Federal CIO: Cloud Selection Toolkit. Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald

Size: px
Start display at page:

Download "Federal CIO: Cloud Selection Toolkit. Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald"

Transcription

1 Federal CIO: Cloud Selection Toolkit Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald

2 Agenda Project Introduction Agency Cloud Challenges Toolkit Solution Overview Step 1: Data Gathering Step 2: Cloud Readiness Assessment Step 3: Vendor Selection Step 4: Preparing for Change and Risks Conclusion

3 Project Introduction Gartner defines cloud computing as "a style of computing where scalable and elastic IT-related capabilities are provided 'as a service' to customers using Internet technologies." For cloud computing to be successful, organizations require a thorough and rigorous adoption strategy: One that takes into account the risks and reaps the rewards Ad hoc methods result in increased risk, expenditures and liability

4 Cloud Computing Service Models Middleware Data Center BPO Information Feeds Packaged Apps Infrastructure as a Service Business Services Information Services Software as a Service Platform As a Service Cloud Enablers The provider optimizes everything below the service boundary, and hides complexity from the consumer. The consumer accesses, configures and/or extends the service and builds everything needed above the service boundary or just uses the service.

5 Agency Cloud Challenges Funding for restructuring costs No cost savings realized until 2 nd year of cloud projects Rebalance IT workforce and skill levels FISMA compliance and C&A contract vehicles Agencies must avoid compliance mode Three annual moves to Commercial or Gov t clouds Use the 25 Point Plan as an opportunity to strategically plan for future IT success Federal CIO Cloud Selection Toolkit will alleviate political pressures and reduce complexity of cloud investment decisions

6 Toolkit Solution Overview Develop a rigorous methodology to: Identify potential agency cloud candidates Determine cloud costs and ROI Determine impacts to the organization Identify and vet cloud providers Identify business impacts and risks Mitigate residual risks

7 Low or Uncertain Benefit High & Clear Business Impact Determines Cloud Investment Decisions Consider Private Embrace Public Avoid Experiment High or Unmanageable Low & Manageable Challenges

8 Step 1: Data Gathering Architecture Centralized, distributed, localized, etc. Patterns: If legacy app = cost to move to cloud If new app = integration requirements and cost to integrate with another app Elasticity support = new tools required to support? Work Load Average work load requirements CPUs, Memory, Storage, bandwidth, etc. Peak work load requirements Variance of CPU, Memory, Storage, bandwidth, time duration of sustaining peak loads, etc.

9 Step 1: Data Gathering Technology OS, DB, Application stack vendor Include licensing cost based on model Load balancing between private and public cloud or disparate public clouds Integration of KPIs of app running on cloud with existing monitoring tools Solution type: transactional, reporting, analytic, etc. Release cycle for app Organization # of users # of sites # of vendors (contracted) # of business units impacted # of people impacted

10 Step 1: Data Gathering Security, Privacy & Compliance Identity & Access Management of users in cloud Cost to implement new controls (i.e. encryption) Cost to maintain existing controls Include: log monitoring, access monitoring, forensic evidence preservation, separation of duties, patching, etc. Demographics # of components # of environments # of servers # of releases per year # of codes maintained # of programming languages # of COTS apps

11 Step 1: Data Gathering Operations % annual budget spent on software maintenance & training Cost/revenue impact Mission criticality # of trouble tickets # defects outstanding Include average severity of defects outstanding End user/business user Requirements Latency to connect to app Frequency of information accessed SLA requirements on availability & support

12 Key Deliverable s Key Activities Step 2: Cloud Readiness Assessment The Assessment phase includes conducting a current state analysis, requirements definition, and developing a vision. This phase will further refine and confirm the legacy system can benefit from the joint service offering. Current state IT assessment Current State Assessments Requirements Definition Define Vision Client Go No-Go Current state Financial assessment Current state Operational assessment Requirements Definition Understand legacy system current technical environment Understand legacy system operational environment Assess the fit of product offering Assess organization data compliance and security needs. Assess organization current IT infrastructure for continuity and application interdependencies. Interview key stakeholders Conduct requirements definition workshop Validate requirements Develop Requirements Document Define compliance and security needs for new solution. Define Goals Define short term and long term vision Define level of migration to the new solution. Assess current organization risk tolerance and resource constraints. Current state Document Requirements Document Scope Statement Vision Document

13 Step 2: Cloud Readiness Assessment Assessment Approach Current state IT Assessment Current Legacy System IT Infrastructure Current Organization Risk Tolerance Current Organization Resource Constraints Technical Requirements Application Complexity Network Bandwidth Infrastructure Requirements Virtualization Candidate Infrastructure Specialization Business Requirements Application Criticality User Impact Service Level Requirements Internal / External Facing Security Concerns Future State Analysis Cost Benefit Analysis Transition Costs Operating Model Implications Management Considerations Cloud Solution Private Community Public Hybrid Agencies must meet assessment criteria at each step prior to passing on to the next; in some cases technical and business requirements may be evaluated concurrently. Agencies will be giving a scorecard for each criteria (red/yellow/green) Even within each area, failure to meet fundamental evaluation criteria would mean that suitability is no longer viable and the application is not suitable for cloud at this time Agency applications exhibit the following attributes and will be assessed accordingly: - Low or moderate application criticality - Minimal to some interdependencies on other apps / data - Uses commodity hardware - Bandwidth requirements - Standalone environments or software stack - Does not depend on specialized appliances - Low / moderate SLA requirements - No confidential data or data can be easily masked

14 Step 2: Cloud Readiness Assessment Cloud Assessment Criteria Level 1 Current State Assessment Criteria Legacy System Criticality Legacy System Complexity Virtualization Candidate Commodity Infrastructure Explanation (Red/Yellow/Green) Defined by business for production environments, Architecture complexity, dependencies on other applications, databases, middleware Can the workload be virtualized? This depends on the platform OS and virtualization platform Workload runs on commodity infrastructure Level 2 Determine Suitability for Cloud Network Bandwidth Infrastructure Requirements Shared Environments Shared Software Specialized Infrastructure Internal / External Facing User Impact Service Level Requirements Customer / Confidential Data Technical Feasibility (Red/Yellow/Green) LAN or WAN network bandwidth requirements when workload would run in the cloud The scale of requirements for compute, storage and network to support workload Types that would be supported by a shared environment Software (e.g., databases, middleware) share with other software) Dependency on special purpose proprietary appliances, devices, license, hardware, etc Business Feasibility (Red/Yellow/Green) Does the system provide a customer facing service or back office function (e.g., HR)? Impact on the user community due to move of workload to cloud (e.g., lack of access to a subset of users) Availability, response time, Recoverability, Disaster Recovery, etc Does the provider location or other characteristics of the cloud service meet the security requirements of how and where data needs be stored? Level 3 Business Case and Operational Analysis Business Case Analysis Detailed Technical Analysis Operational Analysis Management Considerations Cost / benefit analysis, including initial and migration costs, on-going costs and ROI timeframe What changes will be required for the application? What will the future application architecture look like? What is the operational impact due to the workload moving to cloud? What is support model after workload is moved to cloud? What is provider vs. client responsibility and hand-offs? How is the workload managed in the cloud? E.g., using internal and vendor provided tools, processes, and staff; Go No/Go Based on Assessment Scorecard

15 Step 2: Cloud Readiness Assessment Cloud Assessment Decision Matrix Level 1: Current State Assessment Level 2: Technical Feasibility Red Yellow Green Go/No-Go Decision Level 3: Business Feasibility Go / No Go Decision Acceptable quantity of Red rating for all categories is at most 1 red rating for Agency Go into the cloud solution, otherwise No Go. Acceptable quantity of Yellow rating for all categories is at most 2 yellow ratings for Agency Go into the cloud solution, otherwise No Go. Acceptable quantity of Green rating for all categories is at least 2 green ratings for Agency Go into the cloud solution, otherwise No Go.

16 Step 3: Vendor Selection 1. Create a Detailed RFI/RFP 2. Review RFI/RFP Responses: Any vendor that cannot meet service requirements should be removed from consideration May discover that no vendor can meet requirements: Service is cloud-ready, but cloud is not ready for the Service Reassess requirements or maintain services internally

17 Step 3: Vendor Selection Criteria

18 Step 3: Vendor Selection 3. Select vendor and devise migration plan: Some vendors may not respond to RFQ: Cloud model is pay-as-you-go; vendors may not negotiate Once vendor is selected, initiate migration planning, and add to cloud adoption road map

19 Step 4: Change and Risk Management RISK ASSESMENT MATRIX PROBABILITY IMPACT Low Medium High High L M H Medium L M M Low L L L RISK LEVEL High Medium Low RISK DESCRIPTION & NECESSARY ACTIONS If an observation or finding is evaluated as a high risk, there is a strong need for corrective measures. If an observation is rated as medium risk, corrective actions are needed and a plan must be developed to incorporate these actions within a reasonable period of time. If an observation is described as low risk determine whether corrective actions are still required or decide to accept the risk.

20 Step 4: Change and Risk Management Risk Risk Level Mitigation Costs Privacy Integrity Compliance Availability H M H L M Maintain strict budget Clearly communicate requirements & needs to vendor Establish authentication & access control procedures Implement data encryption Establish incident response program Implement security & configuration best practices Perform vulnerability scanning Audit controls Establish security & disaster recovery processes & procedures

21 Step 4: Change and Risk Management Phased Approach Education Change Management Transparency Leadership

22 Next Steps Develop detailed business case, gain OMB and Agency approval Upon approval, develop detailed transition plan Measure project execution and monitor SLAs / contract performance

23 Conclusion Disciplined and repeatable selection drives rapid cloud adoption and increased success rates Successful transformation begins with strategic selection of cloud deployments Moving away from ad-hoc selection ensures alignment with solutions and reduction of risk The proper portfolio of cloud projects increases the project success rate

24 References Heiser, Jay, and Mark Nicolett. "Assessing the Security Risks of Cloud Computing." Gartner, Inc., 3 June Web. 26 July < "HP and Deloitte Alliance - Federal Market Offering Overview." Cloud Computing Forecasting Change. HP and Deloitte, 1 Apr Web. 10 July < 89&Source>. Jackson, Chris. "Implementing a Decision Framework for Cloud Migration." Cloud Computing in Healthcare. Cloud Computing in Healthcare Conference, 21 June Web. 1 Aug < 50.pdf>. Reeves, Drue. "Building a Solid Cloud Adoption Strategy: Success by Design." Gartner, Inc., 19 May Web. 01 Aug < Stoneburner, Gary, Alice Goguen, and Alexis Feringa. "Risk Management Guide for Information Technology Systems." NIST: National Institute of Standards and Technology. 1 July Web. 19 July < "Top Threats to Cloud Computing V1.0." Cloud Security Alliance. 1 Mar Web. 20 July <

How To Understand Cloud Computing

How To Understand Cloud Computing Capacity Management for Cloud Computing Chris Molloy Distinguished Engineer Member, IBM Academy of Technology October 2009 1 Is a cloud like touching an elephant? 2 Gartner defines cloud computing as a

More information

Kent State University s Cloud Strategy

Kent State University s Cloud Strategy Kent State University s Cloud Strategy Table of Contents Item Page 1. From the CIO 3 2. Strategic Direction for Cloud Computing at Kent State 4 3. Cloud Computing at Kent State University 5 4. Methodology

More information

HP Converged Cloud. Peter Werdenhoff Cloud Lead Sweden

HP Converged Cloud. Peter Werdenhoff Cloud Lead Sweden HP Converged Cloud Peter Werdenhoff Cloud Lead Sweden The big Switch, a new style of... 1880 Thomas Edison invents the first powerplant for public Distribution 1900 50 000 companies has private power production

More information

Cloud Roadmap to Success. October, 2014

Cloud Roadmap to Success. October, 2014 Cloud Roadmap to Success October, 2014 Catapult Systems & Level 3 Today s Presenters Aneal.Roney@CatapultSystems.com Roger.Greene@level3.com What is the Cloud Technology trends: driving cloud adoption

More information

DEPARTMENT AGENCY STATEMENT OF OBJECTIVES FOR CLOUD MIGRATION SERVICES: INVENTORY, APPLICATION MAPPING, AND MIGRATION PLANNING MONTH YYYY TEMPLATE

DEPARTMENT AGENCY STATEMENT OF OBJECTIVES FOR CLOUD MIGRATION SERVICES: INVENTORY, APPLICATION MAPPING, AND MIGRATION PLANNING MONTH YYYY TEMPLATE DEPARTMENT AGENCY STATEMENT OF OBJECTIVES FOR CLOUD MIGRATION SERVICES: INVENTORY, APPLICATION MAPPING, AND MIGRATION PLANNING MONTH YYYY TEMPLATE 1 Introduction and Instructions This sample Statement

More information

White Paper: Assessing Performance & Response Time Requirements

White Paper: Assessing Performance & Response Time Requirements White Paper: Assessing Performance & Response Time Requirements Mark Houghtlin IBM Cloud Advisory Services & Application Performance Optimization Consulting Practice Agenda Workload Transformation Analysis

More information

Domain 1 The Process of Auditing Information Systems

Domain 1 The Process of Auditing Information Systems Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge

More information

The Need for Service Catalog Design in Cloud Services Development

The Need for Service Catalog Design in Cloud Services Development The Need for Service Catalog Design in Cloud Services Development The purpose of this document: Provide an overview of the cloud service catalog and show how the service catalog design is an fundamental

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

Realizing the Value Proposition of Cloud Computing

Realizing the Value Proposition of Cloud Computing Realizing the Value Proposition of Cloud Computing CIO s Enterprise IT Strategy for Cloud Jitendra Pal Thethi Abstract Cloud Computing is a model for provisioning and consuming IT capabilities on a need

More information

DARMADI KOMO: Hello, everyone. This is Darmadi Komo, senior technical product manager from SQL Server marketing.

DARMADI KOMO: Hello, everyone. This is Darmadi Komo, senior technical product manager from SQL Server marketing. Microsoft SQL Server 2012 for Private cloud (Part 1) Darmadi Komo - Senior Technical Product Manager DARMADI KOMO: Hello, everyone. This is Darmadi Komo, senior technical product manager from SQL Server

More information

Leveraging the Cloud. September 22, 2011. Digital Government Institute Cloud-Enabled Government Conference Washington, DC

Leveraging the Cloud. September 22, 2011. Digital Government Institute Cloud-Enabled Government Conference Washington, DC Leveraging the Cloud September 22, 2011 Digital Government Institute Cloud-Enabled Government Conference Washington, DC General Dynamics Information Technology Aerospace Combat Systems $29.3 billion in

More information

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012

Private & Hybrid Cloud: Risk, Security and Audit. Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private & Hybrid Cloud: Risk, Security and Audit Scott Lowry, Hassan Javed VMware, Inc. March 2012 Private and Hybrid Cloud - Risk, Security and Audit Objectives: Explain the technology and benefits behind

More information

NCTA Cloud Architecture

NCTA Cloud Architecture NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,

More information

Things You Need to Know About Cloud Backup

Things You Need to Know About Cloud Backup Things You Need to Know About Cloud Backup Over the last decade, cloud backup, recovery and restore (BURR) options have emerged as a secure, cost-effective and reliable method of safeguarding the increasing

More information

security in the cloud White Paper Series

security in the cloud White Paper Series security in the cloud White Paper Series 2 THE MOVE TO THE CLOUD Cloud computing is being rapidly embraced across all industries. Terms like software as a service (SaaS), infrastructure as a service (IaaS),

More information

Journey to Cloud 10 Questions

Journey to Cloud 10 Questions Journey to Cloud 10 Questions Introduction Implementing cloud solutions into your portfolio can provide opportunities to increase agility and improve process efficiency by supporting a faster time to deploy

More information

Big Data, Big Risk, Big Rewards. Hussein Syed

Big Data, Big Risk, Big Rewards. Hussein Syed Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data

More information

Software Defined Hybrid IT. Execute your 2020 plan

Software Defined Hybrid IT. Execute your 2020 plan Software Defined Hybrid IT Execute your 2020 plan Disruptive Change Changing IT Service Delivery Cloud Computing Social Computing Big Data Mobility Cyber Security 2015 Unisys Corporation. All rights reserved.

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

Dell Desktop Virtualization Solutions Enterprise Offering Overview

Dell Desktop Virtualization Solutions Enterprise Offering Overview Dell Desktop Virtualization Solutions Enterprise Offering Overview Dell Desktop Virtualization Solutions Enterprise are designed to help you get up and running faster, with less risk, and optimal end user

More information

WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD

WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD BEFORE THE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

More information

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate.

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Presented by: Sabrina M. Segal, USITC, Counselor to the Inspector General, Sabrina.segal@usitc.gov Reference

More information

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted. Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing

More information

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis Journey to Cloud 9 Navigating a path to secure cloud computing Alastair Broom Solutions Director, Integralis March 2012 Navigating a path to secure cloud computing 2 Living on Cloud 9 Cloud computing represents

More information

Innovation through Outsourcing

Innovation through Outsourcing Innovation through Outsourcing Timothy Gehrig timothy.gehrig@cedarcrestone.com David Moore david.moore@cedarcrestone.com Agenda Expectations CedarCrestone Introduction Market Direction Outsourcing Solutions

More information

Planning the Migration of Enterprise Applications to the Cloud

Planning the Migration of Enterprise Applications to the Cloud Planning the Migration of Enterprise Applications to the Cloud A Guide to Your Migration Options: Private and Public Clouds, Application Evaluation Criteria, and Application Migration Best Practices Introduction

More information

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities

More information

Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services

Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services organization providing innovative management and technology-based

More information

Federal Cloud Computing Initiative Overview

Federal Cloud Computing Initiative Overview Federal Cloud Computing Initiative Overview Program Status To support the Federal Cloud Computing Direction and Deployment Approach, the ITI Line of Business PMO has been refocused as the Cloud Computing

More information

ITIL in the Cloud. Vernon Lloyd. www.foxit.net www.askthefox.info

ITIL in the Cloud. Vernon Lloyd. www.foxit.net www.askthefox.info ITIL in the Cloud Vernon Lloyd ITIL is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office www.foxit.net

More information

How To Run A Cloud Computer System

How To Run A Cloud Computer System Cloud Technologies and GIS Nathalie Smith nsmith@esri.com Agenda What is Cloud Computing? How does it work? Cloud and GIS applications Esri Offerings Lots of hype Cloud computing remains the latest, most

More information

FISMA Cloud GovDataHosting Service Portfolio

FISMA Cloud GovDataHosting Service Portfolio FISMA Cloud Advanced Government Oriented Cloud Hosting Solutions Cyber FISMA Security Cloud Information Security Management Compliance Security Compliant Disaster Recovery Hosting Application Cyber Security

More information

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services ISSUE BRIEF Cloud Security for Federal Agencies Achieving greater efficiency and better security through federally certified cloud services This paper is intended to help federal agency executives to better

More information

Cloud Computing - Advantages and Disadvantages

Cloud Computing - Advantages and Disadvantages Could Computing: Concepts and Cost Considerations Arlene Minkiewicz, Chief Scientist PRICE Systems, LLC arlene.minkiewicz@pricesystems.com Optimize tomorrow today. 1 If computers of the kind I have advocated

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

What You Need to Know About Cloud Backup: Your Guide to Cost, Security, and Flexibility

What You Need to Know About Cloud Backup: Your Guide to Cost, Security, and Flexibility Your Guide to Cost, Security, and Flexibility What You Need to Know About Cloud Backup: Your Guide to Cost, Security, and Flexibility 10 common questions answered Over the last decade, cloud backup, recovery

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing

More information

Cloud Computing are you ready?

Cloud Computing are you ready? Cloud Computing are you ready? Steven Krenz ITSM Practice Lead Agenda Introduction Presentation Topics The traditional Data Center: How it compares to The Cloud Cloud Computing and IT Service Management:

More information

EMC Forum 2012 Bussum 11 th September 2012. Hans Reinhart Business Development Hans.reinhart@terremark.com

EMC Forum 2012 Bussum 11 th September 2012. Hans Reinhart Business Development Hans.reinhart@terremark.com EMC Forum 2012 Bussum 11 th September 2012 Hans Reinhart Business Development Hans.reinhart@terremark.com Terremark The Portfolio Terremark Our GLOBAL Footprint Cloud! The Opportunity The Market we are

More information

Moving Applications To Cloud

Moving Applications To Cloud Whitepaper Jaya Arvind Krishna Mandira Shah Determining and implementing an IT strategy for any enterprise involves deliberating if current or new applications can be offered via the Cloud. The purpose

More information

Clarity in the Cloud. Defining cloud services and the strategic impact on businesses.

Clarity in the Cloud. Defining cloud services and the strategic impact on businesses. Clarity in the Cloud Defining cloud services and the strategic impact on businesses. Table of Contents Executive Summary... 3 Cloud Services... 4 Clarity within the Cloud... 4 Public Cloud Solution...

More information

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers How to Effectively Collaborate with Cloud Providers Speaker Bio Chad Kissinger Chad Kissinger Founder OnRamp Chad Kissinger is the Founder of OnRamp, an industry leading high security and hybrid hosting

More information

Cloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service

Cloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service Cloud Computing Best Practices Cloud Computing Best Practices Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service Overview Cloud Computing

More information

PHASE 5: DESIGN PHASE

PHASE 5: DESIGN PHASE PHASE 5: DESIGN PHASE During the Design Phase, the system is designed to satisfy the requirements identified in the previous phases. The requirements identified in the Requirements Analysis Phase are transformed

More information

Auditing Software as a Service (SaaS): Balancing Security with Performance

Auditing Software as a Service (SaaS): Balancing Security with Performance Auditing Software as a Service (SaaS): Balancing Security with Performance Goals for Today Defining SaaS (Software as a Service) and its importance Identify your company's process for managing SaaS solutions

More information

The Impact of PaaS on Business Transformation

The Impact of PaaS on Business Transformation The Impact of PaaS on Business Transformation September 2014 Chris McCarthy Sr. Vice President Information Technology 1 Legacy Technology Silos Opportunities Business units Infrastructure Provisioning

More information

Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization

Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization Outside View of Increased Regulatory Requirements Regulatory compliance is often seen as sand in the gears requirements

More information

Data Security and Healthcare

Data Security and Healthcare Data Security and Healthcare Complex data flows Millions of electronic medical records across many systems New and emerging business relationships Changing and maturing compliance frameworks Diverse population

More information

1. From the CIO 3. 2. Strategic Direction for Cloud Computing at Kent State 4. 3. Cloud Computing at Kent State University 5

1. From the CIO 3. 2. Strategic Direction for Cloud Computing at Kent State 4. 3. Cloud Computing at Kent State University 5 Kent State University ss Cloud Strategy Table of Contents Item Page 1. From the CIO 3 2. Strategic Direction for Cloud Computing at Kent State 4 3. Cloud Computing at Kent State University 5 4. Methodology

More information

4/28/2014. What's the Scoop on Cloud Computing. Agenda. Why you are here?

4/28/2014. What's the Scoop on Cloud Computing. Agenda. Why you are here? What's the Scoop on Cloud Computing and Virtualization? ation? April 30, 2014 Jason Wampler, Director of IT, Association Forum of Chicagoland Agenda History and Conceptual Overview of Virtualization &

More information

How To Manage Cloud Data Safely

How To Manage Cloud Data Safely Information Governance In The Cloud Galina Datskovsky, Ph. D., CRM President of ARMA International SVP Information Governance Solutions Topics Cloud Characteristics And Risks Information Management In

More information

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011

A Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011 A Strawman Model NIST Cloud Computing Reference Architecture and Taxonomy Working Group January 3, 2011 Objective Our objective is to define a neutral architecture consistent with NIST definition of cloud

More information

journey to a hybrid cloud

journey to a hybrid cloud journey to a hybrid cloud Virtualization and Automation VI015SN journey to a hybrid cloud Jim Sweeney, CTO GTSI about the speaker Jim Sweeney GTSI, Chief Technology Officer 35 years of engineering experience

More information

Cloud: App-Centric Scalability, Availability, Reliability and Security. Prakash Sinha, Director, Product Management October 27, 2009

Cloud: App-Centric Scalability, Availability, Reliability and Security. Prakash Sinha, Director, Product Management October 27, 2009 Cloud: App-Centric Scalability, Availability, Reliability and Security Prakash Sinha, Director, Product Management October 27, 2009 Agenda Cloud Computing Evolution Creating an Enterprise Cloud Use Cases,

More information

THE BLUENOSE SECURITY FRAMEWORK

THE BLUENOSE SECURITY FRAMEWORK THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program

More information

Technical Management Strategic Capabilities Statement. Business Solutions for the Future

Technical Management Strategic Capabilities Statement. Business Solutions for the Future Technical Management Strategic Capabilities Statement Business Solutions for the Future When your business survival is at stake, you can t afford chances. So Don t. Think partnership think MTT Associates.

More information

Report on Hong Kong SME Cloud Adoption and Security Readiness Survey

Report on Hong Kong SME Cloud Adoption and Security Readiness Survey Report on Hong Kong SME Cloud Adoption and Security Readiness Survey Collaborated by Internet Society Hong Kong and Cloud Security Alliance (HK & Macau Chapter) Sponsored by Microsoft Hong Kong Jointly

More information

Data Center Consolidation: Lessons From The Field. John Tsiofas, Kraft Kennedy David Carlson, Kraft Kennedy

Data Center Consolidation: Lessons From The Field. John Tsiofas, Kraft Kennedy David Carlson, Kraft Kennedy Data Center Consolidation: Lessons From The Field John Tsiofas, Kraft Kennedy David Carlson, Kraft Kennedy Agenda Factors to consider Technology strategy Building a project team How to use vendors wisely

More information

Best Practices for Consolidation Projects

Best Practices for Consolidation Projects Best Practices for Consolidation Projects Lynne Glickman Solution Architect Hewlett-Packard 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without

More information

Capacity Plan. Template. Version X.x October 11, 2012

Capacity Plan. Template. Version X.x October 11, 2012 Template Version X.x October 11, 2012 This is an integral part of infrastructure and deployment planning. It supports the goal of optimum provisioning of resources and services by aligning them to business

More information

CGS Technology Outsourcing

CGS Technology Outsourcing CGS Technology Outsourcing Project Management Best Practices; Modernizing Enterprise Infrastructure presented by Michael Brandi, Vice President 16 September 2015 2015 CGS Computer Generated Solutions.

More information

Production in the Cloud

Production in the Cloud 2/18/2013 Production in the Cloud Presentation by: Rick Dmytryshyn, Program Manager Ph. (303) 882-1282, E-mail. rick.dmytryshyn@willbros.com Presentation Overview DEFINITION: What is the Cloud? SECURITY:

More information

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers How to Effectively Collaborate with Cloud Providers Agenda Overview of Topics Covered Agenda Evolution of the Cloud Comparison of Private vs. Public Clouds Other Regulatory Frameworks Similar to HIPAA

More information

When Security, Privacy and Forensics Meet in the Cloud

When Security, Privacy and Forensics Meet in the Cloud When Security, Privacy and Forensics Meet in the Cloud Dr. Michaela Iorga, Senior Security Technical Lead for Cloud Computing Co-Chair, Cloud Security WG Co-Chair, Cloud Forensics Science WG March 26,

More information

Why Migrate to the Cloud. ABSS Solutions, Inc. 2014

Why Migrate to the Cloud. ABSS Solutions, Inc. 2014 Why Migrate to the Cloud ABSS Solutions, Inc. 2014 ASI Cloud Services Information Systems Basics Cloud Fundamentals Cloud Options Why Move to the Cloud Our Service Providers Our Process Information System

More information

Security Threat Risk Assessment: the final key piece of the PIA puzzle

Security Threat Risk Assessment: the final key piece of the PIA puzzle Security Threat Risk Assessment: the final key piece of the PIA puzzle Curtis Kore, Information Security Analyst Angela Swan, Director, Information Security Agenda Introduction Current issues The value

More information

Overview of Topics Covered

Overview of Topics Covered How to Effectively Collaborate with Cloud Providers Agenda Overview of Topics Covered Agenda Evolution of the Cloud Comparison of Private vs. Public Clouds Other Regulatory Frameworks Similar to HIPAA

More information

_experience the commitment TM. Seek service, not just servers

_experience the commitment TM. Seek service, not just servers The complete cloud Creating and preserving cloud savings, security and service quality transition planning and service management ABOUT THIS PAPER Creating and preserving cloud infrastructure savings,

More information

Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing

Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing Executive Summary As cloud service providers mature, and expand and refine their offerings, it is increasingly difficult for

More information

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014

Consumption IT. Michael Shepherd Business Development Manager. Cisco Public Sector May 1 st 2014 Consumption IT Michael Shepherd Business Development Manager Cisco Public Sector May 1 st 2014 Short Bio Cloud BDM in Public Sector (SLED + FED) Cisco for 14 + years Focused on cloud for 4 + years Awareness,

More information

How To Improve Your Business

How To Improve Your Business IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends

More information

Which is Better: Virtualization or Cloud IaaS?

Which is Better: Virtualization or Cloud IaaS? A White Paper Which is Better: Virtualization or Cloud IaaS? Which is Better: Virtualization or Cloud IaaS? Why should I consider Virtualization or Cloud IaaS at all? Simply put, they can save you money.

More information

Implementing Hybrid Cloud at Microsoft

Implementing Hybrid Cloud at Microsoft Implementing Hybrid Cloud at Microsoft Published September 2013 The following content may no longer reflect Microsoft s current position or infrastructure. This content should be viewed as reference documentation

More information

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered Over the last decade, cloud backup, recovery and restore (BURR) options have emerged

More information

Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise

Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise Introducing Unisys All in One software based weather platform designed to reduce server space, streamline operations, consolidate

More information

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. Gunnar Wahlgren 1, Stewart Kowalski 2 Stockholm University 1: (wahlgren@dsv.su.se), 2: (stewart@dsv.su.se) ABSTRACT

More information

END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE

END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE About M 2 TD M2 TD is a wholly black Owned IT Consulting Business. M 2 TD is a provider of data center consulting and managed services. In a rapidly changing

More information

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)

More information

CLOUD COMPUTING. A Primer

CLOUD COMPUTING. A Primer CLOUD COMPUTING A Primer A Mix of Voices The incredible shrinking CIO CIO Magazine, 2004 IT Doesn t Matter, The cloud will ship service outside the institution and ship power from central IT groups to

More information

Cloud models and compliance requirements which is right for you?

Cloud models and compliance requirements which is right for you? Cloud models and compliance requirements which is right for you? Bill Franklin, Director, Coalfire Stephanie Tayengco, VP of Technical Operations, Logicworks March 17, 2015 Speaker Introduction Bill Franklin,

More information

The Value of Vulnerability Management*

The Value of Vulnerability Management* The Value of Vulnerability Management* *ISACA/IIA Dallas Presented by: Robert Buchheit, Director Advisory Practice, Dallas Ricky Allen, Manager Advisory Practice, Houston *connectedthinking PwC Agenda

More information

Cloud Computing. Bringing the Cloud into Focus

Cloud Computing. Bringing the Cloud into Focus Cloud Computing Bringing the Cloud into Focus November 2011 Introduction Ken Cochrane CEO, IT/NET Partner, KPGM Performance and Technology National co-leader IT Advisory Services KPMG Andrew Brewin Vice

More information

Cloud Computing: Compliance and Client Expectations

Cloud Computing: Compliance and Client Expectations Cloud Computing: Compliance and Client Expectations February 15, 2012 MOSS ADAMS LLP 1 TODAY S PRESENTERS Moderator Kevin Villanueva, CPA, CISA, CISM, CITP, CRISC Sr. Manager, Infrastructure and Security

More information

ITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING

ITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING ITL BULLETIN FOR MARCH 2012 GUIDELINES FOR IMPROVING SECURITY AND PRIVACY IN PUBLIC CLOUD COMPUTING Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute

More information

New Risks in the New World of Emerging Technologies

New Risks in the New World of Emerging Technologies New Risks in the New World of Emerging Technologies Victor Chu Client Technical Professional Identity, Security, and Compliance Management Software Group IBM Malaysia Risk it s NOT a four simple letter

More information

Task Area 1: IT Services for Biomedical Research, Health Sciences, and Healthcare

Task Area 1: IT Services for Biomedical Research, Health Sciences, and Healthcare CIO-SP 3 Task Areas Ten task areas constitute the technical scope of this contract: Task Area 1: IT Services for Biomedical Research, Health Sciences, and Healthcare The objective of this task area is

More information

Right-Sizing Electronic Discovery: The Case For Managed Services. A White Paper

Right-Sizing Electronic Discovery: The Case For Managed Services. A White Paper Right-Sizing Electronic Discovery: The Case For Managed Services A White Paper 1 2 Table of Contents Introduction....4 An Overview of the Options...4 Insourcing: Bringing E-Discovery Processes In-House....4

More information

The transformation of client device and the rise of cloud computing

The transformation of client device and the rise of cloud computing The transformation of client device and the rise of cloud computing 客 戶 端 設 備 的 轉 化 和 雲 端 運 算 的 崛 起 Jason Lui HP Inc. Agenda 1. Some Definition & Industry Trends 2. Trend for Client end in Cloud Computing

More information

Cloud Computing and Amazon Web Services

Cloud Computing and Amazon Web Services Cloud Computing and Amazon Web Services Gary A. McGilvary edinburgh data.intensive research 1 OUTLINE 1. An Overview of Cloud Computing 2. Amazon Web Services 3. Amazon EC2 Tutorial 4. Conclusions 2 CLOUD

More information

Infrastructure solution Options for

Infrastructure solution Options for RFP 16-01 EXHIBIT L Infrastructure solution Options for Corporations and Charities System Contributors: Sanjeev Batta Contents Introduction... 1 Conceptual Infrastructure Design... 2 Corporations and Charities

More information

Iowa State University Proposal for HR-01 ISU HR Operating Model

Iowa State University Proposal for HR-01 ISU HR Operating Model Iowa State University Proposal for HR-01 ISU HR Operating Model Overview: Iowa State University proposes undertaking the HR-01 ISU HR Operating Model business case to transform the quality, manner and

More information

RFP Attachment C Classifications

RFP Attachment C Classifications RFP 1. Applications IT Architect Analyzes and designs the architecture for software applications and enhancements, including the appropriate application of frameworks and design patterns and the interrelationships

More information

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models. Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,

More information

Migrating to the Cloud. Developing the right Cloud strategy and minimising migration risk with Logicalis Cloud Services

Migrating to the Cloud. Developing the right Cloud strategy and minimising migration risk with Logicalis Cloud Services Migrating to the Cloud Developing the right Cloud strategy and minimising migration risk with Logicalis Cloud Services Organisations are looking for new ways to deliver IT services and demanding that ICT

More information

Data Center Consolidation in the Federal Government Looking beyond the technology

Data Center Consolidation in the Federal Government Looking beyond the technology Data Center Consolidation in the Federal Government Looking beyond the technology Overview The reported number of Federal data centers grew from 432 in 1998 to 2,094 in 2010 1, an increase that is costly,

More information

Seeing Though the Clouds

Seeing Though the Clouds Seeing Though the Clouds A PM Primer on Cloud Computing and Security NIH Project Management Community Meeting Mark L Silverman Are You Smarter Than a 5 Year Old? 1 Cloud First Policy Cloud First When evaluating

More information

Five Tactics to Hybrid Cloud Success

Five Tactics to Hybrid Cloud Success March 2016 Five Tactics to Kick Start Your Table of Contents High-Performance IT Environments Drive Revenue and Agility 3 What is Hybrid Cloud? 4 Five Keys for Hybrid Cloud Success: 1. Start with a Business

More information