Assessment item 4
Security Management and MigrationValue:
Regional Gardens Ltd is a company that runs a number of related gardening enterprises. It has a large display garden that it opens for public inspection a number of times a year. These enterprises include the Regional Gardens Nursery which sells plants and garden supplies to the public, and Regional Garden Planners which provides garden advice, design and consultancy services.The company is considering the following strategic proposal:
- They plan to retain the Bathurst data centre for data storage. This would entail updating their Active Directory and data storage infrastructure, and moving all other infrastructure into the Cloud.
- They plan to initially move all their Web Services into the Cloud in order to provide an increased level of HA (High Availability) as well as a better degree of flexibility in supplying data to their customers and employees. This would entail changing their current web software architecture to take advantage of the flexibility and scalability that can be gained by moving to a Microservices model (this would entail the use of such services as AWS Lambda or Azure Functions, Containers, Data Services, and Cloud Edge capability and monitoring).
- They also plan to migrate their LoB (Line of Business) applications to a Cloud Infrastructure to increase their flexibility and availability.
The Board of Regional Gardens is contemplating this strategy as a way to increase the company’s flexibility and responsiveness. The Board also expects to achieve significant savings on the cost of maintaining their ICT infrastructure by closing their existing data centre. They appreciate that this would entail retraining for their existing ICT staff so that they can manage the new Cloud based infrastructure.Regional Gardens has again approached you to advise them on this strategy. You have already advised Regional Gardens that this strategic approach will mean that they will need to ultimately design and operate a “Hybrid Cloud” methodology, where part of their data centre is “on premise” and another part in a Cloud.Regional Gardens also plan to run a Risk and Security Workshop to assess the risks, security issues and possible methods of control that will be required with this “Hybrid Cloud” approach. You will be required to organise, run and facilitate this workshop.The Board is also concerned about how this strategy will affect their BCP (Business Continuity Plan) and their backup and disaster recovery strategies.
Your team has been engaged to provide a risk assessment for MetaSoft in their planned move to a Hybrid Cloud strategy.Team Setup
This assignment is a team assignment. The rationale for using a team approach is that most IT risk management assessments are normally done by teams of between 2-5 Architects, Information Security experts, Operations and Business leaders for each problem. You will be assigned to a team and the team, as a whole, will be responsible for the development of the risk assessment.Team Member Responsibilities
Each team member will be assessed on:
- The final risk assessment presented by the team;
- The individual contributions that they have made to the risk assessment. This will be shown by the entries that they have made in the Team forum;
Team members should note that:
- A total of 20% of the total marks for this assignment are for individual contributions. These include:
- Selection of issues for risk assessment (10%), and
- Reasoning behind the risk assessment for the selected issues (10%)
- A team member without any individual contributions in the Team Forum will be regarded as having not contributed to the risk assessment. This will result in either reduced marks or no marks being awarded to that team member for this assignment.
Your team’s task is to prepare a report for Regional Gardens that discusses the following:
- Describe which Cloud architectures you would employ to assist Regional Gardens to meet the Board’s strategy?
- Describe each of the architectures that you would use, along with your reasons for deploying it. (10 marks)
- Describe the benefits and issues that would be the result of your deployment of these architectures. (10 marks)
- Describe the risks that you see associated with this new Hybrid Cloud and Microservices strategy. You should name and describe each risk that you identify, and then describe a possible control for the risk. This should be presented in a tabular form. (20 marks)
- Describe the general Information Security steps and controls that you would recommend to the Board to secure the Hybrid Cloud. You will need to explain to the Board your reasons for recommending these particular security steps. (20 marks)
- Discuss briefly what you would recommend should be included in Regional Gardens’s BCP as a result of their adoption of a Hybrid Cloud and Microservices approach. You will need to consider, as a minimum, the issues of application resilience, backup and disaster recovery in a Hybrid Cloud environment. This section should be no more than 2 pages. (10 marks)
- Discuss the requirements that Regional Gardens will need to consider in order to conduct remote server administration, resource management and SLA management for its proposed IaaS and PaaS instances (it may be useful to consider Morad and Dalbhanjan’s operational checklists for this section). This section should be no more than two to three pages in length. (10 marks)
- The Regional Gardens board has also decided to move their eMail instance to the AWS cloud in order to begin the migration process, and test their strategy.
- Describe the steps that you would include in the plan to migrate these services. (10 marks)
- What are the critical points and issues that you see occurring at each of these steps? Explain why you see these points or issues as critical. (10 marks)
RationaleThis assessment will cover the following outcomes:
- Be able to compare and evaluate the ability of different Cloud Computing Architectures to meet a set of given business requirements;
- Be able to evaluate a set of business requirements to determine suitability for a Cloud Computing delivery model;
- Be able to evaluate and design an ICT Risk Management strategy for a Cloud Computing Delivery plan to meet business requirements;
- Be able to interpret, evaluate and plan the Governance and Security requirements for a Cloud Computing delivery plan;
- Be able to analyse and evaluate business requirements to plan a migration to a Cloud model;
Remote Server Installation by Regional Gardens
Conditions Required for Regional Gardens
It is very crucial and essential to consider people who live in remote areas and marginalized areas in matters of accessing information technological services. Being a leader or a system administrator in the docket of information technology one must carry out several computer systems for the project to be successful and achievable. The noble key areas one must dearly concentrate on is the monitoring dynamics of the server, solving technical problems, and being on the ground to upgrade the servers to the current standards. It requires a lot of intelligence, and rational background to be well equipped with the appropriate remote server tools that are capable and potential to serve the remote locality. The manager of regional gardens must formulate strategy and coherent planning for the improvement of the server infrastructure which can be at equilibrium with the servers of urban and developed areas. The strategy set up should be executed accordingly to provide quick channels to access the information technology services with a lot of ease. This paper will elucidate the requirements needed by regional gardens company in conducting remote server administration, resource management, and service level agreement management.
The IT administrator, network and laboratory manager for Regional Gardens needs to control and access several systems of a computer. The one assigned this task is inventible to have frequent maintenance of the systems of a computer where problems and trouble starts to shoot. The manager also must be able to monitor the needs required of the agency initiated in the remote areas. According to (Manvi, 2014) the rational parameter required for the installation of the Information technology services must enable the manager and the staffs hired to offer quick services to the clients. The clients can access and enjoy the services regardless of the disparities of the gadgets they have, the location they are situated and the activities the gadget is running in its software.
The IT administrator of Regional Gardens needs to consider the condition of the power supply. Power is very essential prerequisite where it is an objective fact no laptop, desktop, or smartphone can offer services without power. When the remote area power goes off the administrator should transcend and focus the back systems that can be used in this accidental situation. Security is another condition needed to be considered in the installation of computer systems in remote areas by Regional Gardens. The computer software systems need to be encrypted with sophisticated codes that are not be easily hacked by the cyber perpetrators (Burkar, 2017). The gadgets are quite expensive and costly hence the area needs to be highly defended for any robbery act that is potential to occur. The manager and the crew of Regional Gardens must offer reliable services to the clients to make them satisfied and contended. The manager and the team should be professional, transparent, and diligent in their management.
Related paper: Information Technology Strategic Plan
The resource management of Regional Gardens must come up with the proper structure to cover the scalability in the remote areas as information technology resources are concerned. The cloud centeredness ought to be monitored, maintained, set up and configured. The remote system administration devices offer consumer interfaces, and apparatus meant for exterior resources needed by the cloud administrators to administer and configure cloud centered information technology means. According to ( Ford,2017) the remote server administration is potential in establishing avenues to access administration management features which include; billing system, SLA management, and resource management. The APIs and tools required by a remote server administration system are consumed by the provider of the cloud to customize and develop online platforms. These platforms offer consumers of the cloud with numerous management controls.
The self-service and usage administration platform are structured with remote server administration system. An administrator cloud resource uses the administration portal and the usage platform for configuration a ready hired a cybernetic server to formulate it for accommodating. The administrator cloud further uses the self-service platform to request and select the provisioning of the fresh service cloud. The remote server management dynamics assists in coordinating information technology resources in responding to management actualizations by cloud providers and cloud consumers. The Service Level Agreement system management devices epitomize a big traffic of useful available products, management that offer specific features. The features include reporting, storage, collection, administration. Service Level Agreement data, and runtime notifications. The Service Level Agreement System management is used to retrieve and store gathered SLA information centered on reporting parameters and pre-defined metrics.
- The action of migration done by Regional Gardens in matters to move eMail instance to the AWs cloud need to be carried out with a lot of compliance, a collaboration between finance department, and product systems. The Aws is divided into distinct categories. For every migration, the cloud is unique in its own way. The utmost success achieved depends on fathoming target state, system current, and the steps needed to arrive at the targeted state (Alhlou2016). The first stage is the migration preparation and business planning. At the threshold, Regional Gardens need to unite together with the effective shareholders to finalize and discuss the aims for migrating to the cloud. In the process of migration, the AWs and the CAF assist every unit of the business in understanding the way to modernize the services, initiate new processes to achieve utmost benefits, and adapting to existing processes( Petcu,2015). The proximate end of AWs cloud adoption framework is to unite stakeholders and make an actualization to move the crew from goals of the cloud to implementation. The second step needed by Regional Gardens in the migration is the portfolio discovery and planning. In this phase, it demands the action of evaluating analyzing, and documenting the present server infrastructure. The Regional gardens ought to use partial refactor, lift and shift options. The third step to consider in migration is designed. The goal of this third step is to deliver reference target architecture which is responsive to all participants.
- The critical points observed recurring mostly in these stages are three of them. The first step is understanding the effectiveness of each stage. The second rational point is to evaluate and monitor strictly how each phase operates and will benefit to Regional Gardens as the migration of eMail instance is concerned. The third stage of each point is to achieve successful accomplishments of every phase. The points are quite critical because they have an impact and effective benefit to the clients who will lastly be the beneficiaries. The points are essential and have a lot of rationale because they result in a dynamic revolution as migration is concerned. The critical points are useful because they are focused on the common good of the beneficiaries who are the clients.
The Regional Gardens Managers need a high rate of professionalism, intelligence, skills and competence in executing the necessary tasks required in Information Technology system. The remote areas need worthy services from Regional Gardens in order to create a healthy relationship which is reliable and up to standard. As manager one must follow strictly to the strategies and planning methodologies set to achieve maximum results.
Alhlou, F., Asif, S., & Fettman, E. (2016). Google Analytics Breakthrough: From Zero to Business Impact. John Wiley & Sons.
Ford, C. T., Callison, W., Siddiqui, F., & Hakhinian, M. (2017). U.S. Patent No. 9,654,450. Washington, DC: U.S. Patent and Trademark Office.
Manvi, S. S., & Shyam, G. K. (2014). Resource management for Infrastructure as a Service (IaaS) in cloud computing: A survey. Journal of Network and Computer Applications, 41, 424-440.
Petcu, D., Iuhasz, G., Pop, D., Talia, D., Carretero, J., Prodan, R. & Fraguela, B. B. (2015). On processing extreme data. Scalable Computing: Practice and Experience, 16(4), 467-490.