Key Assignment Outline

Table of Contents Outline 3 Cloud Providers and Cost Saving Analysis 4 SaaS and IDaaS Plan 9 SOA and PaaS for Supply Chain 12 IaaS Provider Analysis 14 Security, Risk Management and Governance 15 References 16

XYZ Firm is looking for a new computing solution for their General Office functions. These include collaboration tools, email, MS Office suite, printing capabilities and individual desktop setup for employees. The company is looking to lower costs and add new services to the business that provides added value. For the next 5 weeks I will be building a methodology that defines the new approach for using cloud services.

Week 1 – A bevy of Cloud Service providers will be analyzed and chosen for the new Cloud system.

Week 2 – Service as a Solution (SaaS) and Identity as a Service (IDaaS) will be considered as well as which company would be a preferred vendor.

Week 3 – Platform as a Service (PaaS) will be discussed as a potential candidate for the new system as well as SOA and Infrastructure as a Service (IaaS).

Week 4 – Analysis of IaaS vendors with specialization in Virtualization, scaling and storage and clustering.

Week 5 – Discusses Security, Risk Management and Governance

At the end of the 5 weeks XYZ Firm will have a final proposal for the new Cloud Service and which system/vendor has been chosen as well as associated costs.

Cloud computing refers to the delivery of goods and services via the Internet. This includes delivering software on demand, storing/backup and recovery of data, creation of applications or services, hosting websites, streaming video/audio and even analyzing data for specific patterns to predict future outcomes. These services help businesses become more efficient and in most cases at a lower cost than original computing. For the next 5 weeks I will be analyzing Amazon Web Services (AWS) and Microsoft Azure as potential Cloud computing options for XYZ Firm.

AWS

Amazon Web Services (AWS) provides cloud service solutions both by Application (individual services designed for specific needs) and Industry (services for the company as a whole). Solutions by Application include websites, DevOps, Backup & Restore, Archiving, Data Lakes and Analytics, Serverless Computing, Business Applications, Internet of Things, High performance Computing, Blockchain, Scientific Computing, Mobile Services, E-Commerce, Hybrid Cloud Architectures and Content Delivery (Amazon Web Services, 2018). Solutions by Industry include Financial, Digital Marketing, Media and Entertainment, Enterprise Applications, Gaming, Healthcare & Life Sciences, Education, Nonprofit, Government, Oil & Gas, Retail, Automotive, Manufacturing and Power & Utilities (Amazon Web Services, 2018).

Choosing Amazon Web Services (AWS) provides clients with some of following features;

Security – Third-party auditors, attestations and certifications enables Amazon Web Services (AWS) to have the following accreditations: SOC 1/ISAE 3402, SOC 2, SOC 3, PCI DSS Level 1, ISO 27001, IRAP, FIPS 140-2, MPAA, HIPAA, FedRAMP (SM), DoD CSM Levels 1-2, 3-5, DIACAP and FISMA, MTCS Tier 3 Certification, ITAR, CSA and ISO 9001. Clients also have the ability to manage users and groups, set permissions levels, integrate current management systems and have dedicated, hardware-based key management (Amazon Web Services, 2018).

Global Infrastructure – Applications can be deployed close to consumers on a global level while maintaining data locally. This provides low-latency, better reliability and faster delivery or higher performance (Amazon Web Services, 2018).

Compute – Servers are virtual and easy to scale making it easier to use for developers and system admin. A physical server may take 5 minutes to boot up where virtual servers take up to a few seconds.

Flexible Pricing – You only pay for the services you use with no upfront costs which can mean up to 75% discount from On-Demand instance pricing. You also have the option to switch between pricing plans and add or remove services where necessary. You are not locked into a standard price.

Scalable – You are no longer restricted to a physical server capacity. Freedom to access 100,000s of cores when needed.

They also provide Content Distribution, Database options, Application Services, Management Tools, developer tools, Support, Big Data and an Ecosystem with is a catalog for software solutions.

Microsoft Azure

Like Amazon Web Services (AWS), Microsoft Azure provides both Application and Industry solutions. Solutions by Application include Internet of Things, Artificial Intelligence, E-Commerce, LOB applications, SharePoint on Azure, Dynamics on Azure, Hybrid Cloud Applications, Mobile, Big data and analytics, SAP on Azure, Red hat on Azure, Monitoring, DevOps, Business intelligence, modern data warehouse, development and test, business SaaS apps, high performance computing, backup and archive, disaster recovery, digital marketing, blockchain, digital media, microservice applications, serverless computing and gaming (Microsoft, 2018). Industry solutions include Government, Financial, Retail, Manufacturing, Health and life Sciences and Gaming.

Choosing Azure provides clients with some of the following features;

· Security – Security, privacy and compliance are embedded into the development methodology for better protection.

· Reduce risk and complexity – Hybrid approach to cloud that optimizes existing assets.

· Global expansion – 54 Azure regions to take your company globally

· Faster development of cloud platforms

· Universal development tools and languages

· Advanced analytical solutions

· Ready to use IoT (Internet of Things)

· Better Cost management

· Utilizes Microsoft Cloud

Both AWS and Azure have similar features however AWS doesn’t have as large of an AI option as Azure and Azure is not as globally scalable as AWS.

The following reports show the cost of a Colocation environment vs Cloud environment

AWS (Amazon Web Services, 2018)

Azure (Microsoft, 2018)

As-a-Service

(Partially Repurposed from Unit 2 Discussion Board)

            There are several As-a-Service categories when it comes to cloud computing. XYZ Firm will be looking specifically at Service as a Solution (SaaS) and Identity as a Solution (IDaaS) as their primary cloud computing options.

Service as a Solution (SaaS):

Service as a Solution works with third-party providers where they host various applications and make them available to clients over the world wide web (Rouse, 2010-2018). SaaS provides flexible payments (pay-as-you-go), scalable usage (access more services on-demand), auto updates (vendor performs updates) and accessibility (access anywhere with wifi or internet connection) (TechTarget, 2010-2018).

Disadvantages include potential service disruptions, changes to service availability and outside security breaches from vendor side of management. ORACLE and SAP are both rated among the top 10 SaaS providers. They provide marketing, financials, human resources, sales, procurement, customer service and supply chain features.

Migrating to an SaaS environment can be fairly simple but there are a few things you must complete prior to migrating. A business should make sure that the existing infrastructure meets the requirements of the new SaaS application services and that actual business process are very clearly defined (TechTarget, 2006-2018). Knowing what you want out of the SaaS, considering real costs and do the SaaS vendors provide solid SLAs are factors to consider. There are two primary types of software implementation models; on-premises and hosted.

Once you have decided on either of the two you can proceed to migration. Aims and objectives must be re-confirmed, a suitable team must be built for implementations (software admin, user group committee and software developer), timelines must be clear and then configuration of the SaaS solution to be compatible with the business’s needs (TechTarget, 2006/2018). Once migration is complete you must also adopt data security practices and a solid support structure for proper maintenance and compliance.

Identity as a Solution (IDaaS):

Identity as a Solution is authentication operated by a third-party vendor through the cloud (Okta, 2018). Using this service allows for lower costs, improved cybersecurity, faster logins and less password resets for the users. Clients can sign in using wifi or direct connections to the network.  Disadvantages of an IDaaS include greater exposure to internet without a firewall, lack of regulatory compliance and higher security risks with third-party personnel (Bedell, 2011-2018).

Ping Identity and Centrify are both IDaaS providers with SaaS integration capabilities. Centrify is compatible with Active Directory (AD), has multi-factor authentication (MFA) capabilities, incorporates mobile device management (MDM) and offers secure access via SSO (Edwards, 2012-2018). Ping Identity allows for a single dashboard to manage user access, is multi-tenant, and uses single sign-on from any device (Edwards, 2012-2018).

SaaS and IDaaS models come with their own sets of security issues as discussed in each of their disadvantages above. Risk mitigation can be broken down into five steps to ensure proper security features.

· Step One: Thoroughly vet potential vendors and understanding their security history, reference, security vulnerabilities and include proactive security practices within the contract.

· Step two: Include a Single Sign-on (SSO) solution to add additional security. The SSO not only reduces the number of admins and users but also reduces the number of possible security weaknesses (Chu, 01/20/2015).

· Step three: Utilize third-party vendors for auditing purposes which boosts your security.

· Step four: The addition of end-to-end encryption keeps data from being breached.

· Step Five: Update in-house software. Businesses that use outdated software or that which cannot be updated regularly run the risk of data breaches and security threats.

Not only will these five steps help manage risks but also save costs in the long run.

Platform as a Service (PaaS) is used primarily for software development. Third-party vendors provide hardware and software tools for businesses to use through the internet (Rouse, 2010-2018). Clients are not limited to installing in-house hardware or software in-house which cuts the cost of the project down considerably. What’s great about Platform as a Service is the simplicity and convenience for clients and costs are on a per-use basis. Some companies may charge a flat monthly fee for services however in most cases it’s pay-as-you-go. Downside of PaaS models include service availability and security.

XYZ Firm is considering Platform as a Service (PaaS) models as opposed to Service as a Solution (SaaS) and Identity as a Service (IDaaS). Oracle Cloud PaaS, Microsoft Azure and Amazon AWS are the three candidates for consideration. Amazon AWS provides a multitude of services and features for a growing business. They have standalone services (singular or intertwined with other services), simple storage, simple email service, Elastic Block Store, Elastic Compute Cloud, Identity and Access Management, Route 53 and API-based services (Stackify, August 21, 2017). You can pay on-demand or based on usage depending on services/features chosen. You may even have the option of free services as well.

Microsoft Azure offers three dozen data center regions allowing for better accessibility. They have readily available components like directory services, workflow, search and security features that reduce coding time (Stackify, August 21, 2017). Some of their key features include access to Azure products (70 different offerings), easier collaboration with teams around the world and supports various platforms like browser, desktop and mobile (Stackify, August 21, 2017). Costs for this service is pay-as-you-go ranging from a free option to their premium option with is upwards of $2.40 per hour per site (Stackify, August 21, 2017).

Oracle Cloud allows you to develop, deploy and test new/existing applications over the internet (Stackify, August 21, 2017). They have several features including creation/deployment of applications, Access to Oracle Services (MySQL, Mobile Cloud, Java Cloud, Node Cloud, Application Builder Cloud and etc.), DevOps ready, supports various application frameworks, libraries and languages (Java EE, JRuby, Jve SE, Node.js, Python and etc.) and is a managed platform which reduces security risks and costs of ownership (Stackify, August 21, 2017). Oracle Cloud has a monthly cost in four tiers; Standard ($400/month), Enterprise Edition ($1500/month), Enterprise Edition High Performance ($2000/month) and Enterprise Edition Extreme Performance ($3000/month).

XYZ Firm would benefit from Amazon AWS as their choice of PaaS provider mainly because of the additional services offered (Service as a Solution, Identity as a Solution, etc.) and their pay-as-you-go features. The business could use multiple services from the same provider while making transitions much easier and more effective.