Key Assignment Section 5: Security, Risk Management, and Governance The chief information officer (CIO) is very pleased with all of your efforts to adopt cloud-based services and wants to ensure the data is secure and that a strategy exists for maintaining the solution going forward. In the final section, cover the following:
Security threats in cloud-based solutions with risk management strategies
Governance principles for cloud-based solutions
Identify management opportunities in the cloud
Unformatted Attachment Preview
Running head: Cloud computing
Introduction to Cloud Computing(IT175-1802A-01)
Instructor: Noel Broman
Week one: Cloud Providers and Cost Savings Analysis ..pg3-7
Week two: SaaS and IDaaS Plan pg8-10
Week three: SOA and PaaS for Supply Chain ..pg11-14
Week four: IaaS Provider Analysis
Currently all over the world, one of the most important departments in every company, or
organization is the IT department. This is in relation to the fact that almost every other
department in a given company relies on technology. For this reason, in most cases the IT
department is usually allocated a larger percentage of the a companys budget so as ensure that
the company ends up utilizing the full potential of this department to be able to realize its shortterm as well as long-term goals. The over-reliance on technology has resulted in companies
looking for alternative ways of lowering costs. This is as a result of the fact that, currently all
over the world, the management of companies is usually under a lot of pressure to deliver more
with less. One way to be able to save on costs incurred with regard to technology is to adopt
cloud based solutions (Antonopoulos & Gillam, 2017).
There are several ways in which cloud-based solutions helps an organization to be able to
save on costs without sacrificing the quality of technology deployed. To begin with cloud based
solutions eliminates the need to purchase complicated setup that is usually needed in the absence
of cloud based solutions to be able to utilize technology. This implies that entry costs will be
eliminated when one intends to utilize cloud based services. This in turn makes the use of
advanced technology very affordable in comparison to traditional IT.
Secondly, cloud based solutions eliminates the need for complicated software licensing
costs usually associated with traditional IT. This in turns saves the company money that would
have been spending on licenses if the company decides not to adopt cloud based solutions. This
is in relation to the fact that cloud based solutions doing not require a licenses which is usually
renewed year after year resulting in costs being incurred by the company (Antonopoulos &
Thirdly, cloud based solutions eliminate costs associated with consultation & installation
services. This is the case since, cloud based solutions do not require consulting fees usually paid
upfront when one decides to use traditional IT. Additionally, cloud based solutions are usually
ready to use within a very short period of time. This in turn saves the company a lot of time as
well as money that would have been wasted while waiting for months for the installation process
associated with tradition IT to be accomplished.
Lastly, cloud based solution frees up those working I the IT department to be able to
work on other projects. This is so since cloud based solutions do not require regular
maintenance, which most IT experts usually spend a lot time on. Additionally the company ends
up saving on costs that it would have incurred towards maintenance.
Other than cost saving, there are other benefits that a given business will realize by
adopting cloud based solutions. One of the benefits associated with cloud based solutions is
scalability. This is so since cloud computing enables a given business to be able to either scale up
or down easily when need be. This enables a company to support growth without making
expensive changes to their existing system.
Secondly, cloud based solutions enables one to be able to access data anywhere anytime
as long as they have web-enable device. This is of essence since it saves on time as well as
money that would have been wasted to travel back to the office before being able to access
certain information (Benefits and Drawbacks of Cloud-Based versus Traditional …,nod)..
Lastly, enhanced security associated with cloud based solutions is essential to any
business venture. This is so since security is usually priority number one in almost every case,
implying that companies usually allocate not only more money but also personnel towards the IT
department so as to ensure that security risks do not end up impacting the company negatively.
Cloud service providers usually adhere to a strict high-level protocol that ensures data secure at
all times (Benefits and Drawbacks of Cloud-Based versus Traditional …, nod).
Some of the top companies that provide cloud based-solutions include Amazon web
service as well as Microsoft Azure. Amazon web service is the safest platform for cloud service
that offers a wide set of infrastructure service best suited for general office functions such as
email & collaboration tools. This infrastructure services include database storage, networking as
well as computing power. When using these services users will be able to build applications
which are scalable, trustworthy & flexible. Secondly, Microsoft Azure platform is essential for
general office functions as well. This is in relation to the fact that it not only deploys
applications, but it also designs & manages them through the worldwide network. Additionally,
it supports various databases, programming language, operating systems as well as tools. This
enables office functions to be carried out in an efficient manner. This is so since compatibility
issues is not a huge problem with this platform (Benefits and Drawbacks of Cloud-Based versus
Traditional …, nod).
The two cloud-based providers highlighted above, usually deploy cloud based services
faster than on premise type of deployment. This is so since on premise deployment requires
planning before the actual deployment which usually consumes a lot of time. On the other hand,
Amazon web service platform & Microsoft Azure do not require planning before deployment
which ends up saving a lot of time (Much more, M., Duffy, J., 2018).
With regard to costs Amazon web service & Microsoft Azure do not require costs
associated with purchasing the hardware, obtaining licenses as well as facility costs. On the other
hand, if the firm hosts an on premise solution to support the business service, the firm ends up
incurring costs associated with hardware, software license, hardware maintenance, Software
License, Administrator Support, developer support, Facility costs, System/ software as well as
upgrades. These costs total up to $57000. On the other hand, cloud based providers only require
monthly expenses which you pay as you go.
With regard to service offerings an on premise type of deployment offers services which
can only be upgraded within a certain period at a certain cost. This implies that a company can
only utilize services already in place whenever an on premise type of deployment is being
utilized by a company. On the other hand, cloud based solutions offer a variety services enabling
a company to be able to use this services to perform a variety of functions.
The two cloud-based providers highlighted above provide cloud based solutions which
can be scaled down or up easily in comparison to on premise type of deployment. The elasticity
of the resources provided by cloud based providers includes processing power, storage, as well
as bandwidth. On the other hand on premise type of deployment require new hardware which has
to be compatible with the hardware already in place. This makes it difficult to be able to scale up
Unlike on premise vendor services, cloud based providers do not restrict the user of cloud
based solution from switching to an alternate vendor. This is so since on premise type of
deployment can be upgraded only by a particular vendor who provided the services. On the other
have cloud based service providers do not have this restriction making it easy for customers to
seek services from a different vendor, where need be. This is suitable for general office functions
since, vendor lock in May present a security threat & it may also result in delays when there is
need to upgrade (Top Benefits of Cloud ERP vs. On-Premise ERP., nod).
The most appropriate cloud type for general office functions will be a public cloud. This
is in relation to the fact that they usually inexpensive to set up since, hardware, bandwidth, as
well as application costs re usually covered by a provider. Additionally they offer the best
economies of scale & a pay per usage model whose costs depend on the capacity used.
Software as Service Providers
There are several SaaS providers that exist within the cloud. These providers have
software specialties as well as advantages & disadvantages. The best way to arrive at the right
provider for the company will be to consider the requirements which the providers will be
supporting. In this case the company is in need of a SaaS provider that can support basic office
functions as well as collaboration functions (Software as a service: SaaS Cheat Sheet | ZDNet.
n.d.). The two SaaS providers who can offer the above services to the company include Zoho &
Zoho is a SaaS provider that develops software which solves business problems.
Additionally, they have various office administration products such as project management,
messaging, web mail as well as document sharing. Zohos email is an ad free webmail. This
implies that the company will be able to setup as well as manage mailboxes easily. Zoho doc
being an online document store, allows real-time collaboration as well as administrative access
control. Zoho project enables one to be able to be able to develop tasks & it also facilitates time
tracking. Lastly, Zoho meeting allows users to carry out online meetings (About Zoho – Our
Story, List of Products., n.d.)
Strategic SaaS provides IT solutions. It utilizes Office 365 to provide services similar to
Microsoft Office programs in the cloud. Strategic SaaS also has email, capabilities for online
meetings, file sharing as well as online document storage. Additionally, it offers migration
services & end user training. The Migration services enables the user to be able to migrate email
accounts, & to be able to SharePoint collaboration. Lastly they offer IT service that allows for
network systems monitoring, & enables the user to able to manage data backup (Strategic SaaS |
IDaaS is simply an authentication infrastructure within the cloud, with capabilities that
enable it to be able to manage web accessed software e.g. SaaS (Identity as a Service (IDaaS) What is IDaaS | Ping Identity, n.d.). IDaaS providers that can provide identity services for
existing On-premise services as well as for-soon to be hosted SaaS solution have been discussed
Okta is a DaaS provider that offers directory services, authentication services, single
sign-on services, as well as mobile management &reporting (About, 2015). The directory
services facilitates automatic importation of existing users from a variety of directories. Okta
integrates not only with cloud & mobile applications, it also integrates with on premise services.
It runs on a reliable, secure & extensive audited platform within the cloud (OKTA, INC.
(OKTA) IPO – NASDAQ.com., n.d.).
Jumpcloud is a DaaS provider that offers a variety of services including user
management, group management, password complexity management, web-based password reset
as well as provisioning & syncing.
The advantage of the above SaaS & DaaS providers is that they have a free trial that
enables the user to be able to determine whether they can accomplish the tasks at hand before the
users decides to use them on a long term basis.
In order for the migrating process to be a success, the following tasks have to be
Determination of what ought to move fast. Applications & data that are suitable
for cloud environment will have to selected & migrated.
Update the system already in place to be ready for any changes. This will entail
integrating Office 365 with Jumpcloud.
Afterwards data will be copied over the internet connection. However large data
will have to be compressed firsts before sending it to the cloud.
Ensure that the system is secure enough before migrating the data.
Risks & mitigation strategies
The first risk is in relation to complexity of the architecture. Complexity of the
architecture increases the chance of cloud migration failing. The mitigation strategy for this risk
will be to design the architecture is such a manner that it consumes data stored in the enterprise
The second risk is in relation to multiple dependencies in on premise environments that
results in problems during lift & shift. The mitigation strategy for this risk will be to use
providers who are able to replicate your way of doing things on premise.
The third risk is in relation to latency being experienced while using cloud applications
over the internet. To mitigate this risk optimization services from the provider should be used to
tide over latency issues (Understanding Enterprise-to-Cloud Migration Costs and Risks, n.d.).
Platform as a service (PaaS) providers
PaaS is a complete deployment & development environment in the cloud that has
resources which enable the user to be able to deliver anything they want to. PaaS comprises of
servers, networking, storage, middleware, and business intelligence service as well as database
management systems (Krintz, C., 2017). The best way to arrive at a Paas provider for the current
supply chain will be to identify benefits as well as risks that are unique among various PaaS
providers so as to be able to determine the best PaaS provider who will meet the needs of the
supply chain. The three PaaS providers to be considered as potential PaaS providers for the
current supply chain program will include engine Yard, Microsoft Azure as well as Heroku (10
most powerful PaaS companies | Network World., n.d.).
This PaaS provider offers no setup fees; user pays for what they use, complete system
monitoring, a data backup & restoration service as well as full infrastructure services. Engine
Yard offers several service plans with varying support. The Basic Plan which the company offers
for roughly $29 a month per server, up to 3 servers provides support during working hours for
various activities which include planning, deploying, as well as management of running apps.
The Standard Plan provides similar support as the basic plan but it does so for more than 3
server. It costs roughly $50 a month/server. Lastly the company has a Premium Plan whose price
is roughly $72 a month /server provides the same support as the other two plans but the user ends
up having priority access to support 24hours a day 7 days a week (Engine Yard PaaS Adds Java
Support – eWEEK.com., n.d.). Application developers usually test production environments
using an integration test with up to 20 servers for less than $4 dollars an hour.
This PaaS provider is an open & flexible platform which is capable of running multiple
OS as well as program languages. If need be they can support a hybrid solution & integrate their
services with the supply chain program via secure VPNs, hybrid database &storage solutions. By
being able to provide both IaaS as well as PaaS the same time, windows Azure enables
developers to be able to mix & match IaaS components to the PaaS offerings resulting in more
control (Microsoft Azure Cloud Computing Platform & Services., n.d.). The risk associated with
windows Azure is that it requires expertise to be able to integrate it with the supply chain
program efficiently. Additionally it is associated with a minimalistic administration portal. The
pricing for windows Azure is based on size e.g. a shared virtual core & a 768MB of RAM is
priced at $0.02/ hour while 8 virtual cores & a 14GB RAM is priced at $0.64
This PaaS provider supports python, Ruby, Java, and Scala as well as Cloture. Heroku
provides an abstract computing environment known as dynos that run processes in isolated
environment. It works best with applications which fit into the 12-factor app methodology.
Within this platforms, there are also third party applications known as Addons. As a PaaS
provider, it is ideal for quick deployments & fits a wide range of applications. Additionally,
Heroku supports a variety of languages aiding in the mitigation of risk of vendor lock in. Pricing
for this provider is based on the number as well as size of dynos they deploy. Pricing ranges
between $0.05/hour – $0.10/hour. The risk associated with seeking servicers from this PaaS
provider is that the cost of Addons keeps on varying making it difficult to be able to estimate
costs as addons increase (Heroku. n.d.).
Based on the analysis carried above, I would select Heroku as a PaaS provider for the
company. This is in relation to the fact that Heroku platform will enable the company to able to
achieve flexibility with regards to developing as well as redevelopment of the companys supply
chain program because it can support Ruby, Java, Python, Scala, Cloture as well as
Node.js. Additionally, by being ideal for quick deployment it will ensure that the possibility of
delay is eliminated. However, with the risk of varying costs being associated with this PaaS
provider, it implies that the companys budget options ought to considered prior to selecting
Heroku as a PaaS provider. However the next best option is windows Azure. This is so since its
pricing is quite affordable and it is based on size enabling the company budget options to fit.
Additionally, windows Azure enables developers to be able to mix & match IaaS components to
the PaaS offerings resulting in more control.
Antonopoulos, N., & Gillam, L. (2017). Cloud computing. Cham: Springer.
Benefits and Drawbacks of Cloud-Based versus Traditional … (n.d.). Retrieved April 7, 2018,
Muchmore, M., Duffy, J., & Facebook. (2018, January 23). The Best Cloud Storage and FileSharing Services of 2018. Retrieved April 07, 2018, from
Top Benefits of Cloud ERP vs. On-Premise ERP. (n.d.). Retrieved April 7, 2018, from
About Zoho – Our Story, List of Products. (n.d.). Retrieved April 12, 2018, from
Identity as a Service (IDaaS) – What is IDaaS | Ping Identity. (n.d.). Retrieved April 12, 2018, from
Purchase answer to see full
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more