The introduction of cloud computing and cloud sourcing requires an appropriate cloud governance strcuture to ensure a secured computing environment and to comply with all relevant organizational information technology policies. As such, organizations need a set of cloud governance capabilities that are essential when effectively implementing and managing cloud services.
This document discusses security issues related to cloud computing. It defines cloud computing and outlines the essential characteristics, service models, and deployment models. It also addresses key security concerns including governance, legal issues, compliance, information lifecycle management, and risks associated with loss of control over data and applications in the cloud. The document emphasizes that security responsibilities are shared between cloud providers and users, and both parties need to understand their roles.
The document is a presentation about cloud security and the Cloud Security Alliance (CSA). It introduces CSA as a non-profit organization focused on best practices for cloud security. It outlines CSA's research projects including the Cloud Controls Matrix to help organizations assess cloud security controls. It also discusses some of the key differences in security for cloud computing compared to traditional IT, such as shared responsibility models and the top security threats in cloud environments.
In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. But as more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. This paper discusses security issues, requirements and challenges that cloud service providers (CSP) face during cloud engineering. Recommended security standards and management models to address these are suggested for technical and business community.
Cloud Computing Security Issues in Infrastructure as a Service” reportVivek Maurya
This document provides an introduction to cloud computing security issues in infrastructure as a service (IaaS). It discusses how cloud computing works and the service models of software as a service, platform as a service, and IaaS. IaaS provides processing power, data storage, and other shared resources on a pay-as-you-go basis. The document focuses on security issues related to the IaaS model, examining security for service level agreements, utility computing, platform virtualization, networks and connectivity, and computer hardware. It also discusses how security issues with cloud software can impact IaaS and cloud computing overall.
The document discusses the major security concerns organizations have regarding cloud environments. The top concerns include: data loss/leakage due to the ease of sharing data in the cloud (69% of organizations), data privacy and confidentiality (66%), accidental exposure of cloud credentials (44%), difficulty performing effective incident response in the cloud (44%), and legal/regulatory compliance challenges (42%). Other concerns include data sovereignty/residence/control, as organizations may not know where their data is physically stored.
Sukumar Nayak-Detailed-Cloud Risk Management and AuditSukumar Nayak
The document provides an overview of cloud risk management and auditing. It discusses cloud fundamentals, models, and frameworks such as OpenStack, CSA Cloud Control Matrix, and DMTF Cloud Auditing Data Federation. It also covers risks, challenges, and the 10 steps to manage cloud security from CSCC. The objective is to introduce cloud risk management and audit topics.
Evaluation Of The Data Security Methods In Cloud Computing Environmentsijfcstjournal
This document discusses methods for ensuring data security in cloud computing environments. It begins by introducing cloud computing models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The main goals of data security - confidentiality, integrity, and availability - are then described. Several methods for data security are proposed, including data fragmentation where sensitive data is divided and distributed across different domains. Encryption techniques are also discussed as ways to protect confidential data during storage and transmission. Overall, the document aims to evaluate approaches for addressing key issues around securing user data in cloud systems.
This presentation will give complete information regarding security issues related to cloud computing. To learn cloud computing fill up a simple form.
http://bit.ly/aDegGN
This document discusses security issues related to cloud computing. It defines cloud computing and outlines the essential characteristics, service models, and deployment models. It also addresses key security concerns including governance, legal issues, compliance, information lifecycle management, and risks associated with loss of control over data and applications in the cloud. The document emphasizes that security responsibilities are shared between cloud providers and users, and both parties need to understand their roles.
The document is a presentation about cloud security and the Cloud Security Alliance (CSA). It introduces CSA as a non-profit organization focused on best practices for cloud security. It outlines CSA's research projects including the Cloud Controls Matrix to help organizations assess cloud security controls. It also discusses some of the key differences in security for cloud computing compared to traditional IT, such as shared responsibility models and the top security threats in cloud environments.
In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. But as more and more information on individuals and companies is placed in the cloud, concerns are beginning to grow about just how safe an environment it is. This paper discusses security issues, requirements and challenges that cloud service providers (CSP) face during cloud engineering. Recommended security standards and management models to address these are suggested for technical and business community.
Cloud Computing Security Issues in Infrastructure as a Service” reportVivek Maurya
This document provides an introduction to cloud computing security issues in infrastructure as a service (IaaS). It discusses how cloud computing works and the service models of software as a service, platform as a service, and IaaS. IaaS provides processing power, data storage, and other shared resources on a pay-as-you-go basis. The document focuses on security issues related to the IaaS model, examining security for service level agreements, utility computing, platform virtualization, networks and connectivity, and computer hardware. It also discusses how security issues with cloud software can impact IaaS and cloud computing overall.
The document discusses the major security concerns organizations have regarding cloud environments. The top concerns include: data loss/leakage due to the ease of sharing data in the cloud (69% of organizations), data privacy and confidentiality (66%), accidental exposure of cloud credentials (44%), difficulty performing effective incident response in the cloud (44%), and legal/regulatory compliance challenges (42%). Other concerns include data sovereignty/residence/control, as organizations may not know where their data is physically stored.
Sukumar Nayak-Detailed-Cloud Risk Management and AuditSukumar Nayak
The document provides an overview of cloud risk management and auditing. It discusses cloud fundamentals, models, and frameworks such as OpenStack, CSA Cloud Control Matrix, and DMTF Cloud Auditing Data Federation. It also covers risks, challenges, and the 10 steps to manage cloud security from CSCC. The objective is to introduce cloud risk management and audit topics.
Evaluation Of The Data Security Methods In Cloud Computing Environmentsijfcstjournal
This document discusses methods for ensuring data security in cloud computing environments. It begins by introducing cloud computing models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The main goals of data security - confidentiality, integrity, and availability - are then described. Several methods for data security are proposed, including data fragmentation where sensitive data is divided and distributed across different domains. Encryption techniques are also discussed as ways to protect confidential data during storage and transmission. Overall, the document aims to evaluate approaches for addressing key issues around securing user data in cloud systems.
This presentation will give complete information regarding security issues related to cloud computing. To learn cloud computing fill up a simple form.
http://bit.ly/aDegGN
Cloud Computing offers an on-demand and scalable access to a shared pool of resources hosted in a data center at providers’ site. It reduces the overheads of up-front investments and financial risks for the end-user. Regardless of the fact that cloud computing offers great advantages to the end users, there are several challenging issues that are mandatory to be addressed.
The document provides an overview of cloud computing risks from an assurance perspective. It discusses cloud computing terminology, major public cloud services, assessing public cloud risk, trends and issues. The presentation covers cloud service models, deployment models, benefits and risks of public clouds, assurance frameworks like CSA's Cloud Controls Matrix, and key controls in areas like compliance, data governance, facility security, information security, and operations management.
Constan4ne Karbalio4s gave a presenta4on to the Chief Privacy Officers Council on privacy issues in cloud compu4ng. He discussed that while cloud compu4ng provides benefits like cost savings and scalability, it also poses privacy and security risks if not properly governed. Research shows most organiza4ons are adop4ng cloud technologies without adequate vendor evalua4on, employee training, or privacy policies to protect sensi4ve data in the cloud. The real problem is that cloud migra4on is occurring in an ad hoc manner without proper oversight and controls, despite the growing use of cloud compu4ng by organiza4ons.
Research from EMA shows that most organizations benefit from their use of automation tools, but some are successful at more than just improved productivity and a reduction in errors. The most successful organizations create a culture of automation and get the most out of the tools they use.
These slides—based on the webinar featuring Dan Twing, President and COO of leading IT research firm EMA--outline what traits set the successful organizations apart from the less successful ones, as well as:
- How organizations organize the scheduling function and the teams that manage the workload automation software
- The sources of budgets and authority, and the extent of evangelizing automation
- The ongoing impact of increasing use of multi-cloud resources as more legacy production work is moved to cloud infrastructures
Cloud Computing: Architecture, IT Security and Operational PerspectivesMegan Eskey
A 2010 presentation on NASA Nebula that makes no reference to OpenStack (or pinet) dated a month after OpenStack was released to the public as open source. There is no link between Nebula and OpenStack.
Security issue in cloud by himanshu tiwaribhanu krishna
The document discusses security issues in cloud computing. It begins with an overview of cloud computing models and characteristics. It then identifies three main problems associated with cloud security - loss of control, lack of trust, and multi-tenancy issues that arise from sharing resources. Several approaches are proposed to help address these issues, including minimizing loss of control through monitoring, utilizing multiple clouds, and improved access control management. Strong isolation techniques and policy specification are suggested to help minimize multi-tenancy problems.
Cloud computing that provides cheap and pay-as-you-go computing resources is rapidly gaining momentum as an alternative to traditional IT Infrastructure. As more and more consumers delegate their tasks to cloud providers, Service Level Agreements(SLA) between consumers and providers emerge as a key aspect. Due to the dynamic nature of the cloud, continuous monitoring on Quality of Service (QoS)
attributes is necessary to enforce SLAs. Also numerous other factors such as trust (on the cloud provider) come into consideration, particularly for enterprise customers that may outsource its critical data. This complex nature of the cloud landscape warrants a sophisticated means of managing SLAs. This paper proposes a mechanism for managing SLAs in a cloud computing environment using the Web Service Level Agreement(WSLA) framework, developed for SLA monitoring and SLA enforcement
in a Service Oriented Architecture (SOA). We use the third
party support feature of WSLA to delegate monitoring and enforcement tasks to other entities in order to solve the trust issues. We also present a real world use case to validate our proposal.
The aim of this paper is to make cloud service consumer aware about cloud computing fundamentals, its essential services, service models and deployment options. This also through light on security and risk management piece of CSA trusted cloud reference architecture, cloud control matrix and notorious nine threats and ENISAs top risks to cloud computing. At the end it talks about certifications and attestation part.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
The document summarizes a presentation given by Rolf Frydenberg on governing in the cloud. It discusses the Cloud Security Alliance's guidance on cloud security, including the Cloud Controls Matrix tool which maps 98 security controls to standards like ISO 27001. It also covers governance and risk management best practices for the cloud, such as collaborative risk management between customers and providers. Legal and compliance topics like electronic discovery, auditing, and information lifecycle management are also addressed.
The document discusses cloud security and compliance. It defines cloud computing and outlines the essential characteristics and service models. It then discusses key considerations for cloud security including identity and access management, security threats and countermeasures, application security, operations and maintenance, and compliance. Chief information officer concerns around security, availability, performance and cost are also addressed.
Risk management is essential for cloud computing due to security, privacy, availability and compliance risks. Organizations should thoroughly evaluate cloud vendors to ensure adequate controls over data access, regulatory compliance, privacy, disaster recovery, and contractual obligations. A risk-based approach is needed to determine which applications and data can be safely moved to the cloud. Major cloud providers like AWS have robust security and risk management programs, but due diligence is still required from organizations.
This document discusses cloud computing security and outlines several key points:
1. It introduces cloud computing and discusses how it has reduced upfront costs for companies while allowing resources to scale as needed.
2. It then outlines some of the major security concerns for cloud computing, including whether cloud providers can securely manage large numbers of customers and sensitive data.
3. The document proposes several cloud computing models and architectures aimed at improving security, governance, compliance and establishing trust in cloud systems.
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGHoang Nguyen
There are several security challenges with cloud computing including issues of trust, broad attacking surfaces, and data breaches. Ensuring data integrity and privacy is difficult when data is outsourced to cloud storage. Techniques like encryption, secure auditing, and proofs of data redundancy can help address some of these challenges, but protecting access patterns and enabling secure computation outsourcing remain open problems.
Introduction to Cloud Computing and SecurityOran Epelbaum
The goal of this talk is to introduce people with some IT knowledge to cloud computing and security.
We discuss:
- Benefits of using compute resources in the cloud
- Public cloud providers and some adoption statistics
- Drill down a bit into core AWS IaaS services
- Brief discussion of some security concerns and suggested security practices
This presentation provides a detailed coverage on Cloud services: Software as a Service, Platform as a Service, Infrastructure as a Service, Database as a Service, Monitoring as a Service, Communication as Services. Service providers- Google, Amazon, Microsoft Azure, IBM, Sales force.
The document discusses Software as a Service (SaaS), web services, and Web 2.0. SaaS is a software distribution model where applications are hosted by a third party and accessed over the Internet. Key characteristics of SaaS include scalability, enhanced security, and lower costs compared to installed software. Web services allow applications to communicate and exchange data over the Internet using open standards like XML and SOAP. They provide interoperability between different systems. Web 2.0 refers to more dynamic and collaborative web applications that emphasize user-generated content and social media.
For many organizations, a move to Azure creates issues with managing costs and resource ownership. Why? Cloud-based technologies rely on a different cost model - one based on usage consumption, rather than purchasing hardware and software.
Watch our team of Azure experts and learn how to effectively plan and manage the costs associated with your Azure investment. In this webinar, you'll learn how to:
- Build an Azure cost model based on best practices
- Use chargebacks to assign and track IT usage to specific business units
- Avoid unexpected consumption expenses by seeing what - and who - is consuming data
Our team will also demo the Softchoice Azure Dashboard, a proprietary tool providing our clients with the visibility they need to align resource spend, and control their azure costs.
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)Amazon Web Services
This document provides an overview of cloud governance strategies for cloud transformation. It defines cloud governance and discusses the benefits of governance. It also discusses the role of a Cloud Center of Excellence and describes common stages of cloud governance maturity. The presentation provides examples from Monash University and University of Maryland on their cloud governance approaches and lessons learned. It concludes with a question and answer section.
Cloud Computing offers an on-demand and scalable access to a shared pool of resources hosted in a data center at providers’ site. It reduces the overheads of up-front investments and financial risks for the end-user. Regardless of the fact that cloud computing offers great advantages to the end users, there are several challenging issues that are mandatory to be addressed.
The document provides an overview of cloud computing risks from an assurance perspective. It discusses cloud computing terminology, major public cloud services, assessing public cloud risk, trends and issues. The presentation covers cloud service models, deployment models, benefits and risks of public clouds, assurance frameworks like CSA's Cloud Controls Matrix, and key controls in areas like compliance, data governance, facility security, information security, and operations management.
Constan4ne Karbalio4s gave a presenta4on to the Chief Privacy Officers Council on privacy issues in cloud compu4ng. He discussed that while cloud compu4ng provides benefits like cost savings and scalability, it also poses privacy and security risks if not properly governed. Research shows most organiza4ons are adop4ng cloud technologies without adequate vendor evalua4on, employee training, or privacy policies to protect sensi4ve data in the cloud. The real problem is that cloud migra4on is occurring in an ad hoc manner without proper oversight and controls, despite the growing use of cloud compu4ng by organiza4ons.
Research from EMA shows that most organizations benefit from their use of automation tools, but some are successful at more than just improved productivity and a reduction in errors. The most successful organizations create a culture of automation and get the most out of the tools they use.
These slides—based on the webinar featuring Dan Twing, President and COO of leading IT research firm EMA--outline what traits set the successful organizations apart from the less successful ones, as well as:
- How organizations organize the scheduling function and the teams that manage the workload automation software
- The sources of budgets and authority, and the extent of evangelizing automation
- The ongoing impact of increasing use of multi-cloud resources as more legacy production work is moved to cloud infrastructures
Cloud Computing: Architecture, IT Security and Operational PerspectivesMegan Eskey
A 2010 presentation on NASA Nebula that makes no reference to OpenStack (or pinet) dated a month after OpenStack was released to the public as open source. There is no link between Nebula and OpenStack.
Security issue in cloud by himanshu tiwaribhanu krishna
The document discusses security issues in cloud computing. It begins with an overview of cloud computing models and characteristics. It then identifies three main problems associated with cloud security - loss of control, lack of trust, and multi-tenancy issues that arise from sharing resources. Several approaches are proposed to help address these issues, including minimizing loss of control through monitoring, utilizing multiple clouds, and improved access control management. Strong isolation techniques and policy specification are suggested to help minimize multi-tenancy problems.
Cloud computing that provides cheap and pay-as-you-go computing resources is rapidly gaining momentum as an alternative to traditional IT Infrastructure. As more and more consumers delegate their tasks to cloud providers, Service Level Agreements(SLA) between consumers and providers emerge as a key aspect. Due to the dynamic nature of the cloud, continuous monitoring on Quality of Service (QoS)
attributes is necessary to enforce SLAs. Also numerous other factors such as trust (on the cloud provider) come into consideration, particularly for enterprise customers that may outsource its critical data. This complex nature of the cloud landscape warrants a sophisticated means of managing SLAs. This paper proposes a mechanism for managing SLAs in a cloud computing environment using the Web Service Level Agreement(WSLA) framework, developed for SLA monitoring and SLA enforcement
in a Service Oriented Architecture (SOA). We use the third
party support feature of WSLA to delegate monitoring and enforcement tasks to other entities in order to solve the trust issues. We also present a real world use case to validate our proposal.
The aim of this paper is to make cloud service consumer aware about cloud computing fundamentals, its essential services, service models and deployment options. This also through light on security and risk management piece of CSA trusted cloud reference architecture, cloud control matrix and notorious nine threats and ENISAs top risks to cloud computing. At the end it talks about certifications and attestation part.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
The document summarizes a presentation given by Rolf Frydenberg on governing in the cloud. It discusses the Cloud Security Alliance's guidance on cloud security, including the Cloud Controls Matrix tool which maps 98 security controls to standards like ISO 27001. It also covers governance and risk management best practices for the cloud, such as collaborative risk management between customers and providers. Legal and compliance topics like electronic discovery, auditing, and information lifecycle management are also addressed.
The document discusses cloud security and compliance. It defines cloud computing and outlines the essential characteristics and service models. It then discusses key considerations for cloud security including identity and access management, security threats and countermeasures, application security, operations and maintenance, and compliance. Chief information officer concerns around security, availability, performance and cost are also addressed.
Risk management is essential for cloud computing due to security, privacy, availability and compliance risks. Organizations should thoroughly evaluate cloud vendors to ensure adequate controls over data access, regulatory compliance, privacy, disaster recovery, and contractual obligations. A risk-based approach is needed to determine which applications and data can be safely moved to the cloud. Major cloud providers like AWS have robust security and risk management programs, but due diligence is still required from organizations.
This document discusses cloud computing security and outlines several key points:
1. It introduces cloud computing and discusses how it has reduced upfront costs for companies while allowing resources to scale as needed.
2. It then outlines some of the major security concerns for cloud computing, including whether cloud providers can securely manage large numbers of customers and sensitive data.
3. The document proposes several cloud computing models and architectures aimed at improving security, governance, compliance and establishing trust in cloud systems.
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGHoang Nguyen
There are several security challenges with cloud computing including issues of trust, broad attacking surfaces, and data breaches. Ensuring data integrity and privacy is difficult when data is outsourced to cloud storage. Techniques like encryption, secure auditing, and proofs of data redundancy can help address some of these challenges, but protecting access patterns and enabling secure computation outsourcing remain open problems.
Introduction to Cloud Computing and SecurityOran Epelbaum
The goal of this talk is to introduce people with some IT knowledge to cloud computing and security.
We discuss:
- Benefits of using compute resources in the cloud
- Public cloud providers and some adoption statistics
- Drill down a bit into core AWS IaaS services
- Brief discussion of some security concerns and suggested security practices
This presentation provides a detailed coverage on Cloud services: Software as a Service, Platform as a Service, Infrastructure as a Service, Database as a Service, Monitoring as a Service, Communication as Services. Service providers- Google, Amazon, Microsoft Azure, IBM, Sales force.
The document discusses Software as a Service (SaaS), web services, and Web 2.0. SaaS is a software distribution model where applications are hosted by a third party and accessed over the Internet. Key characteristics of SaaS include scalability, enhanced security, and lower costs compared to installed software. Web services allow applications to communicate and exchange data over the Internet using open standards like XML and SOAP. They provide interoperability between different systems. Web 2.0 refers to more dynamic and collaborative web applications that emphasize user-generated content and social media.
For many organizations, a move to Azure creates issues with managing costs and resource ownership. Why? Cloud-based technologies rely on a different cost model - one based on usage consumption, rather than purchasing hardware and software.
Watch our team of Azure experts and learn how to effectively plan and manage the costs associated with your Azure investment. In this webinar, you'll learn how to:
- Build an Azure cost model based on best practices
- Use chargebacks to assign and track IT usage to specific business units
- Avoid unexpected consumption expenses by seeing what - and who - is consuming data
Our team will also demo the Softchoice Azure Dashboard, a proprietary tool providing our clients with the visibility they need to align resource spend, and control their azure costs.
AWS re:Invent 2016: Governance Strategies for Cloud Transformation (WWPS302)Amazon Web Services
This document provides an overview of cloud governance strategies for cloud transformation. It defines cloud governance and discusses the benefits of governance. It also discusses the role of a Cloud Center of Excellence and describes common stages of cloud governance maturity. The presentation provides examples from Monash University and University of Maryland on their cloud governance approaches and lessons learned. It concludes with a question and answer section.
When considering the adoption of cloud computing services, a business case cannot be complete without a discussion on governance. In particular, it is important to understand that there are likely negative consequences that could result from an ad-hoc, non-deliberately defined governance approach. Even where there are no obvious mis-steps, project-level actions and decisions that might be clearly sensible in isolation might interfere with organization-wide strategic goals if taken in aggregate. Additionally, there might be non-obvious pitfalls - the temptation of immediate implementation after a credit card payment can lead to risks out of proportion to the cost savings incurred by a specific department or team. However, although risk management is vital, it is one of many aspects of governance that should be considered.
Since the general meaning of "governance" simply refers to "the system used for exercising authority", it has come to represent different ideas to different people. Too often, end users see it in a negative light "governance means rules that make it hard for me to do my job", and legal departments see it as "rules that we need to prevent exposure to attack". We propose that if possible it is best to approach governance as "processes that encourage desirable behavior by making common things easy but hard things possible".
Finally it is important to realize that with all meanings there is no universal "correct" form of governance. Different forms of governance are effective in different situations, for achieving different outcomes, or even for achieving the same outcome in different ways.
This document provides an overview of AWS Cloud Governance. It discusses that governance implies control and oversight over policies, procedures, and standards for application development. Governance in the cloud is a shared responsibility between cloud providers and consumers. AWS investments establish a trusted foundation through certifications like SOC 1 Type 2, ISO 27001, and PCI DSS. AWS technologies that can help with governance include IAM, VPC, CloudWatch, and storage/database services. The document outlines how these services can help with roles and access controls, network security, monitoring, disaster recovery and more. It provides references for further reading on cloud governance best practices.
AWS re:Invent 2016: How News UK Centralized Cloud Governance Through Policy M...Amazon Web Services
When you run a complex AWS environment with thousands of Amazon EC2 instances, more than half a petabyte of object storage, and support the largest daily newspapers in the UK, you need a world-class cloud management strategy. For companies like News Corp, implementing policies that automate infrastructure schedules, right-size workloads, and manage and modify reservations is critical. As you scale your cloud infrastructure, defining centralized governance rules while enabling decentralized management is key to running an optimized cloud.
This session is designed for advanced operations, infrastructure, and engineering teams to improve/deploy optimization strategies. It covers the five best cloud management practices, including automating Reserved Instance modifications, setting policies to ensure proper tagging, and scheduling lights-on/lights-off policies. Session sponsored by CloudHealth Technologies.
Governance and the Social Enterprise
James Hindes, The Standard, Director of Enterprise CRM
Lou Fox, Blue Wolf Group, CTO
James Burns, Salesforce.com, Director - Platform
Agenda
Introductions
A Strategic Governance Framework for the Salesforce Platform
The Standard’s Journey to Cloud Governance
Q&A
James Burns
Company – Salesforce.com
Role - Director – Platform Community Solution Advisors
Salesforce experience - 18 months
30 years Enterprise Architecture and design
Strategic Governance Framework
The Standard’s Journey to Cloud Governance
James Hindes – Director Enterprise CRM
Lou Fox – CTO, Blue Wolfe
James Burns
Director – Platform
Community Solution Advisors
http://uk.linkedin.com/in/burnsjames
CoE Drives Strategic Alignment and Ensures Value
Change Control
Basically to manage successful projects its needs 3 key ingredients:
The correct Processes for the job at hand.
The correct people.
The use of the correct techniques for the job at hand.
Traditional via Cloud
Over the years many great IT projects have delivered successfully.
With Cloud we can build on these processes and techniques.
No need to reinvent them.
The Single Org vs Multi Org Dilemma
Decision Process Methodology
Business Considerations
Solution speed to market
Flexibility and adaptability
Frequency of change
Predictability of delivery
Regional, global user base
Commonality of business process across the company
Collaboration use cases
Cross-application access across Salesforce applications to backend systems eg SAP
Technical Considerations
Data security level
Sharing of data across Salesforce applications
Record level access rights
User profiles
Business reporting requirements
Salesforce Org level security and system administration complexity
Common functionality between applications
Do the applications need to share data
Coding Standards
Strategic Governance Framework
AWS re:Invent 2016: The Cloud Is Enterprise Ready: How the University of Ariz...Amazon Web Services
As enterprises seek to fully realize the scalability, availability, security, and agility of cloud computing, many are learning that they must migrate core business applications, such finance and human resource systems, not just public-facing websites. The University of Arizona shares how they addressed the challenge of creating a more efficient and agile IT operation. After initial success in migrating their Research Administration system, UA became the first major university to migrate their PeopleSoft application environments—Learning (EL), Human Resources (HR), and Student (SA)—to AWS. Learn about the university's enterprise migration roadmap, lessons learned, plans and budgets, and the tools available to support major enterprise migrations. See how to create a roadmap to cloud computing, transform application development, deploy mission-critical workloads at scale, and retrain staff.
Visibility, Optimization & Governance for Cloud ServicesPolarSeven Pty Ltd
Join CloudHealth as we take a deeper dive into what Cloud Service Management can help drive business success. Through real world customer success stories we'll tackle the three core pillars of Cloud Services Management, Visibility, Optimization and Governance
Presented by - Elise Oertli - Director CloudHealth Technologies ANZ
View the full presentation here - https://youtu.be/L-B8kYBEVGk
Presented at AWS User Group Sydney
https://www.meetup.com/AWS-Sydney/
Hosted by PolarSeven -http://polarseven.com
Cloud Computing & Impact Of IT On OrganizationRomana Sharmin
Cloud computing involves using large groups of remote servers networked together to provide centralized data storage and online access to computer services. There are three main types of cloud services: public clouds which are hosted by vendors and shared; private clouds which are dedicated to a single organization; and hybrid clouds which use a combination of public and private clouds. The three cloud service models are Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Information technology impacts organizations in several key ways, including enabling new business strategies, changing organizational culture, improving management processes, transforming work, and altering economic impacts through changes in costs.
This document discusses the business impact of cloud computing and transforming to an on-demand business model. It identifies several key areas for transformation including costs, business models, billing, integration, capacity planning, and compliance. Specifically, it notes that understanding costs of goods sold is critical, developing the right billing system is important for revenue and customer satisfaction, and balancing capacity and service level agreements is challenging but important for running an on-demand cloud service.
Benefits Of The Actor Model For Cloud Computing: A Pragmatic Overview For Jav...Lightbend
As enterprise development teams increase the time they spend using cloud computing, many are challenged by a move from a scale-up (monolithic) to a scale-out (distributed) architecture. Reactive system development and microservices are two evolving answers that architects are embracing, but making them work well at scale calls for a departure from the traditional approach of object-oriented programming models and defensive programming through try-catch, which is now being replaced by a highly-resilient supervision model and a "let it crash" philosophy.
In this webinar for Architects, guest speaker Jeffrey Hammond, Forrester Vice-President and Principal Analyst joins Jonas Bonér, CTO/Co-founder of Lightbend and creator of Akka, the actor-based, message-driven runtime for the JVM, to discuss one emerging programming pattern that’s gaining popularity with teams developing for the cloud––the Actor model. They will discuss some history, why the Actor model is a better fit for large, scale-out systems and microservices delivery, the types of workloads using it today, and how to implement an Actor-based system in your existing Java environment.
The document discusses a 4 phase approach to IT transformation with AWS: 1) Business alignment to define goals and roadmap, 2) Migration of existing applications, 3) Transforming operations to a new agile cloud model, and 4) Operating in the new state. Key activities include identifying measures of success, selecting a cloud adoption framework, developing a multi-year roadmap, establishing a cloud competency center, taking a phased migration approach, transforming the IT model, and providing constant education to the business. The outcomes discussed are examples of companies like Shell and Qantas successfully transforming parts of their operations on AWS.
Governance Strategies for Cloud Transformation | AWS Public Sector Summit 2016Amazon Web Services
Developing a best-practices cloud governance model is a foundational and critical activity to facilitate the systemic, supportable, and sustainable execution of a successful cloud transformation strategy. This best-practices model includes a standards policies, automation that consistently applies and enforces policies and controls, self-service capabilities that that enable development agility and speed, and automated monitoring and cost management that ensure operational integrity. A well-developed cloud governance model enables customers to effectively develop, leverage, and optimize the AWS cloud operating model to improve operational integrity, reliability, performance, and transparency. This session highlights the necessary and recommended elements of a best-practice governance model including policy considerations and recommendations, self-service automation methods towards IT-as-a-Service, and use-case examples.
An Executive View on Cloud Service Brokers - Cloud Solutions in a CSB Model C...Chad Lawler
The document discusses the need for cloud service brokers to help organizations manage multi-cloud environments. It describes how cloud service brokers can act as an intermediary between cloud consumers and providers, providing aggregation, customization, and governance of multiple cloud services. The presentation also outlines some of the business value cloud service brokers can provide organizations, such as removing complexity, consolidating interfaces, and enabling governance and cost control of multiple cloud environments through a single point of management and visibility.
The People Model and Cloud Transformation | AWS Public Sector Summit 2016Amazon Web Services
The document discusses the importance of people in cloud transformations. It notes that initiatives often fail due to people-related issues rather than strategic or execution flaws. The University of Maryland case study highlights how establishing a Cloud Center of Excellence and focusing on skills, roles, and organizational change enabled their successful cloud adoption. DevSecOps is discussed as an approach that leverages people, process, and technology to speed up the software development lifecycle through practices like continuous integration, delivery, and deployment as well as automated testing and monitoring.
(ISM305) Framework: Create Cloud Strategy & Accelerate ResultsAmazon Web Services
Dive deep into specific, common use cases for enterprise customers while stepping through the process of building a cloud and IT transformation strategy leveraging the AWS Cloud Adoption Framework. We will build a prescriptive roadmap for a cloud journey leveraging best practices, common techniques, and real-world examples from other AWS successes.
This document provides an overview of cloud computing. It begins by describing the disconnect between what businesses want from IT (e.g. fast experimentation) versus what IT wants (e.g. stability). Cloud computing is presented as filling this gap. The document defines cloud computing, discusses its characteristics such as pay-per-use and no long-term commitments. It also outlines the different types of cloud services (PaaS, IaaS, AaaS), common customers of cloud computing, and its advantages like economies of scale.
Cloud computing involves delivering computing services over the Internet. Instead of running programs locally, users access software and storage that resides on remote servers in the "cloud." The concept originated in the 1950s but Amazon launched the first major public cloud in 2006. Cloud computing has three main components - clients that access the cloud, distributed servers that host applications and data, and data centers that house these servers. There are different types of clients, deployment models for clouds, service models, and cloud computing enables scalability, reliability, and efficiency for applications accessed over the Internet like email, social media, and search engines.
The document discusses cloud computing trends from 2010 and predictions for 2011 and beyond. In 2010, cloud computing moved from hype to reality as enterprises acknowledged its strategic advantages. Private clouds gained momentum as enterprises deployed them to improve resource utilization. The document predicts that in 2011 and beyond, enterprise adoption of public clouds will increase through hybrid cloud models. As public clouds mature and enterprises become more comfortable with cloud services, more workloads will move from private to public clouds.
Intellectual Point is a Global Information Technology, Training, Consulting and Software Development Company. Intellectual Point provides professional hands-on computer and IT training as well as certifications to prepare you with the marketable skills and knowledge needed for today’s competitive job market.
Across the world, governments are trying to present, in the best p.docxdaniahendric
Across the world, governments are trying to present, in the best possible way, their government services to citizens. Using the new technology is paramount to reduce this interaction through effective and efficient services.
Cloud Computing is a computing concept that is formed from the aggregation and development architecture such as SOA. Its purpose is to provide resources for communication and storage in a secure environment based on the service as quickly as possible, which is virtually implemented, via Internet access.
As the services provided by the e-Government are available via the Internet, so the benefits of Cloud Computing can be used in theimplementation of e-Government architecture to provide better service with the least economic cost.
Many countries have attempted to implement the e-Government based on the functionality provided by Cloud Computing, some of these countries have achieved remarkable success, and others have confronted difficult to make it worked.
This article will explore the use of Cloud Computing in e-Government, identify challenges and benefits of this use, and finish with benchmarking countries that have followed this approach.
Keywords: e-Government, Cloud Computing, Public services, Advantages, Challenges, Benchmarking, European governments, Arabic governments.
1. Introduction
For the past 10 years, the Internet and web services have experienced rapid and significant increases, which generated through their use in all sectors of activity, a high cost of data storage and consumption energy and complexities of implementation and infrastructure solutions.
To remedy this, large organizations have begun extensive studies to reduce these costs and complexities and they deduced the CloudComputing.
Today, Cloud Computing, this new technology, has effectively respond to thousands of their hardware and software needs, and it is considered the topic most requested by academics and research centers related to the field of information technology.
The e-Government among the industries that used the Internet and web services, seeks firstly overwhelming user satisfaction, and others from the implementation of an effective system based on Information Technology. To do this, the e-Government adopted to use the concepts of Cloud Computing.
2. Cloud Computing
2.1. Definition
In 2009, the National Institute of Standards and Technology (NIST) [9] published a definition of Cloud Computing as : "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction."
This definition was included in the Global Security Mag magazine as "Cloud Computing is a new way of delivering IT resources, not a new technology." Moreover, this concept has been proven in my post in the second edition of the PhD day ...
This document provides an overview of cloud computing, including its history, models, types, advantages and recent developments. Some key points:
1) Cloud computing originated from network diagrams depicting the internet as a cloud. Major companies like Amazon Web Services, Google, and IBM launched cloud services in the mid-2000s.
2) There are three main models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). IaaS provides basic storage and computing resources, while PaaS and SaaS provide higher-level services.
3) The four main types of cloud are public, community, hybrid, and private clouds
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
This document discusses privacy issues related to cloud computing. It begins with an introduction to cloud computing, defining it as the delivery of computing resources as a service over the internet. It then discusses five key characteristics of cloud computing including on-demand access and elastic resources. The document outlines four cloud delivery models and three cloud service models. It notes that while cloud computing reduces costs, issues of privacy, security, and control over data must be addressed. The remainder of the document analyzes challenges to privacy posed by cloud computing and standardization efforts to mitigate privacy risks.
Understanding Cloud Computing, It's Services, Benefits, And Challengestheijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.
Theoretical work submitted to the Journal should be original in its motivation or modeling structure. Empirical analysis should be based on a theoretical framework and should be capable of replication. It is expected that all materials required for replication (including computer programs and data sets) should be available upon request to the authors.
The International Journal of Engineering & Science would take much care in making your article published without much delay with your kind cooperation.
This document compares and contrasts cloud computing and grid computing. Grid computing refers to cooperation between multiple computers and servers to boost computational power, with a focus on high-capacity CPU tasks. Cloud computing delivers on-demand access to shared computing resources like networks, servers, storage and applications via the internet. Key differences include grid computing having a lower level of abstraction and scalability compared to cloud computing. Cloud computing also has stronger fault tolerance, is more widely accessible via the internet, and offers real-time services through its utility-based pricing model.
Cloud computing pros and cons for computer forensic investigationspoojagupta010
This document discusses the pros and cons of cloud computing for computer forensic investigations. It begins with an introduction to cloud computing and its key characteristics and models. It then provides background on computer forensics, including digital evidence and forensic procedures. The document goes on to discuss virtualization and how it relates to cloud computing. Finally, it merges these topics and outlines the main challenges of applying forensic procedures in cloud environments, concluding that while backups may provide useful evidence, seizing data can be difficult due to data mobility and copies across servers.
This document provides an overview of cloud computing. It begins with definitions of cloud computing and discusses concepts like service-oriented architecture, cyber infrastructure, and virtualization. It describes different types of cloud architectures like public, private and hybrid clouds. It outlines the key components of cloud computing including cloud types, virtualization, and users. It discusses how cloud computing works and reviews the merits and demerits. Finally, it concludes that cloud computing allows for more efficient use of IT resources and flexible access to computing power and data from any internet-connected device.
An Efficient MDC based Set Partitioned Embedded Block Image CodingDr. Amarjeet Singh
In this paper, fast, efficient, simple and widely used
Set Partitioned Embedded bloCK based coding is done on
Multiple Descriptions of transformed image. The maximum
potential of this type of coding can be exploited with discrete
wavelet transform (DWT) of images. Two correlated
descriptions are generated from a wavelet transformed image
to ensure meaningful transmission of the image over noise
prone wireless channels. These correlated descriptions are
encoded by set partitioning technique through SPECK coders
and transmitted over wireless channels. Quality of
reconstructed image at the decoder side depends upon the
number of descriptions received. More the number of
descriptions received at output side, more enhance the quality
of reconstructed image. However, if any of the multiple
description is lost, the receive can estimate it exploiting the
correlation between the descriptions. The simulations
performed on an image on MATLAB gives decent
performance and results even after half of the descriptions is
lost in transmission.
Swiftly increasing demand of computational
calculations in the process of business, transferring of files
under certain protocols and data centers force to develop an
emerging technology cater to the services for computational
need, highly manageable and secure storage. To fulfill these
technological desires cloud computing is the best answer by
introducing various sorts of service platforms in high
computational environment. Cloud computing is the most
recent paradigm promising to turn around the vision of
“computing utilities” into reality. The term “cloud
computing” is relatively new, there is no universal agreement
on this definition. In this paper, we go through with different
area of expertise of research and novelty in cloud computing
domain and its usefulness in the genre of management. Even
though the cloud computing provides many distinguished
features, it still has certain sorts of short comings amidst with
comparatively high cost for both private and public clouds. It
is the way of congregating amasses of information and
resources stored in personal computers and other gadgets
and further putting them on the public cloud for serving
users. Resource management in a cloud environment is a
hard problem, due to the scale of modern data centers, their
interdependencies along with the range of objectives of the
different actors in a cloud ecosystem. Cloud computing is
turning to be one of the most explosively expanding
technologies in the computing industry in this era. It
authorizes the users to transfer their data and computation to
remote location with minimal impact on system performance.
With the evolution of virtualization technology, cloud
computing has been emerged to be distributed systematically
or strategically on full basis. The idea of cloud computing has
not only restored the field of distributed systems but also
fundamentally changed how business utilizes computing
today. Resource management in cloud computing is in fact a
typical problem which is due to the scale of modern data
centers, the variety of resource types and their inter
dependencies, unpredictability of load along with the range of
objectives of the different actors in a cloud ecosystem.
It auditing to assure a secure cloud computingingenioustech
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
This document provides an overview of distributed computing paradigms such as cloud computing, jungle computing, and fog computing. It defines distributed computing as utilizing multiple autonomous computers located across different areas to solve large problems. Cloud computing is described as internet-based computing using shared online resources and data storage. Jungle computing combines distributed systems for high performance, while fog computing extends cloud computing to network edges for low latency applications. The document discusses characteristics, architectures, advantages and disadvantages of these paradigms.
This document discusses cloud computing and its various models and benefits. It provides definitions of cloud computing, explaining that it relies on sharing computing resources over the internet rather than local servers. It then summarizes the main service models (SaaS, PaaS, IaaS), deployment models (private, public, hybrid, community clouds), and benefits of cloud computing like cost savings, scalability, reliability and reduced maintenance needs. It also outlines some challenges around security, privacy and controlling cloud infrastructure.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
This document summarizes security issues related to cloud computing. It begins by introducing cloud computing and its benefits like scalability, flexibility and cost savings. However, cloud computing also faces security risks due to its multi-tenant architecture, where resources are shared among multiple users. Specific security risks discussed include data loss and leakage if strong encryption and access controls are not implemented. The open accessibility of cloud services also makes it easier for malicious users to attack innocent users. Finally, proper identity management is needed to securely manage access across different cloud technologies and services.
Addressing the cloud computing security menaceeSAT Journals
This document summarizes security issues related to cloud computing. It begins by introducing cloud computing and its benefits, including scalability, flexibility, and a pay-as-you-go model. However, it notes that security is a major concern for cloud computing. It then analyzes specific security threats like multi-tenancy allowing access to competitors' data, potential for data loss and leakage, easy accessibility opening the cloud to malicious users, and challenges of identity management with multiple technologies. The document provides an overview of cloud computing deployment models and service models to provide context on the discussed security issues.
Introduction to Cloud Computing and Cloud InfrastructureSANTHOSHKUMARKL1
Introduction, Cloud Infrastructure: Cloud computing, Cloud computing delivery models and services, Ethical issues, Cloud vulnerabilities, Cloud computing at Amazon, Cloud computing the Google perspective, Microsoft Windows Azure and online services, Open-source software platforms for private clouds.
Review of Business Information Systems – Fourth Quarter 2013 V.docxmichael591
This document discusses security threats in cloud computing based on a case study interview with an IT manager. The interviewee's company uses both private and public clouds. The document identifies 41 security threats from literature and classifies them from technical and business perspectives. Based on the interview, the major drivers for using cloud computing were improving business continuity, reducing costs through virtualization and disaster recovery, and utilizing high bandwidth. The interview helped explore the dimensions of security threats in cloud computing beyond what is described in existing research.
Similar to Cloud Governance Framework - Required Cloud Sourcing Capabilities (20)
[To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
This presentation is a curated compilation of PowerPoint diagrams and templates designed to illustrate 20 different digital transformation frameworks and models. These frameworks are based on recent industry trends and best practices, ensuring that the content remains relevant and up-to-date.
Key highlights include Microsoft's Digital Transformation Framework, which focuses on driving innovation and efficiency, and McKinsey's Ten Guiding Principles, which provide strategic insights for successful digital transformation. Additionally, Forrester's framework emphasizes enhancing customer experiences and modernizing IT infrastructure, while IDC's MaturityScape helps assess and develop organizational digital maturity. MIT's framework explores cutting-edge strategies for achieving digital success.
These materials are perfect for enhancing your business or classroom presentations, offering visual aids to supplement your insights. Please note that while comprehensive, these slides are intended as supplementary resources and may not be complete for standalone instructional purposes.
Frameworks/Models included:
Microsoft’s Digital Transformation Framework
McKinsey’s Ten Guiding Principles of Digital Transformation
Forrester’s Digital Transformation Framework
IDC’s Digital Transformation MaturityScape
MIT’s Digital Transformation Framework
Gartner’s Digital Transformation Framework
Accenture’s Digital Strategy & Enterprise Frameworks
Deloitte’s Digital Industrial Transformation Framework
Capgemini’s Digital Transformation Framework
PwC’s Digital Transformation Framework
Cisco’s Digital Transformation Framework
Cognizant’s Digital Transformation Framework
DXC Technology’s Digital Transformation Framework
The BCG Strategy Palette
McKinsey’s Digital Transformation Framework
Digital Transformation Compass
Four Levels of Digital Maturity
Design Thinking Framework
Business Model Canvas
Customer Journey Map
The Genesis of BriansClub.cm Famous Dark WEb PlatformSabaaSudozai
BriansClub.cm, a famous platform on the dark web, has become one of the most infamous carding marketplaces, specializing in the sale of stolen credit card data.
Cover Story - China's Investment Leader - Dr. Alyce SUmsthrill
In World Expo 2010 Shanghai – the most visited Expo in the World History
https://www.britannica.com/event/Expo-Shanghai-2010
China’s official organizer of the Expo, CCPIT (China Council for the Promotion of International Trade https://en.ccpit.org/) has chosen Dr. Alyce Su as the Cover Person with Cover Story, in the Expo’s official magazine distributed throughout the Expo, showcasing China’s New Generation of Leaders to the World.
SATTA MATKA SATTA FAST RESULT KALYAN TOP MATKA RESULT KALYAN SATTA MATKA FAST RESULT MILAN RATAN RAJDHANI MAIN BAZAR MATKA FAST TIPS RESULT MATKA CHART JODI CHART PANEL CHART FREE FIX GAME SATTAMATKA ! MATKA MOBI SATTA 143 spboss.in TOP NO1 RESULT FULL RATE MATKA ONLINE GAME PLAY BY APP SPBOSS
Prescriptive analytics BA4206 Anna University PPTFreelance
Business analysis - Prescriptive analytics Introduction to Prescriptive analytics
Prescriptive Modeling
Non Linear Optimization
Demonstrating Business Performance Improvement
AI Transformation Playbook: Thinking AI-First for Your BusinessArijit Dutta
I dive into how businesses can stay competitive by integrating AI into their core processes. From identifying the right approach to building collaborative teams and recognizing common pitfalls, this guide has got you covered. AI transformation is a journey, and this playbook is here to help you navigate it successfully.
IMPACT Silver is a pure silver zinc producer with over $260 million in revenue since 2008 and a large 100% owned 210km Mexico land package - 2024 catalysts includes new 14% grade zinc Plomosas mine and 20,000m of fully funded exploration drilling.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Call8328958814 satta matka Kalyan result satta guessing➑➌➋➑➒➎➑➑➊➍
Satta Matka Kalyan Main Mumbai Fastest Results
Satta Matka ❋ Sattamatka ❋ New Mumbai Ratan Satta Matka ❋ Fast Matka ❋ Milan Market ❋ Kalyan Matka Results ❋ Satta Game ❋ Matka Game ❋ Satta Matka ❋ Kalyan Satta Matka ❋ Mumbai Main ❋ Online Matka Results ❋ Satta Matka Tips ❋ Milan Chart ❋ Satta Matka Boss❋ New Star Day ❋ Satta King ❋ Live Satta Matka Results ❋ Satta Matka Company ❋ Indian Matka ❋ Satta Matka 143❋ Kalyan Night Matka..
Profiles of Iconic Fashion Personalities.pdfTTop Threads
The fashion industry is dynamic and ever-changing, continuously sculpted by trailblazing visionaries who challenge norms and redefine beauty. This document delves into the profiles of some of the most iconic fashion personalities whose impact has left a lasting impression on the industry. From timeless designers to modern-day influencers, each individual has uniquely woven their thread into the rich fabric of fashion history, contributing to its ongoing evolution.
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Stone Art Hub
Stone Art Hub offers the best competitive Marble Pricing in Dubai, ensuring affordability without compromising quality. With a wide range of exquisite marble options to choose from, you can enhance your spaces with elegance and sophistication. For inquiries or orders, contact us at ☎ 9928909666. Experience luxury at unbeatable prices.
Industrial Tech SW: Category Renewal and CreationChristian Dahlen
Every industrial revolution has created a new set of categories and a new set of players.
Multiple new technologies have emerged, but Samsara and C3.ai are only two companies which have gone public so far.
Manufacturing startups constitute the largest pipeline share of unicorns and IPO candidates in the SF Bay Area, and software startups dominate in Germany.
Part 2 Deep Dive: Navigating the 2024 Slowdownjeffkluth1
Introduction
The global retail industry has weathered numerous storms, with the financial crisis of 2008 serving as a poignant reminder of the sector's resilience and adaptability. However, as we navigate the complex landscape of 2024, retailers face a unique set of challenges that demand innovative strategies and a fundamental shift in mindset. This white paper contrasts the impact of the 2008 recession on the retail sector with the current headwinds retailers are grappling with, while offering a comprehensive roadmap for success in this new paradigm.
2. Joha et al.
It is often argued that cloud computing has implications categorized into three main service models (Dillon et al.,
for both businesses and management (Olsen, 2006) and 2010; NIST, 2011c):
cloud computing will change the relationship between • Cloud Software as a Service (SaaS). The public
buyer and seller (Sääksjärvi et al., 2005). Yet, the specific sector organization has access to a provider’s
IT governance capabilities required by public sector applications running on a cloud infrastructure. The
organizations to successfully source and manage cloud public sector does not manage or control the
services have remained unexplored. The goal of this paper underlying cloud infrastructure including network,
is to understand the cloud governance capabilities that are servers, operating systems, storage, or even
required when introducing and implementing a cloud individual application capabilities, with the possible
computing model in the public sector. This paper is exception of limited user-specific application
structured as follows. In the next section, the background configuration settings.
of cloud computing is discussed, including its relationship
with outsourcing and the governance framework of IT • Cloud Platform as a Service (PaaS). The public
core capabilities from Feeny and Willcocks (1998) that is sector organization has the ability to deploy onto the
used as basis to analyze the interviews and cloud infrastructure customized or acquired
documentation. In section three, the research approach is applications created using programming languages
presented, followed by an overview of the cloud and tools supported by the provider. The public
computing activities in the Dutch and US public sector. sector organization does not manage or control the
Section five discusses the findings and conclusions are underlying cloud infrastructure including network,
drawn in section six. servers, operating systems, or storage, but has control
over the deployed applications and possibly
application hosting environment configurations.
2. Background • Cloud Infrastructure as a Service (IaaS). The public
sector organization has access to processing, storage,
2.1. Cloud Computing networks, and other fundamental computing
resources and is able to deploy and run arbitrary
There is no agreement about a definition of clouds, software, which can include operating systems and
though there are some characteristics that are more or less applications. The public sector organization does not
agreed. These are that clouds offer resources on demand manage or control the underlying cloud infrastructure
(Rosenthal et al., 2010) from which application services but has control over operating systems, storage,
can be accessed over a network (Buyya et al., 2009). In deployed applications, and limited control of select
most clouds charges are paid per use, but there is no networking components.
consensus about this characteristic. Rosenthal et al. (2010) The cloud deployment model concerns the specific cloud
provide a set of features of cloud computing. Janssen and environment that is used to deliver cloud services to the
Joha (2010) add two additional characteristics based on users. Four deployment models are generally
the idea that a cloud is a distributed system that is distinguished in the literature (Dillon et al., 2010; Kundra,
presented as one infrastructure that provides services 2011; NIST, 2011c). A private outsourced cloud is a
based on service level agreements. These characteristics closed environment for a single organization hosted by a
are: third party, while a private in-house cloud is hosted
(1) Resource outsourcing internally (Kundra, 2011). A public cloud is owned by a
(2) Utility computing SaaS service provider that makes it available to the
(3) Large number of (inexpensive) machines general public, while a community cloud is shared by
(4) Automated resource management several organizations with common policies,
(5) Virtualization requirements, values, and concerns and can either be
(6) Parallel computing hosted externally by a third party or in-house (Dillon et
(7) Data access control al., 2010). Hybrid clouds can consist of combinations of
(8) Service level agreements the other cloud models. It is postulated that the different
A cloud consists of large farms of inexpensive servers forms and deployment models of cloud services will have
which are distributed over several locations. The basic an influence on the cloud capabilities that are required.
idea of the use of clouds is to shift the responsibility to
install and maintain hardware and basic computational
services away from the user to the cloud vendor 2.2. Clouds and Sourcing
(Rosenthal et al., 2010). The cloud vendor should ensure
security, scalability, availability, reliability and data Whereas there is relatively limited research literature
access control mechanisms. In a cloud there is a dedicated about cloud computing, there is a wealth of literature on
pool of hardware and virtualization software that can be outsourcing (Gonzalez et al., 2006; Lee et al., 2003). IT
used to support a variety of tasks and provide services to outsourcing is about the contracting out of certain IT
the cloud participants. Cloud computing can be functions to an external service provider that in return
ICST Transactions on e-Business
2 July-September 2012 | Volume 12 | Issues 7-9 | e4
3. Transformation to Cloud Services Sourcing: Required IT Governance Capabilities
provides the service for a certain period of time and for a area, (2) the technical area, (3) the business area and (4)
certain amount of money (Willcocks & Kern, 1998). the supply area. In the governance area, the role of IT
Business Process Outsourcing (BPO) is the situation in within the business is defined, combined with the
which a supplier takes over responsibility for one or more responsibilities of the IT department, the business
of an organization’s business processes (Borman, 2006). departments and the IT service providers in achieving that
Outsourcing arrangements address the relationship role, while the technical area is concerned with ensuring
between one client having one or more external vendors, that the business has access to the technical capability it
and in case a private cloud model is used, this is also the needs in order to translate the business requests and
case with sourcing cloud services. In case of a community requirements into IT specifications (Feeny & Willcocks,
or public cloud however, the arrangement generally 1998). The business area is about demand management
consists of many clients and one cloud vendor. Cloud and involves defining the business requirements in order
computing can thus be viewed as a type of sourcing to address the need for alignment between business and
arrangement, in which the cloud service providers can be technology. The supply area, finally, is about managing
viewed as a specific type of provider. There are various and monitoring the supplier in order to assure they deliver
ways of sourcing like inside or outside the public sector the required quality of the IT services.
and sourcing requires the use of capabilities for managing Feeny and Willcocks (1998) initially found nine
sourcing arrangements (Borman, 2006; Feeny & capabilities that enable a business to consistently address
Willcocks, 1998). the described four areas in order to exploit IT
successfully, now and in the future. In a later article to
validate the model, Willcocks et al. (2006) also found a
2.3. Governance Framework of IT Core tenth capability, IT project management, though no
Capabilities explicit definition similar to the other capabilities was
provided. These ten capabilities and their definitions are
Decisions about and around an (out)sourcing transitions depicted in table 1.
are part of a much broader framework called IT
governance. IT governance refers to the “patterns of
authority for key IT activities” (Sambamurthy & Zmud, Table 1. Governance Framework of IT Core
1999, p. 261) and IT governance mechanisms determine Capabilities (Feeny & Willcocks, 1998; Willcocks et
how communication, responsibilities and decision-making al., 2006)
structures are formalized (Weill & Ross, 2005). Important
attributes of IT governance are the roles and
responsibilities of the different actors involved (Weill and IT core Definitions (Feeny and
Ross, 2005) and the related capabilities that are core to the capabilities Willcocks, 1998)
business' future capacity to exploit and govern the 1) Leadership Integrating IS/IT effort with
demand and supply of IT successfully (Feeny & business purpose and activity
Willcocks, 1998; Mayer & Salomon, 2006). 2) Business Envisioning the business
Sourcing requires that that the end-user organization has systems process that technology makes
the necessary IT core capabilities to implement and thinking possible
manage the sourcing arrangement. The provider is at an 3) Relationship Getting the business
arm’s length which requires other capabilities than when building constructively engaged in IS/IT
having an own IT department. The IT core capability issues
concept is defined by Feeny and Willcocks (1998) and 4) Architecture Creating the coherent blueprint
planning for a technical platform that
their IT governance framework has been successfully
responds to current and future
verified in a couple of consecutive articles (Willcocks & business needs
Feeny, 2006; Willcocks et al., 2006). Willcocks and 5) Making Rapidly achieving technical
Feeny (2006, [p. 49]) define a capability as ‘a distinctive technology progress, by one means or
set of human resource–based skills, orientations, attitudes, work another.
motivations, and behaviors that have the potential, in 6) Informed Managing the IS/IT sourcing
suitable contexts, to contribute to achieving specific buying strategy that meets the
activities and influencing business performance’. interests of the business
Following Willcocks and Feeny (2006) we define a cloud 7) Contract Ensuring the success of
governance capability is a capability to effectively facilitation existing contracts for IS/IT
manage and govern the sourcing of cloud services, services
8) Contract Protecting the business'
measurable in terms of IT activities supported, and
monitoring contractual position, current
resulting business performance. and future
Feeny and Willcocks (1998) view IT capabilities as core 9) Vendor Identifying the potential added
to the business's future capacity to exploit IT successfully. development value of IS/IT service suppliers
Four main areas are defined that a company must 10) IT Project This capability was included in
successfully address over time: (1) the IT governance management a later paper (Willcocks et al.,
ICST Transactions on e-Business
3 July-September 2012 | Volume 12 | Issues 7-9 | e4
4. Joha et al.
2006). 4. Clouds Sourcing in the Public Sector
The Dutch cloud strategy was driven by the cloud
These ten capabilities are viewed from the perspective of strategies in the US. Both the Dutch and the US public
the end-user organization and not from the supplier sector consist of many organizations that have IT
perspective. In other research (Feeny et al., 2005; Lacity environments that can be characterized as difficult to
et al., 2006a; Lacity et al., 2006b) similar kinds of manage, heterogeneous, with duplicative systems with
frameworks have been defined with the capabilities low asset utilization, negatively impacting its ability to
relevant to outsourcing service providers. serve its citizens. There are several big public
organizations having large data centers and many small
organizations that find it hard to manage their IT services
3. Research Methodology and resources. The US government developed a decision
framework that was created to support agencies in
The research conducted in this paper has an explorative- migrating towards cloud services such as cloud-based
descriptive nature. Our goal is to develop an SaaS, PaaS and IaaS. The revenue model proposed was
understanding of the IT governance capabilities required based on the idea that users will only pay for the IT
for public sector organizations that want to successfully resources they consume, and would be able to increase or
implement and manage cloud services. This research decrease their usage to match their requirements and
takes the governance framework of IT core capabilities by potential budget constraints. Following the publication of
Feeny and Willcocks (1998) as a starting point, extending this strategy, each agency was required to re-evaluate its
and refining it for cloud computing. This model is useful technology sourcing strategy to assess the use and
as it finds its roots in outsourcing relationships and cloud implementation of cloud-based technology and
computing can be viewed as a type of sourcing application solutions as part of the budget process
arrangement, in which the cloud providers can be viewed (Kundra, 2011). In the Netherlands it was recently
as a specific type of outsourcing provider. Exploratory decided to create a public cloud infrastructure. The
research was chosen due to the need to investigate and rationale is based on the reduction of the 61 data centres
explore the IT governance capabilities required by public and the lowering of energy consumption which accounts
sector organizations for cloud computing arrangements. for 15 million annually (Hillenaar, 2010).
Interviews were conducted within the Dutch government
and these were complemented by studying international 5. Analysis and Discussion
case study reports and documents. Interviews allowed us
to explore and in-depth discuss the concept of cloud
computing, in this way creating a better understanding of 5.1. Cloud Governance Capabilities
the possible challenges and the required capabilities when
adopting and managing cloud services in the public Feeny and Willcocks’ (1998) governance framework of
sector. Thirteen interviews were conducted using open- IT core capabilities was used to identify the capabilities
ended questions, informed in many ways by our that are core for the implementation of a cloud computing
understanding of cloud services and outsourcing as service delivery model for the public sector. Table 2
presented in the background of this paper. The interviews shows each of the 10 IT core capabilities and how they
lasted between one and two and a half hours and the relate to the 16 identified cloud governance capabilities
interviewees included Dutch IT-managers, outsourcing that are required when sourcing and managing cloud
specialists, outsourcing and cloud decision-makers and services. The table also shows the typical role(s) involved
IT-experts from a variety of public organizations, in executing each cloud capability, as this was an
including the tax authority, social security agency, important indicator to identify the discriminating cloud
Ministry of the Interior and Kingdom Relations, capabilities. The relationship between a role and an
municipality association and two municipalities. In this individual can be clarified as follows:
way, a broad range of organizations and views were • One role can be fulfilled by one or more individuals;
covered. Interviewees covered persons in organizations • One individual can fulfill one or more roles.
that were already using cloud services as well as those
who are considering the use of cloud computing or did not
decide to use it.
Table 2. Identified IT Governance Capabilities for Sourcing Cloud Services
ICST Transactions on e-Business
4 July-September 2012 | Volume 12 | Issues 7-9 | e4
5. Transformation to Cloud Services Sourcing: Required IT Governance Capabilities
Redefined and Clarification of the IT governance capabilities for sourcing Typical
extended IT cloud services role(s)
IT core governance involved in
capabilities as capabilities for executing
defined by sourcing cloud each cloud
Feeny and services capability
Willcocks (1998)
1) Leadership 1) Cloud Defining the overall federal IT governance and strategy in terms Federal CIO,
Leadership of the organizational structures, the processes and the staffing agency
relevant to the cloud services, in order to address all the main executive
activities in the business, technical and supply areas and to
manage all potential (inter)dependencies between these areas.
2) Business 2) Cloud Defining the decentralized business strategy and the translation Business unit
systems Business of that strategy to a cloud strategy, where choices have to be CIO/manager,
thinking Strategy and made about the role and the priority of cloud services within the Head of IT
Policy organization, including the make or buy decision about sourcing
cloud services.
3) Relationship 3) Demand Defining business functionality and its dependencies, including Information
building Management the translation to IT/cloud specifications, demand forecasting manager
and interfacing with the end users.
4) Relationship Providing a single point of contact through which the business Relationship
Management organization can ensure that problems and conflicts are manager
resolved fairly and promptly, within a framework of agreements
and relationships.
4) Architecture 5) Architectural Creating the coherent blueprint for a technical cloud platform Infrastructure
planning Design and that responds to current and future business needs and architect
Standards maintaining the technical consistency and standards between
cloud information systems.
6) Data Ensuring data security, privacy, compliance, portability and Data
Security interoperability. architect,
Management cloud security
specialist
7) Application Responsible for software design, coding, testing and Cloud
Lifecycle configuration of customized cloud business applications, but application
Management also for cloud application maintenance and application developer
upgrades
5) Making 8) IT Network Given that the Internet and intranet are the main ways to Network
technology Management access cloud application services, the IT network management specialist,
work capability needs to ensure that potential network problems can infrastructure
be rapidly fixed. manager
6) Informed 9) IT/Cloud Tracking cloud market developments and suppliers and leading IT/cloud
buying Procurement the selection process for cloud services including negotiating procurement
about procurement terms and conditions with suppliers. officer
10) Risk and Monitoring and auditing potential risk/compliance issues Risk officer,
Compliance involved in sourcing cloud services. auditor
Management
11) Legal Providing support when entering into (new) agreements with Legal advisor
Expertise cloud service providers and making changes to existing
contracts, including handling all legal issues related to clouds.
7) Contract 12) User Support Providing support to users by means of training and by a (self) Service desk
facilitation service desk. employee
8) Contract 13) Contract Ensuring contractual compliance by the cloud providers on Contract
monitoring Management strategic and tactical level and managing any required contract manager
modifications, taking into account all the relevant aspects
including financial, legal, technical and business dimensions.
14) Service Managing the performance of the service delivery on tactical Service
Management and operational level as specified in the contractual manager
performance metrics, including performance management and
maintenance of the cloud service catalogue.
15) Financial Tracking, monitoring and reporting on the IT budget and Financial
Control ensuring that the cloud services meet the committed and controller
predefined financial goals.
9) Vendor The ‘vendor development’ capability was not distinguished as a
ICST Transactions on e-Business
5 July-September 2012 | Volume 12 | Issues 7-9 | e4
6. Joha et al.
development specific capability or role. Creating added value happens at
each level and role of the supply area and this specific
capability can be incorporated within all the other capabilities.
10) IT Project 16) IT Project Managing a project or a portfolio of multiple ongoing inter- Project /
Management and Portfolio dependent cloud projects that are executed internally and/or by program
Management cloud providers. manager
Five capabilities in Feeny and Willcocks’ framework the cloud service provider. Interviewed governmental
could almost be individually translated to the cloud representatives mentioned that this would enable
domain, though they needed some refinement, both in governments to better keep control over their privacy
terms of the terminology used for the capability as well as sensitive data, avoid potential security problems, ensure
for the definitions. In four instances, the capabilities authorization, identification and encryption, and to avoid
defined by Feeny and Willcocks (1998) have been split legislation and regulation risks by outsourcing this to a
into 2 or more different capabilities because of the special third party and nevertheless gain advantages of this
importance of these capabilities for cloud computing and development.
because of the distinct and different nature of these Agencies could bypass the federal or internal IT
capabilities in terms of roles. One capability in Feeny and department to acquire their own cloud services, which
Willcocks’ framework, vendor development, was not could create difficulties in data integration or service
distinguished as a specific capability or role. This interoperability in the future within the public sector and
capability is meant to ensure that added value is created therefore overall policy standards and guidelines need to
by IT outsourcing, but creating added value happens at be defined. The policy needs to be followed by agencies
each level and role of the supply area and this specific to ensure that the agencies comply to regulatory or legal
capability can therefore be incorporated within all the requirements, to enforce organization-wide consistency
other individual capabilities within the supply area. In the and to make sure that the agencies have guidelines in case
part hereafter the capabilities are discussed in more detail. they want to use cloud services. As such, the US
government published a federal cloud computing strategy,
Cloud Leadership providing a decision framework to support agencies in
Cloud leadership is about defining the overall federal migrating towards services such as cloud-based SaaS,
IT/cloud governance and strategy in terms of the PaaS and IaaS (Kundra, 2011).
organizational structures, the processes and the staffing, in
order to address all the main activities in the business, Demand Management
technical and supply areas and to manage all potential The demand management capability facilitates the
(inter)dependencies between these areas. It also includes dialogue between the business and the IT department
creating organization-wide support and strategic regarding cloud services and is responsible for defining
stakeholder management for implementing cloud services. the functional requirements with regard to the cloud
Interviewees indicated that the choice for cloud solution. The defined cloud policy has to be translated
computing is a decision that has a long-term and strategic into cloud functionality and the underlying specifications
impact, requiring significant organizational changes in and service levels with regard to the cloud services have
order to adopt and manage this new service delivery to be defined. This capability also includes demand
model. The US federal government created a 25-point forecast for the expected consumption and use of cloud
federal IT reform plan to address their new IT strategy, in services by the agencies, ensuring alignment with
which cloud computing was an important element corporate IT, controlling the decentralized cloud budget
(Kundra, 2010). and monitoring local cloud SLAs. Agencies could have
the possibility to directly buy services from the cloud
Cloud Business Strategy and Policy provider by means of a service catalogue, which is a
This capability is concerned with defining, integrating and document listing the portfolio of possible cloud services
aligning the business objectives with IT/cloud capability. that the agencies can buy from the cloud service
The overall business strategy from all of the decentralized provider(s) supported by the cloud outsourcing contract.
governmental agencies has to be translated to a cloud
strategy, resulting in an information policy, which takes Relationship Management
into account all the requirements and potential This capability involves managing the requirements and
(im)possibilities of the cloud solution. This also includes problems within the business units with regard to the
defining the sourcing strategy in terms of the decision to cloud services. Relationship management provides a
outsource or not and all the relevant strategic choices single point of contact through which the business
related to this decision including which cloud deployment organization can ensure that problems and conflicts are
models can be used. Although clouds can be outsourced resolved fairly and promptly, within a framework of
to a service provider, clouds can also be operated as agreements and relationships. It involves also handling
internal arrangements within the government. In such a requests from decentralized entities for action on issues
construction the internal IT department will function as that range from minor questions to very significant crises,
ICST Transactions on e-Business
6 July-September 2012 | Volume 12 | Issues 7-9 | e4
7. Transformation to Cloud Services Sourcing: Required IT Governance Capabilities
being the focal point of contact for business managers, processes to integrate cloud applications; defining
facilitating people relationships and devising processes processes and criteria for granting exceptions to the cloud
for conflict resolutions regarding the cloud delivery applications standards and defining architecture
model. components and interfaces based on application
architectural standards with regard to cloud computing.
Architectural Design and Standards
Through insight into technology, cloud service providers IT Network Management
and the requirements from agencies, the architectural In cloud computing, it is essential that the network
design and standards capability is about the development capacity is meeting the required standards as the Internet
of the vision of an appropriate technical cloud platform. and intranet are the main ways to access cloud application
Without such planning, the organization could end up services. IT network management is about ensuring the
with independent systems that might result in redundancy, quality of the network and local or remote servers. The
gaps between systems or the inability to integrate cloud cloud infrastructure should have the necessary capacity
systems. Cloud standards need to be determined with and processing power at all times. This network capability
regard to the technical platforms, e.g. networks, protocols, could be outsourced, but it was suggested by interviewees
resilience. Questions about standardization, security of the that it is important that potential network problems can be
architecture, the necessary flexibility and the integration rapidly fixed and to retain parts of this capability in-
with other components need to be addressed, but also the house. The main risk is that increasingly less operational
implications for the people using the technology. In the technology knowledge seems to be necessary in cloud
US federal government a lot of attention is paid to arrangements, while the dependency on the service
standards (NIST, 2011b) and there is a central group providers is increasing. The network dependency is also
involved with standards management responsible for recognized as such by the National Institute of Standards
establishing a framework and roadmap to define standards and Technology (NIST, 2011a) recommending that the
facilitating interoperability, portability and security of traditional IT skills required to manage devices that
cloud services. access the private cloud need to be retained, also for
managing special hardware or system requirements and
Data Security Management unique security needs for special projects.
The data security management capability involves setting
enterprise level data requirements regarding security, IT/Cloud Procurement
privacy and compliancy and enforcing policies for IT/Cloud procurement is responsible for analyzing the
protecting sensitive corporate and customer data from cloud service providers and leading the procurement
being shared, including managing all forms of virus process for the selection of a cloud provider till the
prevention and detection relative to public cloud services moment the contract has been signed. This includes
This also comprises the development of a framework for managing the Request for Proposal (RFP) process, which
sharing user identities and providing user access to includes the collection and verification of equipment and
sensitive data, including conditions under which service component requirements and SLA specifications,
providers, third parties and government agencies may development of the RFP, evaluation of the responses and
have access to the company’s data. The framework should giving recommendations for supplier selection to the
include authentication, authorization and use of physical agencies.
devices like digital signatures, encryption, social barriers, This also includes the responsibility for assuring that the
and monitoring by humans and automated systems. The cloud procurement is completed within the predefined
framework should be audited and updated regularly to timeframe and meets the identified cost objectives as well
address changing technology and service delivery as continuously analyzing the external cloud services
mechanisms. In the federal US government a central market.
security department was set up in order to identify,
aggregate, and disseminate security, privacy and Risk and Compliance Management
compliance issues, solutions and processes that could This capability needs to ensure that potential regulatory
impact the adoption and implementation of cloud and compliance risks are identified and also needs to
services. continuously confirm that the assurance methods adopted
by service providers are evolving to include, in addition to
Application Lifecycle Management SAS 70, the new Service Organization Controls (SOC)
Application lifecycle management is responsible for reporting model and other cloud security certifications.
software design, coding, testing and configuration of The cloud infrastructure should be secure and reliable.
customized business applications, but also for application Although contractually this might be arranged, public
maintenance and application upgrades. Activities include organizations do not want to be confronted with problems.
monitoring emerging cloud technologies and leading the Therefore regular audits, either internally by a separate
investigation and adaptation of new cloud application department, or externally, are necessary to determine if
technology, documenting the existing cloud application the cloud vendor’s infrastructure and support is compliant
architecture portfolio, setting formal policies and to the contract. These audits need to be part of risk and
ICST Transactions on e-Business
7 July-September 2012 | Volume 12 | Issues 7-9 | e4
8. Joha et al.
compliance management. Security policies, but also Contract management is about ensuring contractual
backup, recovery and contingency procedures and plans compliance by the cloud provider(s) on strategic and
should be regularly evaluated to account for potential tactical level and managing any required contract
cloud provider failure. Interviewees were suggesting that modifications, taking into account all the relevant aspects
clear agreements about data ownership need to be made including financial, legal, technical and business
including what will happen in case a SaaS provider goes dimensions. This includes contract administration,
bankrupt, is taken over by another company, or is monitoring compliance with terms and conditions, review
changing its strategic orientation and vision. and revision of contract changes, supplier negotiation and
The interviewees were very reluctant to move to a cloud contract interpretation for dispute resolution. Long term
model on a large scale without any assurances, because of sustainability is a key issue, as the bankruptcy or other
the dependency on the cloud provider, and as part of the problems of the cloud vendor could jeopardize certain
risk process, a careful migration strategy was therefore business operations. Data might simply not be available
suggested. The interviewees argued that applications and anymore in specific circumstances.
information that are of particular importance must initially The interviewees considered good contracts to be
be retained in-house and run on the own IT system, but essential, as this is an important instrument to avoid the
can be maintained by the cloud providers. In case of risks and accomplish the benefits of cloud computing.
dissatisfaction with what comes as part of the package Contracts are more complicated as it should be flexible
with the cloud provider, those applications can and demands instant scaling up based on pay per use on
immediately be taken over by the own staff. This means the one hand, whereas on the other hand long-term
less risks, but higher retained software costs for the client sustainability, software access and information storage
than may have been initially assumed, and those costs requirements need to be met. These short term and long
should be understood and be part of the initial business term interests might be conflicting, as the cloud provider
case justifying the use of cloud services. might require some kind of payment of longer term
commitments are part of the contract. Effective contract
Legal Expertise monitoring means holding suppliers to account on both
Legal expertise provides support when entering into (new) existing service contracts and the developing performance
agreements with cloud service providers and making standards of the services market. This includes developing
changes to existing contracts. Out of the interviews, it service level measures and service level reports,
became clear that the location of storage is an issue, as specifying escalation procedures and cash penalties for
Dutch governments often require that data will be stored non-performance (Kern and Willcocks, 2001).
within the Netherlands to ensure that the Dutch law will
be in effect to the SaaS providers. It is likely that new Service Management
agencies or authorities are required to verify and control The service management capability involves managing
that data does not cross national boundaries and that the performance of the service delivery on a tactical and
licenses are legal. In general the contract needs to take operational level as specified in the contractual
into account issues regarding data protection and performance metrics, including performance management
regulatory compliance, intellectual property concerns and and maintenance of the service catalogue, to ensure that
contingency in the event of business discontinuity caused performance targets continue to be met, users remain
by the service provider. Also the risks of non-performance satisfied, the expected service levels continue to be
and potential exit scenarios need to be contractually achieved and the services continue to be performed and
defined. delivered in the expected manner. This includes
monitoring, reviewing, managing, changing and reporting
User Support on all cloud service levels. The cloud provider is normally
Interviewees indicated that as cloud services are based on able to retrieve information regarding SLA compliance,
a hosted delivery model, users may find they do not have usage levels, account activity, etc. Further activities
access to the same level of service and support they would include, but are not limited to, ensuring that the cloud
get from their internal IT group or would get in an performance review system and the SLA metrics are
outsourcing arrangement. As such a (self) service desk maintained to be relevant to the outsourcing contract,
needs to be in place for any user support. Supporting and applying service level penalties if the cloud supplier
training users on new functionality delivered via the more performs below the service credit threshold and approving
frequent upgrades enabled by the cloud model requires change requirements.
skilled resources, but not all cloud providers will offer the
level of support required to meet end-user needs, Financial Control
especially during initial implementation efforts. As a Financial control is about tracking, monitoring and
result, public sector organizations must account, plan and reporting on the IT/cloud budget and ensuring that the
budget for all required support requirements. outsourced services meet the committed and predefined
financial goals. Relevant activities include directing and
Contract Management coordinating the organization’s financial IT planning and
IT/cloud budget management functions, recommending
ICST Transactions on e-Business
8 July-September 2012 | Volume 12 | Issues 7-9 | e4
9. Transformation to Cloud Services Sourcing: Required IT Governance Capabilities
benchmarks for measuring the financial and operating resources and team members. When implementing cloud
performance of the cloud supplier, monitoring the overall services also the (inter)dependencies with other IT/cloud
cost of the cloud contract, preparing financial analysis for projects need to be taken into account, managing multiple
contract negotiations with the cloud supplier, and projects as a portfolio. This capability was initially not
coordinating with the contract administration for payment included in Feeny and Willcocks’ IT capability
procedures and budget procedures related to the delivered framework as they considered project management not as
cloud services. a specific IT core capability but as an organizational one.
When verifying their model however, they also found this
IT Project and Portfolio Management capability to be distinctive to the IT function (Willcocks
IT project management is the application of knowledge, et al., 2006).
skills, tools, and techniques to plan and execute IT project Based on the analysis in the former section, Feeny and
activities that meet the predefined objectives in terms of Willcocks’ capability model could be refined and
planning, cost and quality (Project Management Institute, extended for cloud computing. In Figure 1, the sixteen
2000). Especially for cloud computing services, the distinguished cloud governance capabilities have been
transition and migration strategy and activities have been plotted within the governance, business, technical and
recognized as very important by the interviewees. This supply area.
capability includes identifying and planning project
activities, minimizing risk and managing the project, the
Figure 1. Cloud Governance Capability Model (based on Feeny & Willcocks, 1998; Willcocks et al., 2006)
Several interviewees mentioned that uncoordinated first and experiment on a small scale, the intricacies and
adoption and not having the appropriate capabilities in expertise needed could be discovered.
place could undercut the financial benefits of cloud
computing, and severely increase the risks. They indicated 5.2. Relevance of the Cloud Capabilities
the need to first find out which capabilities are required
and ensuring that investments can be made and Determining the relevance of the different capabilities is
organizational structures and routines are in place before important in order to determine which and how many
the cloud model can be used on a large scale. By individuals can fulfill the role involved in executing the
developing and implementing the required capabilities
ICST Transactions on e-Business
9 July-September 2012 | Volume 12 | Issues 7-9 | e4
10. Joha et al.
respective capability. When the relevance of a certain The need to manage an outsourcing arrangement increases
capability increases, it implies that either a higher quality proportionally with the degree of outsourcing in terms of
of the individual fulfilling that capability is required, or the size of the outsourcing deal(s) (Barthélemy, 2001;
that more individuals are necessary to fulfill that specific Kern & Willcocks, 2001). The more clouds have been
capability. When the relevance of a capability decreases, outsourced to multiple vendors and the higher the contract
it implies that this capability might be integrated with value, the higher the costs will be to transition the cloud
other related capabilities so that one individual can fulfill activities to a new supplier or to insource the activities
a role that covers multiple capabilities. There are different again. This implies that more control is needed, not only
factors identified that influence the relevance of the from contract management, service management and
capabilities in some way or another and these will be financial control, but also from the capabilities in the
discussed in the following paragraphs. governance area to mitigate the risks as much as possible.
When the variety and number of cloud projects increase,
Cloud Service and Deployment Model so will the complexity of the relationship with the cloud
The capabilities in the governance area were found to be vendor(s). An increase of complexity might well result in
relevant for all cloud service models. Leadership is an increase of the number of hierarchical levels and
required for all cloud implementations, and so is the IT requires further standardization of procedures (Kern &
project and portfolio management capability to Willcocks, 2001). The governance capabilities become
successfully implement the cloud solution taking into more important, because the organizational structures,
account all the (inter)dependencies. Legal expertise and processes and procedures need to become formalized and
risk and compliance management need to be in place in standardized as much as possible to improve the
order to ensure that as many legal and compliancy risks coordination. The technical area will also rise in relevance
are mitigated and minimized. The capabilities within the as the responsibility to provide the expertise for the
technical domain are more important in IaaS and PaaS technical standardization and integration of the different
arrangements than in SaaS arrangements, as the cloud cloud activities is within this area. It was suggested that
provider will be having more technical responsibilities in also in case of only in-house clouds, all 16 capabilities are
SaaS arrangements. The importance of the capabilities required, as public organizations will increasingly have to
within the supply area will therefore however increase in develop and professionalize their own internal
SaaS arrangements because of the increased dependency organization in such as way as if they would interact with
on the service provider. Also the capabilities within the the external market.
business area are more important in SaaS arrangements
given the critical business nature of the applications. IT Governance Structure
There are also differences between the control and An important organizational factor is whether the IT
capabilities required for private and public clouds, as in governance structure is centralized, decentralized or
the latter case there will be an increased emphasis on the federated, which was also found by Earl et al. (1996) and
capabilities within the supply area given the decreased Sambamurthy and Zmud (1999). In case of a centralized
control over a public cloud. IT governance structure, the capabilities in the technical
and supply area become more important as there will
Strategic Intent Underlying Cloud Sourcing typically be a focus on increasing standardization and
The strategic intent underlying cloud sourcing refers to efficiency. In case there is a decentralized IT governance
the benefits that are sought to be achieved by introducing structure, the capabilities in the business area will become
and implementing cloud services. In the US federal more important, as the IT function will be mainly
government all participating agencies can prioritize one or controlled by the decentralized business entities which are
more different strategic intents and according to their responsible for defining the cloud strategy and their
individual requirements, an appropriate cloud solution can specific cloud requirements. In a federated IT governance
be provided. In case the main focus is on cost reductions structure the control over the IT function is divided
and/or cost savings, the importance of the supply between central and decentral units, increasing the need
management capabilities such as financial control and for strong leadership and coordination (Hodgkinson,
contract management will increase to ensure that costs 1996). As such, the capabilities in the governance area
will be properly managed and the expected cost savings will increase in importance.
and reductions will be achieved.
In case the main focus is to improve the services to the
business by delivering more precisely on changing 5.3. Differences with regular IT Outsourcing
business requirements, the importance of the capabilities
within the business area will increase, as the functional There are several differences between the capabilities
requirements from a business perspective will have to be required for regular IT outsourcing services compared to
defined and translated to an appropriate cloud solution. those relevant for cloud sourcing. Given the dependency
on the service provider and that there are other risks
Degree and Complexity of Cloud Sourcing involved than in normal outsourcing arrangements, risk
and compliancy management and legal expertise are
ICST Transactions on e-Business
10 July-September 2012 | Volume 12 | Issues 7-9 | e4
11. Transformation to Cloud Services Sourcing: Required IT Governance Capabilities
important capabilities for cloud arrangements. These
risks, including security and privacy risks, also need to be Several interviewees indicated that uncoordinated
taken into consideration in the technical dimension with adoption of cloud computing and not having the required
additional capabilities such as data security management capabilities in place could increase the risks and undercut
and application lifecycle management. Some interviewees the financial benefits of cloud computing. As such,
indicated that cloud computing is changing the nature of governments need to adopt these capabilities when
the organization, providing more decentralized power to transforming their operations to cloud computing.
the business users and therefore also making the business Feeny and Willcocks’ governance framework of IT core
capabilities more important than in regular outsourcing capabilities framework was found to be appropriate to
arrangements. Because of this shift, it was also suggested customize it for cloud computing. Therefore we argue that
that certain capabilities within the supply domain, e.g. in general this framework will be useful as a starting
contract and service management, though relevant, were point, but further customization and detailing might be
less demanding roles than within regular outsourcing necessary to adopt it for a specific domain.
arrangements. Another important remark is that at some The analyses show that that there are differences between
point the cloud market will become more mature and the capabilities required for cloud services compared to
standardized in terms of legal contracts, security and those required for regular IT outsourcing services relating
compliance standards and that certain capabilities will to the fact that there are more uncertainties and risks
become less relevant over time when industry standards involved in cloud computing that need to be properly
and best practices become available. mitigated. Moreover, it was found that different factors
influence the importance of each of the cloud capabilities,
including the cloud service and deployment model, the
6. Conclusion strategic intent underlying cloud sourcing, the degree and
A cloud governance capability can be defined as a complexity of cloud sourcing and the IT governance
capability to effectively manage and govern the sourcing structure. The importance of the capabilities can also
of cloud services, measurable in terms of IT activities change over time.
supported, and resulting business performance. Different As the market for cloud services is still in its infancy and
core capabilities were required to manage the internal is expected to significantly evolve over the coming years,
cloud computing demand management process and the there are no best practices yet providing a definitive list of
external cloud service provider(s). These capabilities can required governance capabilities to manage cloud
be used by strategists and policy-makers to stimulate the arrangements and as such this model will need further
developments of capabilities needed by organizations to verification. Further quantitative research into the factors
manage their cloud providers. influencing the relevance and quality of these capabilities
Even though the importance of IT governance is often would also be of interest, including the question if, and to
underlined, there is very limited research literature what extent, the identified cloud governance capabilities
available regarding the required IT governance are different for private sector organizations.
capabilities that public sector organizations need to have
into place to successfully implement a cloud service
delivery model. This paper fills that gap by identifying the
IT governance capabilities that are required when References
introducing and implementing a cloud service delivery
model. Using the governance framework of IT core Barthélemy, Jérôme (2001). The Hidden Costs of IT
capabilities by Feeny and Willcocks (1998), 16 core cloud Outsourcing. Sloan Management Review, 42(3), 60-69.
capabilities are identified. These are: Bennet, K. H., Munro, M., Gold, N., Layzell, P. J., Budgen, D.
1) Cloud Leadership & Brereton, O. P. (2001). An Architectural Model for
Service-Based Software with Ultra-Rapid Evolution. Paper
2) Cloud Business Strategy and Policy
presented at the Proceedings of the 17th IEEE
3) Demand Management International Conference on Software Maintenance
4) Relationship Management (ICSM'01) Florence.
5) Architectural Design and Standards Borman, M. (2006). Applying multiple perspectives to the BPO
6) Data Security Management decision: a case study of call centres in Australia. Journal
7) Application Lifecycle Management of Information Technology, 21(2), 99-115.
8) IT Network Management Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J. & Brandi, I.
9) IT/Cloud Procurement (2009). Cloud computing and emerging IT platforms:
10) Risk and Compliance Management Vision, hype, and reality for delivering computing as the
5th utility. Future Generation Computer Systems, 25(6),
11) Legal Expertise
599-616.
12) User Support Chen, H. (2003). Digital Government: technologies and
13) Contract Management practices. Decision Support Systems, 34(3), 223-227.
14) Financial Control Dillon, T., Wu, C. & Chang, E. (2010). Cloud computing: issues
15) Service Management and challenges. Paper presented at the 24th IEEE
16) IT Project and Portfolio Management International Conference on Advanced Information
ICST Transactions on e-Business
11 July-September 2012 | Volume 12 | Issues 7-9 | e4
12. Joha et al.
Networking and Applications. Retrieved Mayer, K. J. & Salomon, R. (2006). Capabilities, contractual
from http://xml.ice.ntnu.edu.tw/JSPWiki/attach/Focusardi/ hazards, and governance: Integrating resource-based and
Cloud%20Computing%20Issues%20and%20Challenges.p transaction cost perspectives. Academy of Management
df Journal, 49(5), 942-959.
Earl, Michael J., Edwards, Brian & Feeny, David F. (1996). NIST. (2011a). Draft Cloud Computing Synopsis and
Configuring the IS function in Complex Organizations. In: Recommendations. Retrieved 5 November, 2011,
Earl, Michael J., Information Management: the from http://csrc.nist.gov/publications/drafts/800-
Organizational Dimension, Oxford University Press. 146/Draft-NIST-SP800-146.pdf
Feeny, D. F., Lacity, M. & Willcocks, L. P. (2005). Taking the NIST. (2011b). NIST Cloud Computing Standards Roadmap.
Measure of Outsourcing Providers: Successful outsourcing Retrieved 5 November, 2011,
of back office business functions requires knowing not from http://collaborate.nist.gov/twiki-cloud-
only your company’s needs but also the 12 core computing/pub/CloudComputing/StandardsRoadmap/NIS
capabilities that are key criteria for screening suppliers. T_SP_500-291_Jul5A.pdf
Sloan Management Review, 46(3), 41-49. NIST. (2011c). The NIST Definition of Cloud Computing.
Feeny, D. & Willcocks, L. P. (1998). Core IS Capabilities fo Retrieved 5 November, 2011,
Exploiting Information Technology. Sloan Management from http://csrc.nist.gov/publications/nistpubs/800-
Review, 39(3), 9-21. 145/SP800-145.pdf
Gonçalves, V. & Ballon, P. (2011). Adding value to the Olsen, E. R. (2006). Transitioning to Software as a Service:
network: Mobile operators’ experiments with Software-as- Realigning Software Engineering Practices with the New
a-Service and Platform-as-a-Service models. Telematics Business Model. Paper presented at the IEEE International
and Informatics, 28(1), 12-21. Conference onService Operations and Logistics, and
Gonzalez, R., Gasco, J. & Llopis, J. (2006). Information systems Informatics, 2006 (SOLI '06).
outsourcing: A literature analysis. Information & Project Management Institute (2000). A Guide to the Project
Management, 43, 821-834. Management Body of Knowledge (PMBOK guide). Project
Hillenaar, M. (2010). Rationalisering en groen om ICT kosten te Management Institute, USA.
besparen. Retrieved 11 November, 2011, Rosenthal, A., Mork, P., Li, M. H., Stanford, J., Koester, D. &
from http://www.ratioconsultants.nl/?p=979 Reynolds, P. (2010). Cloud computing: A new business
Hodgkinson, Stephen L. (1996). The Role of the Corporate IT paradigm for biomedical information sharing. Journal of
Function in the Federal IT Organization. In: Earl, Michael Biomedical Informatics, 43(21), 342-353.
J., Information Management: the Organizational Sääksjärvi, M., Lassila, A. & Nordström, H. (2005). Evaluating
Dimension, Oxford University Press. the software as a service business model: From CPU time-
Janssen, M. & Joha, A. (2010). Connecting cloud infrastructures sharing to online innovation sharing. Paper presented at
with shared services. Paper presented at the Proceedings the IADIS International Conference e-Society 2005.
of the 11th Annual International Digital Government Sambamurthy, V. & Zmud, R. W. (1999). Arrangements for
Research Conference on Public Administration Online: Information Technology Governance: A Theory of
Challenges and Opportunities, Pueblo, Mexico. Multiple Contingencies. MIS Quarterly, 23(2), 261-290.
Kern, T. & Willcocks L.P. (2001). The Relationship Advantage: Weill, P. & Ross, J. W. (2005). A matrixed approach to
Information Technologies, Sourcing, and Management, designing IT governance. MIT Sloan Management Review,
Oxford University Press. 46(2), 26-34.
Kundra, V. (2010). 25 Point Implementation Plan to Reform Willcocks, L. P. & Feeny, D. (2006). IT outsourcing and core IS
Federal Information Technology Management. capabilities: challenges and lessons at Dupont.
Kundra, V. (2011). Federal Cloud Computing Strategy. Information Systems Management, 23 (1), 49-56.
Lacity, M., Feeny, D. & Willcocks, L. P. (2006b). The twelve Willcocks, L. P. Feeny, D., & Olson, N. (2006). Implementing
supplier capabilities: part II. Arlington, MA., USA: core IS capabilities: Feeny-Willcocks IT governance and
Cutter Consortium. management framework revisited. European Management
Lacity, M., Willcocks, L. P. & Feeny, D. (2006a). The twelve Journal, 24 (1), 28-37.
supplier capabilities: part I. Arlington, MA., USA: Cutter Willcocks, L. P. & Kern, T. (1998). IT Outsourcing as Strategic
Consortium. Partnering: The case of the UK Inland Revenue. European
Lee, J. N., Huynh, M. Q., Kwok, R. C. W. & Pi, S. M. (2003). Journal of Information Systems, 7(1), 29-45.
IT Outsourcing Evolution. Past, Present and Future.
Communications of the ACM, 46(5), 84-89.
ICST Transactions on e-Business
12 July-September 2012 | Volume 12 | Issues 7-9 | e4