Security Management and Migration Report: Regional Gardens Ltd.
VerifiedAdded on  2021/06/16
|31
|6909
|100
Report
AI Summary
This report presents a strategic proposal for Regional Gardens Ltd., focusing on improving its ICT infrastructure through a cloud-based solution. It evaluates various cloud computing architectures, with a recommendation for a hybrid cloud approach. The report details the chosen architecture, including its benefits and potential issues. It also includes a comprehensive risk assessment, an information security assessment, and proposed changes to the Business Continuity Plan (BCP). Furthermore, the report outlines a SharePoint migration plan, addressing critical points and potential issues. The architecture leverages microservices and considers AWS’s hybrid capabilities. The report discusses various deployment considerations like optimization, augmentation, and migration to the cloud, alongside the strengths and weaknesses of public cloud. The report also addresses security concerns and integration challenges associated with hybrid cloud environments, ensuring a secure and efficient cloud migration. The report recommends the utilization of Deep Security quick start template from AWS Marketplace for data security and managing hybrid cloud performance.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Security Management and Migration
Assignment-4
Name:
Register Number:
Assignment-4
Name:
Register Number:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Contents
1. Introduction............................................................................................................................................................ 1
2. Required Cloud Architecture................................................................................................................................... 1
2.1 Description of Architectures and Reason for Deploying.......................................................................................1
2.2 Benefits and Issues related to Deployment...........................................................................................................7
3. Risk Assessment...................................................................................................................................................... 9
4. Information Security Assessment........................................................................................................................... 15
5. Changes to BCP..................................................................................................................................................... 15
6. Hybrid Cloud Administration and SLA Management............................................................................................17
7. SharePoint Migration Planning.............................................................................................................................19
7.1 Migration Plan.................................................................................................................................................. 19
7.2 Migration Plan’s Critical Points and Issues.......................................................................................................22
8. Conclusion............................................................................................................................................................. 23
References...................................................................................................................................................................... 24
1. Introduction............................................................................................................................................................ 1
2. Required Cloud Architecture................................................................................................................................... 1
2.1 Description of Architectures and Reason for Deploying.......................................................................................1
2.2 Benefits and Issues related to Deployment...........................................................................................................7
3. Risk Assessment...................................................................................................................................................... 9
4. Information Security Assessment........................................................................................................................... 15
5. Changes to BCP..................................................................................................................................................... 15
6. Hybrid Cloud Administration and SLA Management............................................................................................17
7. SharePoint Migration Planning.............................................................................................................................19
7.1 Migration Plan.................................................................................................................................................. 19
7.2 Migration Plan’s Critical Points and Issues.......................................................................................................22
8. Conclusion............................................................................................................................................................. 23
References...................................................................................................................................................................... 24
1. Introduction
The Company named Regional Gardens Ltd., is considered in this report for which a
strategic proposal is required to meet the business requirement. It is a company which runs
various gardening enterprises. It wishes to improve its current ICT infrastructure, with respect to
data storage, monitoring, data flexibility and responsiveness. It looks forward to have a new
manageable cloud based infrastructure.
The objective of this report is to provide a specific cloud computing architecture for
meeting the business needs, where various cloud computing architectures will be compared and
evaluated. The ICT risk management for the cloud computing delivery plan will be represented.
The Information Security assessment will be carried out. Migration plan, its critical points and
issues will be discussed.
2. Required Cloud Architecture
The cloud computing environment helps the grid computing to provide physical and
virtual servers for running the grid applications, which carry out various small tasks (Rouse,
2018). The cloud computing requires management like, changing requests, provisioning,
reimaging, deprovisioning, monitoring and rebalancing of workload. The cloud computing
system is divided into front-end and back-end, which are connected with the help of a network
i.e., internet. There is a central server which administers the system, by managing tasking like,
demands of the clients and traffic monitoring and ensuring everything works smoothly (Sareen,
2013).
For assisting the Regional Gardens for meeting the Board’s strategy, I would employ
Hybrid Cloud Architecture.
2.1 Description of Architectures and Reason for Deploying
For a cloud based solution, the Cloud Computing Architecture is used which contains on
premise and cloud resources. It ensures to facilitate communication between the stakeholders,
and related to high-level design early decisions are documented and can help to reuse the
components of the design ("Cloud Computing Architecture", 2010).
Today, all the organizations are adopting Hybrid cloud architecture for maintaining
control on the privately managed internal cloud, while depending on the public cloud as required
(Waite, 2017).
1
The Company named Regional Gardens Ltd., is considered in this report for which a
strategic proposal is required to meet the business requirement. It is a company which runs
various gardening enterprises. It wishes to improve its current ICT infrastructure, with respect to
data storage, monitoring, data flexibility and responsiveness. It looks forward to have a new
manageable cloud based infrastructure.
The objective of this report is to provide a specific cloud computing architecture for
meeting the business needs, where various cloud computing architectures will be compared and
evaluated. The ICT risk management for the cloud computing delivery plan will be represented.
The Information Security assessment will be carried out. Migration plan, its critical points and
issues will be discussed.
2. Required Cloud Architecture
The cloud computing environment helps the grid computing to provide physical and
virtual servers for running the grid applications, which carry out various small tasks (Rouse,
2018). The cloud computing requires management like, changing requests, provisioning,
reimaging, deprovisioning, monitoring and rebalancing of workload. The cloud computing
system is divided into front-end and back-end, which are connected with the help of a network
i.e., internet. There is a central server which administers the system, by managing tasking like,
demands of the clients and traffic monitoring and ensuring everything works smoothly (Sareen,
2013).
For assisting the Regional Gardens for meeting the Board’s strategy, I would employ
Hybrid Cloud Architecture.
2.1 Description of Architectures and Reason for Deploying
For a cloud based solution, the Cloud Computing Architecture is used which contains on
premise and cloud resources. It ensures to facilitate communication between the stakeholders,
and related to high-level design early decisions are documented and can help to reuse the
components of the design ("Cloud Computing Architecture", 2010).
Today, all the organizations are adopting Hybrid cloud architecture for maintaining
control on the privately managed internal cloud, while depending on the public cloud as required
(Waite, 2017).
1
The microservices ensures that the applications become highly resilient, agile and
scalable (Ajluni, 2016).
The Hybrid cloud architecture shares both the private and public cloud’s resources. This
architecture is an integration of on-premises resources with cloud resources, as shown in the
below figure.
Figure: Hybrid Cloud Topology ("Hybrid Cloud", 2018)
2
scalable (Ajluni, 2016).
The Hybrid cloud architecture shares both the private and public cloud’s resources. This
architecture is an integration of on-premises resources with cloud resources, as shown in the
below figure.
Figure: Hybrid Cloud Topology ("Hybrid Cloud", 2018)
2
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Figure: Colocation strategy of Hybrid cloud ("Why a Hybrid Cloud/Colocation Strategy Is Here
to Stay", 2017)
Many organizations who have on-premises technology investments, must operate in a
hybrid architecture. This is important for adopting the cloud. However, the migrating legacy IT
systems takes time. Thus, it is important to choose a trusted cloud provider, for implementing a
thoughtful hybrid strategy with less investment on new on-premises hardware and software
(Saran, 2018). This helps to simplify the operations and ensures to easily achieve the goals of the
business. When it comes to AWS’s close working relation with the enterprises, it has developed
the industry’s broadest set of hybrid capabilities in terms of storage, networking, security,
application deployment, and management tools, for easy integration with the cloud ("Hybrid
Cloud Architectures", 2018). This acts as a seamless and secure extension the present
investments.
3
to Stay", 2017)
Many organizations who have on-premises technology investments, must operate in a
hybrid architecture. This is important for adopting the cloud. However, the migrating legacy IT
systems takes time. Thus, it is important to choose a trusted cloud provider, for implementing a
thoughtful hybrid strategy with less investment on new on-premises hardware and software
(Saran, 2018). This helps to simplify the operations and ensures to easily achieve the goals of the
business. When it comes to AWS’s close working relation with the enterprises, it has developed
the industry’s broadest set of hybrid capabilities in terms of storage, networking, security,
application deployment, and management tools, for easy integration with the cloud ("Hybrid
Cloud Architectures", 2018). This acts as a seamless and secure extension the present
investments.
3
Figure: Hybrid Cloud Architectures (Gracely, Finos & Floyer, 2015)
5 main considerations considered for the IT organizations while evaluating organization’s
future application are presented below (Gracely, Finos & Floyer, 2015):
a) Do Nothing: Certain applications are industry-specific or are delivered on a hardware
appliance, which don’t make sense to change, because of software licensing, or have no
idea how it is supported by the application.
b) Optimization: According to the perspective of software, most of the existing applications
won’t be changed, but the IT organizations surely will try to optimize the environment
around the applications.
c) Augmentation: According to the market evolution related to, IoT technologies, Big Data
and Mobile various firms are in search of methods for augmenting their Systems to
record with the new applications which just are designed keeping the engagement models
of new customer in mind. Thus, it is one of the reason that the companies are actively
4
5 main considerations considered for the IT organizations while evaluating organization’s
future application are presented below (Gracely, Finos & Floyer, 2015):
a) Do Nothing: Certain applications are industry-specific or are delivered on a hardware
appliance, which don’t make sense to change, because of software licensing, or have no
idea how it is supported by the application.
b) Optimization: According to the perspective of software, most of the existing applications
won’t be changed, but the IT organizations surely will try to optimize the environment
around the applications.
c) Augmentation: According to the market evolution related to, IoT technologies, Big Data
and Mobile various firms are in search of methods for augmenting their Systems to
record with the new applications which just are designed keeping the engagement models
of new customer in mind. Thus, it is one of the reason that the companies are actively
4
researching on the Cloud Native applications. Most of the firms are employing the in-
house developers for building such applications, because these applications can bring
new change for the business. Moreover, augmentation is a section where the companies
create integrations between SaaS applications and their in-house Systems of Record, to
gain the opportunities for effectively aligning the application development team and the
operations team.
d) Migrate to Cloud: Despite the IT leaders understanding on the importance of Cloud
Computing, still evaluation exists on whether it makes sense to migrate the applications
to a Private Cloud or a Public Cloud. On the other hand, with the growth of Public Cloud,
most of the IT organizations are still evolving their Cloud Computing skills. For a Private
Cloud, the migrating applications permits the IT organizations to maintain the present
performance including the characteristics of security, during local access to the
application data. However, it is proved that such migrations are highly cost effective. The
Private Cloud projects concentrate to deliver automated infrastructure and services which
imitates what could be taken from the Public Clouds like, AWS or Azure.
Figure: Public Cloud’s Strengths and Weaknesses
e) Replacing: Since 15 years, the companies utilize technology for increasing their business
and productivity of employees. But, as time passes the technologies loses its effectiveness
for the business. This increases the company’s interest to replace their previous
5
house developers for building such applications, because these applications can bring
new change for the business. Moreover, augmentation is a section where the companies
create integrations between SaaS applications and their in-house Systems of Record, to
gain the opportunities for effectively aligning the application development team and the
operations team.
d) Migrate to Cloud: Despite the IT leaders understanding on the importance of Cloud
Computing, still evaluation exists on whether it makes sense to migrate the applications
to a Private Cloud or a Public Cloud. On the other hand, with the growth of Public Cloud,
most of the IT organizations are still evolving their Cloud Computing skills. For a Private
Cloud, the migrating applications permits the IT organizations to maintain the present
performance including the characteristics of security, during local access to the
application data. However, it is proved that such migrations are highly cost effective. The
Private Cloud projects concentrate to deliver automated infrastructure and services which
imitates what could be taken from the Public Clouds like, AWS or Azure.
Figure: Public Cloud’s Strengths and Weaknesses
e) Replacing: Since 15 years, the companies utilize technology for increasing their business
and productivity of employees. But, as time passes the technologies loses its effectiveness
for the business. This increases the company’s interest to replace their previous
5
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
investment with SaaS equivalents. The applications relate to the following functions and
processes like, Email, Collaboration, call-center management, Human Resources and,
Sales and Marketing.
The last consideration decides the application’s future portability, for most of the IT architects.
Figure: Hybrid Cloud bridge ("Practical Guide to Hybrid Cloud Computing", 2016)
6
processes like, Email, Collaboration, call-center management, Human Resources and,
Sales and Marketing.
The last consideration decides the application’s future portability, for most of the IT architects.
Figure: Hybrid Cloud bridge ("Practical Guide to Hybrid Cloud Computing", 2016)
6
Figure: AWS Topology
The utilization of Deep Security quick start template from AWS Marketplace can work as an
effective solution component for data security. The other solution components could be as listed
below:
1. For high availability and scalability, deployment of a setup of multi-node with co-located
Deep Security Relays.
2. AWS RDS can be used for storing Deep Security data.
3. It is optional to utilize two Deep Security Relay Groups to keep the update of local traffic
for every single site like, one Relay Group for Azure workloads and one Relay Group for
On-Premises workloads.
4. For importing virtual machines in to the Deep Security utilize Deep Security cloud
connector for AWS. Additionally, it supports with continuous discovery.
7
The utilization of Deep Security quick start template from AWS Marketplace can work as an
effective solution component for data security. The other solution components could be as listed
below:
1. For high availability and scalability, deployment of a setup of multi-node with co-located
Deep Security Relays.
2. AWS RDS can be used for storing Deep Security data.
3. It is optional to utilize two Deep Security Relay Groups to keep the update of local traffic
for every single site like, one Relay Group for Azure workloads and one Relay Group for
On-Premises workloads.
4. For importing virtual machines in to the Deep Security utilize Deep Security cloud
connector for AWS. Additionally, it supports with continuous discovery.
7
The network connectivity is as follows ("CloudOps: 6 best ways to manage hybrid cloud
performance", 2018):
a) Use Deep Security Manager nodes with Public DNS to make them accessible over the
internet.
b) For Manager and agent communication, utilize Agent Initiated communication mode.
c) Network access is not needed from AWS to On-premises.
d) Allow Deep Security Manager, Deep Security Relays and Deep Security Agents internet
access for software and security updates.
e) For necessary flow of communication between the components, utilize the rules of VPC
Security Group.
For effective flexibility in deployment for Hybrid cloud, the Deep Security 10 supports
with hybrid policy management and auto-scaling. The Deep Security is mainly designed for
supporting traditional IT security model and advanced DevSecOps.
The company will be benefited by the help cloud migration support provider, in making
smooth transition when adopting a hybrid cloud environment (Long, 2018).
2.2 Benefits and Issues related to Deployment
The benefits of the deployment of the Hybrid cloud architecture includes ("7 benefits of a
Hybrid Cloud solution", 2018) (Tracy, 2016):
1) It ensures to have business continuity, in the business operations. Business
continuity not just related to back up of data or a recovery plan instead it a
capacity of the business to continue its business even while a failure ("TDWI
Checklist Report: Data Management Best Practices for Cloud and Hybrid
Architectures", 2018).
2) Increased speed for marketing.
3) Scalability
4) Provides direct accessibility of data.
5) Secure systems (Perez, 2018).
6) More opportunity for innovation
7) It improves the connectivity.
8
performance", 2018):
a) Use Deep Security Manager nodes with Public DNS to make them accessible over the
internet.
b) For Manager and agent communication, utilize Agent Initiated communication mode.
c) Network access is not needed from AWS to On-premises.
d) Allow Deep Security Manager, Deep Security Relays and Deep Security Agents internet
access for software and security updates.
e) For necessary flow of communication between the components, utilize the rules of VPC
Security Group.
For effective flexibility in deployment for Hybrid cloud, the Deep Security 10 supports
with hybrid policy management and auto-scaling. The Deep Security is mainly designed for
supporting traditional IT security model and advanced DevSecOps.
The company will be benefited by the help cloud migration support provider, in making
smooth transition when adopting a hybrid cloud environment (Long, 2018).
2.2 Benefits and Issues related to Deployment
The benefits of the deployment of the Hybrid cloud architecture includes ("7 benefits of a
Hybrid Cloud solution", 2018) (Tracy, 2016):
1) It ensures to have business continuity, in the business operations. Business
continuity not just related to back up of data or a recovery plan instead it a
capacity of the business to continue its business even while a failure ("TDWI
Checklist Report: Data Management Best Practices for Cloud and Hybrid
Architectures", 2018).
2) Increased speed for marketing.
3) Scalability
4) Provides direct accessibility of data.
5) Secure systems (Perez, 2018).
6) More opportunity for innovation
7) It improves the connectivity.
8
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
8) It ensures risk management.
9) It provided network optimization.
10) Enables expansion of capacity.
The issues related to the deployment of the Hybrid cloud architecture includes (Tracy,
2016) (Tran, 2018):
1) Cost
Building a private cloud for the enterprise costs more when compared to the public cloud.
High usage of the public cloud resources could increase unexpectedly bills of high
charges which might not be part of the plan. Thus, it is necessary to outline a specific
budget for the hybrid cloud project.
2) Security
Cloud computing can surely face some attacks. It requires proper precautions to secure
the data correctly and must ensure that it is controlled and maintained by an appropriate
person (De Laine, 2017).
3) Data and application integration
There is symbolic relationship when it comes to applications and data, where without
each other they are of no use. Most of the times both application and data are chained
together. While its storage topic is discussed, it is required to enquire about its
infrastructure. For instance, if the application is in the private cloud whereas its data is in
the on-premise data center, then can the data be accessed remotely in this application?
Copy data virtualization technologies could decouple the data from the infrastructure and
can make this issue, least problematic.
4) Compatibility has bigger issues while developing a hybrid cloud. One of the challenge in
building the Hybrid cloud is compatibility across the infrastructure. When there are
infrastructures of dual levels, like the private cloud which is controlled by the company
and the public cloud which is not controlled by the company, then there are possibilities
to run different stacks.
5) Networking issues, such as will the cloud have highly active application present in it?
The usage of the bandwidth is important to be considered on a network and similarly it is
necessary to check whether there might be any issues in bottlenecking the rest of the
9
9) It provided network optimization.
10) Enables expansion of capacity.
The issues related to the deployment of the Hybrid cloud architecture includes (Tracy,
2016) (Tran, 2018):
1) Cost
Building a private cloud for the enterprise costs more when compared to the public cloud.
High usage of the public cloud resources could increase unexpectedly bills of high
charges which might not be part of the plan. Thus, it is necessary to outline a specific
budget for the hybrid cloud project.
2) Security
Cloud computing can surely face some attacks. It requires proper precautions to secure
the data correctly and must ensure that it is controlled and maintained by an appropriate
person (De Laine, 2017).
3) Data and application integration
There is symbolic relationship when it comes to applications and data, where without
each other they are of no use. Most of the times both application and data are chained
together. While its storage topic is discussed, it is required to enquire about its
infrastructure. For instance, if the application is in the private cloud whereas its data is in
the on-premise data center, then can the data be accessed remotely in this application?
Copy data virtualization technologies could decouple the data from the infrastructure and
can make this issue, least problematic.
4) Compatibility has bigger issues while developing a hybrid cloud. One of the challenge in
building the Hybrid cloud is compatibility across the infrastructure. When there are
infrastructures of dual levels, like the private cloud which is controlled by the company
and the public cloud which is not controlled by the company, then there are possibilities
to run different stacks.
5) Networking issues, such as will the cloud have highly active application present in it?
The usage of the bandwidth is important to be considered on a network and similarly it is
necessary to check whether there might be any issues in bottlenecking the rest of the
9
applications. This is one of the question which should be asked about hybrid integration
during network designing.
Similar to all the IT projects, developing hybrid cloud for an enterprise could bring both
advantages and also challenges. If proper planning is done, then the organizations can surely
decrease the issues and increase the benefits for the organization.
3. Risk Assessment
The possible risks associated with the Hybrid cloud and microservices strategies are
listed below (Tech, 2016) (Shacklett, 2016) ("17 Hybrid Cloud Security Threats and How To Fix
Them", 2018) (Hatter, 2014):
Sl.
No.
Possible Risks for
Hybrid cloud and
microservices
Description Possible Control
For the Risk
1. IT architecture
design
The architecture can be of cloud, private,
on-premises must be managed well, for
smoothly running the end-to-end
infrastructure.
2. Coordination of
cloud procurement
with end business
users
The Haphazard method is a worst method
for entering into a hybrid cloud strategy.
Because, the haphazard circumstance is
created if the end-user departments and
independently contract IT for cloud
services. It is necessary to have a mix of
public cloud, private cloud, and on-
premises IT and no one who is
accountable for overall coordination and
performance of these investments. This
type of practice brings more number of
risks along with increased inefficiency.
3. Management of In the data centers of many organizations, Rely on a trusted
10
during network designing.
Similar to all the IT projects, developing hybrid cloud for an enterprise could bring both
advantages and also challenges. If proper planning is done, then the organizations can surely
decrease the issues and increase the benefits for the organization.
3. Risk Assessment
The possible risks associated with the Hybrid cloud and microservices strategies are
listed below (Tech, 2016) (Shacklett, 2016) ("17 Hybrid Cloud Security Threats and How To Fix
Them", 2018) (Hatter, 2014):
Sl.
No.
Possible Risks for
Hybrid cloud and
microservices
Description Possible Control
For the Risk
1. IT architecture
design
The architecture can be of cloud, private,
on-premises must be managed well, for
smoothly running the end-to-end
infrastructure.
2. Coordination of
cloud procurement
with end business
users
The Haphazard method is a worst method
for entering into a hybrid cloud strategy.
Because, the haphazard circumstance is
created if the end-user departments and
independently contract IT for cloud
services. It is necessary to have a mix of
public cloud, private cloud, and on-
premises IT and no one who is
accountable for overall coordination and
performance of these investments. This
type of practice brings more number of
risks along with increased inefficiency.
3. Management of In the data centers of many organizations, Rely on a trusted
10
Data they use storage automation, for routing
the data to the tiers of fast, medium, or
seldom-used storage, based on the data
type and its access requirements. When
the data gets tricked by non-data center
destinations, in such cases the business
rules and stewardship of such data faces
more risks and it is necessary to track
such data.
technology for
overcoming the risk
of data migration.
4. Security and privacy In cloud, data security and privacy is
improvising, but it doesn't transform the
fact i.e., on data, the corporate IT contains
direct governance, security, and privacy
control, which the data center of the
organization stores. The data center does
not contain any direct control in the cloud.
The customer’s data is the responsibility
of the organization, where the data is kept
safely.
Effective third party
solution.
5. Bandwidth and
latency
The cloud can be accessed securely in a
private network through internet. This
shows that the management of bandwidth
and latency risk for the real-time data
streams and transfer of bulk data could
result in a risky affair, in contrast with the
internal network of the firm. The company
must perform risk evaluations for data and
applications which go to the cloud.
Manage the
bandwidth and
latency risks.
6. Disaster recovery
and failover
The organizations which move their data
and applications can face disaster of data
due to the negligence of the cloud
Check disaster
recovery plans.
Before leasing, find
11
the data to the tiers of fast, medium, or
seldom-used storage, based on the data
type and its access requirements. When
the data gets tricked by non-data center
destinations, in such cases the business
rules and stewardship of such data faces
more risks and it is necessary to track
such data.
technology for
overcoming the risk
of data migration.
4. Security and privacy In cloud, data security and privacy is
improvising, but it doesn't transform the
fact i.e., on data, the corporate IT contains
direct governance, security, and privacy
control, which the data center of the
organization stores. The data center does
not contain any direct control in the cloud.
The customer’s data is the responsibility
of the organization, where the data is kept
safely.
Effective third party
solution.
5. Bandwidth and
latency
The cloud can be accessed securely in a
private network through internet. This
shows that the management of bandwidth
and latency risk for the real-time data
streams and transfer of bulk data could
result in a risky affair, in contrast with the
internal network of the firm. The company
must perform risk evaluations for data and
applications which go to the cloud.
Manage the
bandwidth and
latency risks.
6. Disaster recovery
and failover
The organizations which move their data
and applications can face disaster of data
due to the negligence of the cloud
Check disaster
recovery plans.
Before leasing, find
11
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
providers and their data centers. the data centers
utilized by the cloud
provider and its
failovers. Moreover
proceed with risk
assessment.
7. Switching of
vendors
Switching vendors is not easy despite of
being a "plug and play" proposition, based
on the contractual and cooperation point
of view.
Wise decisions will
help to choose and
select the worthy
vendors.
8. On-premise
licenses and contract
management
In case of any shifting in applications like
from, on-premises to the cloud, there are
possibilities of optimal coordination only
if the transition are made when the on-
premises software licenses expires.
While moving from
one vendor to the
other, it is necessary
to review the
contracts and prices.
9. Vendor SLAs and
Poor SLAs
Most of the cloud vendors fail to publish
service level agreements (SLAs), and it
won’t even be present in their contracts.
While moving to the cloud, the customers
tend to lose the ability of govern their own
data set. This leads to forcibly rely on the
service providers for data securing, in the
public sector.
The company must
take legal guidance
and enquire and
review the attorney
before agreeing to
the agreement.
Further, ensure the
services’ expectation
are reasonable.
Then, check the
permission and
protection along
with the security
measures.
10. Liability of Vendors
and lack of data
If the cloud vendor doesn't own its own
data centers and is contracting for them
The organization
must check the
12
utilized by the cloud
provider and its
failovers. Moreover
proceed with risk
assessment.
7. Switching of
vendors
Switching vendors is not easy despite of
being a "plug and play" proposition, based
on the contractual and cooperation point
of view.
Wise decisions will
help to choose and
select the worthy
vendors.
8. On-premise
licenses and contract
management
In case of any shifting in applications like
from, on-premises to the cloud, there are
possibilities of optimal coordination only
if the transition are made when the on-
premises software licenses expires.
While moving from
one vendor to the
other, it is necessary
to review the
contracts and prices.
9. Vendor SLAs and
Poor SLAs
Most of the cloud vendors fail to publish
service level agreements (SLAs), and it
won’t even be present in their contracts.
While moving to the cloud, the customers
tend to lose the ability of govern their own
data set. This leads to forcibly rely on the
service providers for data securing, in the
public sector.
The company must
take legal guidance
and enquire and
review the attorney
before agreeing to
the agreement.
Further, ensure the
services’ expectation
are reasonable.
Then, check the
permission and
protection along
with the security
measures.
10. Liability of Vendors
and lack of data
If the cloud vendor doesn't own its own
data centers and is contracting for them
The organization
must check the
12
ownership and risk
management.
with third parties, this can increase
security breach issue.
liabilities of the
vendors before
agreeing to the
agreement.
i.e., Check for data
ownership along
with security. Define
the services in the
form of SLA for the
hybrid IT firm.
Enquire who can
access the data and
know the location of
where the data is
stored.
11. Control loss Even one change in the application could
create issues related to integration with
the other programs, which can end up
with chaos among the critical business
applications.
Contact service
providers who
effectively manage
such risks for the
organization and
make them the
partner of the
company.
12. Poor compliance Compliance is a problem which is related
to security challenge. Any businesses
should make sure that each part of their
cloud strategy must have compliance with
all the industry regulations. Thus, it is
important to make sure that the data which
travels between the private and public
cloud environments is secured effectively.
Test for compliance
and then proceed.
13
management.
with third parties, this can increase
security breach issue.
liabilities of the
vendors before
agreeing to the
agreement.
i.e., Check for data
ownership along
with security. Define
the services in the
form of SLA for the
hybrid IT firm.
Enquire who can
access the data and
know the location of
where the data is
stored.
11. Control loss Even one change in the application could
create issues related to integration with
the other programs, which can end up
with chaos among the critical business
applications.
Contact service
providers who
effectively manage
such risks for the
organization and
make them the
partner of the
company.
12. Poor compliance Compliance is a problem which is related
to security challenge. Any businesses
should make sure that each part of their
cloud strategy must have compliance with
all the industry regulations. Thus, it is
important to make sure that the data which
travels between the private and public
cloud environments is secured effectively.
Test for compliance
and then proceed.
13
13. Cloud Security Many things are discussed when it comes
to the inherent risks related to security.
Deploying hybrid clod strategies includes
various security challenges for the
organization, like security management,
risk management and poorly constructed
service-level agreements. All of these
mentioned issues increases problems from
complications, which could increase when
both the private and public cloud are
utilized in conjunction with each other.
However, it is highly difficult to manage
two types of deployments for the IT
teams.
Make sure the SLA
is standard.
14. Data leakage Insufficient security protocols by the
cloud provider could compromise the data
which can be destroyed, corrupted or
accessed in appropriately. For instance in,
worker-driven BYOD environments.
Prevention of data
loss and ensure
security measures to
encounter
malfunctions in the
infrastructure,
security breaches,
and errors in the
software.
15. Weak protection of
IP (intellectual
Property)
IP requires extra protection. It must have
the highest encryption and security
protocols in place. IP must be identified
and classified to determine potential
security risks. A vulnerability assessment
and appropriate encryption are needed
Ensure the security
of the network
infrastructure.
Perform third party
audits extensively
and create
permission matrix.
16. Not enough Security The failure of risk identification can harm Risk prevention and
14
to the inherent risks related to security.
Deploying hybrid clod strategies includes
various security challenges for the
organization, like security management,
risk management and poorly constructed
service-level agreements. All of these
mentioned issues increases problems from
complications, which could increase when
both the private and public cloud are
utilized in conjunction with each other.
However, it is highly difficult to manage
two types of deployments for the IT
teams.
Make sure the SLA
is standard.
14. Data leakage Insufficient security protocols by the
cloud provider could compromise the data
which can be destroyed, corrupted or
accessed in appropriately. For instance in,
worker-driven BYOD environments.
Prevention of data
loss and ensure
security measures to
encounter
malfunctions in the
infrastructure,
security breaches,
and errors in the
software.
15. Weak protection of
IP (intellectual
Property)
IP requires extra protection. It must have
the highest encryption and security
protocols in place. IP must be identified
and classified to determine potential
security risks. A vulnerability assessment
and appropriate encryption are needed
Ensure the security
of the network
infrastructure.
Perform third party
audits extensively
and create
permission matrix.
16. Not enough Security The failure of risk identification can harm Risk prevention and
14
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Risk Assessment the IT infrastructure. assessment must be
performed
rigorously along
with scanning of
IDS/IPS systems for
malicious traffic.
17. Encryption is
missing
The network transmission is vulnerable to
Man-in-the-Middle (MitM) attacks and
eavesdropping, which avoids mutual
authentication.
Reliable VPN must
be employed with a
proxy server which
can be relied. Then,
the transmission
must be shielded
from random attacks
using the
cryptographic
protocols which
contains endpoint
authentication.
18. Data redundancy is
poor.
Absence of redundancy can put the
enterprise and the hybrid IT cloud at risk.
Redundancy must be
implemented with
the use of multiple
data centers from a
single cloud
provider i.e., from
various public cloud
providers and hybrid
cloud.
19. Absence of API
protection
If API are not protected, then the sensitive
data is exposed by the endpoints to
malicious attacks.
Mange the API keys
similar to encryption
and code-signing
keys.
15
performed
rigorously along
with scanning of
IDS/IPS systems for
malicious traffic.
17. Encryption is
missing
The network transmission is vulnerable to
Man-in-the-Middle (MitM) attacks and
eavesdropping, which avoids mutual
authentication.
Reliable VPN must
be employed with a
proxy server which
can be relied. Then,
the transmission
must be shielded
from random attacks
using the
cryptographic
protocols which
contains endpoint
authentication.
18. Data redundancy is
poor.
Absence of redundancy can put the
enterprise and the hybrid IT cloud at risk.
Redundancy must be
implemented with
the use of multiple
data centers from a
single cloud
provider i.e., from
various public cloud
providers and hybrid
cloud.
19. Absence of API
protection
If API are not protected, then the sensitive
data is exposed by the endpoints to
malicious attacks.
Mange the API keys
similar to encryption
and code-signing
keys.
15
Therefore, surveying the risk monitoring, reviewing the events and identifying proper
policy adjustments are required for managing the risks in the cloud.
4. Information Security Assessment
I recommend the Board with the following Information Security steps and controls, for
securing the Hybrid cloud ("Hybrid Cloud Security: 5 Key Considerations for your Business",
2018) ("Hybrid cloud security fundamentals: 4 things to know", 2018):
1) Compliance is suggested: Because the hybrid cloud offers the benefits of private
and public cloud for the enterprise. But, it includes unique challenges related to
security compliance (Solutions, 2018). I recommend to examine all the policies
and regulatory compliance the private cloud, of a public cloud, only then the
complete compliance of private and public clouds can be integrated as a single
system. Made standard point to regularly check the hybrid cloud compliance, as a
whole.
2) Protection of Intellectual Property (IP)
Standardize the permission matrix for the enterprise, like which of the internal
and external entities must have access to the available sensitive data.
3) Ensuring the compatibility of security tool
Make use of firewalls, antivirus software and IPS devices as security tools for the
public cloud. The service vendors must integrate the hybrid cloud with a private
cloud and public cloud with security product ("SECURITY IN THE HYBRID
CLOUD: Putting Rumors to Rest", 2011) .
4) Importance of risk assessment
Impose strict rules to constantly assess the risks for each facet of the enterprise’s
hybrid cloud and the complete hybrid cloud system. This helps to secure the
cloud.
5) Take care of APIs by encryption
Make mandatory measures to carefully monitor all the Application Programming
Interfaces for the cloud software, which are developed by the third parties.
16
policy adjustments are required for managing the risks in the cloud.
4. Information Security Assessment
I recommend the Board with the following Information Security steps and controls, for
securing the Hybrid cloud ("Hybrid Cloud Security: 5 Key Considerations for your Business",
2018) ("Hybrid cloud security fundamentals: 4 things to know", 2018):
1) Compliance is suggested: Because the hybrid cloud offers the benefits of private
and public cloud for the enterprise. But, it includes unique challenges related to
security compliance (Solutions, 2018). I recommend to examine all the policies
and regulatory compliance the private cloud, of a public cloud, only then the
complete compliance of private and public clouds can be integrated as a single
system. Made standard point to regularly check the hybrid cloud compliance, as a
whole.
2) Protection of Intellectual Property (IP)
Standardize the permission matrix for the enterprise, like which of the internal
and external entities must have access to the available sensitive data.
3) Ensuring the compatibility of security tool
Make use of firewalls, antivirus software and IPS devices as security tools for the
public cloud. The service vendors must integrate the hybrid cloud with a private
cloud and public cloud with security product ("SECURITY IN THE HYBRID
CLOUD: Putting Rumors to Rest", 2011) .
4) Importance of risk assessment
Impose strict rules to constantly assess the risks for each facet of the enterprise’s
hybrid cloud and the complete hybrid cloud system. This helps to secure the
cloud.
5) Take care of APIs by encryption
Make mandatory measures to carefully monitor all the Application Programming
Interfaces for the cloud software, which are developed by the third parties.
16
5. Changes to BCP
The recommendation included in Regional Gardens’s Business Continuity planning
(BCP), due to the adoption of Hybrid Cloud and Microservices approach is presented below
("How Containers, Microservices, and Hybrid Cloud Enable Innovation", 2018):
1) Ensure to rethink on disaster's definition.
Don’t think disaster management as a normal task, instead give more preference
to it because it has higher risks. The risks can be dealt with the implementation of
smart approach. Administer and identify the impacts which can decrease the
issues.
Avoid even minor issues, because the minor issues leads to bigger and dangerous
issues. The issues must be controlled effectively at the right time with the right
decision.
2) Set up a responsible team for business continuity.
Irrespective of any effective BCP or an effective the disaster recovery plan,
effective and trusted team is important for responding to the disaster. The team
must be attentive and must actively handle things during disaster situation without
panicking.
3) Make backup of data mandatory.
Despite of various factors available for a strong disaster recovery plan, data
backup system will be the highly significant. It is possible that the downtime
event could result in massive data loss, and this is the main reason for storing the
data in a secured and accessible place.
4) Design disaster recovery plan
5) Select effective migration plan for securing the data in the cloud.
6) Preplan the risks with risk assessment.
7) Overcome the challenges of hybrid cloud adoption.
8) According to hybrid cloud strategy, Regional Gardens might need portability
between the public cloud services and its own private cloud in the data center, or
between multiple public cloud providers. It may need this portability for complete
cloud applications or for only pieces of these applications like the microservices.
9) Implement solutions for application resilience.
17
The recommendation included in Regional Gardens’s Business Continuity planning
(BCP), due to the adoption of Hybrid Cloud and Microservices approach is presented below
("How Containers, Microservices, and Hybrid Cloud Enable Innovation", 2018):
1) Ensure to rethink on disaster's definition.
Don’t think disaster management as a normal task, instead give more preference
to it because it has higher risks. The risks can be dealt with the implementation of
smart approach. Administer and identify the impacts which can decrease the
issues.
Avoid even minor issues, because the minor issues leads to bigger and dangerous
issues. The issues must be controlled effectively at the right time with the right
decision.
2) Set up a responsible team for business continuity.
Irrespective of any effective BCP or an effective the disaster recovery plan,
effective and trusted team is important for responding to the disaster. The team
must be attentive and must actively handle things during disaster situation without
panicking.
3) Make backup of data mandatory.
Despite of various factors available for a strong disaster recovery plan, data
backup system will be the highly significant. It is possible that the downtime
event could result in massive data loss, and this is the main reason for storing the
data in a secured and accessible place.
4) Design disaster recovery plan
5) Select effective migration plan for securing the data in the cloud.
6) Preplan the risks with risk assessment.
7) Overcome the challenges of hybrid cloud adoption.
8) According to hybrid cloud strategy, Regional Gardens might need portability
between the public cloud services and its own private cloud in the data center, or
between multiple public cloud providers. It may need this portability for complete
cloud applications or for only pieces of these applications like the microservices.
9) Implement solutions for application resilience.
17
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10) Implement solution for backup and disaster recovery in a Hybrid Cloud
environment.
11) Ensure data security and availability.
Make sure that the location of the data is provided.
12) Test the designed plan.
After designing the disaster recovery plan, testing is mandatory no matter what.
Make sure to test it several times. The business continuity must react to the crisis
and stay strong to accomplish the tasks.
6. Hybrid Cloud Administration and SLA Management
One of the issues in the Hybrid cloud security is, “Poorly constructed SLAs” ("Cloud
Security", 2012). Though, the enterprise is confident enough about their public cloud provider
for consistently meeting the expectations mentioned in the Service-Level agreement, but how is
it possible that the private cloud can live up to the similar SLA is the noted question. In such
cases, the SLAs must be created depending on the expectations of the cloud’s lesser who could
be private cloud. Thus, gathering data based on the private cloud's availability and performance,
depending on the practical workloads. It is suggested to identify the potential problems for
integrating both the public and private clouds, which disrupt the cloud service.
The following are the required requirements for the Regional Gardens for conducting
remote server administration, resource management and SLA management for its proposed IaaS
and PaaS instances.
The operations checklist includes the following:
1. General questions on security like, IAM users, Instance Security, Nested security
groups and sharing AMIs.
2. Operational use of Amazon EC2 like EBS-backed instances, instance store-
backed, dynamic addressing and, separate OS and data volumes.
3. HA, Backup and recovery.
4. Mapping the custom names to AWS.
5. Application Development and opportunities for testing.
SLA Management
18
environment.
11) Ensure data security and availability.
Make sure that the location of the data is provided.
12) Test the designed plan.
After designing the disaster recovery plan, testing is mandatory no matter what.
Make sure to test it several times. The business continuity must react to the crisis
and stay strong to accomplish the tasks.
6. Hybrid Cloud Administration and SLA Management
One of the issues in the Hybrid cloud security is, “Poorly constructed SLAs” ("Cloud
Security", 2012). Though, the enterprise is confident enough about their public cloud provider
for consistently meeting the expectations mentioned in the Service-Level agreement, but how is
it possible that the private cloud can live up to the similar SLA is the noted question. In such
cases, the SLAs must be created depending on the expectations of the cloud’s lesser who could
be private cloud. Thus, gathering data based on the private cloud's availability and performance,
depending on the practical workloads. It is suggested to identify the potential problems for
integrating both the public and private clouds, which disrupt the cloud service.
The following are the required requirements for the Regional Gardens for conducting
remote server administration, resource management and SLA management for its proposed IaaS
and PaaS instances.
The operations checklist includes the following:
1. General questions on security like, IAM users, Instance Security, Nested security
groups and sharing AMIs.
2. Operational use of Amazon EC2 like EBS-backed instances, instance store-
backed, dynamic addressing and, separate OS and data volumes.
3. HA, Backup and recovery.
4. Mapping the custom names to AWS.
5. Application Development and opportunities for testing.
SLA Management
18
The SLA Management for the Hybrid cloud is mentioned below (Gray & Novak, 2015):
1) Ensuring to monitor any modern application might be complex and running such
application in the hybrid environment could increase the number of complexities.
The cloud vendors must provide standard and own tools, APIs and effective
SLAs. Therefore, the SLA must define the utilized tools and APIs for more clarity
and security.
2) With respect to SLAs, the major challenge in the hybrid cloud directs on linking
every single hybrid cloud’s components which are underlying with the end-user
experiences. Because, the environment which has multiple platforms, can have
weak points for the boundaries thus, strict monitoring is necessary.
3) It is not easy to monitoring the application data from different platforms,
especially if isolating is required for fixing the specific problem. It is required to
monitor the data from different sources that are required to be analysed,
aggregated and unified.
4) After the identification of the issue and its isolation, it is necessary to be
administered and managed during its life cycle. Integrating the modern
monitoring solutions is very important as it helps to bridge the gaps between
various environments. Once this is performed correctly, then the correlation
between every single environment’s functionality and application performance,
will ensure that all the parties are following the defined SLAs.
Resource Management
In cloud, at the virtualization level the resource management must be done by the cloud
provider and the cloud customers must manage it at the application level (Tchana, Son Tran,
Broto, DePalma & Hagimont, 2013).
The IaaS includes low level cloud resource management, whereas PaaS hides this
information for the client with the assistance of API/ any kind of automatic application
deployment assistance.
Cloud resource administrators is required for assessing the functions of the resource management
system.
19
1) Ensuring to monitor any modern application might be complex and running such
application in the hybrid environment could increase the number of complexities.
The cloud vendors must provide standard and own tools, APIs and effective
SLAs. Therefore, the SLA must define the utilized tools and APIs for more clarity
and security.
2) With respect to SLAs, the major challenge in the hybrid cloud directs on linking
every single hybrid cloud’s components which are underlying with the end-user
experiences. Because, the environment which has multiple platforms, can have
weak points for the boundaries thus, strict monitoring is necessary.
3) It is not easy to monitoring the application data from different platforms,
especially if isolating is required for fixing the specific problem. It is required to
monitor the data from different sources that are required to be analysed,
aggregated and unified.
4) After the identification of the issue and its isolation, it is necessary to be
administered and managed during its life cycle. Integrating the modern
monitoring solutions is very important as it helps to bridge the gaps between
various environments. Once this is performed correctly, then the correlation
between every single environment’s functionality and application performance,
will ensure that all the parties are following the defined SLAs.
Resource Management
In cloud, at the virtualization level the resource management must be done by the cloud
provider and the cloud customers must manage it at the application level (Tchana, Son Tran,
Broto, DePalma & Hagimont, 2013).
The IaaS includes low level cloud resource management, whereas PaaS hides this
information for the client with the assistance of API/ any kind of automatic application
deployment assistance.
Cloud resource administrators is required for assessing the functions of the resource management
system.
19
Whoever works behalf of the cloud provider can have permission to directly access the
native console of the resource management system.
The consolidation policy for the IaaS administrator on sensor includes (Tchana, Son Tran,
Broto, DePalma & Hagimont, 2013):
a. In case of saturation of the physical machine, a virtual machine is migrated to the
other physical machine, which contains sufficient resources, for accepting it. When
every required, the new physical machine can be turned on, which is known as VM
relocation.
b. When the physical machine is under-loaded and when its hosted VMs could be
accepted by the other physical machines, in such case migration of these VMs is
possible. It is possible to free or turn off these physical machine, which is called as
VM collocation.
Remote Server Administration
The remote server management is an essential segment of data centers. Generally, the
resource management systems exposes the APIs which permit the cloud providers for building a
remote administration system portals. This could be customized for providing selective resource
management controls for the external cloud resource administrators who work on behalf of the
cloud consumer organizations through usage and administration portals.
The 2X Remote Application Server is built using cutting edge technology for increasing
the hybrid cloud solution’s output. Remote Application Server delivers virtual desktops and
applications from a central location, which allows to have continuous availability, resource-based
load balancing and complete end-to-end network transparency for the administrators.
7. SharePoint Migration Planning
7.1 Migration Plan
As, the help of the cloud migration support provider facilitates smooth transition when
adopting a hybrid cloud environment. It is necessary to implement an effective and feasible
migration plan. In concern with cost-effectiveness, the approach of hybrid provides high security,
flexibility and accessibility, if the plan is well planned and correctly executed ("Enterprise
20
native console of the resource management system.
The consolidation policy for the IaaS administrator on sensor includes (Tchana, Son Tran,
Broto, DePalma & Hagimont, 2013):
a. In case of saturation of the physical machine, a virtual machine is migrated to the
other physical machine, which contains sufficient resources, for accepting it. When
every required, the new physical machine can be turned on, which is known as VM
relocation.
b. When the physical machine is under-loaded and when its hosted VMs could be
accepted by the other physical machines, in such case migration of these VMs is
possible. It is possible to free or turn off these physical machine, which is called as
VM collocation.
Remote Server Administration
The remote server management is an essential segment of data centers. Generally, the
resource management systems exposes the APIs which permit the cloud providers for building a
remote administration system portals. This could be customized for providing selective resource
management controls for the external cloud resource administrators who work on behalf of the
cloud consumer organizations through usage and administration portals.
The 2X Remote Application Server is built using cutting edge technology for increasing
the hybrid cloud solution’s output. Remote Application Server delivers virtual desktops and
applications from a central location, which allows to have continuous availability, resource-based
load balancing and complete end-to-end network transparency for the administrators.
7. SharePoint Migration Planning
7.1 Migration Plan
As, the help of the cloud migration support provider facilitates smooth transition when
adopting a hybrid cloud environment. It is necessary to implement an effective and feasible
migration plan. In concern with cost-effectiveness, the approach of hybrid provides high security,
flexibility and accessibility, if the plan is well planned and correctly executed ("Enterprise
20
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Hybrid Cloud: Strategy and Cost Considerations", 2017) (Froehlich, 2017). However, the highly
difficult and challenging task is to plan a data migration strategy, with various factors (Long,
2018).
Figure: Strategy for Cloud Migration ("Cloud Computing Architecture", 2010)
As, for starting the migration process, the Regional Gardens board has decided to move it email
instance to the AWS (Amazon Web Service) cloud. Moreover, the board has planned even to test
their strategy ("Aws Cloud Architecture", 2018).
The strategy and execution for migration would be the following assessment (Vonnegut, 2018):
Step 1: The present infrastructure must be assessed.
Step 2: The applications and workloads must be assessed.
Step 3: Assessment of staff skill set along with training requirement depending on pre- and post-
migration.
21
difficult and challenging task is to plan a data migration strategy, with various factors (Long,
2018).
Figure: Strategy for Cloud Migration ("Cloud Computing Architecture", 2010)
As, for starting the migration process, the Regional Gardens board has decided to move it email
instance to the AWS (Amazon Web Service) cloud. Moreover, the board has planned even to test
their strategy ("Aws Cloud Architecture", 2018).
The strategy and execution for migration would be the following assessment (Vonnegut, 2018):
Step 1: The present infrastructure must be assessed.
Step 2: The applications and workloads must be assessed.
Step 3: Assessment of staff skill set along with training requirement depending on pre- and post-
migration.
21
Step 4: Assessing required migration tools.
Step 5: Assessing the timetables of the projected migration.
Step 6: Assessing pre- and post-migration.
Therefore, assessment is must as each of the cloud migration will be unique with
unexpected changes.
The Migration plan, for migrating the services is as follows ("An Overview of AWS
Cloud Data Migration Services", 2016) ("5 Steps for a Cost-Efficient Migration to AWS Cloud",
2018) ("The online portal for Data Migration knowledge", 2018) (Earls, 2018):
Step 1: Assessment of cloud
The IT infrastructure and cost is studied, to find the recommendations for a detailed plan.
The cost analysis is performed, to estimate the duration of the project and the required
resources (Parthasarathy & Mani, 2017).
Step 2: Proof of concept
Each of the critical application are built with POC environment to validate their
functionalities. It performs functional and integration testing.
Step 3: Migrate non-mission critical applications
Migrate test or DEV application is performed. Then, the noncritical applications such as
Track-it are migrated. Further, the backups are migrated and validated for restoring
processes.
Step 4: Migrate business critical applications
Components of the infrastructure are migrated. For example, monitoring solution and
domain controller. The E-business Suite is migrated, then it is tuned, enhanced and
optimized.
Step 5: Establishing a dedicated network connection.
Step 6: Selection of right AWS-Managed Migration Tools.
Step 7: Project Initiation Phase
The required policies and communication plan for the stakeholder will be presented in
this phase.
Step 8: Pre-preparation Phase
The assessment of pre-migration’s impact takes place in this phase.
22
Step 5: Assessing the timetables of the projected migration.
Step 6: Assessing pre- and post-migration.
Therefore, assessment is must as each of the cloud migration will be unique with
unexpected changes.
The Migration plan, for migrating the services is as follows ("An Overview of AWS
Cloud Data Migration Services", 2016) ("5 Steps for a Cost-Efficient Migration to AWS Cloud",
2018) ("The online portal for Data Migration knowledge", 2018) (Earls, 2018):
Step 1: Assessment of cloud
The IT infrastructure and cost is studied, to find the recommendations for a detailed plan.
The cost analysis is performed, to estimate the duration of the project and the required
resources (Parthasarathy & Mani, 2017).
Step 2: Proof of concept
Each of the critical application are built with POC environment to validate their
functionalities. It performs functional and integration testing.
Step 3: Migrate non-mission critical applications
Migrate test or DEV application is performed. Then, the noncritical applications such as
Track-it are migrated. Further, the backups are migrated and validated for restoring
processes.
Step 4: Migrate business critical applications
Components of the infrastructure are migrated. For example, monitoring solution and
domain controller. The E-business Suite is migrated, then it is tuned, enhanced and
optimized.
Step 5: Establishing a dedicated network connection.
Step 6: Selection of right AWS-Managed Migration Tools.
Step 7: Project Initiation Phase
The required policies and communication plan for the stakeholder will be presented in
this phase.
Step 8: Pre-preparation Phase
The assessment of pre-migration’s impact takes place in this phase.
22
Step 9: Planning Phase
The activities are planned, resources, test environment, project management, support
documentation
Step 10: Designing Phase
Here, the design of the solution is developed, which comprises of, Migration
procedures, customer migration scripts and back-out procedures are developed.
Step 11: Validation Phase
This validation phase includes preparing test environment, migration procedure for the
test, back-out procedure for the test and refining the migration approach.
Step 12: Migration Phase
It is divided into, Data migration phase and Application migration phase (Barr, 2010).
Preparation takes places where, installation of environment and configuring the
supporting systems takes place. Then, implementation takes place where, migrate
applications, update DBs, configure environment and validating the migration is done.
Finally, bring-up.
Step 13: Risk identification related to data migration.
Step 14: Operating and Optimizing Phase
In this phase, the following areas are taken care, utilization, monitoring, performance,
reengineering and efficiency.
Step 15: Executing and Testing Phase
In testing phase, the applications are tested and the performance is tested.
Step 16: Project phase's time estimates.
Step 17: Avoiding potential data loss.
Step 18: Ensuring to reduce the downtime.
Step 19: Decreasing user disruption.
Step 20: Evaluating the effectiveness of the plan.
Step 21: Monitoring Phase
In this phase, the data quality monitoring environment is carried out.
7.2 Migration Plan’s Critical Points and Issues
The critical points and issues that you see occurring at each of these steps are listed
23
The activities are planned, resources, test environment, project management, support
documentation
Step 10: Designing Phase
Here, the design of the solution is developed, which comprises of, Migration
procedures, customer migration scripts and back-out procedures are developed.
Step 11: Validation Phase
This validation phase includes preparing test environment, migration procedure for the
test, back-out procedure for the test and refining the migration approach.
Step 12: Migration Phase
It is divided into, Data migration phase and Application migration phase (Barr, 2010).
Preparation takes places where, installation of environment and configuring the
supporting systems takes place. Then, implementation takes place where, migrate
applications, update DBs, configure environment and validating the migration is done.
Finally, bring-up.
Step 13: Risk identification related to data migration.
Step 14: Operating and Optimizing Phase
In this phase, the following areas are taken care, utilization, monitoring, performance,
reengineering and efficiency.
Step 15: Executing and Testing Phase
In testing phase, the applications are tested and the performance is tested.
Step 16: Project phase's time estimates.
Step 17: Avoiding potential data loss.
Step 18: Ensuring to reduce the downtime.
Step 19: Decreasing user disruption.
Step 20: Evaluating the effectiveness of the plan.
Step 21: Monitoring Phase
In this phase, the data quality monitoring environment is carried out.
7.2 Migration Plan’s Critical Points and Issues
The critical points and issues that you see occurring at each of these steps are listed
23
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
below:
1) Security
2) budget
3) Attempting too much at once
4) Fear
5) Migration experience
The explanation for why these points or issues are critical is explained in the below
section.
When network transmission takes place, it is vulnerable to various attacks and data security
breaches, which avoids mutual authentication and increases various issues. Therefore, data
security is the major critical issue which must be considered in migration plan.
8. Conclusion
The Company named Regional Gardens Ltd., is projected on meeting the business
requirements in a strategic proposal. The company which runs various gardening enterprises is
determined to improve its current ICT infrastructure, with respect to data storage, monitoring,
data flexibility and responsiveness. Additionally, it looked forward to have a new manageable
cloud based infrastructure, which is successfully considered in this report with the Hybrid cloud
architecture. This architecture helps to meet the objectives for coinciding with the business
needs. Various cloud computing architectures are compared and evaluated. Necessary
Information Security Assessment is recommended for the Board. The BCP is provided for
Regional Gardens Ltd. The SLA Management for the Hybrid cloud is discussed. The ICT risk
management for the cloud computing delivery plan is represented. The Information Security
assessment is carried out. Migration plan, its critical points and issues are discussed.
24
1) Security
2) budget
3) Attempting too much at once
4) Fear
5) Migration experience
The explanation for why these points or issues are critical is explained in the below
section.
When network transmission takes place, it is vulnerable to various attacks and data security
breaches, which avoids mutual authentication and increases various issues. Therefore, data
security is the major critical issue which must be considered in migration plan.
8. Conclusion
The Company named Regional Gardens Ltd., is projected on meeting the business
requirements in a strategic proposal. The company which runs various gardening enterprises is
determined to improve its current ICT infrastructure, with respect to data storage, monitoring,
data flexibility and responsiveness. Additionally, it looked forward to have a new manageable
cloud based infrastructure, which is successfully considered in this report with the Hybrid cloud
architecture. This architecture helps to meet the objectives for coinciding with the business
needs. Various cloud computing architectures are compared and evaluated. Necessary
Information Security Assessment is recommended for the Board. The BCP is provided for
Regional Gardens Ltd. The SLA Management for the Hybrid cloud is discussed. The ICT risk
management for the cloud computing delivery plan is represented. The Information Security
assessment is carried out. Migration plan, its critical points and issues are discussed.
24
References
17 Hybrid Cloud Security Threats and How To Fix Them. (2018). Retrieved from
https://www.pulsesecure.net/lp/hybrid-cloud-security-threats#14
5 Steps for a Cost-Efficient Migration to AWS Cloud. (2018). Retrieved from
https://www.logicworks.com/blog/2018/02/5-steps-for-a-cost-efficient-migration-to-aws-
cloud/
7 benefits of a Hybrid Cloud solution. (2018). Retrieved from https://www.iseek.com.au/cloud/7-
benefits-of-a-hybrid-cloud-solution/
Ajluni, C. (2016). IT Innovators: Are Microservices Enabling the Hybrid Cloud?. Retrieved from
http://www.itprotoday.com/business-resources/it-innovators-are-microservices-enabling-
hybrid-cloud
An Overview of AWS Cloud Data Migration Services. (2016). Amazon Web Services. Retrieved
from
https://d1.awsstatic.com/whitepapers/Storage/An_Overview_of_AWS_Cloud_Data_Migrati
on_Services.pdf
Aws Cloud Architecture. (2018). Retrieved from http://donatz.info/aws-cloud-architecture/
Barr, J. (2010). New Whitepapers on Cloud Migration: Migrating Your Existing Applications to
the AWS Cloud. Retrieved from https://aws.amazon.com/blogs/aws/new-whitepaper-
migrating-your-existing-applications-to-the-aws-cloud/
25
17 Hybrid Cloud Security Threats and How To Fix Them. (2018). Retrieved from
https://www.pulsesecure.net/lp/hybrid-cloud-security-threats#14
5 Steps for a Cost-Efficient Migration to AWS Cloud. (2018). Retrieved from
https://www.logicworks.com/blog/2018/02/5-steps-for-a-cost-efficient-migration-to-aws-
cloud/
7 benefits of a Hybrid Cloud solution. (2018). Retrieved from https://www.iseek.com.au/cloud/7-
benefits-of-a-hybrid-cloud-solution/
Ajluni, C. (2016). IT Innovators: Are Microservices Enabling the Hybrid Cloud?. Retrieved from
http://www.itprotoday.com/business-resources/it-innovators-are-microservices-enabling-
hybrid-cloud
An Overview of AWS Cloud Data Migration Services. (2016). Amazon Web Services. Retrieved
from
https://d1.awsstatic.com/whitepapers/Storage/An_Overview_of_AWS_Cloud_Data_Migrati
on_Services.pdf
Aws Cloud Architecture. (2018). Retrieved from http://donatz.info/aws-cloud-architecture/
Barr, J. (2010). New Whitepapers on Cloud Migration: Migrating Your Existing Applications to
the AWS Cloud. Retrieved from https://aws.amazon.com/blogs/aws/new-whitepaper-
migrating-your-existing-applications-to-the-aws-cloud/
25
Cloud Computing Architecture. (2010). Siemens AG. Retrieved from
https://resources.sei.cmu.edu/asset_files/Presentation/2010_017_001_23337.pdf
Cloud Security. (2012). Retrieved from
https://www.intel.com/content/dam/www/public/us/en/documents/guides/cloud-computing-
security-planning-guide2.pdf
CloudOps: 6 best ways to manage hybrid cloud performance. (2018). Retrieved from
https://techbeacon.com/cloudops-6-best-ways-manage-hybrid-cloud-performance
De Laine, D. (2017). Techniques for securing hybrid clouds and the software defined data centre.
Retrieved from https://www.cso.com.au/article/613428/techniques-securing-hybrid-clouds-
software-defined-data-centre/
Earls, A. (2018). Cloud migration strategies for a hybrid cloud world. Retrieved from
https://searchcloudcomputing.techtarget.com/feature/Cloud-migration-strategies-for-a-
hybrid-cloud-world
Enterprise Hybrid Cloud: Strategy and Cost Considerations. (2017). Retrieved from
https://platform9.com/blog/enterprise-hybrid-cloud-strategy-cost-considerations/
Froehlich, A. (2017). 5 Security Considerations For The Hybrid Cloud. Retrieved from
https://www.informationweek.com/cloud/5-security-considerations-for-the-hybrid-cloud/a/
d-id/1328000
Gracely, B., Finos, R., & Floyer, D. (2015). Aligning Application Portfolios with Hybrid Cloud
Strategies. Retrieved from https://wikibon.com/aligning-application-portfolios-with-hybrid-
cloud-strategies/
Gray, J., & Novak, A. (2015). Hybrid Cloud SLA Challenge. Retrieved from
https://blog.newrelic.com/2015/05/18/sla-hybrid-cloud/
Hatter, P. (2014). 4 Best Practices for Managing Risk in the Hybrid Cloud. Retrieved from
https://www.csoonline.com/article/3083384/security/4-best-practices-for-managing-risk-in-
the-hybrid-cloud.html
26
https://resources.sei.cmu.edu/asset_files/Presentation/2010_017_001_23337.pdf
Cloud Security. (2012). Retrieved from
https://www.intel.com/content/dam/www/public/us/en/documents/guides/cloud-computing-
security-planning-guide2.pdf
CloudOps: 6 best ways to manage hybrid cloud performance. (2018). Retrieved from
https://techbeacon.com/cloudops-6-best-ways-manage-hybrid-cloud-performance
De Laine, D. (2017). Techniques for securing hybrid clouds and the software defined data centre.
Retrieved from https://www.cso.com.au/article/613428/techniques-securing-hybrid-clouds-
software-defined-data-centre/
Earls, A. (2018). Cloud migration strategies for a hybrid cloud world. Retrieved from
https://searchcloudcomputing.techtarget.com/feature/Cloud-migration-strategies-for-a-
hybrid-cloud-world
Enterprise Hybrid Cloud: Strategy and Cost Considerations. (2017). Retrieved from
https://platform9.com/blog/enterprise-hybrid-cloud-strategy-cost-considerations/
Froehlich, A. (2017). 5 Security Considerations For The Hybrid Cloud. Retrieved from
https://www.informationweek.com/cloud/5-security-considerations-for-the-hybrid-cloud/a/
d-id/1328000
Gracely, B., Finos, R., & Floyer, D. (2015). Aligning Application Portfolios with Hybrid Cloud
Strategies. Retrieved from https://wikibon.com/aligning-application-portfolios-with-hybrid-
cloud-strategies/
Gray, J., & Novak, A. (2015). Hybrid Cloud SLA Challenge. Retrieved from
https://blog.newrelic.com/2015/05/18/sla-hybrid-cloud/
Hatter, P. (2014). 4 Best Practices for Managing Risk in the Hybrid Cloud. Retrieved from
https://www.csoonline.com/article/3083384/security/4-best-practices-for-managing-risk-in-
the-hybrid-cloud.html
26
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Homepage Archives. (2018). Retrieved from
https://www.trendmicro.com/azure/category/homepage/
How Containers, Microservices, and Hybrid Cloud Enable Innovation. (2018). Retrieved from
https://dzone.com/articles/how-containers-microservices-and-hybrid-cloud-enable-
innovation
Hybrid Cloud Architectures. (2018). Retrieved from https://aws.amazon.com/enterprise/hybrid/
Hybrid cloud security fundamentals: 4 things to know. (2018). Retrieved from
https://enterprisersproject.com/article/2018/3/hybrid-cloud-security-fundamentals-4-things-
know
Hybrid Cloud Security: 5 Key Considerations for your Business. (2018). Retrieved from
https://www.tripwire.com/state-of-security/security-data-protection/cloud/hybrid-cloud-
security-key-considerations/
Long, L. (2018). Hybrid cloud architecture: What to expect in an AWS migration. Retrieved
from https://www.itproportal.com/features/hybrid-cloud-architecture-what-to-expect-in-an-
aws-migration/
Parthasarathy, A., & Mani, R. (2017). Enterprise Hybrid Cloud: Strategy and Cost
Considerations. Retrieved from https://dzone.com/articles/enterprise-hybrid-cloud-strategy-
and-cost
Perez, J. (2018). Securing the Hybrid Cloud: A Guide to Using Security Controls, Tools and
Automation. Retrieved from https://blog.qualys.com/news/2018/05/15/securing-the-hybrid-
cloud-a-guide-to-using-security-controls-tools-and-automation
Practical Guide to Hybrid Cloud Computing. (2016). Cloud Standards Customer Council.
Retrieved from http://www.cloud-council.org/deliverables/CSCC-Practical-Guide-to-
Hybrid-Cloud-Computing.pdf
Rouse, M. (2018). What is hybrid IT?. Retrieved from
https://searchcloudcomputing.techtarget.com/definition/hybrid-IT
27
https://www.trendmicro.com/azure/category/homepage/
How Containers, Microservices, and Hybrid Cloud Enable Innovation. (2018). Retrieved from
https://dzone.com/articles/how-containers-microservices-and-hybrid-cloud-enable-
innovation
Hybrid Cloud Architectures. (2018). Retrieved from https://aws.amazon.com/enterprise/hybrid/
Hybrid cloud security fundamentals: 4 things to know. (2018). Retrieved from
https://enterprisersproject.com/article/2018/3/hybrid-cloud-security-fundamentals-4-things-
know
Hybrid Cloud Security: 5 Key Considerations for your Business. (2018). Retrieved from
https://www.tripwire.com/state-of-security/security-data-protection/cloud/hybrid-cloud-
security-key-considerations/
Long, L. (2018). Hybrid cloud architecture: What to expect in an AWS migration. Retrieved
from https://www.itproportal.com/features/hybrid-cloud-architecture-what-to-expect-in-an-
aws-migration/
Parthasarathy, A., & Mani, R. (2017). Enterprise Hybrid Cloud: Strategy and Cost
Considerations. Retrieved from https://dzone.com/articles/enterprise-hybrid-cloud-strategy-
and-cost
Perez, J. (2018). Securing the Hybrid Cloud: A Guide to Using Security Controls, Tools and
Automation. Retrieved from https://blog.qualys.com/news/2018/05/15/securing-the-hybrid-
cloud-a-guide-to-using-security-controls-tools-and-automation
Practical Guide to Hybrid Cloud Computing. (2016). Cloud Standards Customer Council.
Retrieved from http://www.cloud-council.org/deliverables/CSCC-Practical-Guide-to-
Hybrid-Cloud-Computing.pdf
Rouse, M. (2018). What is hybrid IT?. Retrieved from
https://searchcloudcomputing.techtarget.com/definition/hybrid-IT
27
Saran, C. (2018). Hybrid cloud strategy offers best of both worlds. Retrieved from
https://www.computerweekly.com/feature/Hybrid-strategy-offers-best-of-both-worlds
Sareen, P. (2013). Cloud Computing: Types, Architecture, Applications, Concerns,
Virtualization and Role of IT Governance in Cloud. International Journal Of Advanced
Research In Computer Science And Software Engineering, 3(3).
SECURITY IN THE HYBRID CLOUD: Putting Rumors to Rest. (2011). Retrieved from
https://ww2.frost.com/files/1614/2113/3098/Whitepaper-
VMware_Bluelock_Security_In_The_Hybrid_Cloud.pdf
Shacklett, M. (2016). 10 hybrid cloud risk areas that the enterprise must manage. Retrieved from
https://www.techrepublic.com/blog/10-things/10-hybrid-cloud-risk-areas-that-the-
enterprise-must-manage/
Solutions, P. (2018). 5 Steps to Better Security in Your Hybrid Cloud. Retrieved from
http://www.prescientsolutions.com/blog/5-steps-better-security-hybrid-cloud/
Tchana, A., Son Tran, G., Broto, L., DePalma, N., & Hagimont, D. (2013). Two levels
autonomic resource management in virtualized IaaS. Future Generation Computer
Systems, 29(6), 1319-1332. doi: 10.1016/j.future.2013.02.002
TDWI Checklist Report: Data Management Best Practices for Cloud and Hybrid Architectures.
(2018). Retrieved from https://www.informatica.com/in/lp/tdwi-data-management-best-
practices-for-cloud-and-hybrid-architectures_analyst-report_3359.html#fbid=nU0Po9vq5kt
Tech, I. (2016). What are the risks of hybrid cloud?. Retrieved from
http://www.isgtech.com/what-are-the-risks-of-hybrid-cloud/
The online portal for Data Migration knowledge. (2018). Retrieved from
http://datamigrationpro.com/data-migration-checklist-planner/
Tracy, P. (2016). Explaining the hybrid cloud, its advantages and disadvantages. Retrieved from
https://www.rcrwireless.com/20160922/big-data-analytics/hybrid-cloud-iot-tag31-tag99
28
https://www.computerweekly.com/feature/Hybrid-strategy-offers-best-of-both-worlds
Sareen, P. (2013). Cloud Computing: Types, Architecture, Applications, Concerns,
Virtualization and Role of IT Governance in Cloud. International Journal Of Advanced
Research In Computer Science And Software Engineering, 3(3).
SECURITY IN THE HYBRID CLOUD: Putting Rumors to Rest. (2011). Retrieved from
https://ww2.frost.com/files/1614/2113/3098/Whitepaper-
VMware_Bluelock_Security_In_The_Hybrid_Cloud.pdf
Shacklett, M. (2016). 10 hybrid cloud risk areas that the enterprise must manage. Retrieved from
https://www.techrepublic.com/blog/10-things/10-hybrid-cloud-risk-areas-that-the-
enterprise-must-manage/
Solutions, P. (2018). 5 Steps to Better Security in Your Hybrid Cloud. Retrieved from
http://www.prescientsolutions.com/blog/5-steps-better-security-hybrid-cloud/
Tchana, A., Son Tran, G., Broto, L., DePalma, N., & Hagimont, D. (2013). Two levels
autonomic resource management in virtualized IaaS. Future Generation Computer
Systems, 29(6), 1319-1332. doi: 10.1016/j.future.2013.02.002
TDWI Checklist Report: Data Management Best Practices for Cloud and Hybrid Architectures.
(2018). Retrieved from https://www.informatica.com/in/lp/tdwi-data-management-best-
practices-for-cloud-and-hybrid-architectures_analyst-report_3359.html#fbid=nU0Po9vq5kt
Tech, I. (2016). What are the risks of hybrid cloud?. Retrieved from
http://www.isgtech.com/what-are-the-risks-of-hybrid-cloud/
The online portal for Data Migration knowledge. (2018). Retrieved from
http://datamigrationpro.com/data-migration-checklist-planner/
Tracy, P. (2016). Explaining the hybrid cloud, its advantages and disadvantages. Retrieved from
https://www.rcrwireless.com/20160922/big-data-analytics/hybrid-cloud-iot-tag31-tag99
28
Tran, E. (2018). Pros & Cons for Building a Hybrid Cloud for Your Enterprise. Retrieved from
https://www.actifio.com/company/blog/post/pros-cons-for-building-a-hybrid-cloud-for-
your-enterprise/#sthash.vbLnCxbr.UTwz4tKH.dpbs
Vonnegut, S. (2018). Hybrid Cloud Migration: 5 Tips to Creating the Best Migration Strategy.
Retrieved from https://www.stratoscale.com/blog/cloud/hybrid-cloud-migration-5-tips-
creating-best-migration-strategy/
Waite, A. (2017). Utilizing Hybrid Architectures for Cloud Computing.
Hybrid Cloud. (2018). Retrieved from https://kemptechnologies.com/hybrid-cloud/
Why a Hybrid Cloud/Colocation Strategy Is Here to Stay. (2017). Retrieved from
https://www.datafoundry.com/blog/hybrid-cloud-colocation-here-to-stay
29
https://www.actifio.com/company/blog/post/pros-cons-for-building-a-hybrid-cloud-for-
your-enterprise/#sthash.vbLnCxbr.UTwz4tKH.dpbs
Vonnegut, S. (2018). Hybrid Cloud Migration: 5 Tips to Creating the Best Migration Strategy.
Retrieved from https://www.stratoscale.com/blog/cloud/hybrid-cloud-migration-5-tips-
creating-best-migration-strategy/
Waite, A. (2017). Utilizing Hybrid Architectures for Cloud Computing.
Hybrid Cloud. (2018). Retrieved from https://kemptechnologies.com/hybrid-cloud/
Why a Hybrid Cloud/Colocation Strategy Is Here to Stay. (2017). Retrieved from
https://www.datafoundry.com/blog/hybrid-cloud-colocation-here-to-stay
29
1 out of 31
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.