Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services



Similar documents
CLOUD COMPUTING SERVICES CATALOG

Security Issues in Cloud Computing

EMC PERSPECTIVE. The Private Cloud for Healthcare Enables Coordinated Patient Care

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services

Accelerate Your Enterprise Private Cloud Initiative

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Seeing Though the Clouds

THE BUSINESS OF CLOUD

Cloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service

Building the Business Case for Cloud: Real Ways Private Cloud Can Benefit Your Organization

Overview. FedRAMP CONOPS

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

WHITE PAPER: STRATEGIC IMPACT PILLARS FOR EFFICIENT MIGRATION TO CLOUD COMPUTING IN GOVERNMENT

Security Considerations for Public Mobile Cloud Computing

Cloud Security for Federal Agencies

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division

END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE

Shaping Your IT. Cloud

WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD

INTRODUCING CLOUD POWER

Who moved my cloud? Part I: Introduction to Private, Public and Hybrid clouds and smooth migration

GETTING THE MOST FROM THE CLOUD. A White Paper presented by

Managing Cloud Services in the Enterprise The Value of Cloud Services Brokers

DNA IT - Business IT On Demand

Top 10 Reasons Enterprises are Moving Security to the Cloud

Cloud Computing; What is it, How long has it been here, and Where is it going?

Managing Cloud Computing Risk

Cloud Computing - Architecture, Applications and Advantages

next generation privilege identity management

Cloud Computing. Bringing the Cloud into Focus

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Federal Aviation Administration. efast. Cloud Computing Services. 25 October Federal Aviation Administration

Fast IT: Accelerate Your Business

White Paper: Introduction to Cloud Computing

CoIP (Cloud over IP): The Future of Hybrid Networking

WWT View Point. Journey to the Private Cloud: Take the First Steps with FlexPod

Cisco Wide Area Application Services Optimizes Application Delivery from the Cloud

Cloud Computing in a Regulated Environment

Sage ERP I White Paper. ERP and the Cloud: What You Need to Know

The Cloud-Enabled Enterprise Developing a Blueprint and Addressing Key Challenges

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

IJRSET 2015 SPL Volume 2, Issue 11 Pages: 29-33

Storage Infrastructure as a Service

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

BRIDGE. the gaps between IT, cloud service providers, and the business. IT service management for the cloud. Business white paper

Moving to the Cloud: What Every CIO Should Know

Software-Defined Networks Powered by VellOS

SECURE CLOUD SOLUTIONS FOR YOUR BUSINESS.

How To Understand Cloud Computing

Guide to Information Governance: A Holistic Approach

Management of Cloud Computing Contracts and Environment

Secure Enterprise Mobility Management. Cloud-Based Enterprise Mobility Management. White Paper: soti.net

Hybrid Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Cloud Computing. What is Cloud Computing?

CLOUD COMPUTING An Overview

VMware Hybrid Cloud. Accelerate Your Time to Value

10 Considerations for a Cloud Procurement. Anthony Kelly Erick Trombley David DeBrandt Carina Veksler January 2015

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

Data Center Consolidation: Lessons From The Field. John Tsiofas, Kraft Kennedy David Carlson, Kraft Kennedy

Using Cloud-Based Technologies in Clinical Trials by Niki Kutac, Director, Product Management

Caretower s SIEM Managed Security Services

How To Use Cloud Computing For Federal Agencies

VALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud

A ROAD MAP FOR GEOSPATIAL INFORMATION SYSTEM APPLICATIONS ON VBLOCK INFRASTRUCTURE PLATFORMS

The Need for Service Catalog Design in Cloud Services Development

OVERVIEW Cloud Deployment Services

Global Headquarters: 5 Speen Street Framingham, MA USA P F

IBM Smartcloud Managed Backup

Assessing Risks in the Cloud

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

Hitachi Cloud Service for Content Archiving. Delivered by Hitachi Data Systems

A COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

Effective, Affordable Data Management with CommVault Simpana 9 and Microsoft Windows Azure

Feet On The Ground: A Practical Approach To The Cloud Nine Things To Consider When Assessing Cloud Storage

DLT Solutions and Amazon Web Services

Executive s Guide to Cloud Access Security Brokers

Cloud computing is a way of delivering IT services to users without the need to buy, install or manage any infrastructure.

December 8, Security Authorization of Information Systems in Cloud Computing Environments

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

The process of. The Software-as-a- Cloud-Based Software Model. Service Model

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Datacenter Management and Virtualization. Microsoft Corporation

Is online backup right for your business? Eight reasons to consider protecting your data with a hybrid backup solution

GOVERNMENT USE OF MOBILE TECHNOLOGY

The Evolution to Cloud Communications

Transcription:

Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services organization providing innovative management and technology-based solutions to government and industry. As a nonprofit 501(c) (3) organization, CTC's primary purpose is to undertake applied scientific research and development activities that serve the public interest. For more information, visit www.ctc.com.

CASE STUDY: An Agency IT s Case for the Cloud After years of continually adding new servers, communications hardware, infrastructure, and software, as well as a constantly increasing physical footprint, many agencies are tempted by Cloud Service Providers (CSPs) that offer to eliminate much of this Information Technology (IT) burden and overhead. In fact, the ever increasing agency requirements on IT systems, security, processes and staff, combined with the unending need to maintain or reduce budgets causes many agencies with a traditional in-house IT department to strain just to perform their core missions. Agency demands on IT systems have become too vast for an internal IT department to operate as usual and thus consume a disproportionate amount of an agency s resources. This imbalance has led IT decision makers to look for innovations and new technologies to streamline critical functions. Cloud computing is an emerging innovation that offers a high potential to streamline IT processes and cut costs. The cloud offers highly-scalable computing resources provided as an external service on a pay-as-you-go basis. For IT departments, this means no more separate procurements when a new server needs added, no more constant maintenance, licensing logs, or upgrades or patch schedules. CSPs promise to take care of all this while you, the agency, simply purchase the IT services you require as you would any other utility. Further, CSPs use remote servers housed in data centers, eliminating the agency s IT physical footprint. Sounds great, right? So onto the cloud?! Not so fast. You need a trusted partner that understands your agency s security, data, and performance requirements. A partner that can help determine whether a private or hybrid cloud architecture is more appropriate than a public cloud. One that can be your advocate in selecting the right CSP(s) and building a cloud solution. Benefits of Cloud Computing Budgeting ease/ reduced IT capital expenditure With computing resources, storage is often elastic, expanding and contracting on a frequent basis. Cloud computing supports elastic storage and consumption pricing, meaning you pay for what is consumed on a monthly basis. No more procurement for expected usage or unexpected expenditures for increased usage. Reduced administration costs IT solutions can be deployed, managed, maintained, patched and upgraded remotely by CSPs, eliminating your agency s need to duplicate computer administrative skills related to setup, configuration, and support. Multi-tenants architecture and Economies of scale CSPs use large-scale data centers with shared computing power among multiple tenants. This improves efficiency as infrastructure is more efficiently utilized which reduces costs while increasing the speed of application deployment. Scalability on demand Customers can react quickly to changing IT needs, adding or subtracting capacity when required and responding to real, rather than projected, requirements. Increased Collaboration/Anywhere Access Provides access to both applications and data from any location via an Internet connection. Multiple users can work together, sharing computing resources and simplifying collaboration.

The transition from traditional in-house IT models to a Cloud model offers many efficiencies as well as risks. CTC cloud broker services help you design and implement the right cloud solution without compromising the security, data, and performance requirements of your agency. IT Considerations and Cloud Risks No one understands an agency s security, application, and certification requirements better than the internal IT staff even if that same staff is becoming smothered by increasing IT demands. Your IT department has established critical IT processes and procedures that your agency requires, possibly including: Maintenance of agency security perimeter Compliance with Federal or legislative guidelines regarding recordkeeping or controls Identity and Access Management Cyber Security protection mechanisms Disaster recovery and backup procedures. Armed with an overwhelming amount of information from internal IT departments,vendor sales teams, and large expensive consultancy firms, IT decision makers are left trying to balance two seemingly atodds issues: How can an agency hand over control regarding these critical and agency-tailored processes to a CSP? Given the large amounts of capital spent on IT infrastructure, how can we not? IT decision makers need a way to free working capital expended on IT for other critical mission operations without compromising the IT security and performance the agency has come to rely on. CTC offers a solution that allows your agency to have both. CTC s Cloud Broker service provides a trusted advisor for implementing a cloud solution. Our services can assist in assessing your applications, infrastructure, and software to provide you with an analysis of your computing requirements and applicable cloud services available to meet these needs. Our role as a cloud broker manages the CSP and bridges the gap when CSPs fail to deliver the full suite of services your Enterprise requires. We have extensive experience with Identity and Access Management (IAM) systems and services integrated into all cloud models. We can work with your organization and CSPs to ensure an IDAM solution that meets your policy and regulatory requirements. The CTC Cloud Broker Service is here to help enable a successful cloud transition for your organization.

CTC SOLUTION: Cloud Broker Service The CTC Cloud Broker Service ensures that your agency obtains the same or better IT security, support and performance as when it was controlled by traditional in-house IT. CTC makes sure that your agency realizes all the benefits of cloud computing without sacrificing IT computing power and capabilities. We enable the construction of simpler and more efficient cloud environments by providing a single point of contact to coordinate cloud solutions. CTC Cloud Broker coordinators work closely with customers to identify requirements, manage the CSP consumer relationship, and bridge the gap in technical areas that CSPs fail to meet. These services are based on CSP selection and solution design and security. CTC Cloud Broker Service: CSP SELECTION and INTEGRATION CSP Selection: U.S. agencies have unique security and data archiving requirements that can t necessarily be met by many companies now offering cloud IT services. In fact, because of the pressure on Federal and defense agencies to utilize the cloud, many organizations are offering cloud services. The CTC Cloud Broker Service verifies CSP qualifications and their capability to deliver cloud services. In addition, the CTC Cloud Broker service is intimately aware of the FedRAMP* certification and approval process. We have experience working with FedRAMP and can assist your agency with navigating the FedRAMP process. *Note: The FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. For agencies, it can serve as baseline for initiating, reviewing, granting, and revoking security authorizations for cloud services. 10 areas that the CIO Council and CAOC believe agencies need to consider when drawing up cloud contracts: 1. Selecting a cloud service: Choosing the appropriate cloud service and deployment model is the critical first step in procuring cloud services. The last page of this white paper provides an overview of cloud computing architectures and models. 2. Cloud service provider and end-user agreements: Terms of service and all CSP/customer-required agreements need to be integrated into contracts. 3. Service-level agreements (SLAs): SLAs should define performance with clear terms and definitions, demonstrate performance measurements, and specify the enforcement mechanisms that ensure SLAs are met. 4. CSP, agency, and integrator roles and responsibilities: Careful delineation of responsibilities and relationships among the Federal agency, integrators and the CSP are needed in order to effectively manage services. 5. Standards: The use of the National Institute of Standards and Technology s (NIST s) Cloud Computing Reference Architecture and agency involvement in standards are necessary for procurements. 6. Security: Agencies must clearly detail the requirements for CSPs to maintain the security and integrity of data existing in a cloud environment. 7. Privacy: If cloud services host privacy data, agencies must adequately identify potential privacy risks and responsibilities and address those needs in the contract. 8. E-discovery: Federal agencies must ensure that all data stored in a CSP environment is available for legal discovery by allowing all data to be located, preserved, collected, processed, reviewed and produced. 9. Freedom of Information Act (FOIA): Federal agencies must ensure that all data stored in a CSP environment is available for appropriate handling under FOIA. 10. E-records: Agencies must ensure that CSPs understand and assist Federal agencies in complying with the Federal Records Act and obligations under that law. http://fcw.com/microsites/2012/snapshot-cloud-computing/05-cloud-procurement-agencies-meet-new-processes.aspx CSP Integration: In order to make the most of your cloud instantiation and ensure that cloud computing services you procure integrate into your current infrastructure, the CTC Cloud Broker Service works with

your agency in the early stages to identify the most effective cloud model to achieve success. We review your existing architecture and define the scope of your cloud project so the cloud model (public, private, or hybrid) integrates with your existing computing infrastructure and applications. We are able to ensure that cloud services become a seamless extension of existing services. The CTC Cloud Broker Service will assess your current computing needs, architect a viable cloud computing design, broker your relationship with the CSP, and integrate your infrastructure with cloud services. Secure Mobile Device Management and Mobile Application Development: The advances in mobile computing and the need to access resources from literally any location has never been more prevalent than today. Organizations that do not provide access to their resources from multiple platforms, including mobile computing, risk being passed by their competition or simply failing their constituents. The CTC team provides mobile application development as well as proven performance integrating Mobile Device Management (MDM) to ensure your resources are secure. Our staff has designed and developed internal application stores within MDMs to provide secure access to resources from mobile devices. We have also developed accredited mobile solutions for Government agencies. CTC Cloud Broker Service SECURITY Maintaining a Security Perimeter: As an experienced contractor dealing with classified facilities and programs, Accelerate Organizational Innovation with Cloud CTC understands the security concerns IT departments Computing face during a cloud transition. From complex crossdomain authentication scenarios and data behavior Cloud computing redefines the way IT assets are monitoring/modeling to basic logins, CTC Cloud Brokers deployed and consumed and dramatically affects work with your agency to make sure your data is never the way data center networks are architected and vulnerable, including data in transit. managed. Conventional hierarchical data center o Identity and Access Management (IAM) Solutions Geared For Cloud Computing: CTC Cloud Brokers networks built to support traditional stovepipe IT can help your agency integrate IAM solutions to architectures can t meet the security, agility and authenticate and authorize access to enterprise price/performance requirements of virtualized resources and data that fulfills compliance cloud computing environments. requirements The CTC IAM capabilities uniquely identify and authenticate users and devices while For these reasons, enterprises are turning to the profiling each connecting device and assign access Cloud to improve organizational agility, reduce based on need to know. expenses, and accelerate innovation. o Secure Gateway: CTC Cloud Brokerage offers a high bandwidth secure communication channel, meeting The number of companies offering these services your requirements for secure, reliable transport without verified capabilities, coupled with the from anywhere to your CSPs Infrastructure as a critical nature of government IT necessitates the Services (IasS). o Secure Data at Rest: Critical to protecting your role of an independent, unbiased, and expert agencies data is providing mechanisms that ensure Cloud Broker Service to serve as an agency s that data at rest is safe from malicious or accidental advocate in developing an optimal solution. data leakage. CTC Cloud Broker Services provides various levels of encryption to protect your data as well as security controls to prevent data leakage. CTC Cloud Broker Service: Bridging the Gap

CTC s Cloud Broker Service leverages our company s nonprofit position as a non-biased, trusted advisor with our cloud computing, IT and security expertise to serve your agency as a dedicated advocate. We identify computing requirements, select a CSP, and then engineer, transition and implement your cloud solution. CTC manages the use, governance, performance and delivery of cloud services and negotiates relationships between our clients, cloud consumers and CSPs. CTC provides cloud consumers with the Step 1: Start with a holistic view and strategy ability to quickly and effectively procure and implement cloud services by: Identifying computing requirements Working with CSPs to identify and match their capabilities with your requirements Negotiating and managing CSP contracts Bridging the gap between computing needs and CSP limitations Traversing through the FedRAMP and other certification processes. CTC has experience coordinating these types of exchanges and has done so for many Federal and Defense clients, including those with rigorous security guidelines. When helping agencies design a cloud solution, the CTC Cloud Broker Service considers requirements regarding: applications, network security functions, authentication, host management, directory services integration, auditing, and Computingto-Go capabilities. Through this requirement identification phase, the CTC Cloud Broker Service ensures the cloud solution and the CSP provide you with the services you need. We are committed to ensuring you receive the CTC s Cloud Brokerage Service helps clients gain clarity on cloud concepts, identify the cloud initiatives that can work for their organization, and discuss how a hybrid cloud architecture can lay the foundation for migrating services to the cloud. CTC Cloud Brokers can analyze your computing requirements and subsequently architect a robust cloud solution for your organization. Step 2: Construct a cloud architecture An enterprise architecture taking a holistic view of the organization is crucial to a successful enterprise cloud services implementation. For example, delivering a working hybrid cloud service quickly and affordably could be a crucial transition step; otherwise, your organization risks the possibility that stovepipe stakeholders will deploy shadow IT services through the public cloud. CTC experts have past experience analyzing customer networks, working with CSPs, and bridging the gap between the two, allowing enterprise cloud deployments to occur quickly and efficiently. CTC s Cloud Brokerage Service provides the core capabilities and a one-stop shop to enable successful cloud services. secure and robust access to services, applications, and data required to meet your agency s mission requirements. Further, the CTC Cloud Broker Service provides an optional high bandwidth secure communication path to the CSP. This path provides a mechanism to seamlessly migrate to cloud services without interrupting mission critical functions.

Conclusion Federal and Defense agencies are turning to the cloud to accelerate organizational innovation, improve agility, and contain costs. Cloud computing reshapes the way applications are deployed and consumed and changes the security boundaries. As a cloud broker, CTC helps organizations architect and implement secure cloud solutions. CTC brokers the cloud consumer-cloud provider relationship, easing the migration to cloud services. CTC, as your trusted partner, works with standards organizations (including FISMA and NIST) and cloud providers to verify capabilities and compliance. We can take this experience and manage your cloud instantiation to ensure the right services are provided at the optimal price point. Features of CTC Cloud Brokered Service Solution Benefits to your Agency, the Cloud Consumer Customer Manage access to cloud services Service Intermediation IAM Enhanced Security controls Performance Reporting Assurance of client data security in the cloud Delivers ubiquitous access to computing resources regardless of Service Aggregation endpoint Accelerates delivery of applications and services Provides data integration Service Arbitrage Flexibility to choose services from multiple CSPs Federation of services provided by multiple CSPs Consistent user experience accessing resources and applications User Interaction Secure access to client resources Application Serving Improved application delivery times Enables proactive services Aligns IT services with identity management, virtual storage, and dynamic processing Security and Performance Applies risk-based security Informs policy makers of quantifiable risks to make better informed decisions Provides client-device independence that is centered on delivering services via web browser. Clients are able to choose between a full virtual desktop or specific applications Endpoint Device Independence Management of virtual desktop images uses provisioning technology to streamline standard image deployment on demand for virtual desktops or users Administration and maintenance simplification of desktop images

Cloud Computing Architecture: An Overview Agencies and organizations of every size are looking to the Cloud to boost agility, reduce expenses and risks, and improve innovation to better service their customer. Cloud computing provides on-demand access to an elastic pool of shared computing, storage and networking resources over a private Internet Protocol (IP) network or the Internet. Cloud services can be deployed in several different ways, including public, private, and hybrid models. In a public cloud model, a service provider establishes a cloud-based service as a commercial offering. IT assets are shared and services are provided to multiple enterprises, often on a peruse basis. By leveraging the experience and capital investments of a trusted cloud service provider, enterprises can reduce capital expenditures, respond more quickly to rapidly evolving organizational requirements, and focus valuable IT resources on innovation rather than underlying IT infrastructure. In a private cloud model, services are delivered to users and groups within an individual enterprise. An enterprise IT organization may set up a private cloud to provide on-demand applications and services to internal consumers and organizational units. By implementing private clouds, enterprises can reduce capital and operating expenditures by leveraging economies of scale and eliminating redundancies. This allows them to focus on improvements in agility and concentrate on innovation rather than underlying IT services. Security remains by far the most important issue for agencies that are thinking of using the cloud to deliver services. For that reason, most agency cloud initiatives to date use private clouds, where the data resides behind the agency s security perimeter. In a hybrid model, an enterprise employs a combination of private and public cloud services - sometimes in conjunction with traditional on-premise IT solutions. Due to the sensitivity of computing resources and data storage, a hybrid cloud option is the most widely adopted deployment model for large enterprises. Cloud computing has distinct, defined roles in a brokered cloud architecture. These roles include the following: Cloud Consumer is an organization consuming cloud services. CSP offers cloud computing services to cloud consumers. Cloud Broker is an organization that manages the use, performance, and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers. Cloud computing alters traditional data center traffic flows, increases bandwidth and performance demands, and introduces new security, Service Level Agreement (SLA) and service orchestration requirements. Enterprises must consider efficient, secure, and scalable access to cloud computing, regardless of the deployment model chosen. As a cloud broker, CTC fully understands the capabilities and limitations of all three cloud deployment models and has a team in place to assess your computing requirements and to assist your organization in migrating to a cloud environment. By partnering with CTC, you can pick and choose the assistance you need. We can assess your cloud requirements, manage the CSP and SLAs, orchestrate services, and ensure policy and regulatory compliance. 06/13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information