upcoming change for better preparedness and reduced downtime.

Here are the key benefits of considering cloud change management:

1. Facilitates faster change implementations


Cloud technology allows organizations to adopt an agile approach to change management.
Automation and high velocity characterize cloud change management and route changes through
a centralized repository for prioritization and approval.

For example, after implementing the cloud, an organization doesn’t need to rely on the quarterly
releases and can now continually roll out new updates.

2. Reduces time lag due to lengthy approval process


Since changes in the cloud are self-managed, they require fewer approvals, thereby decreasing
time lag. The approach shifts from change control to change enablement, thereby reducing the
complexities associated with planning and execution.

3. Allows IT & business to work in sync


A cloud management plan enables organizations to leverage infrastructure as code to plan business
and IT activities effectively with mutually aligned goals.

4. Change in leadership style


Cloud change management requires a more autonomous style of leadership by encouraging peer
reviews, unlike the lengthy approval process followed by the Change Advisory Board (CAB) for
traditional change management.

5. Risk Assessment
An IBM report suggests that change is the biggest reason for service outages. With an increasing
number of enterprises shifting to cloud deployments, the rate and volume of changes have
increased significantly.

Manual risk assessment for such a vast volume of changes isn’t an accurate way to go. Change
management in the cloud automates this risk assessment process for higher convenience and
accuracy.

ITIL vs. Cloud Change Management


ITIL change management (ITIL stands for Information Technology Infrastructure Library, and
ITIL change management offers a set of best practices for delivering incident-free IT services
18
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

during change projects.) offers a set of best practices for delivering incident-free IT services during
change projects. It helps enterprises manage risk management, establish cost-effective practices,
strengthen customer relations, and create a stable IT environment that allows growth, scalability,
and effective change management.

The prime objective of change agents is to align the IT goals with the organizational goals.
However, cloud change management takes a holistic approach to change, and here are the key
focus areas:

 Business: IT strategy isn’t separate from the business strategy but is seen as an integral
part of the business and is closely linked to all the digital transformation initiatives within
the company.
 People: Change leaders encourage their team members to adopt cloud skills.
 Type of Deployment: Cloud change management process depends on the type of
deployment. For a private environment, the process is simple; however, the customers’
impacts are large for a shared environment, making it complicated.
 Platform: According to your business goals, you strategically build your principles,
policies, and tools—driving your change implementation and how your company uses
cloud technologies.
 Security: IT governance is critical to highlight non-compliance areas and develop controls
for increased security.

Challenges Faced During Cloud Change Management


Like all change initiative, cloud change management faces challenges. Here are a few commonly
encountered challenges of cloud change management:

1. Complex Processes
Change management in the cloud is a complex process. To enable your team members to
understand the architectural differences better, change practitioners must use visual aids.

19
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

2. Compliance Changes
To keep pace with the regulatory requirements and avoid penalties, IT teams must be up to date
with the compliance changes. Every industry has a different set of compliances.

For example, the healthcare industry is governed by HIPAA, which makes stringent guidelines
and security protocols mandatory for certain kinds of patient health data.

3. Multi-Functional Teams Required


Every change initiative requires cross-functional expertise. To improve flexibility and speed up
the process, you can establish pre-approval for specific tasks and scenarios such as DNS updates.
Change leaders can also consider using the RACI matrix for clarity in roles and responsibilities.

20
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

4. Cloud Resource Management


Several companies shift to the cloud to increase their data storage capacity. However, if your
employees use it for storing their personal information, there will be a misuse of cloud resources.
Consider establishing clear processes & policies for managing cloud usage with transparency.

The Process Flow of Cloud Change Management


Given the complex nature of cloud deployment, here is the process flow of cloud change
management to ease your transition:

1. Configuration in Cloud
Change leaders must decide on the configuration requirements and a cloud service provider.
Additionally, there must be leadership buy-in for cloud-based tools to undertake configuration
changes and track the management approval process.

2. Initiate Change Management Process


Create a robust change management plan with clear implementation timelines. Use a sandbox
environment for pilot testing and then scale the initiative after making required changes.

3. Automate the Deployment


An optimized cloud configuration will automate the deployment process, ensuring repeatability
and consistency across multiple environments and enabling automation of testing procedures.
Automation does not guarantee a successful change implementation; it reduces risk and brings
standardization.

For example, if an automated security test is pre-approved for deployment purposes, there is no
security review requirement during the change approval process.

21
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

4. Use Change Management Tools to Drive Change


With every change initiative, employee upskilling and reskilling becomes a challenging task.
Implementing digital adoption platforms(DAP) alongside your cloud implementation will take you
a step closer to effortless change roll-outs.

DAP such as Whatfix acts as an overlay over your application to provide contextual, in-app
guidance and allows your employees to learn in the flow of work.

5. Review & Record the Process


Since cloud change management is a continuous process, organizations need to schedule regular
feedback mechanisms, make required iterations and document the process for future reference.

Conclusion:

With more organizations shifting towards the cloud, organizations must focus on the right
implementation partners to support their IT strategic planning and cloud change management. You
can make your cloud change management more bulletproof by leveraging a digital adoption
platform such as Whatfix.

CLOUD SERVICE ARCHITECTURE.


What is cloud architecture?
Cloud architecture is a key element of building in the cloud. It refers to the layout and connects all
the necessary components and technologies required for cloud computing.

Migrating to the cloud can offer many business benefits compared to on-premises environments,
from improved agility and scalability to cost efficiency. While many organizations may start with
a “lift-and-shift” approach, where on-premises applications are moved over with minimal
modifications, ultimately it will be necessary to construct and deploy applications according to the
needs and requirements of cloud environments.

Cloud architecture dictates how components are integrated so that you can pool, share, and scale
resources over a network. Think of it as a building blueprint for running and deploying applications
in cloud environments.
Cloud Architecture Components

Cloud architecture components include:

 A frontend platform
 A backend platform
 A cloud-based delivery model
 A network (internet, intranet, or intercloud)

In cloud computing, frontend platforms contain the client infrastructure—user interfaces, client-
side applications, and the client device or network that enables users to interact with and access
22
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

cloud computing services. For example, you can open the web browser on your mobile phone and
edit a Google Doc. All three of these things describe frontend cloud architecture components.

On the other hand, the back end refers to the cloud architecture components that make up the cloud
itself, including computing resources, storage, security mechanisms, management, and more.

Below is a list of the main backend components:

Application: The backend software or application the client is accessing from the front end to
coordinate or fulfill client requests and requirements.

Service: The service is the heart of cloud architecture, taking care of all the tasks being run on a
cloud computing system. It manages which resources you can access, including storage,
application development environments, and web applications.

Runtime cloud: Runtime cloud provides the environment where services are run, acting as an
operating system that handles the execution of service tasks and management. Runtimes use
virtualization technology to create hypervisors that represent all your services, including apps,
servers, storage, and networking.

Storage: The storage component in the back end is where data to operate applications is stored.
While cloud storage options vary by provider, most cloud service providers offer flexible scalable
storage services that are designed to store and manage vast amounts of data in the cloud. Storage
may include hard drives, solid-state drives, or persistent disks in server bays.

Infrastructure: Infrastructure is probably the most commonly known component of cloud


architecture. In fact, you might have thought that cloud infrastructure is cloud architecture.
However, cloud infrastructure comprises all the major hardware components that power cloud
services, including the CPU, graphics processing unit (GPU), network devices, and other hardware
components needed for systems to run smoothly. Infrastructure also refers to all the software
needed to run and manage everything.

Cloud architecture, on the other hand, is the plan that dictates how cloud resources and
infrastructure are organized.

Management: Cloud service models require that resources be managed in real time according to
user requirements. It is essential to use management software, also known as middleware, to
coordinate communication between the backend and frontend cloud architecture components and
allocate resources for specific tasks. Beyond middleware, management software will also include
capabilities for usage monitoring, data integration, application deployment, and disaster recovery.

Security: As more organizations continue to adopt cloud computing, implementing cloud security
features and tools is critical to securing data, applications, and platforms. It’s essential to plan and
design data security and network security to provide visibility, prevent data loss and downtime,
and ensure redundancy. This may include regular backups, debugging, and virtual firewall.

23
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

How does cloud architecture work?

In cloud architecture, each of the components works together to create a cloud computing platform
that provides users with on-demand access to resources and services.

The back end contains all the cloud computing resources, services, data storage, and applications
offered by a cloud service provider. A network is used to connect the frontend and backend cloud
architecture components, enabling data to be sent back and forth between them. When users
interact with the front end (or client-side interface), it sends queries to the back end using
middleware where the service model carries out the specific task or request.

The types of services available to use vary depending on the cloud-based delivery model or service
model you have chosen. There are three main cloud computing service models:
 Infrastructure as a service (IaaS): This model provides on-demand access to cloud
infrastructure, such as servers, storage, and networking. This eliminates the need to procure,
manage, and maintain on-premises infrastructure.
 Platform as a service (PaaS): This model offers a computing platform with all the underlying
infrastructure and software tools needed to develop, run, and manage applications.
 Software as a service (SaaS): This model offers cloud-based applications that are delivered and
maintained by the service provider, eliminating the need for end users to deploy software locally.

24
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

Cloud architecture layers

A simpler way of understanding how cloud architecture works is to think of all these
components as various layers placed on top of each other to create a cloud platform.

Here are the basic cloud architecture layers:


1. Hardware: The servers, storage, network devices, and other hardware that power the cloud.
2. Virtualization: An abstraction layer that creates a virtual representation of physical computing
and storage resources. This allows multiple applications to use the same resources.
3. Application and service: This layer coordinates and supports requests from the frontend user
interface, offering different services based on the cloud service model, from resource allocation to
application development tools to web-based applications.
Types of cloud architecture

Cloud adoption is not one-size-fits-all. You’ll need to consider what type of cloud you want
to build based on your existing technology investments, your specific business requirements,
and the overall goals you hope to achieve.

There are three main types of cloud architecture you can choose from: public, private, and
hybrid.

Public cloud architecture uses cloud computing resources and physical infrastructure that
is owned and operated by a third-party cloud service provider. Public clouds enable you to
scale resources easily without having to invest in your own hardware or software, but use
multi-tenant architectures that serve other customers at the same time.

Private cloud architecture refers to a dedicated cloud that is owned and managed by your
organization. It is privately hosted on-premises in your own data center, providing more
control over resources and more security over data and infrastructure. However, this
architecture is considerably more expensive and requires more IT expertise to maintain.

Hybrid cloud architecture uses both public and private cloud architecture to deliver a
flexible mix of cloud services. A hybrid cloud allows you to migrate workloads between
environments, allowing you to use the services that best suit your business demands and
the workload. Hybrid cloud architectures are often the solution of choice for businesses
that need control over their data but also want to take advantage of public cloud offerings.

25
PANIMALAR INSTITUTE OF TECHNOLOGY
CCS336-CLOUD SERVICE MANAGEMENT UNIT-II

In recent years, multicloud architecture is also emerging as more organizations look to use
cloud services from multiple cloud providers. Multicloud environments are gaining popularity for
their flexibility and ability to better match use cases to specific offerings, regardless of vendor.

continue to become more complex, the skills and expertise of cloud architects are becoming more
vital for helping companies navigate the complexities of cloud environments, implement
successful strategies, and keep cloud systems running smoothly.
Benefits of cloud architecture

There are many benefits of cloud architecture for organizations, including:

26
PANIMALAR INSTITUTE OF TECHNOLOGY

You might also like