Cloud Computing and SaaS Environments
|
|
- Bernice Blankenship
- 8 years ago
- Views:
Transcription
1 Regulatory Considerations for Use of Cloud Computing and SaaS Environments Institute of Validation Technology Conference Qualifying and Validating Cloud and Virtualized IT Infrastructure Philadelphia PA 21 August 2012 Chris Wubbolt, BS, MS John Patterson, MSE
2 Challenges hll / Defintions i Historical Perspective Regulatory Requirements for computing service providers Paradigm Shift : Software Vendors to Software as a Service a Providers Qualification / Validation of hosted applications Key Risk Areas 2
3 Challenges Faced by Consumers Contemplating Cloud Computing Adoption Include: 1 Policy Technology Guidance Security Standards 3
4 Cloud computing is still in an early deployment stage, and standards are crucial to increased adoption. Urgency is driven by rapid deployment of cloud computing in response to financial incentives. Strategically, there is a need to augment standards and to establish additional security, interoperability, and portability standards : to ensure cost effective and easy migration, to ensure that mission critical requirements can be met, and to reduce the risk that sizable investments may become prematurely technologically obsolete. 4
5 Cloud Computing 2 Virtual Machines 3 Infrastructure as a Service (IaaS IaaS) 2 Platform as a Service (PaaS) 2 Software as a Service (SaaS) 2 5
6 Public Cloud 2 The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services. Private Cloud 2 The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise. 6
7 A virtual machine is a tightly isolated software container that can run its own operating systems and applications as if it were a physical computer. A virtual machine behaves exactly like a physical computer and contains it own virtual (ie, softwarebased) CPU, RAM hard disk and network interface card (NIC). 7
8 The capability provided to the consumer is to provision processing, storage, g, networks, and other fundamental computing resources where the consumer is able to deploy and run software, which can include operating systems and applications. Theconsumer does not manageor control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls). 8
9 The capability provided to the consumer is to deploy onto the cloud infrastructure consumer created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. Theconsumer does not manageor control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application hosting environment. 9
10 The capability provided to the consumer is to use the provider s appls running on a cloud infrastructure. Theapps areaccessible accessible fromvarious client devices through either a thin client interface, such as a web browser (e.g., web based ), or program interface. The consumer does not manage or control the underlying cloud dinfrastructure t including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user specific application configuration settings. 1 0
11 11
12 12
13 GxP Electronic Recordkeeping Controls Qualified If Infrastructure Standard Operating Procedures Trained Personnel (including IT) Validated Applications Record Integrity Record Availability Record Retention 13
14 Record Integrity Record Availability Record Retention Electronic SOPs SOPs Recordkeeping Backup and Backup and Compliance Restore Restore Program Problem Business SOPs Reporting Continuity Validation Business Disaster Recovery Infrastructure Qualification Continuity Disaster Recovery Plan Record Retention Security Program Plan Policy Training Archival 14
15 Pharma A Data Center Inc STILL NEED GxPElectronic Recordkeeping Controls QualifiedInfrastructure Standard Operating Procedures Trained Personnel (including IT) Validated Applications 15
16 A computerised system is a set of software and hardware components which together fulfill certain functionalities Applications should be validated IT infrastructure should be qualified Hardware and software such as networking software and operation systems which makes it possible for the application to function Risk Management Extent ofvalidationand and dataintegritycontrols patient safety, data integrity, product quality 16
17 Suppliers and Service Providers Formal Agreements required to include clear statements of responsibilities Provide Configure Validate Modify Install Integrate Maintain i Retain IT departments should ldb be considered d analogous 17
18 GxPElectronic Recordkeeping Controls Qualified Infrastructure Standard Operating Procedures TrainedPersonnel(includingIT) Validated Applications 18
19 Software Vendor Quality System SLC Processes Customer Support Typically not directly regulated or inspected by regulatory agencies. Audited Adi db by clients for adherence to standards. d Quality of SLC Documentation, Testing, etc. varies considerably for each vendor. Sponsor responsible for installation, ti validation, and electronic recordkeeping controls at sponsor location. 19
20 Electronic Recordkeeping Compliance Program SOPs Validation Infrastructure Qualification Security Program Training Backup and Restore Problem Reporting Business Continuity Disaster Recovery Plan Record Retention Policy Archival 20
21 Electronic Recordkeeping Compliance Program SOPs Validation Infrastructure Qualification Security Program Training ProblemReporting Business Continuity Plan Record Retention Policy Electronic Recordkeeping Compliance Program SOPs Validation / SDLC Infrastructure Program Security Program Training BackupandRestore andrestore Problem Reporting Business Continuity Disaster Recovery Plan Record Retention Policy Archival 21
22 Validation SOPs User Requirements Specification User Acceptance Testing (Performance Qualification) Traceability System Acceptance Validation SOPs SDLC Methodology Functional Specification Configuration Installation (IQ) System Testing (Operational Qualification) System Release to Customer Traceability 22
23 Specifications Not complete Not updated periodically after changes Test Records Not pre approved Results not reviewed db by second person Integrity of test results No approved summary reports Release Management 23
24 Test Record Integrity Results typed into Word document or Excel spreadsheet No failures documented Test dates and times do not correlate 24
25 Software Vendor Quality System Quality System SLC Processes SLC Processes Customer Support Customer Support Validation Record Keeping Controls Hosted Environment Hosted Typically Environment not directly regulated is used for or a inspected direct GxPfunction by regulatory (record agencies. keeping) and is more likely to be inspected by regulatory agencies. Audited by clients for adherence to standards. Audited by clients for adherence to standards (GxP, Part 11). Quality of SLC Documentation, Testing, etc. varies considerably for each vendor. QualityofSLCDocumentation Documentation, Testing, etc. variesconsiderably considerablyfor eachvendor vendor. Sponsor SaaSprovider responsible responsible for installation, for some aspects validation, of installation, and electronic validation, recordkeeping and controls electronic at recordkeeping sponsor location. controls. 25
26 This could now be the documentation used to support your validation effort! Make sure you understand (and audit) your SaaS Service Providers Validation/Qualification Procedures and dd Documentation 26
27 SAS 70 / SSAE 16 Internationally recognized financial auditing standard developed by the AICPA SAS 70 was replaced by SSAE 16 in June 2011 There is no SAS 70 / SSAE 16 certification There is no list of published SAS 70 /SSAE 16 standards 27
28 SAS 70 / SSAE 16 Requires a description of controls and attestation of controls by management CPA firms issue Type I(design) and Type II (design and effectiveness) reports Neither SAS 70 or SSAE 16 discuss qualification or validation of network infrastructure 28
29 A SAS 70 Report by itself may not be sufficient to assure regulatory requirements are being met. 29
30 System Unavailable System Down Connection Problems Data Center Disaster Legal / Contractual Disputes Make sure your Business Continuity Plans are established. Be sure your legal contracts are carefully constructed and reviewed. 30
31 Change Control In a shared environment with multiple customers, how are hardware or software platform changes communicated or approved? How are application upgrades handled? Backups What is the frequency enc of the backup? What happens if a backup fails? Security Who has access to the computing environment (logically ll or physically)? 31
32 Disaster Recovery Where are the backup locations in the event of a disaster? How is the disaster recovery program tested? Environmental lc Controls What are the requirements for monitoring of environmental controls? AService Level Agreement is akey document to maintain compliance with a SaaS provider. 32
33 Formal Agreements (e.g. SLAs) in Place with Cloud Providers to include: Security/Incident/Problem/Change Mgt. Back up Recovery/Business Continuity it Periodic Review/Monitoring Interface Management Ensuring alignment of Cloud Providers/Consumers control processes 33
34 34
35 1. NIST Special Publication , US Government Cloud Computing Technology Roadmap, Volume I, Release 1.0 (draft) f), High Priority Requirements to Further USG Agency Cloud Computing Adoption, November NIST Special Publication , The NIST Definition of Cloud Computing, September VMWare ( machine.html) p// / / 4. Federal Cloud Computing Strategy, The White House, February 8,
36 Chris Wubbolt, BS, MS Principal Consultant 3242 Regal Road QACV Consulting, LLC Bethlehem, h PA USA Telephone: E mail: chris.wubbolt@qacvconsulting.com John Patterson, MSE Executive Director Compliance; Manufacturing, Supply Chain IT; Merck & Co. 1 Merck Drive Whitehouse Station NJ Telephone: E mail: john.patterson@merck.com 36
Services Providers. Ivan Soto
SOP s for Managing Application Services Providers Ivan Soto Learning Objectives At the end of this session we will have covered: Types of Managed Services Outsourcing process Quality expectations for Managed
More informationValidation of a Cloud-Based ERP system, in practice. Regulatory Affairs Conference Raleigh. 8Th September 2014
Validation of a Cloud-Based ERP system, in practice. Regulatory Affairs Conference Raleigh. 8Th September What is the The Cloud Some Definitions The NIST Definition of Cloud computing Cloud computing is
More informationPharma CloudAdoption. and Qualification Trends
Pharma CloudAdoption and Qualification Trends OurCloudExperience Numerous implementations of EDMS systems with external hosting for smaller life science clients Development of qualification strategy for
More informationSecuring and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable
More informationCloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu
Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu 2 If cloud computing is so simple, then what s the big deal? What is the
More informationCloud Services Overview
Cloud Services Overview John Hankins Global Offering Executive Ricoh Production Print Solutions May 23, 2012 Cloud Services Agenda Definitions Types of Clouds The Role of Virtualization Cloud Architecture
More informationCloud definitions you've been pretending to understand. Jack Daniel, Reluctant CISSP, MVP Community Development Manager, Astaro
Cloud definitions you've been pretending to understand Jack Daniel, Reluctant CISSP, MVP Community Development Manager, Astaro You keep using that word cloud. I do not think it means what you think it
More informationQualification Guideline
Qualification Guideline June 2013 Disclaimer: This document is meant as a reference to Life Science companies in regards to the Microsoft O365 platform. Montrium does not warrant that the use of the recommendations
More informationCloud Computing: What needs to Be Validated and Qualified. Ivan Soto
Cloud Computing: What needs to Be Validated and Qualified Ivan Soto Learning Objectives At the end of this session we will have covered: Technical Overview of the Cloud Risk Factors Cloud Security & Data
More informationCloud Computing; What is it, How long has it been here, and Where is it going?
Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where
More informationValidating Enterprise Systems: A Practical Guide
Table of Contents Validating Enterprise Systems: A Practical Guide Foreword 1 Introduction The Need for Guidance on Compliant Enterprise Systems What is an Enterprise System The Need to Validate Enterprise
More informationClinical Trials in the Cloud: A New Paradigm?
Marc Desgrousilliers CTO at Clinovo Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo What is a Cloud? (1 of 3) "Cloud computing is a model for enabling convenient, on-demand
More informationManaging Cloud Computing Risk
Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify
More informationHow To Run A Cloud Based Data Centre
CAPA in the Cloud Keith Williams CEO GXPi 12 th June 2013 Controlling Pharma data in the Cloud- Overview Example of a CAPA from 3 years ago (2010) Example of a CAPA today (2013) Example of CAPA in Azure(2014)
More informationADOPTING CLOUD COMPUTING AS AN ICT DEPLOYMENT STRATEGY FOR DELIVERING SERVICES IN THE GOVERNMENT
MALACAÑANG PALACE MANILA BY THE PRESIDENT OF THE PHILIPPINES ADMINISTRATIVE ORDER NO. ADOPTING CLOUD COMPUTING AS AN ICT DEPLOYMENT STRATEGY FOR DELIVERING SERVICES IN THE GOVERNMENT WHEREAS, Section 24,
More informationyvette@yvetteagostini.it yvette@yvetteagostini.it
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
More informationRequirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Whitepaper: Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider WHITEPAPER Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider Requirements Checklist
More informationWelcome. Panel. Cloud Computing New Challenges in Data Integrity and Security 13 November 2014
Welcome Cloud Computing New Challenges in Data Integrity and Security 13 November 2014 Panel Tracy Lampula, Associate Director of GIS Compliance, Vertex Pharmaceuticals William Sanborn, Director of Information
More informationLegal Issues in the Cloud: A Case Study. Jason Epstein
Legal Issues in the Cloud: A Case Study Jason Epstein Outline Overview of Cloud Computing Service Models (SaaS, PaaS, IaaS) Deployment Models (Private, Community, Public, Hybrid) Adoption Different types
More informationEnterprise Governance and Planning
GEORGIA TECHNOLOGY AUTHORITY Title: Enterprise Operational Environment PSG Number: SO-10-003.02 Topical Area: Operations / Performance and Capacity Document Type: Standard Pages: 5 Issue Date: July 15,
More informationCloud Computing in a Regulated Environment
Computing in a Regulated Environment White Paper by David Stephenson CTG Regulatory Compliance Subject Matter Expert February 2014 CTG (UK) Limited, 11 Beacontree Plaza, Gillette Way, READING, Berks RG2
More informationThe SaaS LMS and Total Cost of Ownership in FDA-Regulated Companies
The SaaS LMS and Total Cost of Ownership in FDA-Regulated Companies The SaaS LMS and Total Cost of Ownership in FDA-Regulated Companies By Rob Sims, Director, Life Science, UL EduNeering When a Life Science
More informationTips For Buying Cloud Infrastructure
27 Tips For Buying Cloud Infrastructure A Comprehensive list of questions to ask yourself when reviewing potential cloud providers By Christopher Wilson @chrisleewilson Table of Contents Intro: Evaluating
More informationRequirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider Requirements Checklist for As the importance and value of corporate data grows, complex enterprise IT environments need
More informationValidating Cloud. June 2012 Merry Danley
Validating Cloud June 2012 Merry Danley Agenda Validation of Cloud Introduction Environments Definitions Manage Risk by Designation of Systems Why Go Cloud Success Dependencies Validation Personal Experience
More informationCloud Computing. Course: Designing and Implementing Service Oriented Business Processes
Cloud Computing Supplementary slides Course: Designing and Implementing Service Oriented Business Processes 1 Introduction Cloud computing represents a new way, in some cases a more cost effective way,
More informationDeveloping a Risk-Based Cloud Strategy
Developing a Risk-Based Cloud Strategy Trevor Simmons, ZigZag Associates Ltd David Stokes, Venostic Consulting 23rd April 2015, Chertsey 1 Introductions Tell us briefly Who you are Who you work for What
More informationSSAE 16 for Transportation & Logistics Companies. Chris Kradjan Kim Koch
SSAE 16 for Transportation & Logistics Companies Chris Kradjan Kim Koch 1 The material appearing in this presentation is for informational purposes only and should not be construed as advice of any kind,
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationCloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate.
Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Presented by: Sabrina M. Segal, USITC, Counselor to the Inspector General, Sabrina.segal@usitc.gov Reference
More informationSee Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.
Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,
More informationA Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011
A Strawman Model NIST Cloud Computing Reference Architecture and Taxonomy Working Group January 3, 2011 Objective Our objective is to define a neutral architecture consistent with NIST definition of cloud
More information2014 HIMSS Analytics Cloud Survey
2014 HIMSS Analytics Cloud Survey June 2014 2 Introduction Cloud services have been touted as a viable approach to reduce operating expenses for healthcare organizations. Yet, engage in any conversation
More informationWhy Migrate to the Cloud. ABSS Solutions, Inc. 2014
Why Migrate to the Cloud ABSS Solutions, Inc. 2014 ASI Cloud Services Information Systems Basics Cloud Fundamentals Cloud Options Why Move to the Cloud Our Service Providers Our Process Information System
More informationCLOUD IN HEALTHCARE EXECUTIVE SUMMARY 1/21/15
CLOUD IN HEALTHCARE CURRENT STATE AND STRATEGIES THAT IMPACT THE BOTTOM LINE EXECUTIVE SUMMARY As healthcare organizations struggle with competing priorities such as HITECH/ARRA, Meaningful Use, ICD-10,
More informationMiServer and MiDatabase. Service Level Expectations. Service Definition
MiServer and MiDatabase Service Description Service Definition As part of the NextGen Michigan initiative, Information and Technology Services has engaged in building a private cloud offering to support
More informationHosting Services VITA Contract VA-120416-AISN (Statewide contract available to any public entity in the Commonwealth)
Hosting Services VITA Contract VA-120416-AISN (Statewide contract available to any public entity in the Commonwealth) March 2014 Premier Provider of egov Services to the Commonwealth of Virginia Virginia
More informationcustom hosting for how you do business
custom hosting for how you do business 24775 League Island Boulevard Philadelphia PA 19112 gibraltarit.com 866.410.4427 Gibraltar s replicated cloud architecture and PCI/HIPAA compliant data centers provide
More informationCloud Computing Security Issues
Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, marchany@vt.edu Something Old, Something New New: Cloud describes the use of a collection of services, applications,
More informationLEGAL ISSUES IN CLOUD COMPUTING
LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing
More informationIncident Handling in the Cloud and Audit s Role
Incident Handling in the Cloud and Audit s Role David Cole, CPA, CISA ISACA National Capital Area Chapter Cloud Computing Conference March 17, 2015 1 Outline Cloud Service Models Cloud Types Summary of
More informationROLE PROFILE. Business Function: Software Operations Managed Cloud Services eg s Head Office, Dunston Business Village, Staffordshire
ROLE PROFILE Job Title: MCS Service Manager Grade/Salary Banding: Reporting To: Head of Software Operations Business Function: Software Operations Managed Cloud Services Location eg s Head Office, Dunston
More informationOWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect
OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationThe Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing
Your Platform of Choice The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Mark Cravotta EVP Sales and Service SingleHop LLC Talk About Confusing? Where do I start?
More informationWhite Paper on CLOUD COMPUTING
White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples
More informationCloud Computing In a Post Snowden World. Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs
Cloud Computing In a Post Snowden World Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs Guy Wiggins Director of Practice Management Kelley Drye & Warren
More informationOrchestrating the New Paradigm Cloud Assurance
Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems
More informationAll Clouds Are Not Created Equal THE NEED FOR HIGH AVAILABILITY AND UPTIME
THE NEED FOR HIGH AVAILABILITY AND UPTIME 1 THE NEED FOR HIGH AVAILABILITY AND UPTIME All Clouds Are Not Created Equal INTRODUCTION Companies increasingly are looking to the cloud to help deliver IT services.
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationBT Ireland and the Cloud
BT Ireland and the Cloud Beyond the Cloud v1 5.9.11 v1 5.9.11 The Promise Ease of Use New Features Agility Reduced Cost v1 5.9.11 It is everything you expect or More expensive than you think Contracts
More informationNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture Version 1 March 30, 2011 2 Acknowledgements This reference architecture was developed and prepared by Dr. Fang Liu, Jin Tong, Dr. Jian Mao, Knowcean Consulting
More informationExpert Reference Series of White Papers. Understanding NIST s Cloud Computing Reference Architecture: Part II
Expert Reference Series of White Papers Understanding NIST s Cloud Computing Reference Architecture: Part II info@globalknowledge.net www.globalknowledge.net Understanding NIST s Cloud Computing Reference
More informationWHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT
WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT IntelliDyne, LLC MARCH 2012 STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT
More informationCLOUD MIGRATION. Celina Alexandre M6807
CLOUD MIGRATION M6807 S Content 1. Introduction 2. Methodology 3. Requirements Definition Phase 3.1. Strategy 3.2. Knowledge 06/05/15 2 Content 4. Analysis Phase 4.1. Aplications and Systems 4.2. Development
More informationCLOUD SERVICE SCHEDULE Newcastle
CLOUD SERVICE SCHEDULE Newcastle 1 DEFINITIONS Defined terms in the Standard Terms and Conditions have the same meaning in this Service Schedule unless expressed to the contrary. In this Service Schedule,
More information4/28/2014. What's the Scoop on Cloud Computing. Agenda. Why you are here?
What's the Scoop on Cloud Computing and Virtualization? ation? April 30, 2014 Jason Wampler, Director of IT, Association Forum of Chicagoland Agenda History and Conceptual Overview of Virtualization &
More informationCLOUD ARCHITECTURE DIAGRAMS AND DEFINITIONS
CLOUD ARCHITECTURE DIAGRAMS AND DEFINITIONS April 2014 Cloud Conceptual Reference Model The ease of use a Cloud Consumer experiences results from a complex, behind-the-scenes, orchestration of interchangeable,
More informationDeveloping SAP Enterprise Cloud Computing Strategy
White Paper WFT Cloud Technology SAP Cloud Integration Service Provider Developing SAP Enterprise Cloud Computing Strategy SAP Cloud Computing is a significant IT paradigm change with the potential to
More informationSolutions as a Service N.Konstantinidis Technical Director - MNG
Med Nautilus Greece Connected World April 10, 2014 Solutions as a Service N.Konstantinidis Technical Director - MNG MedNautilus Greece Solutions as a Service 2014 SINCE 2002 Data Center Physical Colocation
More informationWith Eversync s cloud data tiering, the customer can tier data protection as follows:
APPLICATION NOTE: CLOUD DATA TIERING Eversync has developed a hybrid model for cloud-based data protection in which all of the elements of data protection are tiered between an on-premise appliance (software
More informationTime to Value: Successful Cloud Software Implementation
Time to Value: Successful Cloud Software Implementation Cloud & Data Security 2015 Client Conference About the Presenter Scott Schimberg, CPA, CMA Partner, Consulting, Armanino Scott became a Certified
More informationHIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT
HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.
More informationIS PRIVATE CLOUD A UNICORN?
IS PRIVATE CLOUD A UNICORN? With all of the discussion, adoption, and expansion of cloud offerings there is a constant debate that continues to rear its head: Public vs. Private or more bluntly Is there
More informationStrategies for Secure Cloud Computing
WHITE PAPER Cloud Basics Strategies for Secure Cloud Computing An Introduction to Exploring the Cloud There is a lot of buzz these days about cloud computing and how it s going to revolutionize the way
More informationClinical database/ecrf validation: effective processes and procedures
TITOLO SLIDE Testo Slide Testo Slide Testo Slide Clinical database/ecrf validation: effective processes and procedures IV BIAS ANNUAL CONGRESS Padova September, 26 th 2012 PQE WORKSHOP: What's new in Computerized
More informationThe NIST Definition of Cloud Computing (Draft)
Special Publication 800-145 (Draft) The NIST Definition of Cloud Computing (Draft) Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication
More informationIntroduction to Cloud Services
Introduction to Cloud Services (brought to you by www.rmroberts.com) Cloud computing concept is not as new as you might think, and it has actually been around for many years, even before the term cloud
More informationBUSINESS MANAGEMENT SUPPORT
BUSINESS MANAGEMENT SUPPORT Business disadvantages using cloud computing? Author: Maikel Mardjan info@bm-support.org 2010 BM-Support.org Foundation. All rights reserved. EXECUTIVE SUMMARY Cloud computing
More informationThe Importance of a Cloud Strategy! Should You Consider Moving Some or All of Your Applications? Bruce Lane, Vertical Solutions
The Importance of a Cloud Strategy! Should You Consider Moving Some or All of Your Applications? Bruce Lane, Vertical Solutions Agenda What is cloud computing Why you should care about the Cloud Examples
More informationCloud Panel Service Evaluation Scenarios
Cloud Panel Service Evaluation Scenarios August 2014 Service Evaluation Scenarios The scenarios below are provided as a sample of how Finance may approach the evaluation of a particular service offered
More informationKey Considerations of Regulatory Compliance in the Public Cloud
Key Considerations of Regulatory Compliance in the Public Cloud W. Noel Haskins-Hafer CRMA, CISA, CISM, CFE, CGEIT, CRISC 10 April, 2013 w_haskins-hafer@intuit.com Disclaimer Unless otherwise specified,
More informationTechnology & Business Overview of Cloud Computing
Your Place or Mine? In-House e-discovery Platform vs. Software as a Service Technology & Business Overview of Cloud Computing Janine Anthony Bowen, Esq. Jack Attorneys & Advisors www.jack-law.com Atlanta,
More informationIBM Cognos TM1 on Cloud Solution scalability with rapid time to value
IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.
More informationThe Elephant in the Room: What s the Buzz Around Cloud Computing?
The Elephant in the Room: What s the Buzz Around Cloud Computing? Warren W. Stippich, Jr. Partner and National Governance, Risk and Compliance Solution Leader Business Advisory Services Grant Thornton
More informationConfiguration Management Why we should care! Anne-Rose Suriel Senior Systems Engineer
Configuration Management Why we should care! Anne-Rose Suriel Senior Systems Engineer Agenda 1. Introduction to Configuration Management 2. Importance of Configuration Management 3. Should we care? 4.
More informationThe Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations
The Cloud at 30,000 feet Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations Survey: Where s home? How many using cloud computing now? How many thinking of using cloud computing? How
More informationIT Audit in the Cloud
IT Audit in the Cloud Pavlina Ivanova, CISM ISACA-Sofia Chapter Content: o 1. Introduction o 2. Cloud Computing o 3. IT Audit in the Cloud o 4. Residual Risks o Used Resources o Questions 1. ISACA Trust
More informationRegulated Applications in the Cloud
Keith Williams CEO Regulated Applications in the Cloud Aspects of Security and Validation Statement on the Cloud and Pharma s added Complexity Clouds already make sense for many small and mediumsize businesses,
More informationMigration and Disaster Recovery Underground in the NEC / Iron Mountain National Data Center with the RackWare Management Module
Migration and Disaster Recovery Underground in the NEC / Iron Mountain National Data Center with the RackWare Management Module WHITE PAPER May 2015 Contents Advantages of NEC / Iron Mountain National
More informationCloud Computing and Disaster Recovery
Understanding the Cloud Environment Cloud Environment = Internet-based data access & exchange + Internet-based access to low cost computing & applications Cloud Computing and Disaster Recovery April 2013
More informationKeeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About?
Keeping up with the World of Cloud Computing: What Should Internal Audit be Thinking About? IIA San Francisco Chapter October 11, 2011 Agenda Introductions Cloud computing overview Risks and audit strategies
More informationGETTING THE MOST FROM THE CLOUD. A White Paper presented by
GETTING THE MOST FROM THE CLOUD A White Paper presented by Why Move to the Cloud? CLOUD COMPUTING the latest evolution of IT services delivery is a scenario under which common business applications are
More informationIntroduction to Cloud Computing What is SaaS? Conventional vs. SaaS Methodologies Validation Requirements Change Management Q&A
Best Practices for Validation of a Software as a Service (SaaS) Customer Relationship Management (CRM) Solution Presented By: Gregg Mauriello Validation Manager Elise Miner Associate Validation Manager
More informationLeveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance
ADVANCED INTERNET TECHNOLOGIES, INC. https://www.ait.com Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance Table of Contents Introduction... 2 Encryption and Protection
More informationWhite Paper: Vendor Selection for Your Life Science Company Cloud
White Paper: Vendor Selection for Your Life Science Company Cloud GlobalSubmit 123 South Broad Street, Suite 1850 Philadelphia, PA 19109 www.globalsubmit.com Methodsense, Inc. P.O. Box 110352 Durham, NC
More informationOverview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin
Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director
More informationPrivate & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012
Private & Hybrid Cloud: Risk, Security and Audit Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private and Hybrid Cloud - Risk, Security and Audit Objectives: Explain the technology and benefits behind
More informationCloud Computing An Auditor s Perspective
Cloud Computing An Auditor s Perspective Sailesh Gadia, CPA, CISA, CIPP sgadia@kpmg.com December 9, 2010 Discussion Agenda Introduction to cloud computing Types of cloud services Benefits, challenges,
More informationUpdating Your Skills from Microsoft Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010 SP1
Course 10165A: Updating Your Skills from Microsoft Exchange Server 2003 or Exchange Server 2007 to Exchange Server 2010 SP1 OVERVIEW About this Course There are two main reasons for the course. Firstly,
More informationCLOUD COMPUTING for Construction Accounting BY BRIAN J. THOMAS
CLOUD COMPUTING for Construction Accounting BY BRIAN J. THOMAS Copyright 2012 by the Construction Financial Management Association. All rights reserved. This article first appeared in CFMA Building Profits.
More informationCloud Computing for SCADA
Cloud Computing for SCADA Moving all or part of SCADA applications to the cloud can cut costs significantly while dramatically increasing reliability and scalability. A White Paper from InduSoft Larry
More informationPrivate Cloud 201 How to Build a Private Cloud
Private Cloud 201 How to Build a Private Cloud Chris E. Avis Sr. IT Pro Evangelist Microsoft Corp. http://chrisavis.com Presented at Seattle Windows Networking User Group January 4, 2012 al 1 The Cloudscape
More informationVIRTUALIZATION THE FOUNDATION OF CLOUD COMPUTING
VIRTUALIZATION THE FOUNDATION OF CLOUD COMPUTING TM 989 Old Eagle School Road Suite 815 Wayne, PA 19087 USA 610.964.8000 www.evolveip.net Did You Know Approximately 70 percent of a typical IT budget in
More informationAHLA. JJ. Keeping Your Cloud Services Provider from Raining on Your Parade. Jean Hess Manager HORNE LLP Ridgeland, MS
AHLA JJ. Keeping Your Cloud Services Provider from Raining on Your Parade Jean Hess Manager HORNE LLP Ridgeland, MS Melissa Markey Hall Render Killian Heath & Lyman PC Troy, MI Physicians and Hospitals
More informationWhitepaper: Cloud Computing for Credit Unions
Whitepaper: Cloud Computing for Credit Unions A new twist on an old strategy MYCU SERVICES December 29, 2011 Authored by: Lingle, Linda Table of Contents Introduction... 2 Cloud Providers... 3 Cloud Components...
More informationCLOUD COMPUTING DEMYSTIFIED
CLOUD COMPUTING DEMYSTIFIED Definitions you ve been pretending to understand JACK DANIEL, CCSK, CISSP, MVP ENTERPRISE SECURITY Definitions Words have meaning, professionals need to understand them. We
More informationCloud Panel Draft Statement of Requirement
Cloud Panel Draft Statement of Requirement August 2014 Statement of Requirement This draft Statement of Requirement (SOR) has been created to provide Commonwealth Agencies, industry members and interested
More informationIT Sr. Systems Administrator
IT Sr. Systems Administrator Location: [North America] [United States] [Monrovia] Category: Information Technology Job Type: Open-ended, Full-time PURPOSE OF POSITION: Systems Administrators and Engineers
More information