 Security and Risk Management: De-perimiterisation (resulting from Cloud Computing,
    mobility and BYOD) renders existing infrastructure controls and policies insufficient
    and calls for new mechanisms to ensure adequacy of access controls and information
    security/protection. This will involve the evolution of federated trust models to
    incorporate all constituents in the service delivery chain. New risk models will be
    required to ensure compliance with increasingly complex regulation
     The paradigm shift is the transition from enterprise owned infrastructure-based
    controls to a comprehensive systems and policies for federated information security
    and protection.

 Demand Management: Infrastructure capacity planning will be supplanted by demand
    management for Cloud Services. Accurately predicting demand and variability will be
    central to cost effective management of the IT supply chain, to permit service
    aggregation and to avoid un-necessary “cloud sprawl” (proliferation of Cloud Service
    Providers)
     The paradigm shift is the transition from annual capacity planning performed at an
    infrastructure level, to a dynamic, “lean” management of the entire IT service
    ecosystem.

 Enterprise Information Management: information is becoming the differentiating
    business asset (rather than infrastructure), and techniques such as data classification,
    master data management, data governance and real-time data analytics are essential
    to discover and exploit critical information assets
     The paradigm shift is from preserving “islands of historic data” to maximising
    business value from increasingly voluminous, diverse and dynamic information assets.

 Finance & Budgeting: Consumption-based pricing and price elasticity of Cloud will
    significantly impact IT charging models and the budgeting/forecasting process.
    Variability in demand will result in a less predictable level of expenditure and require
    more ‘open-ended’ budget (expense) allocation
     The paradigm shift is the transition from annual capital budgeting (CapEx) to pay-
    as-you-go service expenditure (OpEx, business operational cost).

 Sourcing and Procurement: Contracting with Cloud Service Providers will require new
    approaches in order to achieve the benefits claimed. Increasingly, Cloud services will
    be delivered through a complex network of providers (the so-called “embedded
    service chain”) many of whom may be “invisible” to the end-user thus increasing the
    challenges of risk assessment/management and data sovereignty
     The paradigm shift is the transition to a hybrid, multi-sourced “dynamic IT”
    environment with increasing complexity of vendor and IP management.

 Application Portfolio Management: to take advantage of the speed and infrastructure
    architecture of web-scale services requires a different approach to application
    thinking. This impacts all aspects of the application lifecycle – skills, organisation
    (teaming), migration (at end of service life) and techniques for the design and
    development of Cloud native applications – eg. Service Oriented Architecture,
    microservices, scale-out, agile/scrum, etc.
     The paradigm shift is from architecting classic 3-tier client server applications that
    rely on infrastructure for scaling and resilience to developing (or migrating to) cloud
    native applications that leverage web-scale industrialised low-cost infrastructure.

Author: Mike Spink   Cloud Computing – The Customer Context   Page 5 of 7
Version 2.0 (final)  A White Paper for Cisco by Innovise ESM  Spring 2015