OMG

Hybrid Cloud Considerations for Big Data and Analytics is a companion guide to the CSCC's Cloud Customer Architecture for Big Data and Analytics.
 
Today, the majority of big data and analytics use cases are running on hybrid cloud computing infrastructure. A hybrid cloud is a combination of on-premises and local cloud resources integrated with one or more dedicated cloud(s) and one or more public cloud(s), allowing for increased scalability and computational power for big data and analytics capabilities.
 
This whitepaper summarizes what hybrid cloud is, explains why it is important in the context of big data and analytics, and discusses implementation considerations

Cloud Customer Architecture for Big Data and Analytics describes the architectural elements and cloud components needed to build out big data and analytics solutions.
 
Big data analytics and cloud computing are a top priority for CIOs. Harnessing the value and power of big data and cloud computing can give your company a competitive advantage, spark new innovations, and increase revenue. Many companies are experimenting and iterating with different cloud configurations as a way to understand and refine requirements for their big data analytics solutions without upfront capital investment.
 
This paper includes proven architecture patterns that have been deployed in successful enterprise projects and a description of capabilities offered by cloud providers.

The aim of this guide is to provide a practical reference to assist enterprise Information Technology (IT) managers and business decision makers with best practices for developing and growing a “cloud-enabled” next generation IT workforce.
 
Cloud computing and related technologies like blockchain, data science, and AI are transforming the nature of IT, resulting in skill shortages in some domains and staffing surpluses in others. Demand is increasing for cloud-knowledgeable solution IT architects, operations staff, and DevSecOps teams to apply cloud services and related technologies to these challenges for increased agility and efficiency.
 
Now that cloud computing is a mainstream initiative within most enterprises and large organizations, it is an opportune time to embrace training and knowledge-sharing.
 
This paper outlines:

• the business reasons for developing a skilled cloud-enabled workforce
• a strategic framework for meeting today's and tomorrow's skill needs
• best practices for cloud skills training, employee development and career growth
• a survey of available cloud training and certification programs

As data is increasingly accessed and shared across geographic boundaries, a growing web of conflicting laws and regulations dictate where data can be transferred, stored, and shared, and how it is protected. The Object Management Group® (OMG®) and the Cloud Standards Customer Council™ (CSCC™) completed a significant effort to analyze and document the challenges posed by data residency.
 
This discussion paper defines data residency as:
 
“...the set of issues and practices related to the location of data and metadata, the movement of (meta)data across geographies and jurisdictions, and the protection of that (meta)data against unintended access and other location-related risks.”
 
This paper covers issues and risks, laws and regulations, applicable and related standards.

Cloud Customer Architecture for Securing Workloads on Cloud Services was written as practical reference to help IT architects and IT security professionals architect, install, and operate the information security components of solutions built using cloud services.
 
Many cloud services are now available covering infrastructure, platform and application capabilities. Building business solutions using these cloud services requires a clear understanding of the available security services, components and options, allied to a clear architecture which provides for the complete lifecycle of the solutions, covering development, deployment and operations.
 
This paper introduces best practices for architecting the security of cloud service solutions.

Cloud Security Standards: What to Expect and What to Negotiate is a guide to security standards, frameworks, and certifications that exist for cloud computing. This guide will help you assess the security standards support of cloud service providers.
 
As customers transition their applications and data to use cloud computing, it is important that the level of security provided in the cloud environment is equal to or better than the security provided by their traditional IT environment. Cloud security standards and their support by prospective cloud service providers and within the enterprise is a critical area of focus for cloud service customers.
 
The landscape has matured with new cloud-specific security standards, like ISO/IEC 27017 and ISO/IEC 27018 for cloud computing security and privacy, being adopted.

Security for Cloud Computing: 10 Steps to Ensure Success provides a practical reference to help enterprise information technology (IT) and business decision makers analyze the security implications of cloud computing on their business.
 
The guide includes a list of ten steps designed to help decision makers evaluate and compare security and privacy offerings from different cloud providers in key areas, covering:

• Security and privacy challenges pertinent to cloud computing and considerations that organizations should weigh when migrating data, applications, and infrastructure
• Threats, technology risks, and safeguards for cloud computing environments and the insight needed to make informed IT decisions on their treatment
• A Cloud Security Assessment to assess the security capabilities of cloud providers

 
Version 3.0 introduces new and updated security standards, worldwide privacy regulations, and stresses the importance of including security in continuous delivery and deployment approaches, among other things.

Public Cloud Service Agreements: What to Expect and What to Negotiate was written to help cloud customers understand and evaluate public cloud service agreements (CSAs) from different providers.
 
The paper describes the current anatomy of a cloud service agreement, covering the customer agreement, acceptable use policies, cloud service level agreements and privacy policies.
 
The heart of the guide is a series of ten steps that cloud service customers should take to evaluate CSAs in order to compare public cloud service providers or negotiate terms with a provider. The recommendations are based on a thorough assessment of publicly available agreements from leading providers

Migrating Applications to the Cloud: Assessing Performance and Response Time Requirements is a supplement to the CSCC paper, Migrating Applications to Public Cloud Services: Roadmap for Success.
 
Assessing applications and workloads for readiness for migration to cloud computing allows organizations to determine which applications and data can (or cannot) be readily moved to a cloud computing environment and which delivery models (public, private, or hybrid) can be supported.
 
Emphasis is placed on mapping business requirements to the underlying technology to improve decisions regarding the suitability of cloud computing for a particular workload. By testing and quantifying performance and response time implications early on, performance issues can be avoided or mitigated.

Migrating Applications to Public Cloud Services: Roadmap for Success was written to provide a practical reference to help enterprise information technology (IT) and business decision makers analyze and consider application migration to the cloud. This paper details strategic and tactical activities for developing a business plan and detailed migration plan. Guidance is provided on the types of applications that are best suited for migration to the cloud.
 
Key considerations include costs of migration, the potential need for application redesign, longevity, performance and availability, security and privacy requirements, the selection of locations, and other potential regulatory requirements.
 
Version 2.0 takes into account the increasing diversity of approaches used to migrate applications to the cloud. Much of this focuses on the use of containers, virtual machines, and serverless functions, as well as on the increasing use of hybrid cloud solutions. Concerns related to security, privacy, and data residency have also become stronger since the initial version. The guide addresses how to mitigate those issues.

The OMG Cloud Working Group publishes vendor-neutral guidance on important considerations for cloud computing adoption, highlighting standards, opportunities for standardization, cloud customer requirements, and best practices to foster an ecosystem of open, standards-based cloud computing technologies.
 
The Cloud Working Group or "CWG" takes over the mission of the Cloud Standards Customer Council™ (CSCC™), an OMG-managed program that launched in 2011 and published 28 deliverables over the course of its operation. The CWG will maintain and update these papers. For more information, watch the webinar, Introducing the OMG Cloud Working Group.