SoftArc Engineering Ltd is an Australian based company operating in the civil engineering domain working across Indonesia as well as Australia. The company wishes to close down its data Center based in Brisbane and move the services and data based out of that Center to the new Center in Sydney. Their newer Center is much more capable and in line with the new software and systems. The web services are moving to the cloud based platform and this is exactly what this document covers.
The architecture of choice would be a hybrid model as it aligns well with the business strategies of SoftArc. It is a kind of a cloud based model which has advantages from both the models. This means that it also has the advantages of a traditional infrastructure as well as a cloud based infrastructure. As such, this integrated cloud based model works in a way that certain parts of information that is connected to the data center should be stored on premise and that the rest of the information be pushed on the cloud. It is the exact model which will allow SoftArc to enhance their capabilities by easily merging and aligning with their rest of the components as per the requirements of business and the strategy they follow (Tarannum, & Ahmed, 2013).
The delivery model for SoftArc Engineering Ltd that would be used in this case would be IaaS or Infrastructure as a Service. The reason for the choice is made obvious from the points presented below:
- It is this model that would allow the user to tailor their platform and software requirements easily because they would control nearly every single aspect of the system.
- The model would also allow the system administrators of SoftArc Engineering Ltd to scale up and down their architecture and associated components as per their company’s needs.
- The overall costs associated with this model is considerably lower as compared to building of that infrastructure in the first place.
- Distributed resources would be used with this model.
Pros and Cons of Implementing the Hybrid Cloud
There are several advantages of implementing a Hybrid Cloud over a traditional infrastructure as well as a traditional cloud. To begin with, a Hybrid model would ultimately demand lesser upfront investments in terms of the infrastructure which is quite crucial allowing the money to be spent on other key areas. The security associated with the Hybrid model is better given the fact that cloud computing providers ultimately have come a long way in strengthening their security because that’s among the first things that makes them a legitimate alternative. The flexibility of the firm would improve and the dependency on the company’s rigid infrastructure would decrease making the platform and services that run on top of the infrastructure fluid as it can be scaled up and down easily. It also provides a heightened state of overall accessibility that ultimately leads to an improved customer satisfaction. (Boava, & Iano, 2016).
However, there are some issues that the company would need to be made aware before getting into this. First of all, the organization would be requiring to upgrades and patches of the entire platform and the software that run on top of it. This would make it seem like that it’s not a complete outsourcing of the IT problems to a 3rd party company. At the same time, the company would need to maintain and upgrade database systems, tools, other information systems and operating systems and servers that run on top of it. With IaaS, legal regulations also come into the picture as the company’s data is being stored in an off-premise and possibly out of the country. The company would always require extremely high-bandwidth based data connection so that the software and systems within the organization function properly.
Risks Profile and its Counter Measures
Although the security posture of the infrastructure could be better than what the company’s traditional IT infrastructure, this does not mean that it carries any less risk in terms of security.
Name of the Risk
One of the important features that is included with this hybrid model is of its multi-tenancy. This means that the infrastructure provider would be renting out the same set of infrastructures which is at the backbone of the softarc’s infrastructure to other companies. This is something that makes it risky for Softarc. There could be scenarios where multiple users are connected to the same infrastructure from different companies and are ultimately sharing the same backbone infrastructure, the same memory, the same database and equipment. Now, if there is a security incident with any of the company’s infrastructure then it could threaten the well-being of Softarc’s state of data, software and services. (Padmavathi, 2016).
The SLA’s should be read well and the company should create virtual boundaries and segregate another company’s data and services such that one has nothing to do with another. At the same time, they should employ anti-virus, intrusion detection system, firewall among others.
Cost and Schedule Risks
Owing to a lot of complications involved with a hybrid model, it becomes difficult to effectively calculate the cost.
It would require a thorough planning in order to estimate an approximate costing and schedule estimations.
A lot of private, confidential and sensitive information would be stored on a remote server that could further be offloaded to a different country and hence it bears legal issues.
The legal planning should be done well in advanced to make sure there is no legal vulnerability presented later on.
Since the data is communicated to a remote server, this inherent nature of operation brings a lot of security issues and vulnerabilities. These exposes the company to a range of attacks such as network attacks, ddos attacks, data sniffing, insider threats and security vulnerabilities present in the infrastructure service provider.
It would involve enhancing the overall security posture to combat the security issues. These incude performing a range of strengthening services on the software side as well as implementing a thorough technical and administrative controls.
Data Ownership and Authority Risks
Hybrid cloud would be composed of many different users and the issue of data ownership arises.
Data ownership can be countered by effectively implementing user roles and privileges.
Components and Requirements
Given the nature of deployment of SoftArc data and service it is imperative that their high availability requirements should be taken care of effectively. The following shall be done so in that effect (Varadharajan, & Tupakula, 2016) :
- Fault tolerance would be installed so as to make sure there is no single point of failure.
- Adherence to best practices and pre-defined standards.
- Ample cloud storage solutions
Backup and Disaster Recovery Plan
In order to protect the data and limit the disruption of services, an effective disaster recovery planning should be done. The backup would be done in two different modes that is intermittent and complete. The backups would be done in a remote location. The entire plan would be made such that any major incident should be recovered in less than 2 hours.
Remote Server Administration
Administrators would provide the ability to monitor the hybrid cloud remotely and execute a certain number of actions without anybody’s consent such as scaling of system resources or shutting down certain components of the infrastructure. (Tarannum, & Ahmed, 2013).
There would be several human resources that are applied to the management of the hybrid cloud. These includes system administrators, people to monitor the network usage, people to monitor the state of the system and finally people who monitor any important security incidents that may be happening in real-time.
Following is how the SLA would be managed for SoftArc:
- A list of services agreed between the cloud provider and softarc.
- Responsibilities and duties associated with the project’s resources.
- Internal partners and their involvement.
- The exact state of system, infrastructure features and resources allocated for the system.
Migration of Sharepoint to Cloud
The sharepoint server would be moved to an AWS cloud as it’s among the most robust and cost-effective solutions from small-scale companies to large scale organizations. Following is the process that would be followed:
- A complete plan of the migration along with defining of scope, objectives, assumptions and requirements.
- Analysis of risks and it’s counter strategy. (Sekaran, & Krishna, 2016)
- Migration of system should happen in phases to minimize downtime and streamline the transition.
- Continous validation of data and system performance would be carried out.
SoftArc has taken up a bold move to shift towards a hybrid model of operation. In doing so the company would not only greatly reduce the cost of traisition by saving upon upfront investments but would also enhance their day-to-day operation by making it quicker and more streamlined. There are many benefits provided by this model and on the other hand there are it’s downsides, however with proper care and due diligence it could be kept to a minimum.
Al-Rashedi, A. (2014). E-Government Based on Cloud Computing and Service-Oriented Architecture. International Journal Of Computer And Electrical Engineering, 6(3), 201-206.
Varadharajan, V., & Tupakula, U. (2016). On the Design and Implementation of an Integrated Security Architecture for Cloud with Improved Resilience. IEEE Transactions On Cloud Computing, 1-1.
Padmavathi, B. (2016). Implementation of IOT Based Health Care Solution Based on Cloud Computing. International Journal Of Engineering And Computer Science.
Sekaran, K., & Krishna, P. (2016). Big Cloud: a hybrid cloud model for secure data storage through cloud space. International Journal Of Advanced Intelligence Paradigms, 8(2), 229.
Boava, A., & Iano, Y. (2016). Secure Inter-Cloud architecture for virtual cloud computing based on hybrid IP and MPLS infrastructure solution. IEEE Latin America Transactions, 14(7), 3490-3495.
Gordon, A. (2016). The Hybrid Cloud Security Professional. IEEE Cloud Computing, 3(1), 82-86.
Tarannum, N., & Ahmed, N. (2013). Efficient and Reliable Hybrid Cloud Architecture for Big Database. International Journal On Cloud Computing: Services And Architecture, 3(6), 17-29.