Cloud computing as a sourcing option?
Moving complex BI applications to the cloud requires a sophisticated approach
// Business Intelligence, Cloud Computing, IT-Outsourcing
Today, most companies have already had experience with the cloud: applications, IT capacities or individual processes are sourced from a wide range of cloud providers. Agility, innovation, cost reduction, flexibility and scalability are the most common reasons for moving to the cloud. The practical questions are: which provider has the right services? Which parts of the corporate IT are suitable for outsourcing? How does a migration into the cloud actually work? How does it pay off and are the costs the only trigger for moving to the cloud? The question is usually no longer, "are we going into the cloud?" Rather, it is about questions such as "when and how?" or "which services are possible?". Not only beginners in the cloud topic ask themselves the question of the correct procedure.
Using the concrete example of the relocation of an HR analytics application to a cloud environment, some special features of cloud computing in the BI environment are presented here.
Experiences from the IT outsourcing business pave the way to the cloud
Cloud computing has complemented the IT sourcing initiatives in recent years. The services in the cloud offer customers more opportunities. You order very promptly and pay according to the originator. These services were planned in classic outsourcing, but were offered relatively rigidly. As part of the cloud computing measures, small services are now being cut very flexibly and made available very quickly. Flexibility, scalability, cost transparency, multi-cloud strategy and exit strategy represent real added value. However, the necessary expansion or adaptation of the IT strategy and the pressure to change the IT infrastructure and IT planning are no less sustainable under the cloud sign than in traditional sourcing.
Orientation towards a well thought process model creates clarity on the path to the cloud. If this is to become a safe and successful next step in the history of corporate IT, some important aspects need to be considered.
Data Warehouse Architecture in the Cloud: A technical BI Target Architecture
In the cloud strategy phase, a technical target architecture will be developed. Figure 2 of a BI application HR Analytics shows how a classic data warehouse architecture in layered architecture and SAP integration, versioning, and alternative frontend options can be positioned at the interface of enterprise IT and cloud. Essential components of the enterprise BI architecture are mapped in the cloud, but some central components such as the SAP database and core processes remain in the enterprise.
Migration of the development environment - a technical consideration
Complex applications with different layers (development, data, application) are often built on a single system. This seems pragmatic in the pilot and development phase. Before commissioning, however, it is also a question of system security to think about gradual distribution to different systems. The moment of transition to the cloud is such a time. Our example illustrates some of the solution approaches that arise when migrating or deploying the cloud architecture.
- The existing system was sorted by functions and transferred to several systems. The separation enables better protection against interference. Subsystems that contain databases and do not require public IP addresses have been separated.
- The environment is managed separately according to infrastructure responsibility. The Cloud Architects use the AWS Management Console to manage the infrastructure in the cloud and the regulatory framework for network communication. It is important that you do not have access to the contents of the systems.
- The system layer is managed by BI team administrators, who in turn have no access to the cloud presence infrastructure.
Architecture in the Cloud
The conceptual design of the cloud architecture raises various topics, some of which are presented in the case study:
- 2 Tier model - one subnet for each of the systems that contain program logic and processing (public subnet) and another for the systems that hold the data (private subnet).
- For the communication of the systems from the private subnet, a NAT instance is available in the public subnet.
- None of the systems can be accessed directly from the Internet; if necessary, external communication is possible if initiated internally.
- Internet access has been disabled, but can be enabled as an option. Our example HR-Analytics communicates from a private subnet in AWS via the VPN tunnel with the source system SAP HCM or Persis on the OnPremise side.
The connection to the cloud infrastructure is made via a VPN tunnel. This is safer than a pure Internet connection and cheaper than a dedicated line:
- Site to site connection, virtual Astaro on OnPremise side connected to the VPC-VPN service on AWS side (the VPN tunnel is currently one of the best ways to secure traffic between networks).
- Unlike End to End, no additional software is required on the end devices. The tunnel is implemented between the network gateways.
In addition to the classic installation, the SQL Server was also provided as a PaaS service via AWS RDS (Relational Database Service) and thus the administration of patches, backups etc. was transferred to the service.
For authentication against the cloud infrastructure, a multi-factor authentication is recommended to secure administrative access for the AWS infrastructure. This offers a much higher level of security than the user and password alone.
Motivation and objectives
In the cloud strategy phase, there is also the need to perform a cloud readiness check and set guidelines for the cloud. In addition to an assessment of the current situation and a maturity analysis of infrastructure, processes and skills, the question of regulatory framework conditions and data classification is particularly relevant.
HR applications in particular are subject to the critical question of data protection. Human resource data are often legally and politically explosive (digital personnel files, payrolls...), they enjoy a special protection and the question of trust is nowhere more direct. In the past, this has been a discrete motivation for HR departments in many companies to buy HR applications from the cloud instead of entrusting them to IT in their own companies. It remains to be seen whether this is the better way from a data protection point of view. A vehement demand from all sides to critically examine cloud applications or cloud architectures and provide them with the highest level of security is inevitable.
Is there more than Azure and AWS? Provider selection
Similar to classic sourcing projects, the selection of providers is also a crucial step in cloud sourcing. Key points of the IT strategy, company-specific compliance rules, specific technical requirements and, last but not least, the commercial view are included in the selection of the provider. The result is a list of requirements for providers and services.
In our example of the BI application HR-Analytics, great importance was attached to the relevant certifications, which should not only guarantee safety standards.
Other key criteria for the selection of providers are a look at their service portfolio and an identifiable innovation potential. In our example, particular importance was attached to the fact that the following services are available in the range of services (without separate implementation of their own):
- multi-factor authentication
- connection via VPN
- databases as service possible
- auditing of all accesses via console and API
- 24/7 model support with response times of less than 1 hour
monitoring of the systems in the cloud and optionally the connected OnPremise systems from the cloud
The more precise your requirements for a future in the cloud are, the more professional the provider selection can be. Here again experience from classic IT sourcing can help.
In the cloud, much of the cost is calculated based on usage
- Calculation capacity in the form of virtual systems, usually hourly based on usage
- Storage capacity for data storage and archiving per GB per month
- Transfer of data from the cloud (depending on the provider, possibly also into the cloud) per GB
- Number of operations performed (for serverless computing models such as Lambda)
- For some more complex services (NAT Gateway and VPN Gateway as an example) the calculation is carried out on a monthly basis as a flat rate.
In general it can be said that in contrast to classical hosting, most services are calculated exactly according to usage (pay as you go, pay per use).
In addition, cost transparency is significantly improved, usage and billing data are visible at all times and provide information about expected costs for current usage.
This data is useful for budget warnings that provide information before the costs are actually incurred.
If you want to purchase the cloud services from one or a few providers (multi-cloud), it is therefore crucial whether the price and service portfolio really match. Very low prices for computing capacity and memory do not always coincide with the desired services.
Depending on the services required, it is therefore necessary to weigh up how much the price of computing power and storage affects the total cost. Experienced cloud and sourcing experts have a look at many vendors and checklists, references and selection proposals for all requirements.
In our example, the mostly free additional services were decisive for the choice of provider.
The advantages of moving a BI architecture such as HR analytics to the cloud are quickly identified: Cost reduction, relative freedom from maintenance, short-term scalability, reliability. The pressure to act and deliver from the specialist departments suggests once again that the cloud is evading. At the technical level, the issues of network separation, communication channels and other technical aspects need to be clarified. Cloud computing provides positive answers to these questions.
Other aspects, on the other hand, make the quick exit more difficult: whether it's compliance, risk, economy or security, all these aspects raise the bar and turn the "fast" cloud solution into a demanding project. Working methods and requirements for IT operations are also changing due to the transfer of IT services into the cloud. The organizational structure of a company or its IT department may change thoroughly. For example, operational and planning processes have to be reorganized and new tasks and roles in the organization have to be created.
Sophisticated migration planning and implementation allows for a successful transition of IT services into the cloud. Proven process models from the sourcing environment can be used as a critical reference for one's own approach, while cloud process models and best practices are first-choice orientation points.
Similar to outsourcing projects, more extensive movements into the cloud are not routine for most companies. The critical support of experienced specialists guarantees professionalism and success and is the best way to achieve this, not least from a commercial point of view.
The topic of cloud computing is highly topical and dynamic. Introductory or overview presentations printed today will be outdated again tomorrow. It is therefore advisable to show a little pioneering spirit and to get an overview of the status quo in current blogs and platforms. Exemplary here:
To determine the prices for standard cloud services, the 3 major IaaS providers, AWS, Azure and Google provide very specific information:
Prices Microsoft Azure
Price calculator Microsoft Azure
Pices Amazon Web Services AWS
Price calculator Amazon Web Services AWS
Prices Google Cloud
This article was first published in December 2017 in the magazine "BI-Spektrum".
BI-Spektrum is a publication of the TDWI e. V., see "www.bi-spektrum.de"