Implementing Hybrid Cloud Strategy For SoftArc Engineering: Essay On Cloud Architectures And Security Steps.

1.Describe which Cloud architectures you would employ to assist SoftArc Engineering meet the Board’s strategy?

 a)Describe each of the architectures that you would use, along with your reasons for deploying it.

 b)Describe the benefits and issues that would be the result of your deployment of these architectures.

2.Describe the risks that you see associated with this new Hybrid Cloud strategy. You should name and describe each risk that you identify, and then describe a possible control for the risk. This may be presented in a tabular form.

3,.Describe the general Information Security steps and controls that you would recommend to the Board to secure the Hybrid Cloud. You will need to explain to the Board your reasons for recommending these particular security steps.

4.Discuss briefly what you would recommend should be included in SoftArc Engineering’s BCP as a result of their adoption of a Hybrid Cloud approach. You will need to consider, as a minimum, the issues of application resilience, backup and disaster recovery in a Hybrid Cloud environment.

5.Discuss the requirements that SoftArc Engineering will need to consider in order to conduct remote server administration, resource management and SLA management for it’s proposed IaaS and PaaS instances.(it may be useful to consider Morad and Dalbhanjan’s operational checklists for this section). This section should be no more than two to three pages in length.

6.The SoftArc Engineering board has decided, as an initial step, to move their SharePoint instance and their SQL Server 2012 Database servers to the AWS cloud in order to begin the migration process, and test their strategy.

  a)Describe the steps that you would include in the plan to migrate these services.

  b)What are the critical points and issues that you see occurring at each of these steps? Explain why you see these points or issues as critical.

Task 1: Cloud architecture

SoftArc Engineering requires a hybrid architecture that combines both in-house facilities (located in Sydney) with cloud resource in order to maximise its business objectives. Cloud infrastructure would offer more flexibility and responsiveness as well as increase access mobility. The following architectures are proposed:

Simple load balancing – SoftArc can deploy some of its resources in cloud facilities offered by regional service providers. This method uses the availability zones assigned by the vendor which increases availability and contains measures for fault recovery. It’s a suitable architecture as it lowers the risks involved with the migration having an on-premise solution (Memon, 2015)

Fig: Simple load balancing

Auto scaling hybrid architecture – since the data centre located in Sydney is less flexible, an auto-scalable cloud architecture can be used where the ability to grow or even shrink resources is offered on the online servers (horizontal scale). This architecture meets user demands which are always changing, by incorporating an array of servers in the networking tier. Therefore, as a design architecture, it offers more flexibility, mobility and improved responsiveness due to its adaptability (Right scale, 2017)

Fig: Auto scaling hybrid architecture

Task 2: Risks of hybrid strategy

Although hybrid strategies substantially lowers the risks involved in migrating resources, they still face many issues particularly with the compatibility and integration of the in-house equipment. Below are the risk and their control measures:

(Pulse secure, 2017)

Private infrastructure can be expensive to maintain on top of the flexibility issues, this necessitates cloud-based solutions. However, with their improved adaptability comes the security risk which requires critical assessments to establish management procedures. Below are some steps that can be used to secure a hybrid cloud infrastructure.

1. Data allocation – It’s wise for the organisation to determine the resource allocation methods. In this case, the most sensitive data can be guarded using the in-house facility. On the other hand, frequently used resources such as office automation can be based on the cloud to improve the company’s efficiency including response, mobility and flexibility.
2. Build redundancy – In the ICT world hardware is categorised into two; the one that has failed and the one that is set to fail. SoftArc should employ redundancy procedures where both the in-house and cloud resources are continuously duplicated. Moreover, regular backup procedures should be implemented to ensure data is continuously saved in different locations. This improves the overall security in case some sections are compromised (Hewlett Packard, 2016).
3. Begin with compliance then move to a smart policy – First, the organisation should deploy all the necessary security measures i.e. connection protocols e.g. IPsec and network firewalls. After establishing these basic and multi-layered security measures SoftArc should move to implement regulatory procedures that lower the vulnerability of the networks, for instance, cut off all unnecessary connections among others.
4. Finally, link with a transparent cloud partner – SoftArc should engage with a cloud provider who they can trust, this will ensure their security measures are not compromised and will also supplement the already established systems (Keating, 2017).

SoftArc should view its BCP as an integral resource for its organisation rather than a backup requirement. Their chosen BCP should outline a comprehensive roadmap to the continuity and restoration of services to their customers in case they are faced with any disaster. Furthermore, this outline should then be distributed to key personnel in the organisation such as IT personnel as they have a direct interaction of the infrastructure. In light of this requirements, the following must be included in the BCP:

1. An analysis of the potential threats – responding to a disaster depends on both on the nature of the incidence and its extent. When faced with a fire an organisation is able to respond because of the clear procedures outline on the disaster Therefore, the outlined threats help facilitate the recovery.
2. Responsibility areas – A quick recovery depends on the chain of command established where each personnel has a role assigned to them. In a case of a disaster the management should not have to squabble on the authorities making decisions, this outcome must be automatic. Furthermore, some disaster may result in the loss of some personnel therefore, alternative roles should also be assigned if the primary personnel is lost. (Shinder, 2007).
3. Emergency contacts – Updated hotline numbers should be availed in the BCP, this numbers should be of entities that can be contacted in case of an emergency.
4. The recovery team – The aftermath of the disaster will include crisis management procedures as the organisation tries to restore operations back to their normal conditions. A DRT (disaster recovery team) should be appointed and stated in the BCP. This team will consist of various experts who have the necessary skills to manage the situation, for instance, communication specialist, safety inspector, security and personnel experts among others.
5. Offsite backup and power arrangements – since SoftArc resources are digital in nature, a clear restoration plan should be outlined in the recovery procedures. This will include the backup options for the data and the power requirements.
6. Alternative site – in case the main site of operation is affected an elaborate plan that outlines a temporary solution for the service location should be given. This plan will spell out the setting and equipment available.

Like any other organisation, SoftArc needs to set up and configure its cloud-based solutions for both IaaS and PaaS instances. Moreover, they must establish a management mechanism to facilitate the control as well as the evolution of the chosen platforms. These requirements outline the need for the overall resource management, remote administration and the management of the SLA (service level agreement). Remote administration will encompass the tools used to manage the external; resources from the service provider. Whereas, resource management will help coordinate the company’s IT resources in order to meet the needs of its customers and those of the service provider. Finally, SLA management will outline the techniques used to collect, store and report alerts on data relating to the services offered.

1. The billing and accounting governance – SoftArc must develop a mechanism for determining their usage of the leased resources, this because cloud-based resources are offered using a pay as use method. Therefore, the billing procedure will help optimise the resources given.
2. Security and access control – a security strategy outlining the credential requirements and compliance will serve as the first step to accessing control. This requirement will manage authentication procedures used to grant authorization into the IT resources. Furthermore, it will leverage on the rich set of access credential available in the market.
3. Asset management – deployed assets be it employees data or office automation facilities will have to be tracked by the in-house resources. Therefore, on top of the existing control, an internal asset management system will be needed to leverage on the cloud instances including metadata provided for different service instances.
4. Application resilience – applications such as the access API have specific requirements that enable an organisation to maximise on their capabilities. SoftArc should consider these requirements to optimise on the facilities offered by leased resources and at a convenient price.
5. Back-up – This requirement outlines specific plans that can be used to recover from a disaster. This disaster plan should include all the assets owned by the IT infrastructure and a testing program from the available backup resources.
6. Monitoring and management – while collaborating the feature of API and assessment tools, this requirement will provide the essential tools to monitor the overall system, particularly at a high-level instance.
7. Configuration – there must be a procedure that will outline the methods used to integrate the cloud resources into the organisation IT infrastructure. This procedure will minimise integration and compatibility issues. Furthermore, it will manage the release and deployment strategies of the overall resources (Amazon web services, 2013).

1. Steps of planning the migration
2. Application placement (AP) outline – A step that will determine the best service model to host the SharePoint resource. In this case, PaaS is proposed as it offers more control and collaboration convenience. Moreover, AP will serve as an ongoing process that will need the knowledge of both the business and technical requirements.
3. Execution – based on the chosen AP, three methods can be used for this step, they are; Rehost where applications are placed in a different environment i.e. internally or externally. Rewrite a rebuild of the existing code to facilitate the integration of a new service e.g. that to be used by SoftArc (PaaS). Replace, a complete change or discard of the existing solution to cater for the new needs. In this case, Rehost and Rewrite are used.
4. Optimise the new hybrid environment – facilitate the employees to learn the new environment to optimise the resource (Zivic, 2012).
5. Issues for each step

Step 1:  Complexity – The integration problems that arise from the different technologies being used makes it difficult to determine the placement method. Sometimes it will take an experience to outline the best method. Moreover, some organisation will use multiple APs which results in extra costs.

Step 2: Implementation risks – The risk of implementing a certain solution, for instance, PaaS is the least mature service offered by cloud computing which raises the problem of its implementation.

Step 3: Compliance and literacy – getting the users i.e. employees to comply with the new technology. For one, cloud computing presents a shift in dynamics which requires a change in culture a difficult endeavour in any organisation (Borovac, 2016).

References

Amazon web service. (2016). Operational Checklists for AWS. Retrieved 18 May, 2017, from: https://d0.awsstatic.com/whitepapers/aws-operational-checklists.pdf

Borovac. M. (2016). Overcoming 5 Key Challenges of Cloud Migration with a Streaming-based Approach. Velostrata. Retrieved 18 May, 2017, from: https://velostrata.com/blog/overcoming-5-key-challenges-of-cloud-migration-with-a-streaming-based-approach/

Hewlett Packard. (2016). Embrace risk: secure your hybrid cloud. Protected to innovate with the right mix. Retrieved 18 May, 2017, from: https://h20195.www2.hpe.com/v2/getpdf.aspx/4AA6-4577ENW.pdf?ver=1.0

Keating. C. (2016). 4 Steps to Securing Your Hybrid Cloud Solution & Business Cloud Storage. Zadara storage. Retrieved 18 May, 2017, from: https://www.zadarastorage.com/blog/tech-corner/4-steps-securing-your-hybrid-cloud-solution/

NGINX. (2015). 3 Cloud Architectures with NGINX Plus. Blog tech. Retrieved 18 May, 2017, from: https://www.nginx.com/blog/cloud-architectures/

Pulse secure. (2017). 17 Hybrid Cloud Security Threats and How to Fix Them. Retrieved 18 May, 2017, from: https://www.pulsesecure.net/lp/hybrid-cloud-security-threats

Right scale. (2017). Cloud Computing System Architecture Diagrams. Retrieved 18 May, 2017, from: https://docs.rightscale.com/cm/designers_guide/cm-cloud-computing-system-architecture-diagrams.html

Shacklett. M. (2016). 10 hybrid cloud risk areas that the enterprise must manage. Tech republic. Retrieved 18 May, 2017, from: https://www.techrepublic.com/blog/10-things/10-hybrid-cloud-risk-areas-that-the-enterprise-must-manage/

Shinder. D. (2007). 10 things you should cover in your business continuity plan. Tech republic. Retrieved 18 May, 2017, from: https://www.techrepublic.com/blog/10-things/10-things-you-should-cover-in-your-business-continuity-plan/

Zivic. K. (2012). 3 Steps to Migrating Applications to the Cloud. Forsythe focus. Retrieved 18 May, 2017, from: https://focus.forsythe.com/articles/79/3-Steps-to-Migrating-Applications-to-the-Cloud