Management, Backup & DR - Assessments And Considerations For Cloud Migration

Management and Remote Administration

Discuss about the Management, Backup & DR.
 

The management of DSI based on cloud architecture evaluations has decided to implement ICT applications in their OSDS suite in SaaS model and in their hybrid cloud model. In the DSI cloud migration planning, SaaS delivery model is preferred for OSDS suite because it offers redundant resources for application implementation and can provide interoperability with any type of user operating systems. In hybrid model, private cloud is a highly secured infrastructure which is meant for internal users in government departments that make use of spatial information. This report focuses on assessment for deployment model, risk management and security issues for OSDS applications along with evaluating the technical management of cloud and service level agreements (SLA) agreed with the cloud provider. The management requirements are highlighted for the chosen cloud provider in terms of remote administration, resource provisioning, backup and disaster recovery (DR) and SLAs. The assessments are discussed in the next sections.

Since cloud service models are outsourced infrastructure and managed by a cloud service provider, the IT resources needed by DSI must be configured, administered and monitored for their usage. These management mechanisms in clouds facilitate control of IT resources as required by DSI and are the main elements of cloud technology architectures (Erl, Ricardo, & Zaigham, 2013) required for the OSDS suite of applications. Cloud management will cover the aspects of emote administration, resource management and SLA management.

The tools and UI for remote management can be used by DSI’s IT department to configure and monitor resources on the cloud.  In order to have maximum benefit of cloud platform, the organization can make use of cloud operational checklists provided by Morad and Dhalbajan. The checklists can be used by DSI to support their cloud assessment needs. There are two types of checklists based on the maturity level and application development requirements. They are the basic operations checklist and the enterprise operations checklist (Morad & Dalbhanjan, 2013).

The basic operation checklist will allow DSI to the service model of SaaS and hybrid deployment model, the following assessment is made related to cloud DSI to evaluate their use of specific services needed for OSDS application suite before they are migrated to the cloud. The enterprise operations checklist will support to identify key elements related to DSI’s operational strategy and migration. The assessments performed by DSI related to cloud migration will include,

• Access management and identify of users (Subashini & Kavitha, 2011) for providing specific credentials while making spatial information requests. For example a user can only view or download spatial data, but cannot perform modifications, additions or deletions. These credentials are available only with the administrators in DSI. This is an important security requirement.
• Since spatial information is important data, there must be adequate data backup and recovery procedures defined in SLA by the cloud provider. This assessment is important as BC and DR needs are considered to overcome unforeseen emergencies. The applications in OSDS suite must be deployed on web servers and databases must be stored separated in database servers wherever needed.
• The cloud provider will perform actions to replicate data to ensure spatial information is available even when a single component or hardware fails (AWS, 2016). This assessment will help DSI determine the resources used according to SLA.
• The cloud provider must ensure to verify software patches, operating systems, applications for their updates and secure their cloud platform periodically (Steiner, 2012). This assessment will ensure application monitoring in SaaS platform.
• The cloud provider must provide a hierarchical network topology (Jin & Liang, 2014), secure access, application performance and cloud usage reports (Martignoni, et al., 2012).

Backup and DR

The enterprise operational checklist for DSI will cover the assessments for hybrid cloud usage to include,

• Billing and accounting for cloud service usage. Cloud models follow the pay-per-use model where each service/resource is billed, or example storage, network bandwidth, OS, etc. Remote management must support the monitoring of service and resource used by DSI.
• Further cloud usage strategies will include tracking cloud provisioned resources (Rouse, 2010) identifying new requirements. DR and backup requirements for DSI are important.

The above checklists by Morad and Dhalbajan provide an assessment checklist which supports DSI in assessing and managing their cloud requirements and migration.

Resource management system allows DSI to perform IT resources, mostly the management of physical hardware. Some of the tasks for assessment here include management of servers, virtual servers, physical infrastructure management, and resilience and failover systems. These actions are jointly coordinated by both, DSI and cloud provider (Younge, Laszewski, Wang, Lopez-Alarcon, & Carithers, 2010).

SLA management (CSI, 2015) for DSI will include defined mechanisms for monitoring cloud deployment and provide features for administration, collection and storage, reporting and runtime notifications of SLA data. 

The term disaster recovery (DR) has many forms and can occur unexpectedly. This is because IT systems are vulnerable to threats, both internal (human error), external (hackers) and hazards posed by natural environment (floods, earthquakes, etc.) (Krutz & Vines, 2010). A comprehensive DR plan is required by DSI must be aimed at protecting data and vital information from any type of vulnerability, and DR planning is unique for each organization. The DR planning and backup procedures must effectively restore critical functions in the event of any unplanned disruption. Morad and Dhalbajan checklist highlights the need for assessing backup procedures and disaster recovery measures (Kandukuri, Paturi, & Rakshit, 2009). In addition to this checklist, the key elements for DSI to consider in their disaster measures will include, 

• Identifying key applications, databases, etc.
• Establishing procedures for recovery of data, backup and restore policies
• Developing procedures for implementation, testing and maintenance of the complete OSDS suite on cloud

Normally, assessments for backup and DR for resilience will include the following areas:

• DSI must estimate the cost of downtime in the event of a disaster and must plan strategies appropriately. In this step the recovery points for each component must be understood. The information assets can be catalogued based on their criticality in DSI and downtime estimated (Alhazmi & Malaya, 2013).
• Internal staff, particularly in the IT department in DSI must be involved and the responsibility must not fall on one single person in DSI. It will be a good idea to train different people to handle backup and restore procedures. This will be a good strategy to ensure spatial information is available at all times.
• Redundancies can be another strategy to ensure DR and backup procedures protect information assets in DSI. Redundancies can be agreed with cloud provider for additional resources like storage space, remote site for backup, etc. (Ranjan, Gupta, & Sharma, 2015). Redundancies in resources will ensure data is available from replication servers even when the primary server is down for some reason.
• DR assessments will further include all business critical processes such as new development, modifications in existing applications, data sources and steps to recovery within the recovery point. For instance, when DSI decides to implement a new web based spatial information publication on cloud, the earlier backup and DR strategies may need revisions. This is important because it will be most appropriate to keep DR and backup strategies to be aligned with operating environment and information usage (Martin, 2002).
• Lastly to have redundant resilience of all OSDS applications, the DR strategies must be evaluated constantly by running vulnerability tests on OSDS applications (Nageswararao & Khetmalas, 2014). Cloud provider can coordinate this activity through their SLA. The evaluation for risks to data and applications must ensure fail safe infrastructure for DSI. All the activities and associated procedures must be documented fully.

Backup and disaster recovery is a critical area in cloud migration which must be considered by DSI prior to migration of OSDS applications.

SLAs come into play to make sure the services offered by a cloud provider are delivered as agreed with DSI. SLA has become a pre-requisite due to cloud business strategy and provides series of rules and directives (Hoehl, 2015) that must be taken by DSI to evaluate and agree on operating terms with service provider. SLAs will also include a set of non-functional requirements in cloud services. An example of SLA can be the return of operations (RTO) within 60 minutes in the event of any service failure in the cloud. SLAs in cloud must be assessed for their,

• OSDS applications, spatial data availability and uptime. Specific performance benchmarks to compare actual cloud performance.
• Availability of usage statistics for the consumer. This dashboard report will provide data on cloud service usage for DSI. Informing scheduled changes to consumers in advance (eg, maintenance downtimes). This information is normally provided by cloud provider. Scheduled maintenance can include hardware changes, etc. on the cloud infrastructure.
• Help desk and availability of support personnel to resolve specific issues. The cloud provider will clarify the scope of resources used in cloud service of interest.

SLAs management normally follows the monitoring of SLA data based on already defined resource and performance metrics and reporting parameters. Cloud migrations for any type of business process must follow bet practices in risk management. The practices must also be in conformance to particular cloud service and business critical processes that deal with sensitive information. The SLA data can be made available on real time for cloud usage and administration through remote management in active cloud services. The SLA guideline provided by (Erl, Ricardo, & Zaigham, 2013) on cloud computing services includes the risk assessments in cloud migration and planning.

SLA Assessment

Assessments related to DSI enterprise risk management (CSA, 2009) will include,

• DSI owing to the lack of physical control on cloud infrastructure must document SLAs, contract requirements, resource usage to understand risk management in its infrastructure.
• The SLAs must clearly define on demand provisioning and support traditional form of auditing. DSI can also define strategies for specific contractual exceptions and better align business strategies to overcome risks in IT.
• Risk management in SLA must identify valuation of assets, potential impact on incident scenarios and risk management plans must be defined clearly in SLA to benefit DSI.
• The approach of risk assessment must be consistent in SLAs and also the likelihood of impact may be defined. It will be best for DSI to jointly develop risk scenarios for cloud service model.
• The SLA must classify all assets and resource between DSI and the cloud provider and appropriate accounting must be defined for each.

SLA management and assessments are important for DSI because they provide the operational management aspects in day to day cloud usage. SLAs are important to note further that SLAs must focus more on reducing risks and protecting OSDS applications with the cloud provider.

Conclusions

The report highlights the importance of evaluation in cloud migration for DSI. Since cloud services are decided by the cloud provider it is important the SLAs are defined to suite the best interests of DSI. The assessments and methods for remote monitoring, backup and OSDS resiliency, and the importance of assessing SLAs prior to cloud migration are explored and discussed. 

References

Alhazmi, O. H., & Malaya, Y. K. (2013). Evaluating Disaster Recovery Plans Using the Cloud . IEEE Computer society , 1-6.

AWS. (2016, June). Expanding Your Scaled and Load-Balanced Application to an Additional Availability Zone. Retrieved June 4, 2016, from Amazon Web Services: https://docs.aws.amazon.com/autoscaling/latest/userguide/as-add-availability-zone.html

CSA. (2009). Security Guidance for Critical Areas of Focus in Cloud Computing V2.1. Cloud Security Alliance.

CSI. (2015). Practical Guide to Cloud Service Agreements, Ver2.0. Cloud Standards Customer Council.

Erl, T., Ricardo, P., & Zaigham, M. (2013). Cloud Computing: Concepts, Technology & Architecture. USA: The Prentice Hall Service Technology Series.

Hoehl, M. (2015). Proposal for standard Cloud Computing Security SLAs – Key Metrics for Safeguarding Confidential Data in the Cloud. Security SLA for Cloud. The SANS Institute.

Jin, H.-Q., & Liang, M.-G. (2014). The Hierarchical Network Topology Management System based on Managed Object and View Mechanism. AASRI Conference on Circuit and Signal Processing (CSP 2014) (pp. 12-18). Elsevier B. V.

Kandukuri, B. R., Paturi, R. V., & Rakshit, A. (2009). Cloud Security Issues. IEEE International Conference on Services Computing, IEEE Computer Society , 517-520.

Krutz, R. L., & Vines, R. D. (2010). Cloud Security: A Comprehensive Guide to Secure Cloud Computing. New York: Wiley Publishing.

Martignoni, L., Poosankam, P., Zaharia, M., Han, J., McCamant, S., Song, D., et al. (2012). Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems. Report by University of California, Berkeley and Carnegie Mellon University.

Martin, B. C. (2002). Disaster Recovery Plan Strategies and Processes. SANS Institute, InfoSec Reading Room.

Morad, S., & Dalbhanjan, P. (2013). Operational Checklists for AWS. Amazon Web Services (AWS).

Nageswararao, & Khetmalas, M. B. (2014). Cross-Cloud Testing Strategies Over Cloud Computing . International Journal of Engineering Research and Applications , 79-82.

Ranjan, A., Gupta, S. K., & Sharma, G. (2015). Cloud Computing based Disaster Recovery: An Introduction. International Journal of Advanced Research in Computer Science and Software Engineering , 1015-1019.

Rouse, M. (2010, August). Provisioning. Retrieved June 3, 2016, from What is SOA? SearchSOA: https://searchsoa.techtarget.com/definition/provisioning

Steiner, T. (2012). An introduction to Securing a Cloud Environment. The SANS Institute.

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications , 1-11.

Younge, A. J., Laszewski, G. v., Wang, L., Lopez-Alarcon, S., & Carithers, W. (2010). Efficient Resource Management for Cloud Computing Environments. Pervasive Technology Institute, Indiana University, Bloomington, USA and Rochester Institute of Technology, Rochester, NY USA.