Escolar Documentos
Profissional Documentos
Cultura Documentos
C o n s u l t i n g
October 2010
Consulting
Agenda
Background
Background Problem Statement Trends Analysis IT at Terra Firma Challenges/Opportunities
Analysis
Recommendations
High-Level Roadmap Weighted Score Model Systems Architecture Benefits
Assumptions Implementation Methodology Services Delivery Model Resources Financial Analysis Project Timeline Risk/Mitigation Plan
Slide
Implementation
Conclusion
|2
Consulting
medical images
More than NZ$ 2.5 billion of annual revenue in 2009 Network crash in April 2010
Slide
|3
Consulting
Problem Statement
How can we use technology to enable Terra Firmas business processes, and position it to effectively identify and exploit emerging opportunities while ensuring business continuity
Slide
|4
Consulting
TREND ANALYSIS
Slide
|5
Consulting
External factors
GE, Siemens are subject to medical regulations in the future Regulation backlash may result in lower margins
Terra Firma
Slide
|6
Consulting
Emerging opportunities
Terra introduced a line of filmless dental and veterinary X-ray systems Growth opportunity for Terra Firma
Filmless Dental
Independent Distributors
Revenue
40000000 35000000 30000000 25000000 20000000 15000000 10000000 50000000 0 2007 2008 2009
Revenue
Rapid Growth
Slide
|7
Consulting
Current Breakdown
Optimal Breakdown
80% IT budget into maintenance 20% IT budget into innovation More investment into IT innovation
Slide
|8
Consulting
IT issues
Network Failure Lack of effective technology management policies
IT Infrastructure
10%
Additional problems
90%
Standardized Disparate
Slide
|9
Consulting
Opportunity/Approach
Approach Challenges/Opportunities
Medical regulations may lead to lower margins Underinvestment into IT
Aggressively use technology for vertical integration More investment into innovation Consolidate and standardize IT infrastructure Enforce IT governance policies
Disparate systems
Slide | 10
Consulting
RECOMMENDATIONS
Slide | 11
Consulting
Consolidate
Virtualize
Automate
Optimize
Slide | 12
Consulting
Solution Framework
Internal SOA External Web Services
Self contained applications
Applications
Supports communications between services Defines how programs interact to perform a unit of work
Public Cloud
Standard cloud computing model Service provider makes resources available
Slide | 13
Consulting
C r i t e r i a
Governance
Criticality
M i g r a t i o n
Elasticity
Technology
Slide | 14
Consulting
Migration Framework
Internal External
Manufacturing Apps BI Apps Email/ Calendar Apps
SOA Applications
ERP Apps
SCM Apps
Web Services
CRM Apps
Collaboration Apps
Videoconferencing Apps
Public Cloud
BI
HCM
Manufacturing CRM
Email/ Calendar
Slide | 15
Consulting
Systems Architecture
Vendor Business Analyst Manager
Software Engineering
Hardware Engineering
Portals and Rich Internet Applications Centralized Policy and Services Management Services Registry and Repository Enterprise Service Bus Service Runtime Engine
Hybrid
Service
Services
Virtualization
Services Services
Layer
Microsoft Content
Services
Beowulf
Streaming
CRM
JDE
Private
Public
Slide | 16
Consulting
System Characteristics/Benefits
Benefits
Aligns technology with key business process Improved cost management Rapid response to business changes Reduced errors and outages
Characteristics
Service-centric environment
Transparency
Slide | 17
Consulting
IMPLEMENTATION
Slide | 18
Consulting
Assumptions
10% of applications at Terra Firma are standards compliant and can be easily exposed as services IT Steering Committee will henceforth enforce strict adherence to ITIL guidelines for application development
Slide | 19
Consulting
Implementation
Analyze applications and align with key Terra Firma processes Determine technology needs from a service perspective
Consolidation
Virtualization
Move relevant applications to Public Cloud Public Cloud Migration Move relevant applications to Private Cloud
Slide | 20
Consulting
Slide | 21
Consulting
Resources
Slide | 22
Consulting
Project Timeline
6 Years
Consolidation
1.5 Years
Virtualization
4 Years
Public Cloud
6 Months
3 years
Long Term
Time
Slide | 23
Consulting
Change Management
Stakeholder Analysis Anticipate and manage key stakeholder responses
Involvement
Structure
Communication
Training
Consulting
Financial Analysis
8,000,000.00 7,000,000.00 6,000,000.00 5,000,000.00 4,000,000.00 3,000,000.00 2,000,000.00 Savings Net Cumulative Investment
1,000,000.00
Year 0 Year 1 Year 2 Year 3 Year 4 Year 5 Year 6 Year 7 Year 8
Payback Period
Slide | 25
Consulting
Risks/Mitigation
Risks Mitigation
Implement security policies and evaluate SLAs Adopt a phased implementation approach Perform detailed assessments Implement compliance standards
Slide | 26
Consulting
Server Uptime/ Availability Data Backup Network Performance: Internal and External Cloud Balancing & Cloud Bursting Cloud Storage Server Reboot Support Response Time Physical Security 24 x 365 Engineering Support
Slide | 27
Consulting
Conclusion
Terra Firma IT Roadmap
Consolidate
Virtualize
Optimized
Automate
Slide | 28
Consulting
Thank you!
C o n s u l t i n g
Consulting
APPENDIX
Slide | 30
Consulting
Appendix (A)
Slide | 31
Consulting
Appendix (B)
Slide | 32
Consulting
Appendix (C)
Slide | 33
Consulting
Appendix (D)
PAYBACK ANALYSIS
Slide | 34
Consulting
Appendix (E)
Slide | 35
Consulting
Appendix (F)
Mitigation
Security Audits Open Source Vendors Larger/Certified Vendors
Risk Assessment
Physical Security Vendor Lock-In Vendor Viability
Vendor Risks
Data Risks
Data Loss Data Security Data Location
Mitigation
Backup and Recovery Plan VPNS, SSL, IDS Compliant with Global/Local Regulations
Software/Application Risks
Licensing Integration
Mitigation
Clear Billing/Licensing model Better Integration Testing
Infrastructure Risks
Natural Disasters Resource Overload
Mitigation
Mirrored Data Center Cloud Bursting/Balancing
Slide
Consulting
Appendix (G)
Slide | 37
Consulting
Appendix (H)
Slide | 38
Consulting
Appendix(J)
Change Management
Slide | 39
Consulting
Appendix (K)
Slide | 40
Consulting
Appendix (L)
Access control and physical security 24-hour manned security, including foot patrols and perimeter inspections Biometric scanning for access Dedicated concrete-walled Data Center rooms Computing equipment in access-controlled steel cages Video surveillance throughout facility and perimeter Building engineered for local seismic, storm, and flood risks Tracking of asset removal Environmental controls Humidity and temperature control Redundant (N+1) cooling system Power Underground utility power feed Redundant (N+1) CPS/UPS systems Redundant power distribution units (PDUs) Redundant (N+1) diesel generators with on-site diesel fuel storage Network Concrete vaults for fiber entry Redundant internal networks Network neutral; connects to all major carriers and located near major Internet hubs High bandwidth capacity Fire detection and suppression VESDA (very early smoke detection apparatus) Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression
Slide | 41
Consulting
Appendix (M)
Secure transmission and sessions Connection is via SSL 3.0/TLS 1.0, using global step-up certificates from VeriSign, ensuring that our users have a secure connection from their browsers to our service Individual user sessions are identified and re-verified with each transaction, using a unique token created at login Network protection Perimeter firewalls and edge routers block unused protocols Internal firewalls segregate traffic between the application and database tiers and Intrusion detection sensors A third-party service provider continuously scans the network externally and alerts changes in baseline configuration
Disaster Recovery Real-time replication to disk at each data center, and near real-time data replication between the production data center and the disaster recovery center and data are transmitted across encrypted links.
Backups All data are backed up to tape at each data center, on a rotating schedule of incremental and full backups
Internal and Third-party testing and assessments Tests all code for security vulnerabilities before release, and regularly scans our network and systems for vulnerabilities. Third-party assessments are also conducted regularly: Application/ Network vulnerability threat assessments
Security Monitoring Our Information Security department monitors notification from various sources and alerts from internal systems to identify and manage threats.
Slide | 42