Capstone Draft 2

· Resources

One of the resources needed for cloud-based is the anti-virus program that will be needed to ensure the security of the user’s devices. There are several products out there that help protect but one of the most secure is McAfee. It will not allow a user to do any kind of work without doing ID check, which can be with a token or an encrypted password. The reliability is very important when it comes to keep out vulnerabilities. Another resource that is needed is the type of firewall that will be needed to protect the network from incoming and outgoing traffic. There will be two different firewalls that will be used Next-Gen Firewall and Application-level Gateways, these will protect the data and the user’s.

Proposal Description

Using cloud-based products versus using servers and purchasing software with licenses. It has been said that using servers and purchasing software with licenses is more secure and more reliable. That is not always the case, servers go down all the time and back is hard to get without a lot of data transferring. Servers are very expensive; the products must be updated often which cost the company a lot of money. The purchasing of software can be very expensive especially when you are getting the licenses for every user. The company needs to spend money on hiring specific employees to be able to manage servers and the data that it holds to manage it daily. Using cloud-based will allow the company to be able to spend money on a monthly yearly basis without breaking the bank. One positive note for using cloud-based products is that is you need more space you just call the cloud company you are using telling them you need more space and they flip the switch giving you more space.

The cost of buying a server or managing it can cost as low as $75k and continues to grow the more the company grows. When using a cloud-based server it can cost as little as .5 cents per hour, making it $12 a day, $4380 per year. This is an easier to come up with yearly then to come out of pocket $75k.

Overview of Solution

The first part of the cloud adoption plan is the assessment process. During this stage will be an evaluation of the business value, benefits, and feasibility of implementing the cloud solution. Understanding this early enough will ensure that the solution deployed is perfectly aligned with the organization and that the necessary objectives of the business are covered. There are also cloud vendors that provide cloud partnerships which can be leveraged to provide add-on services like improved after-sale technical support, discounts and so forth (Gholami, Daneshgar, Low, & Beydoun, 2016). The stage should ensure that the pros and cons have been definitively evaluated.

Preparing a cloud strategy is the next step in the adoption process. The strategy needs to be customized to the needs of the organization. The existing solution will then be leveraged with platform as a service (PaaS), infrastructure as a service (IaaS) and software as a service (SaaS) solutions that will be adopted. The appropriate architecture is also decided upon at this stage. The applications that will be used in the cloud are decided at this point in time with the best options being stand-alone solutions that will ensure any potential disruption is limited to that single application. Other factors to consider include their capacity for productivity, agility, and efficiency. At this point, the organization must decide on whether to adopt a public, private or hybrid cloud solution. The service level agreement (SLA) entered with the cloud vendor will provide guarantees from them on the quality of service as well as the terms of policy and governance (Rountree, & Castrillo, 2013).

The implementation stage of the process will include such tasks as the standards to be adopted i.e. OpenStack adaptability and portability standards. There will also be the methodologies for migration of applications that will be adopted at this stage. The architectures selected will be used to develop these strategies including scripts and use cases. The appropriate servers are also taken into account (Gholami, et al, 2016)

Optimization is a stage that will lead to more streamlined business processes and licensing regimes that should lead to efficiency and increased value to the organization. With organizational efficiency, the company will be better positioned to offer better services to their customers. Other optimization strategies include evaluations conducted after deployment to determine and rectify problem areas and conducting skills assessments (Rountree, & Castrillo, 2013).

Methodology and Tools for Developing the Solution

As a first time development, there are the possibilities that there might arise various issues. If a major issue occurs during the process, it has the potential of disrupting the operations of the company in a major way. To avoid such a situation, the team will be choosing stand-alone applications and adopting the agile development framework.

The agile development framework is a project management methodology that divides tasks among different development groups. Each of them implements their requirements independent of the others. Characteristics of agile projects include empowered team leaders, clearly defined roles in teams, sparse documentation and the emphasis on testing a product before releasing it. It is a project option that should work in the development of the cloud solution and it can be done while the existing solution is still in place (Kerzner, 2013). This will avoid potential disruptions that could affect the normal operations.

Requirements and Gap Analysis of the Solution

There will be expectations of the cloud solution that will need to be met to consider it a success. Functional requirements will be those that ensure that certain technical milestones are met by the cloud solution. There will be three main levels of the cloud with the rise of each level representing the need for less technical expertise necessary to implement it. The lowest level will be the most complex and will include the compute and manage resources. The compute resources include the memory, the CPU and the disk which are required to power the applications that will be deployed. It needs to be capable of handling the load that will place on it. The manage resources include software provisioning and virtual machine management which are needed to provide server platforms and monitor the resource requirements of the application. The next levels are the development and deployment environments that are used for the development and deployment of applications. The applications themselves occupy the highest level where they can be easily accessed by users (Rountree, & Castrillo, 2013).

The performance requirements will include the capacity to serve users by ensuring the resources are always available to them. There will be the mobile users who will access the cloud resources through different WLANs, LANs and internet connections. They will be accessing the cloud through different devices like smartphones, tablets, laptops and desktop PCs. The cloud needs to be capable of meeting their requirements. Security requirements will be the cloud's capability of ensuring the confidentiality, integrity, and availability of the data that will be passing through it (Hathaway, 2014).

The gap in the current solution is that it can deliver applications to users outside the immediate network in a reliable manner. When it happens it usually slow and incomplete. The cloud will be capable of serving remote users anywhere they are so long as they have access to a reliable internet connection and an enabled device. Same way, the current solution does not have the requisite security solutions that can prevent attacks from the internet. With the cloud providing a greater exposure on the internet, it will also provide the necessary solutions to protect against viruses, ransomware, and distributed denial of service (DDoS) attacks and many more threats (Hathaway, 2014).

Compliance Requirements

There are many compliance requirements that need to be adhered to when adopting a cloud solution. These include Payment Card Industry Data Security Standard (PCI DSS) for financial transactions, the Federal Security Information Management Act (FISMA) and the FTC Act from the federal government as well many more from both the federal and state governments. These are necessary compliance requirements given the sensitivity of data being handled that could belong to third parties like customers (Rountree, & Castrillo, 2013). The cloud user and the cloud vendor have a part to play in adhering to these requirements and most choose to collaborate in ensuring that the various requirements have been adhered to.

References

Gholami, M. F., Daneshgar, F., Low, G., & Beydoun, G. (2016). Cloud migration process—a survey, evaluation framework, and open challenges. Journal of Systems and Software, 120, 31-69.

Hathaway, M. (Ed.). (2014). Best Practices in Computer Network Defense: Incident Detection and Response (Vol. 35). IOS Press.

Kerzner, H. R. (2013). Project management: a systems approach to planning, scheduling, and controlling. John Wiley & Sons.

Rountree, D., & Castrillo, I. (2013). The basics of cloud computing: Understanding the fundamentals of cloud computing in theory and practice. Burlington: Elsevier Science.