AWS Hybrid Cloud
The cloud architecture that shall be deployed at Regional Gardens Ltd. shall be hybrid cloud architecture. There are several vendors of hybrid cloud that are present in the market. The one recommended for the organization is Amazon Web Services (AWS). AWS hybrid cloud will meet the requirements of the firm and the architecture has been illustrated in the diagram below.
AWS Hybrid Cloud Architecture
AWS will make sure that the existing Line of Business (LoB) is easily migrated to the cloud and the cloud activities, such as storage on the cloud, management of the applications, shared resources, security services, etc. are also provided with ease. The process of integration will be easy to carry out (Aws, 2018).
The primary reasons behind the recommendation of the cloud architecture are cost-effective services that will be provided along with the seamless integration of the existing and new services at Regional Gardens Ltd. The multi-protocol strategy will also provide enhanced network connectivity and performance. The layers present in the AWS hybrid cloud architecture will provide ease of extension of the physical connections to the cloud and the on-premises resources will be easily bundled up. The management of the users and their respective access will also be convenient to do.
The hybrid cloud architecture will provide numerous benefits to the organization. There will be enhanced flexibility and scalability that will come along with the cloud to meet the changing demands and requirements of the organizations. Apart from the requirements that have already been listed, there may be certain changes that may be witnessed in the future. Such changes and modifications will be done by the cloud with any major alternations in the existing set of operations. The maintenance time associated with the Hybrid Cloud architecture will also be low (Xue & Xin, 2016). Other benefits will include reduced latency along with the enhanced cost-effectiveness.
There will be a few issues that may be witnessed in associated with the hybrid could architecture. The dependency of such architectures on the infrastructure is high and that might appear as a primary issue. There are scenarios of outage that come up due to security issue, network lags, etc. The reliance on the IT staff in such cases will be extremely high. There may also be numerous security and privacy concerns that may emerge with the use and deployment of hybrid cloud architecture (Jenkins, 2014).
|
Risk Name |
Description of the Risk |
Impact Score (Very High – 5 High – 4 Average – 3 Minor – 2 Low – 1) |
Likelihood Score (Very High – 5 High – 4 Average – 3 Minor – 2 Low – 1) |
Risk Score/Rank (Impact x Likelihood) |
Treatment & Response Strategy |
|
Data Encryption Issues |
Poor or insufficient encryption may be observed leading to ease of attacks |
5 |
2 |
10 |
Risk Avoidance: Advanced encryption algorithms and cryptography measures |
|
Flooding attacks and denial of service issues |
The network/cloud mediums may be flooded with unwanted traffic |
4 |
4 |
16 |
Risk Avoidance: Anti-denial tools |
|
Malware Threats and Attacks |
Viruses, logic bombs, ransomware, Trojan Horses, worms, spyware, adware |
4 |
5 |
20 |
Risk Avoidance: Anti-malware tools |
|
Data Leakage & Breaches |
There may be leakage of the data sets during transmission or the attackers may succeed in capturing private data sets |
5 |
5 |
25 |
Risk Avoidance & Mitigation: Advanced security tools and policies, data backups |
|
Unprotected APIs |
The use of unprotected APIs may be done to give shape to the security attacks |
3 |
3 |
9 |
Risk Transfer: Third-parties |
|
Authentication & Access Control Issues |
Violation of the access control mechanisms and authentication protocols |
5 |
3 |
15 |
Risk Avoidance: Multi-fold authentication, role based access control |
|
Poor IP Protection |
The security protocols installed in the organization may not be sufficient to deal with the security attacks (An, Zaaba & Samsudin, 2016) |
4 |
1 |
4 |
Risk Avoidance & Mitigation: Advanced security tools and policies, data backups (Vurukonda & Rao, 2016). |
|
Weaker Security Management |
The involvement of multiple security policies or manager may give shape to the security attacks. |
4 |
4 |
16 |
Risk Avoidance & Mitigation: Advanced security tools and policies, data backups |
|
Eavesdropping Attacks & Man in the Middle Attacks |
The attackers may be present on the network channels to look over the network activity using unauthorized access |
5 |
3 |
15 |
Risk Avoidance: Intrusion Detection & Prevention Systems |
|
Lack of Data Ownership |
The presence of several data owners and too many policies along with the absence of contractual terms on ownership may lead to the attacks |
4 |
4 |
16 |
Risk Avoidance: Definition of contractual terms and policies |
|
Insider Threats |
The internal employees of the organization may be involved in the passage of information to the unauthorized entities which may be accidental or deliberate. |
5 |
2 |
10 |
Risk Avoidance: Employee trainings on ethical and best practices, employee tracking tools (Mathkunti, 2014) |
The business organizations and the associated data sets are exposed to numerous security risks and attacks. There are a few general security controls and practices that the organizations shall adopt and implement to detect, prevent, control, and avoid such risks.
The major responsibility of maintaining adequate security architecture in the organization to maintain security and privacy of the information sets is on the Chief Information Security Officer, usually known as CIO. CIO must develop and implement security strategies in the organization. The security team shall also include other resources as Security Manager, Security Advisor, Security Analyst, Security Associate, etc. for maintaining required security framework. These entities must carry out security audits to validate the security policies and protocols being used (Anderson, Baskerville & Kaul, 2017).
The security team must also provide trainings to the employees on the security practices and ethical norms to avoid insider attacks (Otero, 2010). Risk management plan and vulnerability assessment process shall also be put in use.
The business organizations have now adapted to latest technologies to execute the business operations and services. These technologies shall also be used for ensuring and maintaining information security and privacy. There are schemes as Bring Your Own Device (BYOD), remote monitoring and working that are being provided to the employees. These schemes further enhance the likelihood of the attacks.
Technical and logical controls shall be used to put a check on security issue. These controls shall include the use of firewalls and proxy servers. There are advanced encryption algorithms and cryptographic measures that have been developed. These shall be applied along with the use of anti-denial and anti-malware tools. Secure shell network along with flow analytics must be utilized. Access control in the organizations shall be upgraded to the use of automated control mechanisms and there must be network security tools installed as well for detecting the preventing the malevolent attempts of the intruders (Fazlida & Said, 2015). Data sets shall also be backed up at regular intervals for disaster recovery and damage control.
There are physical security controls that shall also be used and followed. The organizations must ensure that physical security is active on the entry and exit points so that unauthorized individuals do not succeed in entering the organizations. The sensitive areas, such as servers rooms must be protected using a combination of physical security controls and technical controls.
Application Resilience
Hybrid cloud architecture implemented in the organization shall ensure application resilience with the cascading of the availability on the basis of zones, such as automated scaling, load balancing, technical areas, and likewise. There shall be measures used as enhanced fault tolerance, implementation of advanced security controls, secure storage solutions and platforms.
Data Storage and Backup
The storage of the data and information sets shall be done using Big Data tools and platforms. Hadoop is one such open-source tool that may be utilized to provide the organization with ease of storage and analytics (Dhyani & Barthwal, 2014). Hyperscale Storage Architecture may also be used for storing the data sets. There are also multiple NoSQL cloud-based databases released in the market that may be used for data storage, document extraction, predictive analysis, clustering of the data sets, and likewise. Some of the NoSQL databses that may be used include Elasticsearch, MongoDB, Terrastore, etc. (Pokorny, 2013).
Disaster Recovery
Disaster recovery plans and measures must always be developed in advance to avoid damage at the time of security attack. Data backup shall be done at regular intervals along with the use of controls, such as preventive, reactive, detective, and administrative. The organization shall always be prepared to make sure that the security risks, if occurred fail to cause any damage and the downtime is minimal.
Remote Administration
Remote Administration allows easier management and control by the administrators from any of the remote locations. There are certain issues that are normally associated with remote administration, such as ineffective monitoring due to technical glitches, operational errors, etc. Hybrid cloud architecture that will be used in this case will overcome such issues as there will be enhanced technical compatibility offered to the tools, operating systems, software, and network connections. There will be flexible and scalable options involved.
Resource Management
There will be a few measures that will be followed to manage the resources in the organization. These will include automated resource tagging, inter-linking of the departments, use of a centralized tool for resource management, utilization of the available metadata, etc. This will allow the management and the operational staffs to have transparency in between leading to enhanced collaboration among the units.
SLA Management
The management of Service Level Agreement (SLA) will be done using the scheme as sugegsted above. The customers/users will be kept at the top priotity under every circumstance. There will also be contractual processes and terms used to define the data ownership rights and level of authority.
Purpose
To list the approach and phases that will be used for migrating the services and data sets on cloud-based mediums.
Approach
Phased Approach will be used for easier implementation and error-free operations.
Initiation
The migration of email instances on the cloud platform as AWS cloud will begin with the determination of feasibility from the aspects as technical, social, operational, economic, etc. the results will be compiled followed by compatibility analysis.
Planning
There will be planning steps defined for the three key areas. The migration of the services will be kept on the top priority followed by secure movement of the data and information sets from existing to the new platforms. The integration of the services will also be planned out. There will be estimations calculated in terms of cost and schedule. The resources and the communication mechanisms will also be planned. There will be data gathering processes carried out in the phase (Zhao & Zhou, 2014).
Execution
The migration of the email instances to cloud will be executed with the services followed by the data sets.
Control
There will be monitoring and testing processes executed as system testing, performance and security testing, and regression tests (Reavis, 2012).
Closure
The final set of activities will be executed in this phase along with the submission of a closure report.
The critical point in the initial phase will be the determination of feasibility. There may be issues as inadequate or ineffective communication that may adversely impact this step and the entire process. The calculation of the estimations will be critical in the planning phase. There may be issues as quality errors and schedule/budget overrun that may come up if the estimations are not done properly. There must be subject matter experts involved in each of these processes so that the resulting issues are avoided. The execution of the email instances on cloud may witness security attacks. These must be controlled using the automated technical tools and mechanisms along with the enhanced administrative controls. The changes introduced after execution may not be easy to control. Change management plans shall be prepared in advance for this purpose. There may also be other issues as ethical non-compliance that may be witnessed throughout these phases. It is a critical area and shall be avoided using ethical norms and principles.
References
An, Y., Zaaba, Z., & Samsudin, N. (2016). Reviews on Security Issues and Challenges in Cloud Computing. IOP Conference Series: Materials Science And Engineering, 160, 012106. doi: 10.1088/1757-899x/160/1/012106
Anderson, C., Baskerville, R., & Kaul, M. (2017). Information Security Control Theory: Achieving a Sustainable Reconciliation Between Sharing and Protecting the Privacy of Information. Journal Of Management Information Systems, 34(4), 1082-1112. doi: 10.1080/07421222.2017.1394063
Aws. (2018). Hybrid Cloud Architectures – Amazon Web Services (AWS). Retrieved from https://aws.amazon.com/enterprise/hybrid/
Dhyani, B., & Barthwal, A. (2014). Big Data Analytics using Hadoop. International Journal Of Computer Applications, 108(12), 1-5. doi: 10.5120/18960-0288
Fazlida, M., & Said, J. (2015). Information Security: Risk, Governance and Implementation Setback. Procedia Economics And Finance, 28, 243-248. doi: 10.1016/s2212-5671(15)01106-5
Jenkins, R. (2014). Hybrid Public Private Cloud Computing for the Media Industry. SMPTE Motion Imaging Journal, 123(3), 56-59. doi: 10.5594/j18398xy
Mathkunti, N. (2014). Cloud Computing: Security Issues. International Journal Of Computer And Communication Engineering, 3(4), 259-263. doi: 10.7763/ijcce.2014.v3.332
Otero, A. (2010). A Multi-Criteria Evaluation of Information Security Controls Using Boolean Features. International Journal Of Network Security & Its Applications, 2(4), 1-11. doi: 10.5121/ijnsa.2010.2401
Pokorny, J. (2013). NoSQL databases: a step to database scalability in web environment. International Journal Of Web Information Systems, 9(1), 69-82. doi: 10.1108/17440081311316398
Reavis, D. (2012). Information Evaporation: The Migration Of Information To Cloud Computing Platforms. International Journal Of Management & Information Systems (IJMIS), 16(4), 291. doi: 10.19030/ijmis.v16i4.7305
Vurukonda, N., & Rao, B. (2016). A Study on Data Storage Security Issues in Cloud Computing. Procedia Computer Science, 92, 128-135. doi: 10.1016/j.procs.2016.07.335
Xue, C., & Xin, F. (2016). Benefits and Challenges of the Adoption of Cloud Computing in Business. International Journal On Cloud Computing: Services And Architecture, 6(6), 01-15. doi: 10.5121/ijccsa.2016.6601
Zhao, J., & Zhou, J. (2014). Strategies and Methods for Cloud Migration. International Journal Of Automation And Computing, 11(2), 143-152. doi: 10.1007/s11633-014-0776-7
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download