Cloud Computing Services – Project Migration to Cloud with Security Compliance and FedRamp Response (2016)
Security Compliance Dissertation – This final research project provides an overview of business practices for federal agencies to consider when preparing for a migration to the Cloud. It provides Program Managers (PMs) with actionable guidance for the planning and solicitation of their products or services through a Systems Integrator (SI) into an environment hosted by a Cloud Service Provider (CSP). Being a PM is a privilege, and as such, you must constantly think about how each activity or event impacts your program baseline.
Successfully accomplishing this requires the use of innovative strategies to meet changing budgetary realities while remaining responsive to the needs of your mission partners. To assist the PM in planning the transition earlier in the program lifecycle and to successfully execute transition to a CSP, this guide documents best practices and lessons learned along with suggested processes. Additionally, it is crucial to your program’s success to collaboratively engage your stakeholders throughout the acquisition lifecycle to improve IT capability delivery and Mission Partner satisfaction. Considerations for planning a migration to the Cloud include:
- Knowing your current architecture and developing a technology program/project schedule
- Developing a plan to migrate products and/or services to the cloud to include capacity management, performance metrics, and historical contractual costs
- Service Level Agreements (SLA)
- 11,000 words – 38 pages in length
- Good use of literature
- Good analysis of subject area
- Well written throughout
- Ideal for computing and network students
1 – Introduction
Federal Risk and Authorization Management Program (FedRAMP)
DoD Provisional Authorization
2 – What Is This Cloud Computing Stuff?
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
3 – Decision Flow for Migrating Information Technology Systems in the Cloud
4 – Threats and Challenges of Cloud Computing Migration
5 – Technical / Business Requirements Considerations
Private Cloud
Public Cloud
Hybrid Cloud
Enterprise to Cloud to Enterprise
End User to Cloud
Enterprise to Cloud
6 – Develop the Business Case Analysis
Decision Making related to Cloud
Introduction of Overview
Assumptions, constraints, and evaluation methodologies
7 – Cloud Computing Security Risks and Threats
Virtualization Related Vulnerabilities
Externalizing Data to the Internet
Insider Threat
Lack of Physical Control and Oversight
Insecure Application Programming Interfaces (APIs)
Account, Service, or Traffic Hijacking
Mitigation Strategies in Securing the Cloud in Security Breach Era
8 -Business Challenges of Cloud Computing Migration
Service Level Agreements (SLAs)
Migration Plans for Changing Cloud Service Providers
Rush to Adoption
9 – Phase Approach to Migrate to the Cloud
Off-Site Backup and Recovery
Auditing Compliance
Virtual Machine Security
10 – My Application has been migrated to the Cloud, Now What?
Security Considerations
Migration Considerations
11 – Term Used in Decision Flow Process
Cost Benefit Analysis
Comparative Performance Analysis
Technical Requirements
Contingency Analysis
