Cloud Migration Plan
1. Executive Summary (< 1 page)
2. Scope (<1 page)
a. Overview (<1 page
b. Cloud Migration prerequisites
3. Cloud Premigration Considerations (<1 page)
4. Cloud Migration Planning Assessment Tools (1–2 pages)
a. Feature Comparison
b. Evaluation Summary
5. AWS Application Discovery Services (1–2 pages)
a. Agent-Based Option
b. Agentless Option
6. Evaluation of Discovered Application and Infrastructure Data (1–2 pages)
7. Migration Recommendations (2–3 pages)
8. Conclusion (<1 page)
Running head: CLOUD ADOPTION POLICY 1
CLOUD ADOPTION POLICY 7
Cloud Adoption Policy
CCA 630
August 6, 2021
Table of Content
Executive Summary3
Policy Scope4
a. Overview4
b. List of Approved "Cloud-Ready" Applications4
Alignment with Existing IT policies5
Growth Projections Analysis6
Service-Level Agreements in the Cloud7
Data Security, Privacy, and Governance8
Cloud Vendor Governance Strategy9
Business and Technical Impact10
Exit Strategy12
Resources and Escalation Contacts13
References14
Executive Summary
The purpose of the report is the prepare the adoption policy for the cloud, analyze the growth trends, address security, performance as well as compliance, developing the cloud vendor as well as governance strategy, impact analysis as well as developing the existing strategy. The cloud-ready application is IaaS, SaaS, and PaaS and the provider of these services is AWS. Cloud computing services positively influence the performance of the company and decrease the cost. So the company needs to focus on cloud computing. The service-level agreement will include that the service provider will give the maintenance service to all company departments. Furthermore, the positive impact of cloud computing is that it secure collaboration, faster communication, decreases software costs, accessibility as well as unlimited scalability. For an exit strategy, BallotOnline needs to merge with other similar organizations because it helps to increase the efficiency of both the company. In the vendor strategy, the company needs to increase the communication with the vendor to build a strong relationship.
Policy Scopea. Overview
Cloud computing refers to the delivery of the services related to computing that include databases, software, intelligence, servers, networking, storage, as well as analytics over the cloud to provide flexible resources, scale economies as well as more flexible resources. The main advantage of cloud computing is that it will increase performance, improve services as well as lower cost (Almajalid, 2017). Furthermore, it exposes the organizations and individuals to threats that include unauthorized access, data theft, or loss, as well as other threats. The cloud adopting policy makes sure that the services of cloud will not be utilized without the knowledge of ...
1. Cloud Migration Plan
1. Executive Summary (< 1 page)
2. Scope (<1 page)
a. Overview (<1 page
b. Cloud Migration prerequisites
3. Cloud Premigration Considerations (<1 page)
4. Cloud Migration Planning Assessment Tools (1–2 pages)
a. Feature Comparison
b. Evaluation Summary
5. AWS Application Discovery Services (1–2 pages)
a. Agent-Based Option
b. Agentless Option
6. Evaluation of Discovered Application and Infrastructure Data
(1–2 pages)
7. Migration Recommendations (2–3 pages)
8. Conclusion (<1 page)
Running head: CLOUD ADOPTION POLICY
1
CLOUD ADOPTION POLICY
7
Cloud Adoption Policy
CCA 630
August 6, 2021
2. Table of Content
Executive Summary3
Policy Scope4
a. Overview4
b. List of Approved "Cloud-Ready" Applications4
Alignment with Existing IT policies5
Growth Projections Analysis6
Service-Level Agreements in the Cloud7
Data Security, Privacy, and Governance8
Cloud Vendor Governance Strategy9
Business and Technical Impact10
Exit Strategy12
Resources and Escalation Contacts13
References14
Executive Summary
The purpose of the report is the prepare the adoption policy for
the cloud, analyze the growth trends, address security,
performance as well as compliance, developing the cloud
vendor as well as governance strategy, impact analysis as well
as developing the existing strategy. The cloud-ready application
is IaaS, SaaS, and PaaS and the provider of these services is
AWS. Cloud computing services positively influence the
performance of the company and decrease the cost. So the
company needs to focus on cloud computing. The service-level
agreement will include that the service provider will give the
maintenance service to all company departments. Furthermore,
the positive impact of cloud computing is that it secure
collaboration, faster communication, decreases software costs,
accessibility as well as unlimited scalability. For an exit
strategy, BallotOnline needs to merge with other similar
organizations because it helps to increase the efficiency of both
the company. In the vendor strategy, the company needs to
increase the communication with the vendor to build a strong
relationship.
3. Policy Scopea. Overview
Cloud computing refers to the delivery of the services related to
computing that include databases, software, intelligence,
servers, networking, storage, as well as analytics over the cloud
to provide flexible resources, scale economies as well as more
flexible resources. The main advantage of cloud computing is
that it will increase performance, improve services as well as
lower cost (Almajalid, 2017). Furthermore, it exposes the
organizations and individuals to threats that include
unauthorized access, data theft, or loss, as well as other threats.
The cloud adopting policy makes sure that the services of cloud
will not be utilized without the knowledge of CIO's or IT
Manager. Employees must not access the accounts of cloud
service as well as invade into the agreements of cloud service
for alteration, exchange, or storing of organization-related
connectivity or organization-owned information without the
approval of the CIO or IT Manager (Attaran & Woods, 2019). It
is important to secure the confidentiality and integrity of
BallotOnline information as well as corporate network security.
The IT policy will apply to every worker in every department of
BallotOnline Corporation, with no exceptions. The IT policy
covers all exogenous cloud services such as Infrastructure-as-a-
Service (IaaS), document storage, cloud-based email, Platform-
as-a-Service (PaaS), Software-as-a-Service (SaaS), and so on.
However, personal accounts on cloud services are not permitted.
b. List of Approved "Cloud-Ready" Applications
The cloud ready applications are (SaaS) Software-as-a-service,
(PaaS) Platform-as-a-Service, (FaaS) Function-as-a-Service,
(IaaS) Infrastructure-as-a-Service. Server of on-premises to the
environment of cloud provider’s and from the cloud of public to
the environment of private cloud (Mohammed & Zebaree,
2021). Alignment with Existing IT policies
The IT policy for Cloud computing is that while using the
service of cloud computing for the work, the worker/employees
should formally permit by the CIO and IT manager of the
4. BallotOnline. Without the approval of the IT manager, it cannot
be used (Wilczyński & Kołodziej, 2020). The Manager of IT
will also certify that privacy, security as well as other
requirements of IT management will be properly addressed by
the vendors of cloud computing because that will help decrease
the error. Secondly, when the cloud service needs the users to
accept the terms then these types of agreements should be
approved as well as reviewed by the CIO and IT manager (Knud
Brandis, Dzombeta, Colomo-Palacios, & Stantchev, 2019).
There is the cause that source service can negatively influence
the security of BallotOnline company, so, it is important for to
IT manager to approved and reviewed such agreements to
protect the company from theft, data loss, and unauthorized
access of the company networks. Thirdly, Employees of the
BallotOnline should take caution while downloading or opening
the attachments of email sent to the third unknown party
because these attachments may contain viruses as well as
malware that can degrade or damage the computer network or
system of the BallotOnline. Fourthly, the workers of
BallotOnline should not share their log-in information with
other co-workers. For the sake of business continuity, the
department of IT will maintain a confidential file detailing the
account details. Fifth, all the regulations, as well as laws
regulating the management of confidential information,
company financial information as well as any other information
collected or owned by the BallotOnline, must be followed when
using the services (Dobkin, 2018). Sixthly, the CIO or IT
manager of BallotOnline will decide whether the data may not
or may be stored or backed up to the system of Cloud
computing. Furthermore, personal accounts cannot be utilized
by the user for storing their personal information, exchange, or
manipulation of BallotOnline-owned data or BallotOnline-
related communications. The BallotOnline will also have the
right and authority to audit the networks as well as the computer
system to make sure the employees of the company are
complying with their policy (Widjaja, Chen, Sukoco, & Ha,
5. 2019). Moreover, workers using the network systems and
computers of BallotOnline should respect the personal rights as
well as privacy of other workers at the organization.Growth
Projections Analysis
The BallotOnline historical growth elements are users, network
switches, data storage as well as servers. In the year 2012/13,
the total number of users are one hundred and fifty thousand,
the servers are seventy-five, the network switched are four, and
the data storage capacity was 200TB. In the year 2013/14, the
data storage increase to 400TB, network switched increased to
8, servers increased to one-fifty, and the total number of users
increased to two hundred and fifty thousand. In the 2014/15
years, the total number of users increases by "four hundred
thousand," servers increased by "two-fifty," network switches
increased to fifteen, and data storage improved by "four fifty."
In the 2015/16 year, the storage increased to 1PB; servers
switched to 18, servers to 550, and users to seven-fifty thousand
(Linthicum, 2017). Furthermore, historical growth trends show
that data storage improved to 2.5PB, the total number of users
to one million and five hundred thousand as well as servers to
1,100.
On the other hand, as per recommendation, the growth of the
project will increase by ten percent every year. So in the
2017/16 year, the user will increase by 10 percent, and the total
user would be one million and six-fifty thousand. The data
storage capacity will increase up to 2.75 PB, and the servers
will increase up to 1,210, and the network switches will
increase up to 33. In the next year, the server will be 1331,
network switched would be 36.6, users would be "1, 815, 000,"
and the storage would be 3.025 PB. In the third year, the
network switches will increase to 40.26, storage will increase to
3.3275PB, the user will increase to 1,996,500, and the servers
will increase to 1464.1. In the fourth year, the storage would be
3.66025PB; network switches would be 44.286; servers would
be 1610.51, and users would be 2,196,150. In the fifth year,
servers would be 1771.561; storage would be 4.026275PB, users
6. would be 2,415,765, and network switched would be 48.7146.
As the user, storage, network switches increase leads to the
growth and revenue of the company.
Service-Level Agreements in the Cloud
A service-level agreement refers to a performance bond
negotiated between the client and provider of cloud services. It
is also known as an external-service agreement. There are three
different levels in the service-level agreement, and those are
customer-based, multilevel, and service-based SLA. The cloud
service provider is AWS, and it is responsible for maintenance
services to all departments of the organization. There are many
ways through which a company can get benefit from the cloud
and those that it improves the company's IT security and
increase the margins & competitiveness (Badshah, Ghani,
Shamshirband, Aceto, & Pescapè, 2020). Through cloud
computing, the company can improve security without spending
a huge amount of capital. The cloud-ready items are IaaS,
document storage, cloud-based email, PaaS, FaaS, and SaaS.
IaaS is a type of cloud service that provides basic connection,
compute as well as storage infrastructure to customers over the
online platform. SaaS refers to the method of delivering the
software-as-a-service via the internet. Rather than maintaining
and installing software, simply accessible through the internet
is also an option (Nayyar, 2019). It helps the company to free
itself from complex hardware and software management. PaaS
offers a computing platform such as a computer language
implementation environment, web browser, database server, and
so on. When a company uses the cloud services such as PaaS,
IaaS, SaaS, then it improves the efficiency and productivity of
the business without losing the important information and
sacrificing the budget.Data Security, Privacy, and Governance
There are several data security and privacy issues in PaaS, IaaS
as well as SaaS. The IaaSsecurity issues are misconfiguration,
Data encryption is disabled, and Cloud accounts that are not
legitimate. The first security issue is a misconfiguration. When
cloud server is setting up, IT staffers don't configure their
7. security standards or authentication, leaving the sensitive
information to unauthorized access. Therefore, it is important to
double-check the security setting in other to save the company
data. The second issue is that data encryption is disabled. Data
is vulnerable to theft as well as illegal users if it is not
encrypted (Ahmed & Zakariae, 2018). Encryption is critical for
information in motion when data is migrated between cloud-
based resources as well as on-premises and between the
applications of the cloud. Companies can have utilized their
passwords or those that are provided by the provider of the
service. The third risk is that cloud accounts that are not
legitimate. Unwarranted utilization of Cloud computing services
is not only happening with SaaS but also with IaaS. This issue
occurs when the worker wishes to utilize a resource or
application that is not provided by the employer as well as end
up utilizing the provider of the cloud without information from
the IT department (Henry & ALI, 2017). More security issues in
IaaS and those are; Cloud workloads, as well as accounts, are
being formed without the knowledge of IT, Inadequate regulate
over who has access to sensitive information, Malicious actor
steals data stored on cloud technology, a scarcity of personnel
with the necessary skills to protect cloud infrastructure,
Inadequate visibility on what information is stored in the cloud,
Lack of ability to protect malicious data breaches or
mishandling, and Inconsistency in security controls across
multi-cloud as well as on-premises environments (Saxena &
Dave, 2020). The security issues in SaaS are as follows;
Inadequate transparency into what information is contained
within cloud computing, Security breaches from a cloud service
by malware, Inadequate regulation over who has access to
sensitive information, Lack of ability to track information as it
travels to as well as from database systems, Cloud applications
that are configured from outside IT accessibility, a scarcity of
personnel with the necessary skills to control cloud security
features, Advanced risks as well as attacks on the cloud-based
providers, and Incapability to comply with regulatory
8. requirements. Since most key security accountability designs
leave information as well as access as the primary responsibility
of SaaS consumers (Sen & Tiwari, 2017). It is the responsibility
of every company to recognize what information the company
placed on the server, who can access the information as well as
what degree of security they have implemented. Moreover, as
the PaaS is premised on the concept of exchanging information,
security issues are typically focused on the data that
cybercriminals can acquire during a security breach. There is
the case that additional security concerns may arise if the
cybercriminals change configurations as well as gain
unapproved access. Furthermore, if the PaaS platform's self-
service entitlements and security controls are not properly
configured, they may create a threat. Cloud Vendor Governance
Strategy
Cloud vendor strategy enables the company to build a strong
long-term relationship with the service providers, which
strengthens both parties. The cloud vendor strategy should be
constructed to give a win-win situation for both parties.
Therefore, the main vendor of BallotOnline is Amazon-web-
services (AWS) that provide a mixture of PaaS, SaaS, and IaaS
services (Sharma, Nigam, & Sharma, 2020). The company needs
to build a strong relationship with the vendor because it plays a
vital role in increasing the efficiency of the company. In the
cloud vendor strategy, the company needs to be loyal to the
vendor; however, it should also receive bidding from other
competitors because there may be the case that the current
vendor defaults which can negatively influence the company
efficiency. So, having other competitors helps the company on
saving their time as well as data. Furthermore, the company
needs to build a strong long-term relationship with the vendor
because it will save company costs and leads to other benefits
that include preferential treatment and trust. The cloud
governance strategy will involve cost management, security as
well as resource usage. The board of the company needs to
make a policy that notifies the workers to safeguard the system
9. from different security threats. When the cloud system is saved
from security threats, then that positively influences the
performance of the company (Al-Ruithe & Benkhelifa, 2017).
Furthermore, the company needs to ensure that the cloud service
that the company is using is cost-efficient or not. Because every
company claims that its service is cost-efficient, but the
company is responsible for building a policy through which it
can evaluate the service is cost-efficient or not.Business and
Technical Impact
Cloud computing has a positive impact on the business because
it faster communication, secure collaboration, decrease software
costs, unlimited scalability as well as accessibility. Firstly, it
increases the speed of the communication. The technology of
the cloud provides enhanced as well as affordable business
communications. Faster communication along with more
alternatives can enhance the transition to a distributed network
that is becoming incredibly common for several businesses.
Cloud service providers are taking advantage of this pattern by
providing reliable as well as cost-effective Internet protocol
links, allowing supervisors to share information with employees
around the world in several different ways (Alshouiliy &
Agrawal, 2021). Since the cloud enhances dependability and
speed, workers can easily work using smartphones as well as
tablets without losing the data. Conference calls with staff
members are rapidly getting increasingly standard practice. The
new communication model includes built-in call parking,
forwarding, blocking, screening, caller ID, free calling service
between the employees, and so on. On-screen as well as video
communication are not getting commonplace for many
companies of all sizes. The second positive impact of cloud
computing is that it secures collaboration. Business software,
like other software, undergoes the cycle of upgrading for
security fixes, additional features as well as infrequent bug
fixing. Computing places a burden for improvement on the
provider of cloud software that can aid in the efficiency of
technical support (Langmead & Nellore, 2018). Collaboration is
10. indeed a crucial component of several companies, as well as
cloud technology can provide quick, convenient, as well as
reliable collaboration for group members all over the world.
Any team member can obtain data in the server at every moment
for evaluation, updates, or suggestions. Moreover, numerous
individuals can obtain the very same document or task at the
very same time, allowing collaboration more reliable as well as
quick. The third positive impact of cloud computing on the
business is increasing accessibility. Computing can give
convenient access to information, project work, as well as
important company technology from any part of the globe with a
high-speed internet connection. Experts no longer need to
handle a full range of office software as well as related software
in a computer or laptop with them. They can, however, utilize
any device that has a search engine (Lakshmisri, 2019). If a
laptop or computer is stolen or fails, experts can continue
working as quickly as they obtain a replacement device. Since
the software is already stored in the "cloud," the company did
not have to worry about configuring and replacing the stolen or
lost application software. Cloud clouding also decreases
software costs because the company does not require purchasing
different software applications. After all, applications of cloud
computing are free and do not require any capital. Another
positive impact of cloud computing is its unlimited scalability.
Unlimited scalability would be the primary advantage of cloud
services because it allows the user to scale resources up or
down depending on the requirement of the company. Firms do
not require being concerned about future expectations because
they can conveniently obtain additional information at any time.
Furthermore, if a company expands, the cloud can easily scale
to meet consumer demands (Brataas, Herbst, Ivansek, &
Polutnik, 2017).Exit Strategy
The exit strategy is a strategy put in place by company owners,
shareholders, merchants, or private investors to restructure their
rank in an investment property whether certain conditions are
met. An exit strategy describes how a shareholder intends to
11. exit a particular investment. Agreement terminations in cloud
computing can arise for several causes. Due diligence
necessitates companies to develop an exit strategy for what
occurs if a service provider of the cloud does not perfor m as
expected. An exit strategy should specify the steps that must be
taken to dispose of the company's information (Karkošková,
2018). Every organization that is using the cloud system needs
the cloud exit strategy because when it will make sure that the
service can be replicated or replaced by the company efficiently
& effectively, without any disruption. As the company is using
IaaS, PaaS, SaaS, so the company is required to make a plan to
replace these technologies. The IaaS is the software that the
company uses through a third party. When the vendor is
involved in any situation, then the company needs an exit
strategy to over company with the default situation. This
company needs to find another vendor that provides the
company IaaS software in the case of default and also increases
the efficiency of the company. Because when the company
already takes the necessary measurement, then it can save the
company from data default. The company needs to transfer the
data to other software, so the company needs to ensure the
security process.
The second technology that the company is using is SaaS which
includes networking, virtualization, and storage services (Daim,
Bukhari, & Bakry, 2021). For SaaS technology as the company
needs Google Apps and Salesforce. Furthermore, the third cloud
technology that BallotOnline is utilizing is "PaaS." PaaS is the
software and hardware tools that are available via the internet.
Windows Azure is the PaaS software that is used by the
company. For the existing strategy, the company needs to apply
a merger and acquisition strategy. This means BallotOnline will
merge with other similar organizations. Merging with a similar
company that provides all the cloud computing service leads to
a win-win situation because merging saves many resources for
both the company and helps them increase the efficiency and
growth of the company.Resources and Escalation Contacts
12. Escalation refers to the request that is made by the customers.
The escalation service resources of BallotOnline are Multi -
vendor support, compatibility guide, StorageCare service,
StorNext Licensing, and Customer service portal.
The Escalation Contacts:
North America: 1-732-495-5300
Asia Pacific: +604-9587-3010
EMEA: +804-8267-8484
References
Ahmed, A., & Zakariae, T. (2018). IaaS cloud model security
issues on behalf cloud provider and user security behaviors.
Procedia computer science, 328-333.
Almajalid, R. (2017). A survey on the adoption of cloud
computing in education sector. arXiv preprint
arXiv:1706.01136.
Al-Ruithe, M., & Benkhelifa, E. (2017). Analysis and
classification of barriers and critical success factors for
implementing a cloud data governance strategy. Procedia
computer science, 223-232.
Alshouiliy, K., & Agrawal, D. (2021). Confluence of 4g lte, 5g,
fog, and cloud computing and understanding security issues.
Fog/Edge Computing For Security, Privacy, and Applications,
3-32.
Attaran, M., & Woods, J. (2019). Cloud computing technology:
improving small business performance using the Internet.
Journal of Small Business & Entrepreneurship, 495-519.
Badshah, A., Ghani, A., Shamshirband, S., Aceto, G., &
Pescapè, A. (2020). Performance-based service-level agreement
in cloud computing to optimise penalties and revenue. IET
Communications, 1102-1112.
Brataas, G., Herbst, N., Ivansek, S., & Polutnik, J. (2017).
Scalability analysis of cloud software services. 2017 IEEE
International Conference on Autonomic Computing (ICAC).
Daim, T., Bukhari, E., & Bakry, D. (2021). Forecasting
Technology Trends through the Gap Between Science and
13. Technology: The Сase of Software as an E-Commerce Service.
AND STI GOVERNANCE.
Dobkin, A. (2018). Information fiduciaries in practice: data
privacy and user expectations. Berkeley Tech.
Henry, S., & ALI, M. (2017). Cloud Computing Security
Threats and
Solution
s. i-manager's Journal on Cloud Computing.
Karkošková, S. (2018). Towards Cloud Computing Management
model based on ITIL processes. Proceedings of the 2nd
International Conference on Business and Information
Management.
Knud Brandis, Dzombeta, S., Colomo-Palacios, R., &
Stantchev, V. (2019). Governance, risk, and compliance in
cloud scenarios. Applied Sciences.
Lakshmisri, S. (2019). Software as a service in cloud
computing. International Journal of Creative Research Thoughts
(IJCRT), 2320-2882.
Langmead, B., & Nellore, A. (2018). Cloud computing for
genomic data analysis and collaboration. Nature Reviews
Genetics, 208-219.
Linthicum, D. S. (2017). Connecting fog and cloud computing.
IEEE Cloud Computing, 18-20.
Mohammed, C. M., & Zebaree, S. (2021). Sufficient comparison
14. among cloud computing services: IaaS, PaaS, and SaaS: A
review. International Journal of Science and Business, 17-30.
Nayyar, A. (2019). Handbook of Cloud Computing: Basic to
Advance research on the concepts and design of Cloud
Computing. BPB Publications.
Saxena, A. B., & Dave, M. (2020). IAAS Service in the Public
Domain: Impact of Various Security Components on Trust.
Information and Communication Technology for Sustainable
Development, 789-797.
Sen, A. K., & Tiwari, P. K. (2017). Security Issues and