Due by 11/3/16 9pm PST
Given the pieces of information provided in Documents 1 and 2. Write a project value statement
Here is the project idea that I have chosen to go with
Look into migrating data to the cloud for a Financial Company called Sinah Financial Holdings, LLC along with building a new infrastructure for the expansion of the company.
Business Problem Statement:
Sinah Financial Holdings LLC., a thriving company has decided that the time to expand has come. With just one present location in XYZ city, growth in its industry is limited therefore the opening of branch locations in various cities has become its number one project. The firm’s current infrastructure is very small in size, only capable of supporting a small size office. The company does not currently have WAN and VPN technologies, only a local LAN through the major local ISP is in use. All backups are stored onsite with tape copies sent to a cold off site location. The databases with all financial information are stored in the local server with only one system administrator performing all major database tasks. This means for such expansion there is a need to replace or upgrade the current infrastructure to include hardware, software, and other applications. With the expansion planning, various technical problems have been identified, primary the storage and backup state for the sensitive data found within the locally managed servers and databases. Additionally security with access to such sensitive information has lacked for way too long; with this in mind more secured heighten methods are desired. Across all industries the momentum is building up to move applications to cloud computing, this is especially true for industries that retain sensitive information such as our firm. Pressure to improve efficiency, store data more securely, and cut cost has made moving an on premises infrastructure to a cloud feasible option, however the types of cloud services that are available and their characteristics (private/public/hybrid; SaaS/PaaaS) lead to unwanted disasters.
High-Level Functional Requirements:
Financial data is one of the most protected types of digital content, finding ways to store, secure and manage such in this ever changing world of computing is a challenge. Sinah Financial Holdings LLC., through a series of stakeholder meetings has identify the need to grow and significantly improve elements of its financial company through the use of current technology as well as the introduction of new solutions that comply with federal regulatory and compliance specifications. For this company’s expansion to be successful the addition of various geographically dispersed branches will require a large and fast LAN/WAN network to be accessed internally by the staff via the intranet and access from the outside by client(s) via a secure web interface. VPN capabilities for traveling and visiting staff should provide a secure connection to internal resources once auth ...
Due by 11316 9pm PSTGiven the pieces of information provided i.docx
1. Due by 11/3/16 9pm PST
Given the pieces of information provided in Documents 1 and 2.
Write a project value statement
Here is the project idea that I have chosen to go with
Look into migrating data to the cloud for a Financial Company
called Sinah Financial Holdings, LLC along with building a new
infrastructure for the expansion of the company.
Business Problem Statement:
Sinah Financial Holdings LLC., a thriving company has decided
that the time to expand has come. With just one present
location in XYZ city, growth in its industry is limited therefore
the opening of branch locations in various cities has become its
number one project. The firm’s current infrastructure is very
small in size, only capable of supporting a small size office.
The company does not currently have WAN and VPN
technologies, only a local LAN through the major local ISP is in
use. All backups are stored onsite with tape copies sent to a
cold off site location. The databases with all financial
information are stored in the local server with only one system
administrator performing all major database tasks. This means
for such expansion there is a need to replace or upgrade the
current infrastructure to include hardware, software, and other
applications. With the expansion planning, various technical
problems have been identified, primary the storage and backup
state for the sensitive data found within the locally managed
servers and databases. Additionally security with access to
such sensitive information has lacked for way too long; with
this in mind more secured heighten methods are desired. Across
all industries the momentum is building up to move applications
2. to cloud computing, this is especially true for industries that
retain sensitive information such as our firm. Pressure to
improve efficiency, store data more securely, and cut cost has
made moving an on premises infrastructure to a cloud feasible
option, however the types of cloud services that are available
and their characteristics (private/public/hybrid; SaaS/PaaaS)
lead to unwanted disasters.
High-Level Functional Requirements:
Financial data is one of the most protected types of digital
content, finding ways to store, secure and manage such in this
ever changing world of computing is a challenge. Sinah
Financial Holdings LLC., through a series of stakeholder
meetings has identify the need to grow and significantly
improve elements of its financial company through the use of
current technology as well as the introduction of new solutions
that comply with federal regulatory and compliance
specifications. For this company’s expansion to be successful
the addition of various geographically dispersed branches will
require a large and fast LAN/WAN network to be accessed
internally by the staff via the intranet and access from the
outside by client(s) via a secure web interface. VPN capabilities
for traveling and visiting staff should provide a secure
connection to internal resources once authenticated. Use of
virtualization for servers, work terminals, exchange services has
been deemed necessary to support the company growth. All
company data is expected to be migrated to a cloud service
provider such as Amazon EC2 or Rackspace. Cloud computing
will allow on demand self-service, example; server time,
storage, and network bandwidth, access to systems regardless of
user location or device, elasticity to quickly upscale or scale
down, pay per user and sharing pooled resources ultimately
cutting cost and increasing efficiency. All databases will be
kept in separate virtual servers and backups will be conducted
3. routinely (Weekly, Monthly; incremental/full). All database
backups will be kept and stored in the Cloud under strict
security measurements while mirror backups will be secured out
of site in a preferred warm or hot business continuity site.
Access to the network and network shares must be segmented
and granted based on departmental roles or specific duties.
Database access to tables and information within will be given
based on individual approval, single sign on authentication via
Windows is preferred to prevent account/password incidents;
SSO will provide secured network and database access control
and auditing capabilities the firm currently lacks.
High-Level Proposed
Solution
and Business Benefits: (Tangible and intangible)
The complexity of management, infrastructure and distributed
data has increased much over the last few years, since cloud
computing has found a significant role in business
competitiveness therefore it is a must use. Gaining competitive
advantage and maintaining it in the financial sector requires
staying ahead of the curve. The high level proposed solution
for Sinah Financial Holdings LLC., is to migrate data currently
stored onsite to a cloud service provider, rebuild the network
4. infrastructure by bringing a large ISP provider who can support
multiple geographical disperse locations which will provide
flexibility and scalability and integrating new applications that
will allow staff and clients alike to access information from
anywhere at any time via a secured method of authentication. A
hybrid migration strategy is a low risk approach to migration of
application to the cloud, instead of moving all data at once parts
can be moved based on preference and prioritization, this
reduces the risk of unexpected behavior during and after
migration and it’s ideal for systems that involve sensitive
information. With cloud computing there is no need to purchase
new hardware and no need to hold on to unused hardware,
infrastructure changes can be requested in minutes. This
solution should be easy for project management and the IT
department to grasp and introduce. The propose solution, cloud
and virtualization makes disaster recovery implementation
simpler than traditional solutions. The entire process can be
automated, failing over to the cloud, recovering from a system
failure (natural disaster/human error) can be done quickly and
effectively. Other benefits include availability across different
geographic locations, improved performance, among a few
which ultimately result in overall cost saving.
Special Issues or Constraints:
5. Investing in cloud computing is one of the popular technologies
in various sectors that give companies competitive advantage.
However the complexity of cloud computing in diverse
locations does come with challenges and cost for organizations
consequently, it is important to understand that with any
migration or network change there will be resistance. As a
financial holdings company specific IT security policies and
security requirements must be met, figuring out what is the
overall risk tolerance, identifying concerns (confidentiality,
integrity, availability, and durability), regulatory obligations,
security threats, intellectual property and internal
organizational issues need to be address to increase the comfort
level with using shared infrastructure services.
U.S. banking industry has several regulatory bodies; Federal
Reserve Board, Federal Deposit Insurance Corporation, National
Credit Union, Administration, Office of the Comptroller of the
Currency and Consumer Financial Protection Bureau. The
primary privacy regulations affecting U.S. financial services are
contained in the Gramm-Leach-Bliley Act (GLB) which
originate in response to concerns about banks sharing detailed
account-holder information with third parties for marketing or
cross-selling purposes. Cloud computing in the financial
industry is considered a form of outsourcing which requires
6. special areas for attention by regulated entities;
*Data sharing is not permitted without explicit agreement from
customers.
* Due diligence- cloud migrating does not excuse entities from
due diligence around data management. Classification,
segregation and recoverability should be followed.
* Audit, cloud services must have transparency and allow
regulators the ability to audit.
Being considered a third party and in order to protect
information, firms must implement a comprehensive security
plan to include employee training, background checks and
restrictions to data access to employees with need to know is
mandated. Other special constrains include frequently changed
passwords, remote access restriction, encryption, security
patching, firewalls, IDS/IPS, antivirus deployment, and
deactivation of departing personnel accounts.
Project Guidelines
Think of a business problem that can be solved with technology.
The solution to the problem should contain software, database,
and hardware components. Your customer is the business with
7. the business problem. Think of your team as either a set of
people within a company that are doing the work or an outside
consulting company that has been hired to implement a solution
for the customer. If you choose the outside consulting path,
make sure that you keep the focus of the project on the
customer and the solution and not on your company. For
example, in the Executive Summary and Project Value sections,
keep the focus on the problem to be solved and the value to the
customer. Don’t talk about the team/consulting group. Although
the team may ultimately choose to use a commercial-off-the-
shelf (COTS) software package or software as a service (SaaS)
from the cloud, the use of a specific product cannot be the
assumption from the beginning.