Cloud Crunch
Cloud Crunch

Episode · 1 year ago

S2E02: How Customers are Maximizing AWS Managed Services (AMS)

ABOUT THIS EPISODE

Michael Eshoo, Sr. Manager, WW AMS Specialist SA at AWS, joins us to talk about how customers are using AWS Managed Services (AMS). We look at the challenges these customers are facing and how they’re overcoming them to maximize the benefits they’re getting from AMS.

...involve Solve, evolve. Welcome to cloud Crunch the podcast for any large enterprise planning on moving to or is in the midst of moving to the cloud hosted by the cloud computing experts from Second Watch, Ian will be chief architect Cloud Solutions and Skip Berry, executive director of Cloud Enablement. And now, here are your hosts of Cloud Crunch. Welcome back to cloud crunch. Today we have, like s shoe senior manager worldwide AMs specialist Solution, architect at a W s. He joins us today to talk about how customers using Amazon Web services, managed services or as we like to call it, a M s, which will be using that term frequently. Today we look at the challenges these customers we're facing and how they're overcoming them to maximize the benefits they're getting from a M s. Welcome, Mike. Thanks. Thanks very much for having me. And and we have our co host today. Skip Barry Skip. Always great to have you back a Well. Yeah. Likewise E and welcome. Mike. Yeah, This is gonna be good for those of you on the podcast. We have been experiencing the service for quite some time. AMs Amazon Web services manage services or A W S manage services. It's been a great product. We've seen a lot of customers benefit from this, and we want to kind of dig into this because it's not just about the service. There's gonna be a lot of other things around it that we want to discuss. So, Mike, can you give us just a quick overview of what AMS is and the purpose and the value that it's adding to the customers out there? Yeah, sure, happy to do that. And so So Aws Managed services, Um, and we launched in December of 2016 and are focused on helping customers with operations, which, which is obviously ah, big statement and a big name with with manage services in it, which is one of the reasons we prefer a m. S. You know, we've been working on. I was listening to a sales manager in the Northeast, as it turned out, talk about AMs on an internal call and he was using a great analogy that that all borrow from him and share with you, right? And he explains, a M s is a bridge, right and cloud is let's call it the beach or the shore, right? Or we're all the benefits somebody wants to get from cloud, right? You want to get cost avoidance, their cost, effectivity or optimization? You want toe leverage? AWS breadth of services. A I m l. You want thio leverage All the different instance. Sizes and capabilities and database engines we have. You know, all those those things can help developers build business value or directly impact business value by reducing costs. But in order to get those benefits, you've got to connect that cloud environment back to your traditional idea environment, your on premises environment, your network, your access management compliance, integration for healthcare customers. PC I for, you know, credit card processors. All these different types of compliance is all required if you want to get all those business benefits and so on. Right? So he likens all the business benefits to the beach. Now, as many of your driving to the beach and hopefully Cove, it is an impacting too much of your vacation plans. You're likely to drive over a bridge. You're likely not to notice that bridge, right? It's just, you know, some infrastructure that's been put in place to get you where you're going. Maybe you have to pay a toll. You don't exactly love that part. But you certainly appreciate the benefit of getting over that bridge so you can get to what you want to dio, right? You want to enjoy that beach location? You want to enjoy your vacation Or, you know, from a business perspective, maybe you're just trying to get into the office, right? So you can collect that paycheck. And so what AM s does is help with the bridge, right? We try to take take away from the customer the burden of designing and implementing all the different AWS services, and we're gonna go deeper into that as we go through the podcast and just sort of take the sort of challenge of selecting which to use for which use case. The best practice implementation of I am managed Active directory Cloudwatch...

Cloud Trail config. The list goes on and deliver those to customers in an integrated way so they could just quickly sail across that bridge and get to the business benefit they're trying to enjoy. The summary writers were providing a secure and compliant AWS landing zone with integrated AWS services and we're going to allow customers to focus on adopting cloud at scale versus doing the undifferentiated tasks of designing and operating that landing zone and the underlying infrastructure so we can patch. You're easy to instances backup. You're easy to instances and so on. But we're really trying to take the burden of any cloud operations away from the customers. They can focus on those cloud benefits. Appreciate that. Like, that's a great description. And since 2016, I'm sure you've come in contact with a lot of different customers. A couple of examples that you could share. Yeah, absolutely. I mean, I think, you know, just just being with you guys in second watch today I mean, is I think one of our earliest projects we did together now a couple of years ago was information Builders, which is an independent software vendor. And so they've got their flagship Enterprise Analytics application. Second Watch was able to implement it in AM s within four months, and it improved their speed of migration that they've been encountered by 66% versus, you know, looking to their internal resource is to do those infrastructure task. They wanted their infrastructure resource is to be focused on application enhancements and building capabilities for their end customers. They estimated that to be about a million dollars in savings and personnel costs because they didn't have to allocate folks to the infrastructure stuff, they could focus them on the application stuff and ultimately created the information Builders cloud manage analytic solution that's powered by a. M s for on boarding their install base customers. So that was one I thought was really good. Another one that we do that we love to talk about is a public reference. So you can search for for some testimonials and white papers Is Sallie Mae. Which folks will be familiar there? The education lender in the United States And they were able to close to hosting facilities. They migrated 71 applications in seven months on Guy love these statistics, and I'll probably keep talking about him because because I think it really encompasses the outcome you get when you think about a standardized AMS operating model, right. But a 50% reduction and major incidents experience in their first year, right? We have to wait and see what the outcome is. And they saw 100% patch compliance. Of course, they're regulated entity. So they're regulators, of course, appreciating that and frankly, their own own morale, like you want to be well patched. 30% reduction and planned maintenance Windows required. It required 30% reduction and cost related in meeting savings objectives in the first year, right? So it met that objective. They have to our regional disaster recovery and plan one. It's required by the regulators to that they need to do it. And and the result of that was a 30% reduction in downtime when they were performing. These d are related drills, which is so important for the resilience, either business. Right, so, so too cool. Use cases. We've got a few more that we'll talk about, but pretty exciting. Yeah, very impressive that Sallie Mae one. Just talk about de risking. There's a great stats for that. That takes a lot off of CSOs plate at the end of the day, right, and it's it's hard, you know. I always say it's challenging as a managed service writer, right on your best day, you know, people often don't notice you're there, right, it's it's, you know, it's it's when you're having a hard day, right? So reducing those hard days. Yeah. Obviously, Amazon is famous for working backwards from what the customer needs. What are some of the biggest challenges that the AMS users have experienced in facing right now? Yeah, I'd say I mean, it goes back to what we're asking of I d I t departments right now. Right? So many of customers that we're working with have a cloud first strategy, right? I mean, board of directors air requiring the company to have a cloud strategy of some kind. Many go further and say we're going to take a cloud first strategy. We don't want to be in the data center operations business. Happy to have a DBS look after that for us. So how do you execute on that strategy when you've still got to maintain patch complies, You gotta operate your as is. You're being asked for innovation...

...operating models and you're being told to enable those you're being asked to migrate workloads to the cloud your traditional workloads so easy to compute type workloads and probably you're being asked to do that with less budget. Right? So so like, how do you maintain that what you're required to maintain yet execute on this strategy that hopefully is gonna unlock the business value of cloud as you move to it. Right? So, to me, that's the first and foremost right, and the way I explain that I'm an electrical engineer. And so So I learned about circuit design and and so a way to improve the speed of your logic. Gates, right, All the little gates that air making decisions, you know, whether it's an and gate or an or gate, ultimately culminating into a microprocessor. If you reduce the fan, the number of inputs and you reduce the fan out, the number of outputs you can improve the speed of the circuit. And so how this translates the I t is We don't want Central I t. To become that central node of processing all the things. And that's why Central it was designed because there used to be only one way. We have the data center and we have data center operations. Now we have SAS. We have experimentation with machine learning and Data analytics. Leveraging regulated data were doing innovation applications to reach more customers with engaging Web experiences, right So we've got all these different new demands from the business, and the result is we're gonna have many more operating models, and we've got to minimize the fan. We can't route everything through i t. So I t shifts into this role, at least, I believe, is a governance layer and their governing, all these different operating models that are giving the business the security compliant and risk adjusted operating models and outcomes that they need to effectively operate in the cloud. Right? And so what this means is there's this huge skills shortage, right? And so we wanna have this traditional operating model in the cloud. But our traditional operation staff might not be aware of how to do cost management in the cloud before cost management was done by finance on the data center. Now, every day the I T operations engineer wakes up, they're responsible from some cost management, right? They can find ways of saving the company money so they can reinvest that, reduce costs in tow, innovation and move the business forward. So just keeping pace. I think that's the biggest thing we see Mike and you threw me right back into engineering school digital logic. As long as we don't talk about differential equations going for, we can continue this conversation. That was gonna be my next analogy, but I'll involved past it. All right, Mike? Well, thanks for that answer. How is AMs really helping them overcome some of the bigger challenges that they see in front of them? Yeah, I think you know court to it, right. As we're accelerating these migrations, these cloud adoption journeys because we're bringing tools to the table immediately, we decided to take a very prescriptive approach, right. So through this standardization, we ask the customer series of questions and simple ones. Like what? What I p space can we use, You know, how are we going to configure the firewall? These air our requirements. We don't leave a lot of you know, how would you like to do X, y or Z to the customer? We prescribe it all, and as a result, we then deploy are already designed landing zone and go through a very well documented steps. Set of integration steps, open up the firewall, do the access management, immigration, operational process, integration, security and compliance integration and some very well documented validation that that environment has been established correctly and that they can easily deploy applications and infrastructure into that environment. So through that standardization, we can lay it out right away, and within 2 to 4 weeks the customer could be in a fully production ready operating environment. And so and then, once you're there, you deploy stuff into it. You don't have to worry about the patching in the backup in leveraging cloud tools for backup. I mean, sure you could. Customers could choose to stay with their incumbent tools that we're using in those days, the data center. But those aren't deeply integrated into the AWS service. Sweet. And so you're not gonna get us high value out of cloud If you're not adopting all those nuanced features of it that enable Scaled AWS operations and Trusted Advisor won't be getting...

...the data feeds, it needs to give the best recommendations that could give right. So the result right could be a 30% cost optimization from resource cost avoidance and a 25% operational and infrastructure savings as a result of ensuring we have all those data feeds to make those cost cost implementations. I think the other net separate advantage is security and compliance. Out of the box, this landing zone we're gonna lay down for the customer comes with at the stations. You can see them in AWS artifact today. Where? PC at a stated we've got ISO 27,000 family of standards S O. C 12 and three High trust typical appliance and all that's built into the design of our landing zone, as well as the design of our processes that we use to manage incidents, execute patching routines, change management and so on. So it's all been pre audited by third party auditors baked in, and customers could take those audit reports right to their auditors. They don't have to prepare for an audit. It's already been done right? So get that out of the box. And as a result, we're hopeful hopeful that customers were able to focus on that innovation. The beach that we talked about right getting the value out of cloud be it cost optimization Through innovation, we get that undifferentiated heavy lifting of infrastructure operations, not just infrastructure is aws natively provides off. The customers played of things to do so they actually can start progressing on that cloud first strategy that they might have. So as far as the partner landscape does it take you nose ams take the partner out of the landscape. How to engagements? Rollout? And how does that look to a customer as well? Sure, Yeah, I think you know the best way to think of a M s is more of an operation service or an operations capability like other AWS services, right? And I think, like some of the proof in that is is the fact that we're sitting here today and we found so much opportunity to partner with Second Watch. First of all, a mess is part of an operating model. We're not a complete customer operating model. We're not doing full stack manage services. We're not doing professional services when the scope of AWS manage services. So So we're frankly, partner required to deliver successfully to customers and complete their operating model. And I think, you know, Second Watch has found a lot of value in working with a m. S. You know, I think we had worked on an opportunity together where customers looking for D B A operations on top of a M SMS isn't providing TBH services and we're not operating. Say a to B s data capabilities. Think aws glue and Red shift for data Analytics. So of course, that quickly leads into machine learning. And these day and age, and so all that's going to be driven by partners. And so I think our partner strategies critical toe the success of our business and, frankly, critical to the success of our customers getting the value that they want out of cloud. We're trying to take this one layer of AWS configuration and simplify that through standardization and all the rest of that, I think is very much partner opportunity or an opportunity for customers to do it for themselves. Yeah, and I will attest. I mean, yeah, we like we like the opportunities gives a few that unnamed customers where there's, you know, it's a great launchpad if you will, or starting point for our customer, and then that helps us come in and actually add additional value. So oh, and quite often I'd assume, I mean, you know, from a second watch perspective that that's where you guys really want to deliver value right. Delivering business insights. Our customer insights back to the business, right? Is what you're going to dio above the land. Like you guys want to be providing services at the beach, right where the customers getting high value. They're enjoying their vacation to continue the analogy. You're not really, you know, perhaps interested it. And you know, manning the toll booth on the bridge? Yeah, exactly. From a customer preparedness and readiness. And they're looking at a M s. What do they have to do to standardize, if you will? Yeah, I think this is an important point, right? Because we come forward with this standardized environment and standardized tool chain for infrastructure operations, the customer has to be open Thio, you know, truly...

...letting a m s own those infrastructure operations. Right? So we're going to use cloudwatch now if the customer wants to run their own monitoring sweet. Well, let them, though we're being, you know, paid to do the monitoring for them and the remediation of issues that we detect, right? So they have to do. And, you know, we we bring our own endpoint security tooling that we've built automation around. So we've automated. You know, all of these different aws services from S S M Assess, the SM, sweet run command patch inventory and so on. We've automated our access model with a DBS managed active directory of a set of pre canned I am roles, which drive further standardization. We have tools that then manage our fleet of managed active directories, and I am rolls right so the customers to be willing to adopt our configuration of that landing zone. And often I'll be talking to customers like, is our way the best way. I think best. It's hard to assess these days. Certainly our way is a W s best practice. It's been rigorously security Reviewed. Reviewed by third party auditors are principal engineering community. Our Operations Readiness Review process, right? We've been through all this, so we have a high degree of confidence in our model. It is a way we believe it's robust. It's not necessarily better than the way of customers implemented or better than away. A partner would implement it, but we believe it's a robust way, and really the value from that standardization is coming. Anytime one customer asks for something, all customers will typically benefit from that ask right, and frankly, we're reaching into AWS service teams with the voice of our customers, suggesting we need additional enhancements to AWS backup. We're looking for additional teacher capability and SM patch right is our customers are asking for reporting either for their compliance or their operations. Best practices, right? We're trying to drive that throughout all of AWS to enable the customer toe have those more successful operations, outcomes of which were so passionate. But that Onley comes through an agreement to standardize on the ams sort of way of working. I like it, though I could tell you, you know, very salient point there, you know, from spent a lot of time in the e r P. Business early two thousands, right? And you know, what did everyone want to do is break the e r p system customizing, customizable implement a spokesman e cannot, Right, But this is this is great. It speaks to that. And then you you know, lace in the compliance standards that you have is well right. And you have again all that best of breed story is excellent, right? Not just releasing the compliance services which AWS is doing, but now we're providing the compliant process is running on top of those services. Very strong, very strong. Tell us, um, unique ways that customers were using the AMS that you wouldn't necessarily think of right off the bat. Sure. Yeah, My first one. It was second one. I mean, second watch did all the engineering around it. You took a M s and you took a to B s marketplace that had released a capability to enable SAS procurement in AWS marketplace. And it took me a bit to get my head around it, so I tried to explain it. But you can, as an independent software vendor or other entity, deploy a product out into AWS marketplace, and customers can procure SAS services within their AWS account. Nothing's deployed in the customers AWS account. Rather, a trigger is triggered into AWS marketplace, and the resource is air deployed in the SV's account. And then, you know, requisite information is provided back to the end customer toe log in as an administrator to that's now sass based instance for configuration. And so we did that with sure. Well, the I T s m software provider and you could certainly search search the internet for the case studies and stories on that. And so what? Sure well, did is they created a Bs accounts and they handed out them over Thio aws manage services to operate them. And then second watch built the services required. Thio trigger the deployment of those sas six. Those resource is into the sure Welland account. That then were customer facing right? So So it's new technology from A to B s marketplace, a new business approach, an idea from the SV. Sure.

Well, Thio vend these products to their customers And, like, you know, it was early days for those products, and it was the first time I am s had done it. So So it was cool to see second watch, step in and sort of plug in these different capabilities for pretty elegant SAS procurement solutions. So that was when I like, I don't know if you were involved in that one, Skip. Yeah, it was early days here for me when that all came together. Yeah, exciting. I looked at that and thought about the creativity and really, it's a great pitch and platform for other customers that are trying to do that kind of work. I think a great opportunity. I think something, you know. And I think through our partnership we could certainly do more of it, because once you get that play down right, it's it's it's at that point. It becomes pretty simple technology to implement. And it's really about, you know, a modern application designed with the I S V. And we think there's tremendous opportunity with, you know, more traditional ice Weise, who have typically just shipped software to pretty easily SAS. If I their products leveraging these techniques and a great opportunity for second Watch to help those sort of customers. I think one of the things that I get kind of excited about on the services that you touched on this is the best practices it's really taking in what the proven best practices that you've seen in this industry for 10 plus years and really layering that into there and making sure that the customers were following that. And I think that's just the powers is just fantastic on that, and that's the goal, right? I mean, you think of the sure well use case, right end customers of sure well, just want a leverage. The sure well product they probably in a long time. Consumers of it, they just want the business benefit of I t s m software. Now, of course, they have an expectation that that's hosted in a secure manner and a compliant fashion in a best practice fashion, right? So that they're confident their i d s M data is secure and stable, and their systems will be operationally available. Of course, I d s m systems managing I t incidents. Right. So it's it's always that situation. You can't have your i t s m. System going down when you're dealing with a night incident, right? And so ah, complicated resiliency. Problem. Perhaps. Right. But but the business value isn't coming from the i. T. Operations is coming from what software is doing, right? So how do we just take that burden of, you know that that undifferentiated, heavy listen off of the ice V and the end customer value comes from No, I think that's very true. I mean, obviously, that phrase has been used a lot the undifferentiated heavy lifting. But we do see that time and time again, when we could take that burden of any of that type of stuff away from the customer and truly allow them to focus on the value of what they're doing for their customers is so incredibly awesome. And that is the promise of cloud, right? Ultimately, indeed, indeed. Right. But if you're not implementing those best practices, you won't realize that those benefits that the promises make right and it always cost is the analogy or is the one I like to point to because it's just so easy to explain Right before finance led cost. Now that I t operations person has toe own cost every day and be impassioned about keeping costs the business low so that money could be reinvested where King create differentiation. Yeah, I know. I think those were some great benefits Any other that come to mind that you think we could share with the customers out there? Yeah, I love I mean, and we've just did to reinvent talk last year and just starting to publish the use case, and we certainly want to doom or and do some short videos. But Thompson Reuters, um and and really the use case Thompson Reuters represents is Thea am a use case, right. So, uh, definitive and Thompson Reuters split pretty major emanate transaction. And, you know, I think wisely assumed the consultants that did the M and a split is they realize splitting the I T department into didn't didn't make sense, right? And so so, you know, I had to go one way or the other. At least this is how I've assessed assessed that they speak about that in the reinvent video. And so now Thompson Reuters needs to essentially build an operations department from the ground up. And so they came to aims and said, Hey, can you help? Like, it's our intent to insource all of this, But we need a couple of years of cloud operations were under deadlines to complete the seven a transaction. Can you just help with the operations? And...

...then our intent will be to take back the environment over time. And I think that's an area of when you think about a W. S. A. M. S. As an AWS service, you realize, you know, our pricing model is such that you pay for the operational services based on the underlying infrastructure that you have, So as you take workloads out of the environment or take accounts back from a M s. You can start building those I T capabilities back in house, and then you get to keep the configurations that we've had. You just didn't take on the management and upgrade responsibility, right? So So we can provide that that bridge over use of bridge analogy today. But we can We can provide that assistance to the customer for for a shorter duration in these emanate type transactions. And if they find they wanna leave things with us because it was easier they could do that or if they want to modernize out of the environment. So today they're running on E C two and databases on top of easy to if in the future they want to adopt AWS surveillance capabilities or other more modern architecture designs, they could just modernize out. But they don't have to worry about the burden of doing the infrastructure operations in the cloud environment today. Again, freeing up their resource is to those higher value add tests. Looking forward to the future. What are you most excited about? What the service one thing I'm excited about is a recently commissioned Forrester Total Economic Impact study for a DBS Manage services, and you can find that just by searching the Internet for Forrester, a DBS Manage services and what I thought was really compelling. Forester came in and looked really hard at some of our customers data in anonymous fashion. And they will defined AMS providing an R y of 243% of what they needed to invest and then operate on a BBS manage services. So I thought that was pretty exciting. That present value of 7.7 million is what Forrester concluded and a benefits value of $10.8 million. Obviously, the devil of that is in the details, and you can find those details by googling that paper, so encourage you to download that and take a look and get really into the data of sort of the results AMS is able to provide. Yeah, we could put that link in the show notes. Yeah, I think we're going to get into more sorts of capabilities that allow us Thio either take on a little bit more responsibilities, more AWS services come out focused on operations and then also a little bit less. Write something we haven't done to date is just on landing zone. Government governance invent out customer managed accounts. Right. And this might also be a great partnership opportunity with second watch where will vent out accounts that we don't take on any scope for 100% customer responsibility. But we will manage the landing zone. Right? So you know it will be vented out with Cloud Trail configured and integrated. And Aiken see customers asking us to deploy SGPS. That would prevent the D configuration of Cloud Trail, for example. But how come we let the customer take on Maurin? These more modern use cases yet will continue to look after the landing zone, providing them their cost reporting and so on it the governance level. Right? So just more alignment to the governance layer is what I'm excited about. Yeah, that's fantastic, because then you'll continue to foster that environment of experimentation as well, right? Exactly. Like and that's something we don't do. I would say as our core use case today is, you know, managing a fleet of sandbox accounts, right? I mean, I think we're lucky at AWS. Every one of us can have a a w s owned aws sandbox account for our own learning and experimentation. Should you miss configure that account, say, deploy an instance with port 20 to open to the Internet. A To be a security is going to ticket you and they're going to take that incident very seriously, right? They're going to keep you safe, right? So I think similar models where customers were able to give their staff, you know, environments for experimentation yet oversight to prevent security incidents from occurring or when they do ah, set of helping hands to immediate the security incidents. I think if you could stay neck and neck with the end of the pace of innovation there and then restate the Sallie Mae, you know, numbers you...

...take that into consideration. I think you know, it's ah, it's Ah, hate saying win for that sandbox use case. Yeah, I think there's so much opportunity and it's funny, right? So? So what I'm excited about is opportunities to do less, if that makes sense, right? But but in a still a secure and compliant and conforming way, that's great. That's great. Well, Mike, I really want to thank you for your time today, Skip. Of course. Yours as well. Thanks blank. Now this has been a fantastic conversation audience. We look forward to hearing from you, as always, suggestions, feedback always welcome. Well, please reach out at Cloud Crunch at second watch dot com until the next episode. Have a fantastic week. You've been listening to Cloud Crunch with Ian Willoughby and Skip Very. For more information, check out the blogged. Second watch dot com slash company slash vlog or reach out to second watch on Twitter.

In-Stream Audio Search

NEW

Search across all episodes within this podcast

Episodes (33)