Σ Consulting
“Taking Terra Firma to the Cloud” IT Recommendations for
Terra Firma Medical Systems
Σ C o n s u l t i n g
Efesa Origbo
| Haripras Hariprasad ad Tilakan Tilakan | Sharon Dsouza
Σ Consulting
Background
Trends Analysis IT at Terra Firma Challenges/Opportunities
Recommendations
Background Problem Statement
Analysis
Agenda
High-Level Roadmap Weighted Score Model Systems Architecture Benefits
Implementation
Assumptions Implementation Implementation Methodology Services Delivery Model Resources Financial Analysis Project Timeline
Σ Consulting
Background: Terra Firma
Leading supplier for medical imaging devices
Provider of technical support and integration services for medical imaging systems
Develops software for visualization, analysis and storage of
medical images
More than NZ$ 2.5 billion of annual revenue in 2009
Network crash in April 2010
Σ Consulting
Problem Statement
“ How can we use technology to enable Terra Firma’s business
processes, and position it to effectively identify and exploit emerging opportunities while ensuring business continuity ”
Σ Consulting
TREND ANALYSIS
Σ Consulting
External factors
GE, Siemens are subject to medical regulations in the future Regulation backlash may result in lower margins
Terra Firma
Σ Consulting
Emerging opportunities
Terra introduced a line of filmless dental and veterinary X-ray systems Growth opportunity for Terra Firma Filmless Dental
Terra Firma
Independent Distributors Veterinary Xray systems
Revenue 40000000 35000000 30000000 25000000 20000000 15000000 10000000 50000000 0
Revenue
Σ Consulting
IT Investments at Terra Firma
Funding Innovation 20%
Infrastructure Maintenance
Funding Innovation 20% New Funds for innovation 40%
80% Infrastructure Maintenance 40%
Current Breakdown
80% IT budget into maintenance
20% IT budget into innovation
Optimal Breakdown
Σ Consulting
IT Infrastructure at Terra Firma
IT issues
IT Infrastructure
Network Failure
Lack of effective technology managemen managementt policies policies
10%
90%
Additional problems
Missing log files
Corrupted database tables
Inconsistent data
Standardized
Σ Consulting
Opportunity/Approach Approach
Challenges/Opportunities
Aggressively use technology for vertical integration
Medical regulations may lead to lowe lowerr margins margins
More investment into innovation
Underinvestment into IT
Consolidate and standardize standardize IT infrastructure
Disparate systems
Enforce Enforce IT governance policies
Lack of technology management policies
Σ Consulting
RECOMMENDATIONS
Σ Consulting
Consolidate
High Level Roadmap
Virtualize
Automate
Optimize
Σ
Solution Framework
Consulting
External
Internal SOA s n o i t a c i l p p A
e r u t c u r t s a r f n I
Web Services
Supports communications
Self contained applications
between betw een servic services es Perform functions, from simple requests to Defines how
programs interact interact to perform a
complicated business processes
unit of work
Private Cloud
Public Cloud
Proprietary computing architecture
Standard cloud
Provides hosted services to a
Service provider makes resources available
of people
limited number
computing model computing model
Σ Consulting
What to put where? Security
a i r e t i r
Governance
Service Management Risk Exposure Compliance
Business
Criticality
Impact Business Outlook
C n o i t a r g i M
Workload
Elasticity
Storage Utilization
Architecture
Technology
Infrastructure Quality
of Service
Σ
Migration Framework
Consulting
External
Internal SOA s n o i t a c i l p p A
Manufacturing Apps ERP Apps
SCM Apps
Compliance Apps
Private Cloud e r u t c u r t s a r f n I
CRM Apps
Collaboration Apps
HCM Apps Hardware Engineering Apps
ERP
Software Engineering Apps
Videoconferencing Apps
Public Cloud
PC Support Videoconferencing
Hardware Engineering Software Engineering
Web Services
Email/ Calendar Apps
BI Apps
Collaboration BI
Manufacturing
Email/ Calendar
Σ
Systems Architecture
Consulting
Vendor Business Analyst Manager Software Engineering
Hardware Engineering
Portals and Rich Internet I nternet Applications Centralized Centraliz ed Policy and Services Management Services Registry and Repository
Hybrid
Enterprise Service Bus Service Runtime Engine
Ser vice
Virtualization Services
Services
Services
M R C
E D J
Layer
Services f l u w o e B
t f o s o r c i M
g n i m a e r t S
l i a M
t n e t n o C
Σ Consulting
System Characteristics/Benefits
Characteristics
Benefits
Service-centric environment
Aligns technology with key business process
Standardized, Standardized, shared services
Improved cost management
Scalable and elastic
Rapid response response to to business business changes
Automated
Reduced errors errors and outages
Self service, pay-per-use
Transparency
Σ Consulting
IMPLEMENTATION
Σ Consulting
Organic growth of IT infrastructure at Terra Firma has led to:
Assumptions
Excess processing and storage capacity Duplicate of applications across different locations
10% of applications at Terra Firma are standards compliant and can be easily exposed as services IT Steering Committee will henceforth enforce strict adherence to ITIL guidelines for application development
Σ Consulting
Business Process Modeling
Consolidation
Implementation Analyze
applications and align with key Terra Firma processes Determine technology needs from a service perspective
Streamline infrastru infrastructure cture Eliminate excess capacity
Implement Service
Virtualization
Virtualization Layer Develop applications as services
Move relevant applications to Public Cloud
Public Cloud Migration
Private Cloud
Move relevant applications to Private Cloud
Σ Consulting
Services Delivery Process
Σ Consulting
Resources
Σ Consulting
Project Timeline 6 Years ears
Business Process Modeling 6 Months
Consolidation 1.5 Years
Virtualization 4 Years
Public Cloud 6 Months
Private Cloud
3 years Time
Σ Consulting
Change Management Stakeholder Analysis
Involvement
Structure
Communication
Anticipate and manage
key stakeholder
responses
Gain buy-in from all levels
Preventt reversal to Preven
status quo
Consistently share the vision across all levels l evels
Provide employees with tools needed for
Training
success
Σ
Financial Analysis
Consulting
Implementation Cost - $15,000,00 $15,000,000.00 0.00
Recurring Costs per per year year - $ 1,000,000.00 1,000,000.00
Savings Savin gs per year year - $5,0 $5,004,0 04,000.0 00.00 0 [Appendix C]
[Appendix D] [Appendix C]
8,000,000.00 7,000,000.00 6,000,000.00 5,000,000.00 Savings
4,000,000.00
Net Cumulative Investment 3,000,000.00 2,000,000.00
1,000,000.00 Year 0
Year 1
Year 2
Year 3
Year 4
Year 5
Year 6
Year 7
Year 8
Σ
Risks/Mitigation
Consulting
Risks
Mitigation
Application/Infrastructure Security
Implement Implement security policies and evaluate SLAs
Disruption of business continuity
Adopt a phased implementation implementation approach
Perform detailed assessments
Implement Implement compliance standards
Readiness
Geopolitical issues
Σ Consulting
Service Servic e Leve Levell Agree Agreement ment - Key Crite Criteria ria
Server Uptime/ Availability Data Backup Network Performance: Performance: Internal I nternal and External Cloud Balancing & Cloud Bursting Cloud Storage Server Reboot Support Response Time Physical Security 24 x 365 Engineering Support
Σ Consulting
Conclusion
Terra Firma IT Roadmap
Consolidate
Virtualize
Automate
Optimized
Σ Consulting
Thank you! Σ C o n s u l t i n g
Efesa Origbo
| Hariprasad Tilakan | Sharon Dsouza
Σ Consulting
APPENDIX
Σ Consulting
Appendix (A)
Weighted Score Model Application
Criticality
Technology
Governance
Elasticity
Total
Cloud
Score
25
20
30
25
100
PC Support
20
70
40
50
43.5
Hybrid
Email/Calendar
20
90
20
20
33
Public
Video Conferencing
20
80
20
20
32
Public
Collaboration
20
80
50
40
46
Hybrid
ERP
90
80
90
90
88
Private
SCM
90
70
80
80
80.5
Private
HCM
90
80
90
90
88
Private
CRM
50
60
30
20
41
Hybrid
BI
50
60
70
60
60.5
Hybrid
Hardware Engineering
90
90
90
90
90
Private
Software Engineering
80
70
20
30
47.5
Hybrid
Manufacturing
50
60
70
60
60.5
Hybrid
Compliance
90
70
80
80
80.5
Private
Σ Consulting
Appendix (B)
Service Delivery Business Process Diagram
Σ Consulting
Appendix (C)
Σ Consulting
Appendix (D)
PAYBACK ANALYSIS
Σ Consulting
Appendix (E)
Σ Consulting
Appendix (F)
Risk Assessment
Vendor Risks
Mitigation
Physical Security
Security Audits
Vendor Lock-In
Open Source Vendors
Vendor Viability Viability
Larger/Certified Vendors
Data Risks
Mitigation
Data Loss
Backup and Recovery Plan
Data Security
VPN’S, SSL, IDS
Data Location
Compliant with Global/Local Regulations
Software/Application Risks
Mitigation
Licensing
Clear Billing/Licens Billing/Licensing ing model
Integration
Better Integration Testing
Infrastructure Infras tructure Risks
Mitigation
Σ Consulting
Appendix (G)
Σ Consulting
Appendix (H)
Σ Consulting
Appendix(J) Change Management
Σ Consulting
Appendix (K)
Σ Consulting
Appendix (L)
Access control and physical security s ecurity 24-hour manned security, security, including foot patrols and perimeter inspections Biometric scanning for access Dedicated concrete-walled Data Center rooms Computing equipment in access-controlled steel cages Video surveillance throughout facility and perimeter Building engineered for local seismic, storm, and flood risks Tracking of asset removal
Environmental controls Environmental Humidity and temperature control Redundant (N+1) cooling system
Power Underground utility power feed Redundant (N+1) CPS/UPS systems Redundant power distribution units (PDUs) Redundant (N+1) diesel generators with on-site diesel fuel storage Network Concrete vaults for fiber entry Redundant internal networks Network neutral; connects to all major carriers and located near major Internet hubs High bandwidth capacity
Fire detection and suppression VESDA (very early smoke detection a pparatus) Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression
Σ Consulting
Appendix (M)
Secure transmission and sessions Connection is via SSL 3.0/TLS 1.0, using global s tep-up certificates from VeriSign, VeriSign, ensuring that our users have a secure s ecure connection from their browsers to our service Individual user sessions are identified and re-verified with each transaction, using a unique token created at login
Network protection Perimeter firewalls and edge routers block unused protocols Internal firewalls segregate traffic between the application and database tiers and Intrusion detection sensors A third-party third-party service provider continuously scans the network externally and alerts changes c hanges in baseline configuration
Disaster Recovery Real-time replication to disk at each data center, and near real-time data replication between the production data center and the disaster recovery center and data are transmitted across encrypted links.
Backups All data are backed up to tape at each data center, on a rotating schedule of incremental and full backups
Internal and Third-party testing and assessments Tests all code for security vulnerabilities before release, and regularly scans our network and systems for vulnerabilities. Third-party assessments are also conducted regularly: Application/ Network vulnerability threat assessments
Security Monitoring Our Information Security department monitors notification from various sources and alerts from internal systems to identify a nd
