Information Systems Project

profilegokuseal
document_2.docx

Here is the project idea that I have chosen to go with

Look into migrating data to the cloud for a Financial Company called Sinah Financial Holdings, LLC along with building a new infrastructure for the expansion of the company.

Business Problem Statement:

Sinah Financial Holdings LLC., a thriving company has decided that the time to expand has come. With just one present location in XYZ city, growth in its industry is limited therefore the opening of branch locations in various cities has become its number one project. The firm’s current infrastructure is very small in size, only capable of supporting a small size office. The company does not currently have WAN and VPN technologies, only a local LAN through the major local ISP is in use. All backups are stored onsite with tape copies sent to a cold off site location. The databases with all financial information are stored in the local server with only one system administrator performing all major database tasks. This means for such expansion there is a need to replace or upgrade the current infrastructure to include hardware, software, and other applications. With the expansion planning, various technical problems have been identified, primary the storage and backup state for the sensitive data found within the locally managed servers and databases. Additionally security with access to such sensitive information has lacked for way too long; with this in mind more secured heighten methods are desired. Across all industries the momentum is building up to move applications to cloud computing, this is especially true for industries that retain sensitive information such as our firm. Pressure to improve efficiency, store data more securely, and cut cost has made moving an on premises infrastructure to a cloud feasible option, however the types of cloud services that are available and their characteristics (private/public/hybrid; SaaS/PaaaS) lead to unwanted disasters.

High-Level Functional Requirements:

Financial data is one of the most protected types of digital content, finding ways to store, secure and manage such in this ever changing world of computing is a challenge. Sinah Financial Holdings LLC., through a series of stakeholder meetings has identify the need to grow and significantly improve elements of its financial company through the use of current technology as well as the introduction of new solutions that comply with federal regulatory and compliance specifications. For this company’s expansion to be successful the addition of various geographically dispersed branches will require a large and fast LAN/WAN network to be accessed internally by the staff via the intranet and access from the outside by client(s) via a secure web interface. VPN capabilities for traveling and visiting staff should provide a secure connection to internal resources once authenticated. Use of virtualization for servers, work terminals, exchange services has been deemed necessary to support the company growth. All company data is expected to be migrated to a cloud service provider such as Amazon EC2 or Rackspace. Cloud computing will allow on demand self-service, example; server time, storage, and network bandwidth, access to systems regardless of user location or device, elasticity to quickly upscale or scale down, pay per user and sharing pooled resources ultimately cutting cost and increasing efficiency. All databases will be kept in separate virtual servers and backups will be conducted routinely (Weekly, Monthly; incremental/full). All database backups will be kept and stored in the Cloud under strict security measurements while mirror backups will be secured out of site in a preferred warm or hot business continuity site. Access to the network and network shares must be segmented and granted based on departmental roles or specific duties. Database access to tables and information within will be given based on individual approval, single sign on authentication via Windows is preferred to prevent account/password incidents; SSO will provide secured network and database access control and auditing capabilities the firm currently lacks.

High-Level Proposed Solution and Business Benefits: (Tangible and intangible)

The complexity of management, infrastructure and distributed data has increased much over the last few years, since cloud computing has found a significant role in business competitiveness therefore it is a must use. Gaining competitive advantage and maintaining it in the financial sector requires staying ahead of the curve. The high level proposed solution for Sinah Financial Holdings LLC., is to migrate data currently stored onsite to a cloud service provider, rebuild the network infrastructure by bringing a large ISP provider who can support multiple geographical disperse locations which will provide flexibility and scalability and integrating new applications that will allow staff and clients alike to access information from anywhere at any time via a secured method of authentication. A hybrid migration strategy is a low risk approach to migration of application to the cloud, instead of moving all data at once parts can be moved based on preference and prioritization, this reduces the risk of unexpected behavior during and after migration and it’s ideal for systems that involve sensitive information. With cloud computing there is no need to purchase new hardware and no need to hold on to unused hardware, infrastructure changes can be requested in minutes. This solution should be easy for project management and the IT department to grasp and introduce. The propose solution, cloud and virtualization makes disaster recovery implementation simpler than traditional solutions. The entire process can be automated, failing over to the cloud, recovering from a system failure (natural disaster/human error) can be done quickly and effectively. Other benefits include availability across different geographic locations, improved performance, among a few which ultimately result in overall cost saving.

Special Issues or Constraints:

Investing in cloud computing is one of the popular technologies in various sectors that give companies competitive advantage. However the complexity of cloud computing in diverse locations does come with challenges and cost for organizations consequently, it is important to understand that with any migration or network change there will be resistance. As a financial holdings company specific IT security policies and security requirements must be met, figuring out what is the overall risk tolerance, identifying concerns (confidentiality, integrity, availability, and durability), regulatory obligations, security threats, intellectual property and internal organizational issues need to be address to increase the comfort level with using shared infrastructure services.

U.S. banking industry has several regulatory bodies; Federal Reserve Board, Federal Deposit Insurance Corporation, National Credit Union, Administration, Office of the Comptroller of the Currency and Consumer Financial Protection Bureau. The primary privacy regulations affecting U.S. financial services are contained in the Gramm-Leach-Bliley Act (GLB) which originate in response to concerns about banks sharing detailed account-holder information with third parties for marketing or cross-selling purposes. Cloud computing in the financial industry is considered a form of outsourcing which requires special areas for attention by regulated entities;

*Data sharing is not permitted without explicit agreement from customers.

* Due diligence- cloud migrating does not excuse entities from due diligence around data management. Classification, segregation and recoverability should be followed.

* Audit, cloud services must have transparency and allow regulators the ability to audit.

Being considered a third party and in order to protect information, firms must implement a comprehensive security plan to include employee training, background checks and restrictions to data access to employees with need to know is mandated. Other special constrains include frequently changed passwords, remote access restriction, encryption, security patching, firewalls, IDS/IPS, antivirus deployment, and deactivation of departing personnel accounts.