PaaS Hybrid Cloud Model Essay: Benefits & Issues - A Case Study

The tasks: Your team's task is to prepare a report for Regional Gardens that discusses the following:

1. Describe which Cloud architectures you would employ to assist Regional Gardens to meet the Boards strategy?

a. Describe each of the architectures that you would use, along with your reasons for deploying it. 

b. Describe the benefits and issues that would be the result of your deployment of these architectures.

2. Describe the risks that you see associated with this new Hybrid Cloud and Microservices strategy. You should name and describe each risk that you identify, and then describe a possible control for the risk. This should be presented in a tabular form. 

3 Describe the general Information Security steps and controls that you would recommend to the Board to secure the Hybrid Cloud. You will need to explain to the Board your reasons for recommending these particular security steps. 

4. Discuss briefly what you would recommend should be included in Regional Gardens's BCP as a result of their adoption of a Hybrid Cloud and Microservices approach. You will need to consider. as a minimum, the issues of application resilience. backup and disaster recovery in a Hybrid Cloud environment. This section should be no more than 2 pages.

5. Discuss the requirements that Regional Gardens will need to consider in order to conduct remote server administration, resource management and SLA management for its proposed laaS and PaaS instances (it may be useful to consider Morad and Dalbhanjan's operational checklists for this section). This section should be no more than two to three pages in length.

6. The Regional Gardens board has also decided to move their entail instance to the AWS cloud in order to begin the migration process, and test their strategy.

a. Describe the steps that you would include in the plan to migrate these services. 

b. What are the critical points and issues that you see occurring at each of these steps? Explain why you see these points or issues as critical. 

The Choice of Cloud Architecture for Regional Gardens

The Recommended Cloud Architecture

The choice of the cloud architecture should be made on basis of the three most widely used cloud models, which are Infrastructure as a Service, Platform as a Service and Software as a Service. An organization can make use of these cloud architectures in accordance to the need of the customers. A cloud model is to be recommended for Regional Gardens that will assist Regional Gardens in meeting the Board’s Strategy. The hybrid cloud model that will be suitable for Regional Gardens Ltd in hybrid cloud environment is Platform as a Service or PaaS. PaaS is recommended for Regional gardens as it will help in making use of their already existing infrastructure.

2. Benefits and Issues of PaaS

There are a number of advantages and a number of issues associated with the use of platform as a service cloud model. The benefits of making use of this hybrid cloud model are as follows (Dinh et al., 2013)-

1. The use of the platform as a service cloud model provides the opportunity of easier and faster data accessibility. It can be deployed quite easily as well.
2. Another benefit of using PaaS is that it helps in streamlining the different applications across the organization that in turn helps in better management.
3. The adoption and use of the PaaS hybrid cloud model helps in reducing the complexities associated with the use of cloud computing (Fernando, Loke & Rahayu, 2013).. It provides the opportunity of higher level of agility in designing and managing the operations of the cloud.
4. The use of PaaS provides a cost effective solution to the clients.

However, there are a number of issues associated with the use of PaaS which are as follows-

1. The business continuity and the disaster recovery becomes the responsibility of the vendor which is a major issue.
2. The PaaS lacks the use of proper secure software development process life cycle (SSDLC)
3. PaaS lacks the provisions for SLA which is another major issue associated with the implementation of the PaaS in Regional Gardens.

2. Risks with the new Hybrid Cloud 

The new hybrid cloud and the micro service strategy are exposed to different risks, mitigation of which is possible. The identified risk in the hybrid cloud model and the micro service strategies are as follows (Krishna, 2013)-

1. Lack of Encryption is a significant risk associated with the use of PaaS. This risk can be mitigated by enforcing cryptographic protocols on the stored data.
2. Lack of compliance is another risk associated with the use of the hybrid cloud. This risk can be mitigated by establishing proper coordination between the public and the private cloud environment.
3. Inadequate security  risk assessment is a significant risk associated with the use of hybrid cloud (Rong, Nguyen & Jaatun, 2013). This risk can be mitigated by ensuring proper risk assessment before moving onto the hybrid cloud environment.
4. Denial of service attacks can be considered as another significant thereat associated with the use of cloud (Khan et al., 2013). This risk can be mitigated by installing a proper intrusion detection system and with the use of flow analytics.

3. Information Security Steps that are needed to be taken

Proper information security is needed to be analysed in order to prevent the unauthorized data access and disclosure of the confidential information that is stored in the hybrid cloud database. The information security steps that will be taken are as follows-

1. The security from the advanced threats will be ensured. For this, the listing of the advanced security threats is quite essential.
2. The security scaling is needed to be ensured as an essential security step to be taken.
3. Another information security step that is needed to be ensured is getting an optimized security. This will ensure that the basic mitigation strategies for the identified risks are in action.

4. Business Continuity Plan

Business continuity plan (BCP) is needed to be developed so that the business is not largely affected even during the disasters. A business continuity plan helps in ensuring that the risks associated with the business are properly accessed. The process or steps by which regional gardens will design and implement their business continuity plan is discussed below-

1. Regional gardens BCP should incorporate the analysis of the business impact to understand the severity of the risks associated with the system and the business processes running within the organization (Pearson, 2013).
2. After proper recommendation, it is essential to document the risks recognized and the security measures that can be used to address the risks.
3. Proper compliance of the BCP is necessary in order to comply with the proper management of a business disruption.
4. Finally, it is essential to  provide a proper training to the employees for infusing a proper understanding of the strategies of the business continuity plan.

However, there are certain issues associate with the back up and disaster recovery in a hybrid cloud environment, which are as follows-

1. slow cloud adoption is a significant issues associated with the use of hybrid cloud environment.
2. Slow data recovery is another issues associated with the BCP of hybrid cloud.
3. The backups and disaster recovery strategies that are used in cloud computing are less reliable.

The above discussed points give an idea of the major issues associated with application resilience, back up and disaster recovery in hybrid cloud environment.

5. Remote server Applications

There are a number of requirements which are needed to be acknowledged for establishing a proper remote server administration in Regional Gardens. The significant tools of service administration include server manager, consoles, Microsoft management Console and so on. Shared resources are the most important requirement associated with the resource management (Li et al., 2013). The shared resources are extremely important in both IaaS and PaaS. Implementation of a service level agreement helps the users in managing all the cloud resources and the services that are associated with the use of IaaS and PaaS platform.

6. Mitigation to AWS

The management and the Board of Regional garden has planned to move its email instance to AWS which is Amazon web services. This will mark the beginning of the process of migration and the testing strategy.

1. Preparation of Migration is the first step that is associated with the move to the AWS services. The preparation step is necessary in order to successfully migrate to AWS (Xiao, Song & Chen, 2013).
2. Portfolio discovery and planning is the next step and is a migration strategy.
3. The designing Application is the third step of migration to designing of the application.
4. The Migration and the validating is the fourth step of the migration process.
5. The fifth step of the migration process is operation and this step is essential as it will decide if the developed application will run or not.

The Critical Points and issues associated with these step

The steps of migration compromise of certain critical points or issues that are needed to be addressed. These critical points are as follows-

1. The critical issue associated with the preparation of migration is the wrong planning. This is because if a plan is not made properly the migration may not be done successfully.
2. The main issue associated with the portfolio discovery and planning is inaccurate discovery and planning of the portfolio.
3. The issue associated with the designing of application is that the wrong design of the application might result in failure of the system.
4.  The issue associated with the migrating and validating of the application is that incorrect validation might result in the failure of the application.
5. The critical issue associated with operation is the wrong operation that might result in project failure.

Conclusion:

The report gives an idea about the choice of the hybrid cloud model that can be adopted by Regional Gardens. A PaaS approach is chosen for the purpose and the benefits and the issues associated with the use of platform as a service is evaluated as well. The report further discusses the risks associated with the hybrid cloud and the steps that should be taken to design a proper business continuity plan. The process of movement of email instance to the AWS is further discussed in the report. The report establishes the fact that with a proper security implication, the choice of adapting to a cloud environment is justified for Regional Gardens.

Regional Gardens runs a number of gardening enterprises and it is also open for public inspection. The management of the organization has decided to move to a hybrid cloud environment in order to integrate the business operations of the organization. The report gives an idea of the process of implementation of cloud within Regional Gardens. The risks and the security issues associated with the use of hybrid cloud are evaluated and a business continuity plan is proposed as well. The requirements that the Regional Gardens is needed to consider to conduct the remote server administration is further discussed in the report.  

References:

Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing: architecture, applications, and approaches. Wireless communications and mobile computing, 13(18), 1587-1611.

Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future generation computer systems, 29(1), 84-106.

Khan, A. N., Kiah, M. M., Khan, S. U., & Madani, S. A. (2013). Towards secure mobile cloud computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299.

Krishna, P. V. (2013). Honey bee behavior inspired load balancing of tasks in cloud computing environments. Applied Soft Computing, 13(5), 2292-2303.

Li, M., Yu, S., Zheng, Y., Ren, K., & Lou, W. (2013). Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE transactions on parallel and distributed systems, 24(1), 131-143.

Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for Cloud Computing (pp. 3-42). Springer, London.

Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for Cloud Computing (pp. 3-42). Springer, London.

Xiao, Z., & Xiao, Y. (2013). Security and privacy in cloud computing. IEEE Communications Surveys & Tutorials, 15(2), 843-859.