YouTube Presentation: https://www.youtube.com/watch?v=zuxmSqKEQWc
Originally Published: Jul 21, 2023
Fortifying Healthcare's Digital Armor: Securing On-Prem Multi-Cloud Environments for Unparalleled Data Protection
Lawrence Kohan will discuss the vital role of VMware Aria Operations in ensuring compliance with industry standards like HIPAA and PCI. He will explore how VMware Tanzu Service Mesh strengthens healthcare applications with behavior-based security and API threat detection. Additionally, Lawrence will highlight the secure data management capabilities of HashiCorp Vault. Attendees will gain valuable insights into these solutions and their significance for healthcare security, and how they apply to both on-prem datacenters as well as VMware Cloud on AWS to achieve greater security in their multi-cloud environments.
Lawrence Kohan, Senior Solution Architect, TeraSky
Digital Health Talks - Changemakers Focused on Fixing Healthcare
[00:00:00]
Lawrence Cohan: Hello, this is Lawrence Cohan from Terrace Sky. Here to talk to you about the healthcare industry's multi-cloud journey using VMware Cloud on a w s, also known as V M C. Here at Terra Sky, we are the masters of digital transformation. Terra Sky builds foundations for companies, digital businesses, and in today's day and age, all businesses in all industries are software companies or should be thinking as a software company.
We specialize in [00:01:00] any cloud infrastructures at modernization and next gen operations. We are a global company with top tier partner status with the major vendors whose software make up the solutions that we'll be talking about during this seminar such as a W S VMware, HashiCorp, Dell Technologies and Cloud Native Computing Foundation amongst several others.
When we consider what has occurred in the software data center industry over the years, specifically what has been achieved in terms of optimizing infrastructure and all the different technologies that have been introduced to continue to drive improvements, we really need to think about it as an evolution, a constant evolution.
And speaking of evolution, I've been working in the IT industry for 28 years. And I've evolved with the industry and I've had a [00:02:00] unique opportunity to witness the evolution of the industry from several different vantage points. First as a customer and end user of the software that we'll be talking about.
Then as a consultant, and then working for the vendors directly. I started out my career as an in-house systems administrator, and at that time as virtualization took hold, I immediately realized that this was a game changer and was not just gonna change the way the way businesses run their data centers, but it was gonna change the world.
So I retrained myself to become a consultant and help bring this technology to the world 'cause I really believed in it. And that led me to Dell E M C and eventually to VMware. And now I am a senior solution architect at [00:03:00] Terrace Guy.
Okay, before we take a look at the current state of the industry, let's start back at the beginning. Back when we had monolithic physical hardware with one-to-one application to server mapping. This was before 2001 and before virtualization. And I would even argue that this was probably the state of the industry until around 2008, 2009, because it was really the advent of VMware's vSphere four that made virtualization production ready and therefore consumable by businesses around the world.
But let's take a look at how things were done before in the pre virtualization world where applications were written and one application would reside on one server. For each step in this legacy waterfall monolithic approach required each [00:04:00] step to go from team to team in a time consuming matter, from developers to quality engineers, back to developers, to the IT team for infrastructure provisioning, and then to the storage team, then back to IT as it got closer to production, and then the network team would have to get connectivity and security ready before the app was ready to be deployed.
I remember these days very well, and even for those of you who are not into technology and don't understand a word I'm saying, I still draw your attention to the color-coded dots on the slide, and you can see the number of steps in the process, and each color denotes a different team, so you can see the number of handoffs between each department just to get a server ordered.
And shipped and racked and stacked in a data center and then installed, stalled with an operating system. [00:05:00] Patched and ready for all of the rest of these steps by itself could take six weeks or longer. It was not ideal time for the entire process could take anywhere from six months to a year. In addition to the workflows.
When you had to think about the impact that this had on these different teams, the dev team, the QE team, the IT team, the storage team, and the network team, they're all siloed teams. There's a high level of interaction required between these siloed teams, but the interaction wasn't very optimal because it's a very sequential way of doing things.
The time from build to production was very long. The IT teams had to carve out a large maintenance window depending on whether or not this was a new deployment or an application upgrade, which could cause current systems running in production to take a [00:06:00] hit for downtime in order for the new code to be installed.
And of course, this assumes that everything goes smoothly, which trust me, it never does. Imagine if there's a bug in the handoff between the IT team and the developer team. The whole cycle needs to be repeated. So the time to fix bugs and issues was quite considerable. And remember, this entire process was to get a single instance of an application deployed to one server.
Now to scale that app. Think about the considerations around capacity planning for peak times without having automated scaling procedures. Back then, it was all manual and required a great deal of team interaction for an app to scale. So the level of complexity to scale applications was very high. This was certainly not scalable.
Then [00:07:00] as we virtualized the rest of the infrastructure stack, specifically the storage and network layers, we were able to eliminate the provisioning complexities. Now, Every team is a virtualized team and everything is brought together by the software-defined data center. It's a p i driven, so carving out a workload to deploy is super simple versus the old ways of interaction and a sequential step in procedure between different teams.
So we saw further gains in optimization across the board. I remember these days well, and this is what got me very excited. The server that used to take me six weeks to prepare for an application team, I could now create a VM template in two minutes. The gains in efficiency were astounding. With Kubernetes, we are able to reduce time to production even further eliminating all interactions because we've abstracted so there are no siloed teams.
We've eliminated [00:08:00] the need for maintenance windows and we've reduced the time to fix bugs and issues and almost eliminated any of the complexities related to scaling the application to meet the needs of the business. And here's a look at where we are today, and these are very exciting times, indeed. Now, granted, some other industries might be benefiting more from the latest and greatest, uh, modernization and Kubernetes than say the healthcare industry, which is lagging behind a little bit.
But no worries, we'll get there. But still, if we look to the future, these are very exciting times as we continue on our constant evolution path to get these times to production shorter and shorter. Eliminate the errors and the bugs in the system and continually improve our processes. But why do we need the public cloud?
You ask? Well, let's talk about that. I. [00:09:00] Let's take a look at the numbers. Healthcare organizations are in the early phases of cloud adoption behind the cross industry global respondent average. However, this is expected to jump from 27% to 51% in the next three years. In line with the global trend of evolving to a multi-cloud IT infrastructure that spans a mix of private and public clouds.
Last year, over 50% of 250 healthcare industry IT professionals surveyed, said they expect to be using a multi-cloud environment within the next one to three years. A vast majority of those respondents agreed that a hybrid multi-cloud architecture was ideal for their organizations. Let's look at some more numbers.
Top healthcare IT priorities for the next 12 to 18 months include [00:10:00] adopting five G adopting ai, ML based services improving B C D R. We'll talk about that later. And improving multi-cloud management, the C Ovid 19 pandemic has spurred increases in IT spending in the areas of bolstering security posture, implementing AI-based self-service technology and upgrading existing IT infrastructure and leveraging public cloud to a degree might even help offset that last point a bit, or at least reduce the immediacy of the need.
So let's take a look at some advantages of a multi-cloud strategy, lower costs, agility, remote access, and data mobility. It's easy to adopt and scale. It'll minimize administrative costs and overhead, [00:11:00] the ability to access and transfer data quickly. The ability to autoscale resources on demand quickly as needed, increased B C D R options, and we'll talk about that later.
B C D R by the way, means business continuity. Or disaster recovery and reduced R T O R P O times associated with that. R T O means recovery time objective and R P O means recovery point objective. These are both terms related to dr, which means how long does it take to get back up and running after a disaster, and how much data did I lose in the processes?
Obviously you wanna keep these numbers as small as possible and workload and data portability and mobility, and this is [00:12:00] probably the single most exciting use case, which makes a lot of other use cases possible. Now to be clear, it's not all sunshine and rainbows, right? While multi-cloud adoption is trending upwards, challenges do remain complexity of managing across cloud borders remains a major challenge for healthcare organizations.
92% of respondents agree that success requires simpler management across multi-cloud infrastructures. 90% agree that a hybrid multi-cloud model, which means an IT operating model with multiple clouds, both private and public with interoperability between is ideal to address top challenges related to interoperability, security cost, and data integration.
So what are the healthcare industry's concerns about adopting the public cloud? Well, [00:13:00] security of sensitive information and HIPAA compliance. That is a big and valid concern and we'll talk about that and we'll level set expectations. Let's dispel
some
Lawrence Cohan: myths and fears, and I think you'll find that security of sensitive information, HIPAA compliance is important no matter where the data resides and is a risk in private and public data center alike, it's up to us to be diligent, adopt best practices in order to minimize our risk no matter where our data resides.
Here's the cold hard truth about security. Although cloud providers ensure their cloud security as well as sign standard business associate agreements, it is still necessary for you to. To configure the platform correctly, to have a fully [00:14:00] compliant environment in the areas of permission, set up firewalls with logging enabled proper encryption, and set up controls for file integrity, monitoring proper access, and so forth without question.
Hybrid or multi-cloud is a necessity, but cybersecurity must be a part of the upfront planning, not an afterthought.
And if you really think about this, it does make sense. Now, imagine I'm running the coffee shop and I invite you in to have a cup of coffee and you're working on your laptop. Now, as a coffee shop owner, I have a certain degree, uh, of making you feel reasonably safe, right? I can tell you my doors are locked.
During off business hours, I have security cameras to make [00:15:00] sure that the premises are safe. I make sure that the food that I serve you is safe to consume. So while you are in my business, you have a reasonable expectation of being safe. That being said, pretty much any business you go into, you'll see a sign on the wall that says, we are not responsible for lost or stolen goods.
Right? If you go to the bathroom and you leave your laptop on the table and somebody walks out with it, you can't really blame the coffee shop for that, right? That was your lack of due diligence and keeping yourself safe. Right? So the point that I'm trying to make here is that is a shared responsibility, a public cloud, a.
Can offer you a platform and take reasonable measures to make sure it's safe, but ultimately you also have to make sure that you are doing the right things to [00:16:00] keep you and your data safe, right? It is a shared responsibility. Now, a knee-jerk response would say, well, why don't I just stay in the private cloud?
That is a valid concern. Now, in the private cloud, security is 100% your responsibility, right? So if you don't like entrusting another entity with security, be prepared to take a hundred percent of responsibility. But as we talk about the different things that could happen to datas and data center, it could happen in a public environment.
It could happen in a private environment. These are things to understand. Let, let's just separate fact from fiction, when we talk about security risk and risk mitigation,
[00:17:00] okay, so we're on board. We wanna leverage the public cloud in some way. So how do we do it? How do we get started? Well, you must choose, but choose wisely. I just love this movie. That's why I put the slide in. Now we're gonna cut to the chase, and as we talk about these things, there were many steps along the process that we're kind of glossing over.
But also keep in mind that adopting a public cloud strategy, multi-cloud strategy means, again, you're doing your due diligence upfront, meaning you're doing cost analysis upfront to find out. Am I really saving money by moving workloads to the public cloud? How much, what's my R o I and so forth. All of this analysis should be done upfront so that there's no surprises later.
And this actually becomes a VMware Aria operations conversation, which we will talk about later. One of my favorite pieces of [00:18:00] software, and if you are in the private data center now, or in the public data center or some combination, it should be your first stop shop before you make any decisions at all.
And we'll talk about that. So in full disclosure before we begin with this slide, when I first gave this presentation at the Health Impact Forum in June, it was at an Amazon sponsored event. In fact, it was at the A W SS office in New York City. So, I geared my presentation towards discussing VMware cloud on a W S V M C.
But in all honesty, as there are multiple public clouds, you can choose to leverage multiple public clouds, clouds for your solution. Uh, and you can go native, meaning you can start adopting a w s Native or Azure [00:19:00] Native or Google Cloud native. But I strongly, strongly suggest that if you adopt the public cloud, you choose the VMware flavor, meaning VMware on a w s, which is V M C or VMware on Azure, which is a B s or VMware on Google Cloud, which is G C V E, having VMware on both sides.
Allows you a lot of use cases that you wouldn't have without it. And I've heard it said quite nastily that, oh, if I use VMware, that means I'm getting locked into a vendor. If anything, the opposite is true. Think back to the virtualization days. VMware is an agnostic virtualization software, which allowed you your choice of hardware.
So whatever hardware you wanted to use, hp, Dell, u c s, VMware would virtualize it in the cloud era. [00:20:00] VMware's software works on a w s Azure, Google Cloud, and several others. So if anything, it is enabling your choices and it is allowing you flexibility. So it is protecting you from vendor lock-in. So again, I just want to clarify fact from fiction.
Now that being said, I am comfortable proceeding with this solution to tell you about VMware cloud on a w s because quite frankly, especially for those of you who have no knowledge of any of this and you're running scared saying, I have no idea what this guy's talking about, it is a safe bet to go with best of breed.
And quite frankly, and quite honestly, if we want to talk about the market, Microsoft Azure is gaining ground on a w s. That is true, but a w [00:21:00] s has been around the longest. It is the oldest public cloud. It is the biggest, both in terms of size and market share, because they've been around the longest.
They're very, very resilient. They're redundant. And Gartner rates a w s as the leader in the healthcare cloud computing market, and quite honestly, in most industries as well, pertaining to healthcare specifically, A W Ss offers more than 120 HIPAA eligible services, including cloud computing, app integration, p h I storage, I O M T, device management, analytics, data sharing, and many others.
So it is a safe bet if you are going to start from scratch and you're gonna adopt the public cloud. Use the biggest, the one that's been around, number [00:22:00] one, that is a safe bet and I endorse that. That is not to say that I don't endorse any of the other options. Let's move on. So now why VMware? Well, again, let's look at the numbers.
VMware is the standard for virtualization. It is the standard platform for private data centers. Let's look at VMware in healthcare in particular, 35 of the world's top 40 hospitals are running VMware in their data centers. Right now, 94% of Epic customers run VMware with more than a thousand beds.
Hundreds of thousands of patients are engaged every day via mobile I O M T. Right in, we [00:23:00] were talking in the last slide about AWS's placement in the public cloud market, and as far as I'm concerned, they are still number one. There, there's talk of Azure closing the gap. But as of today, July, 2023, there is no debate.
A W S is number one. And when it comes to private cloud virtualization, again, there is no debate. There never has been any debate. VMware is number one. So if you're gonna architect a solution for a hybrid cloud setup using private and public clouds, use the best of both, right? And that is why we're proceeding with this discussion on VMware Cloud.
On a W Ss, the best in your private data center meets the best in the public cloud space. It's a great solution.
So now that we've [00:24:00] picked a public cloud, how do we migrate workloads from our on-prem data center? Into the public cloud. So we can see on the left side of this picture our on-prem data center, and we want to move to the public cloud. So basically there are three ways in which you can do it. And let's go out of order for a minute here.
And by this I mean to highlight the advantages of the VMware cloud flavor versus native. So let's look at refactor with refactoring. For those of you who are not technical, each virtual machine flavor, so whether it's VMware or Microsoft's Hyper V, or let's look at the public cloud, for example. Uh, Amazon refers to theirs as e C two instances, and Azure is running hyper B in the cloud, and Google has their own flavor.
These are different [00:25:00] formats of virtual machines, and they're not immediately compatible. Meaning you can't just cherry pick a virtual machine from one environment and put it in the other, it won't even run, right? So the only option is to convert. If you're going to move between on-prem and a native public cloud, you have to convert those virtual machines, which we refer to as V two V from one format to another.
Now, here's the drawbacks. It cannot be done live. It usually is a sequential process, meaning you're doing one or two or three at the most at the
time,
Lawrence Cohan: and it takes a very, very long time to do it. If you're moving a handful of VMs, it may not be that big of a deal, but if you're talking about moving entire data centers [00:26:00] with hundreds or thousands of VMs, not only is they very time consuming effort, but there's outages to your virtual machines because they have to be off when you're converting them.
So this is not a very ideal way to migrate to the public cloud. So lift and shift rehosting, this is an immediate benefit from having VMware on both ends. Now, there, to be honest, there are other technologies by VMware required to make this work. Namely, H C X H C X bridges your private and your public cloud.
Essentially making a bridge between them. Now, the advantage is you're running VMware vSphere on both sides, so the VM is exactly the same running in the public cloud as it [00:27:00] is in the private cloud. For those of you who are familiar with vMotion, which is one of the coolest things I've ever seen, vMotion would allow a virtual machine to move from one physical server called a host to another live, meaning that as it's moving, it is still up.
It is still available, it is still in production. There is no downtime. H C X allows virtual machines to go from private cloud to VMware cloud in the public cloud, a V motion like experience. It is mind blowing. It is an option that you only have if you're running VMware on both sides. It is the only way in the world to live migrate between private and public cloud, and it is an option available to you if you're running VMware on both sides, and [00:28:00] that's why I strongly urge you before you make these decisions, consider all of the pros and cons to everything you're doing.
Granted, it might be more expensive to leverage H C X, but when you think about the benefits it provides you, especially in emergencies, that is something to consider. Now, finally, let's talk about the last option rewriting. Now, quite frankly, this is the elephants in the room, and this is pertaining to those legacy apps.
That everybody's afraid of, right? In some cases, this is old antiquated hardware that we refer to as boat anchors because they're keeping you trapped in the past. Not only are these methodologies from maybe the 1970s, but in some cases the hardware itself [00:29:00] might even be from the 1970s. So old hardware, like as four hundreds or mainframes, these are the machines that everybody's afraid of, right?
No, nobody wants to touch 'em because nobody knows what they do, but I mean, they can't be virtualized. So they're sitting there eating up space, and not only are they getting older and older and they're inefficient, but as the years go by finding qualified people to work on these legacy machines, the talent pool is getting smaller and smaller.
And more and more expensive. And because they're keeping you trapped in the past, you can't leverage other means that will help you run far more efficiently. Now, in full disclosure, it will most likely be a time consuming and ex an expensive effort to find a way to rewrite your applications [00:30:00] running on these old machines in a modern app formula.
But when you do that, now whether you choose to run, let's say Kubernetes and containerization on-prem or in the multi-cloud, you can choose to do that. And solutions like V M C are modern app ready. So you'll be able to rewrite and adopt modern processes and be future proof, something that you're not now.
Again, these are things to consider. I know it's the elephant in the room. I know it's expensive. You may not have the budget to do it this year. You may not even have the budget to do it next year, but these are things that you have to think about and you have to address because you have to deal with it eventually.
These are things that are keeping you trapped in the past and, and you have to deal with them accordingly. So something to consider. [00:31:00] So let's look at some immediate benefits from having VMware vSphere on both sides of the private and public cloud. Zero refactoring required. As we said on the previous slide, there's an immediate 69% lower migration cost, and time is reduced from migrating workloads from years to months, and in some cases, maybe even faster than that.
Existing skillset, there's up to a 71% savings in operations and training costs stands to reason, right? Because if you wanna adopt the native public cloud, you have to learn a w s or you have to learn Azure, or you have to learn Google Cloud or one or more of them if you're going to leverage one or more of them.
And you'll find pretty quickly that they're all different. There's no rhyme or reason between them. So there's a very, very steep and significant learning [00:32:00] curve to get up to speed in all of them. Now, if you're using vSphere on both sides, there's no new learning curve, right? You're already using vSphere, so the same tool you're using in the private cloud you can use in the public cloud.
So that is an immediate benefit. To both your IT staff and the overall business. Not to mention a tremendous cost savings by not having to ramp up technical skills, maximum flexibility. There's a seamless change in the environments because the environment is now on both side and you're preserving optionality and access services from anywhere.
Operational efficiency. You can maximize staff value by making IT teams 47% more efficient. Now let's look at a glowing endorsement with VMware Cloud on a w s, we've rediscovered [00:33:00] the performance and autonomy that our on-prem architecture gave us, along with all the related benefits in terms of migration, maintenance, and subsequent management.
Today, we can transfer a workload at the drop of a hat without service interruption from a data center to the cloud, and vice versa, the way we used to on-prem from one cluster to another. Something that isn't possible with the public cloud. And I said it before and I'll say it again. VMware Cloud in a multi-cloud setup with H C X is the only way to live, migrate workloads from private to public cloud.
So there is no competitor in this field, right? It is the only way to do it live. That is a huge selling point. [00:34:00] Now let's take a look at the VMware Cloud shared responsibility matrix. So if you were to adopt V M C in the areas of deployment, lifecycle and configuration, everything you see on this chart that's shaded blue, VMware is responsible for, and everything shaded gray you are responsible for.
So for deployment and lifecycle, VMware is responsible to deploy your physical infrastructure, your physical security, your hosts. You are patching your hosts, uh, N Ss X T, your networking, your virtual networking identity management, vCenter and vsan. They get the entire platform ready for you, and they're responsible for the ongoing maintenance and lifecycle.
You are responsible for the workloads that go on top of it. So for example, your guest operating systems, your applications, your virtual machines, that makes sense. Now, if you look at the [00:35:00] configuration at the bottom, again, they are providing you with the platform, but as we talked about with security before, you are responsible for the configuration of your own networks and your network security, including firewalls, identity management, vCenter, and vsan.
Now, again, that makes sense, you know, in terms of keeping your users secure, keeping your network secure, keeping your data on your storage secure. Number one, that should be your responsibility, right? I mean, if data is sensitive, you shouldn't be trusting outsiders to do that anyway. So again, that all makes sense.
But something to consider, again, in the realm of security, the configuration of these items remains your responsibility.
So let's take a quick look, and this is a reminder that the workloads that you're currently running in your on-prem data center are fully self-managed by you, [00:36:00] and you are responsible for everything. The entire lifecycle of the deployment, the security, if there's any breaches, it's all on you, right?
Whereas if you're running VMware cloud on a W Ss, VMware is full as fully managing your environment. They're providing you a software defined data center as a service. And you are running your workloads on top. And again, you're, you're responsible for your workloads, but the platform is there for you to use.
And the immediate benefit both CapEx and opex is that you don't have to take care of the data center. You can use it, right? This is why SaaS in general, where workloads resides, remains a case by case basis, right? It's different for every customer, it's different for every industry. But to leverage SaaS from a management tool perspective always makes sense.
Now, [00:37:00] think about it, if I'm an administrator, I have so much work to do. I have to take care of all of my workloads, where it's wherever they are. I have to make sure my users are happy. I have to keep production up. I have to keep everything fine tuned, protected by high availability, make sure that it's DR proof, all of these things.
Now I have a whole bunch of management tools that help me do that. If I have to take care of my management tools too, then that becomes a full-time job right in, in and of itself. I would much rather just be able to use my tools to do the more important work of taking care of my production workloads. So again, it's debatable and it's a different conversation to talk about where workloads, production workloads should re reside, but.
Management tools as a SaaS always makes sense. And if you can have a platform that is run and [00:38:00] provided by another entity and all you have to do is use it again, it just makes sense from a production and operational point of view.
Uh, and now we're gonna talk about one of my favorite tools, VMware Aria Operation. This is your first stop in everything. This is your visibility into your data center. If you're not using it on-prem right now, why not? You should be using this. I don't understand how a business could possibly make a decision.
About it. Information adopting a public cloud or a cloud transformation or a digital transformation, how could you possibly make decisions like that without having visibility into what you have? So our operation comes first. That's your first stop for everything. And I could talk about this tool by itself all week long.
[00:39:00] It does so many awesome things. So you have my email address. If you want a demo, please come to me. I love talking about this stuff. But the same tool you're using on-prem, you can now use for your workloads in the public cloud as well. And one of the, the many things this tool does is runs security compliance checks against your environment.
And as you can see, HIPAA is one of the many out of box features it offers. I was an Aria Operations Ambassador at VMware. I love this tool. I know what it can do. And when I used to work in the field years ago, I had to work without this tool 'cause it didn't exist yet. And so I'm so jealous of everybody who gets to be a data center operations admin now because I wish this tool existed when I was younger.
It's really great and you should be using it. And here's a quick [00:40:00] look at the HIPAA compliance check in action. So I've run a compliance scan against my lab environment and I see that I have 250 objects that are not HIPAA compliant. And I can see in my. Alert list the 250 objects and I can drill into them and I can find out why they're not compliant.
And I get recommended actions on what to take so that I can make sure that all of these items become compliant. Because obviously if you're working in a controlled industry that has compliance that you have to adhere to, at some point you're gonna have a third party auditor come in, right? You certainly don't want to fail those audits, number one, because of the public embarrassment associated with it.
Uh, loss of customer or patient confidence in your services, but there could also be some significant monetary or even legal fines with not being compliant. You certainly don't ever wanna be in a position where a [00:41:00] third party auditor comes in and you are surprised, right? So with an awesome tool like VMware re operations, you can always make sure that you're fully compliant at all times so that when an auditor comes in to check, at least at that point, it's just a formality.
So another way that our operation saves your butt and wait till I talk about what are scenarios, it is not just a data center administrator's best friend. It is an IT manager's best friend, a CIO's best friend, a CFO's best friend, and a CEO's best friend. Yes, the tool is that. Awesome.
let's talk about H C X. What it is and why you need it. Quite simply, as I said before, it is the only way to live migrate workloads between on-prem data centers and the public cloud. So this slide is a technical explanation. Please don't worry if you're not technical at all, but [00:42:00] pretty much what H C X does is makes live migration of workloads possible.
For those of you familiar with vMotion, uh, a virtual machine could move from one physical server to another or from cluster to cluster within a on-prem data center. Right? With H C X, these workloads can now move between your on-prem data center and the public cloud live, right with no downtime. The use cases that this opens up to you, some of them you may not have even considered.
But they will serve you well in an emergency. So whether it's a plans data center evacuation, whether it's dr. Business continuity, these are things that you need that when you suddenly need them, you better find out that you know you have a solution for it. Because I could tell you horror stories of [00:43:00] companies that suffered great financial losses and might have even gone out of business because they were unprepared.
Uh, and we'll talk more about that when we get into dr. But again, if you're leveraging VMware cloud in the public cloud, H C X allows you to live, migrate your workloads, which gives you a lot of options that you wouldn't have without it. So consider it. And with H C X, we are extending the data center, right?
So. We have consistent infrastructure operations, seamless application portability. The same industry leading vSphere platform on both ends. The familiar vCenter based management that you know and love and would love, and advanced vRealize hybrid cloud management, and a rich ecosystem of technology support [00:44:00] third party vendors.
And you have an enterprise grade infrastructure, less than two hours to spin up a software-defined data center mixed to add hosts, flexible policy driven resource management, failure protection at the virtual machine host and availability zone level. Predictable high performance compute with vSphere, comprehensive networking with N SS X T, including microsegmentation and policy driven enterprise storage with vsan.
So the benefits you can expand seamlessly, you can scale rapidly, you can manage as one entity, and you minimize the learning because you're using the same tool set on both sides, which represents to you a 59% in recurring savings, infrastructure and [00:45:00] operations, and a 71% savings in operations and training costs.
Let's talk cloud migrations. You have large scale migrations with minimal disruption. As we said before, it is not necessary to refactor or re-architect applications. You have the choice of live, warm, or cold migration. Now you may want to cold migrate. I wouldn't see why anyone would want to. I mean, if you don't have VMware on both sides and H C X, you cold migrate because you have to.
You don't have a choice, meaning the workload is off. So I would live, migrate. But again, if, if there's a need to cold migrate, you have that option. It's way and optimized, encrypted, and migration at scale. No configuration changes are needed at the operating system, IP or MAC address level. As we said before, familiar V Center-based management, prescriptive guided workflows, and you [00:46:00] have enterprise grade infrastructure for app modernization.
So you are future proofing yourself and you are ready to adopt Kubernetes and containerization when you're ready. Predictable high performance compute with vSphere feature rich software defined data center, including N S X T and vsan, less than two hours to spin up a software defined data center.
Managed to add hosts support for Kubernetes and containers and access to over 165 plus native a w s services. And this is the best of both worlds. Even though you're running the VMware flavor of the cloud, you still get to benefit from all of the native services that a W s offers. So your benefits save time, lower costs reduce risk, and minimize your learning.
71% less staff time required compared to native cloud migrations and, and 1000 workloads can be migrated within weeks. That [00:47:00] is just astounding. So this is a very technical slide. For those of you who are not technical, don't panic, don't be afraid. Don't worry if you don't understand anything that you see on here.
I included this slide really to alleviate the fears that public cloud is somehow insecure or unsafe. Let's take a quick look at the left side of the page where you see data center A and data center B that represents your on-prem data center. And really what I wanna draw your attention to is the many steps along the way.
Um, the firewalls, the routers that connect you and your on-prem data center to your instance of VMware cloud on a w s. And you see the many paths, the redundant paths, the firewalling. [00:48:00] Um, and the different instances, the different availability zones. What you're looking at here is multiple layers of firewalling.
You're seeing multiple availability zones, so your workloads are secure behind firewalls, which again, your managing, and they're redundant in different availability zones, leveraging high availability and so forth. So this is really just to alleviate the fear of, oh no, the public cloud is unsafe. It's very well protected, it's very well architected, and in, in some ways it might even be better architected than most companies on-prem data centers.
Just something to consider, and as we said before in full disclosure, Even though we're talking about VMware cloud on a w s in particular, [00:49:00] what we're talking about really applies to VMware cloud on any cloud, right? So you can still run VMware cloud on Azure or Google Cloud or Alibaba or I B M Cloud or, or any of the others, right?
And I highlighted in yellow the common services that are of particular interest to the healthcare industry, for example. So you still have native access to all of the other public cloud services that that public cloud offers. It's cloud independent. As we just said, you can run the VMware cloud on any of the public clouds.
You have multi-directional, always live migration tools. Because you're using H C X, there's no need for format conversion or testing, right? Workloads, easily vMotion between private and public cloud. You have DR abilities. You have multi-cloud mobility, [00:50:00] and you have support. You're not in this alone. VMware and the public cloud provider are there to help you.
And now at last, let's broach the difficult subject. I consider myself an optimist, but you know, you know what? They always say You hope for the best, but you have to plan for the worst. Always. Let's talk disaster recovery. The cold hard truth about business continuity and disaster recovery and why you need it.
Quite frankly, in the post nine 11 post Pandemic World, anything is possible. I gave this presentation at a health impact forum in New York City, right? New York City in particular, and the healthcare industry. [00:51:00] Nobody knows the pain and the repercussions of nine 11 and the pandemic more than New York City and the healthcare industry.
They were right in the middle of all of it. Right after these events. Nobody again should ever say, well, that can't happen. Anything could happen. And as a matter of fact, when I was giving this speech in June, there were Canadian forest fires that enveloped the entire eastern seaboard with this thick yellow smoke.
So at the exact moment that I was talking about Dr, if you looked out the window at the Empire State Building, Manhattan was completely covered in yellow smoke. The skies were yellow. So if anyone thought I was being overly dramatic when I [00:52:00] said anything could happen, all they had to do was look out the window at the yellow sky and realize we are living in a world where anything could happen.
Now, when the pandemic hit. Pretty much every other industry, aside from the healthcare industry, had to learn to adapt quickly when everybody was stuck in their homes and nobody was allowed to go anywhere. For two years, industries had to learn to adapt, to survive, they had to change the way they fundamentally ran.
Now it's understandable how the healthcare industry kind of lags behind because in the middle of the pandemic, their day-to-day operations didn't change. They continued to operate the way they always did. It was just a lot more of the same. I wouldn't say business as usual. It was business as highly unusual, but it was more, their concerns were more [00:53:00] capacity issues, resource issues, uh, running outta supplies, dealing with the, uh, tremendous influx of patients and, and hospital bed availability.
But their processes stayed the same. Right? They didn't have to adapt technologically the way other industries had to adapt, which explains how they're in a different place. But again, I do see that they are catching up healthcare just like it is a very vast industry. And, and even in the past couple of years, I've seen iPhone maps to run my h s a accounts to order prescriptions to get medical information.
So, so healthcare is catching up. You know, I don't, I don't want people to keep beating up on them. They're, they are, they are adopting, uh, new technologies in their way. So, [00:54:00] um, but that being said, the, the thing that we need to be concerned about with DR is that it is an expense, um, But it is necessary. It, it's kind of like the old, uh, nuclear war analogy, right?
You, you don't want to have nuclear weapons. You hope you never need them. But in a situation where you do, you better have them. Quick story about me. I actually implemented the very first DR solution for the N F L and the United Nations. Now, when we implemented this at the N F L, this was back in 2012. It was literally the day after the Giants won Super Bowl 46.
They won on Sunday. The very next day I was at N F L headquarters to begin this project, and as we began, there's always somebody in the room who says, this is [00:55:00] expensive. Why are we doing this? You're just trying to scare us and just spending money and blah, blah, blah. Of course, I had to have the conversation with him saying, I understand your concerns.
You see it as a waste of money because this is not an immediate need for you. The problem with disasters is they don't ask. When it's convenient, disasters, strikes, and it's indiscriminate. And when it strikes, you have to be ready or you suffer the consequences. And for some businesses that are unprepared, it's either extremely expensive or it could flat out shut down the business.
Now, if the N F L was to suffer from a DR outage that they weren't ready for, almost everybody in America would notice, especially if it was during football season, right? If, if suddenly, uh, people were going to the N F L site and they couldn't see [00:56:00] player stats for fantasy football and all that, everybody would notice.
Long story short, we implemented V R m, uh, uh, VMware, SS r m uh, we did four tests, four for four, a hundred percent accuracy. Everything went well. Um, I walked away and I just thought of it as, Hey, I did my job. Not only, uh, uh, a few months later, September, uh, 2012, about Hurricane Sandy hits the eastern seaboard of the us.
Most of the New Jersey shore was destroyed. South Shore, long Island was destroyed, and half of Manhattan went dark, lost power. I lost power. And as soon as my power came back, the very first phone call I made was to the N F L. And I called them and I said, how did it work for you? And they said, it worked perfectly.
Thank you so much. They had to fail over N F L [00:57:00] headquarters to. N f L films, which luckily was a little bit more inland in New Jersey and was not affected by Hurricane Sandy, otherwise they might've had to fail over all the way to N F L network in Los Angeles. So I love to tell that story because really for anybody who says, we don't need this, it'll never happen.
The N F L said that to me and for a few months later, they needed it. And I was very proud of, uh, VMware and SS r m. It, it protected the N F L and, and they were very thankful and very grateful. So it's just cautionary tale. I tell everybody, every, everybody who says it can't happen. I say, it absolutely can happen, and there's no nice way to say it, whether you like it or not, you need to prepare for dr.
It should be a budgetary concern. And if it's not, make sure it is. [00:58:00] Please for your own good. Think about it because when disaster strikes, you have to be sure that you have a way to protect your business, your people, the buildings, the facilities, keep everybody safe and continue to operate after the disaster.
So please give it the attention it deserves and start thinking about it if you're not now.
So if we take a quick look at. The factors that cause DR events, this actually actually took me by surprise because having done a lot of DR implementations many years ago, I was familiar with typical causes for DR events like power outages, natural disasters, human error, hardware failures, or you know, bad actors that were intentionally destructive.
But in the past couple of years, ransomware has become [00:59:00] the single biggest factor requiring Dr. For those of you who are not familiar with ransomware, this, these are malicious, uh, code written by hackers that will encrypt your data and make it unusable. Right? And they usually, the reason why it's called ransomware is 'cause they usually demand money in order to free your data for you.
Now the first thing I recommend to any business, no matter how painful a ransomware attack may be, don't ever pay the ransom because all you're doing is emboldening these bad actors to continue to target other businesses. You have to deal with them swiftly and as painful as it might be to have to go through a DR event, you really, it's like terrorism.
You don't wanna embolden them to keep doing it, right? So there are great tools out there. VMware has their own tool, [01:00:00] SS R M and V C D R, that have ransomware protection to help you restore your data to a usable state as quickly as possible. Um, it's part of a larger discussion to talk about R P O and R T O and how long it takes and how much data loss, uh, would happen, which all depends when the ransomware attack happens.
But again, these are things to think about. And keep in mind that a lot of, uh, security breaches, we tend to think of high tech boogeyman on the other side of the planet who were targeting us and hitting us with this high tech, uh, hacking and all of those things. But a lot of times you'd be surprised that that systems are exploited in a very low tech way.
So whether it's social engineering, somebody calls up and asks for somebody's password, somebody's writing their password on a post-it [01:01:00] note, or maybe a server, uh, was not password secured properly. Um, so maybe an in-house employee who had considerable access to systems who gets laid off and he's disgruntled, might cause a lot of damage before he leaves, right?
So a lot of these. Bad security events could be protected with a little bit more due diligence on everybody's part. Again, we're all in this together. I wanna make it, and if you take nothing else from this seminar, please get into better habits. Every time you walk away from your laptop, I don't care if you're in the office or at home, get into the habit of locking your screen.
So whether it's so some employee, some coworker doesn't do anything they shouldn't be doing, even if it's your child who's completely innocent, who can hop on your screen and accidentally delete a bunch of files, right? [01:02:00] If you're using a Windows machine, control, alt, delete, lock your screen. If you're using a Mac, uh, I think the upper left hand corner, the Apple sign, pre uh, press on that and then choose to lock your screen.
Get into a good habit. Don't be the reason why your systems get breached.
And as we were talking about before, one of the many use cases of the multi-cloud is disaster recovery as a service. So there is a legitimate complaint in, in the old days, companies would complain and say, why do I have to whole have a whole separate on-prem data center just in the possible unlikely event that I need Dr.
In the meantime, I'm paying real estate costs, I'm paying hardware costs, and I'm not using any of these things and I have to keep spending money on it, and it's expensive. I understand. You know, it, it, [01:03:00] it wasn't desirable and you did it again because you had to. But now if you leverage the public cloud as a D R target site, you now have an on demand ability.
To restore your environment in the public cloud, which would be far more flexible and agile and far more cost effective. It is a great use case, like just number one off the top of my head, it is a great reason to leverage a multi-cloud setup, so certainly consider that. I want to thank you very much for your time.
Thank you for attending my session. I hope it was informative. And please, if you have any questions at all, reach out to me or Terrace guy, and if these are initiatives that you want your company to move forward with, but you are afraid and you don't know where to start, please [01:04:00] reach out. That's what we're here for.
We're here to help companies on their journey. To modernize their applications, to streamline their processes. This is what we love to do.