Assessment of a Cloud Computing Service Vendor

Questions: 1. Discuss the requirements for remote administration, resource management and SLA management. It may be useful to consider Morad and Dalbhanjans operational checklists for DSIs OSDS. This section should be no more than two to three pages in length. 2. Discuss briefly how you will consider application resilience, backup and disaster recovery for your chosen provider in relation to OSDS. This section should be no more than two to three pages in length. 3. Use Erls SLA guidelines to assess the SLA for your chosen provider. This section should be no more than two to three pages in length. 4. Provide a covering one to two page executive summary of these two assessments to DSI Executive Management and summarise the major opportunities and risks that have been identified in your assessments. Answers: Executive summary This assessment was carried out to determine the technical requirements and service level agreement (SLA) for different cloud computing vendors. The aim of the assessment was to help in providing necessary information to the Department of Spatial Information (DSI) management on the existing opportunities and risks associated with cloud computing services. The information obtained will then be used to evaluate the necessary requirements before considering moving the Online Spatial Delivery System (OSDS) to a cloud platform. Thus, the report has assessed various components associated with cloud computing services including; resource management, backup and disaster recovery plan, and service level agreement for the chosen vendor. In addition to the technical management requirements and SLA management, the assessment identified the following cloud computing opportunities and risk; Opportunities The migration to the cloud computing platform will provide the following opportunities; Cloud services will lower the operational costs; cloud computing vendors allow organizations to rent their server spaces for a given period of time and as such organizations do not have to worry about the maintenance and upgrading costs. Fast delivery of services; cloud vendors provide optimized IT infrastructure and as a result an organization using a cloud computing platform will have quick access to computing services and the same will be extended to its clients. Risks The organization will risk exposing its confidential data to unauthorized personnel in cases where the security of the cloud vendor is breached. The operations of the business may come to halt where there is lose of connectivity to the cloud. In general, DSI should consider the necessary technical requirements before migrating OSDS to the cloud computing platform. Also, the existing opportunities and risks should be evaluated. The various technical management and SLA provisions are discussed in this assessment. Assessment of a Cloud Computing Service Vendor Before applications or IT, services can be available on the cloud computing platform, there should be a strategy that on how to set up, configure, maintain, and monitor the services. This requires the use of various systems. These systems include; remote administration system, resource management system, and SLA management systems among others. Below is a discussion of these systems (Buyya, Yeo, Venugopal, 2008, p.98). Remote Administration This describes the process of managing and controlling a computer system from a distant location. For instance, controlling a system located in building A from building B. Thus, in remote administration the system is controlled without the physical presence of a user. Remote administration involves the use of certain software that has been developed to facilitate the process. This software is known as the remote administration tool (RAT). For a cloud based service, an organization will need to have a remote administration system. Remote administration system This is a mechanism that provides the necessary tools and interfaces to enable other administrators other than the administrator from the cloud to configure and manage the IT resources, available on the cloud. In this case, the system will establish connectivity to the organizations portal on the cloud providing the required administration and management features such as the resource management, and billing system. Thus, if DSI will launch the OSDS application on a cloud computing platform, they will still be able to monitor their IT resources from their systems through the help of the remote administration system. The figure above outlines how DSI administrators will be connected to the cloud computing vendor through the available application programming interfaces (APIs) and as such the administrators will be able to control their organizations IT resources on the cloud. The APIs will be provided by the cloud vendor to enable the users to have a variety of administrative controls. Cloud users can generally create two different types of portals on the remote administration system: the usage and administration portal, and the self-service portal. With the help of a remote administration system, cloud users can perform the following task; Users will be able to configure and set up their cloud-based services such as OSDS for the case of DSI They will be able to provide and release IT resources when need arises Users are also able to monitor the status, use, and performance of the cloud service The cloud users can also monitor the quality of service (QOS) and SLA fulfillment Users will also be able to manage the leasing costs and usage fees of their cloud service In addition, the users will be able to manage users accounts and related security issues Resource management This is defined as the efficient and effective use of resources in an organization, the resources could be human skills, IT infrastructure etc. It is important to have an effective resource management strategy so that the organization realizes its objectives. To ensure effective management of resources an organization will require a resource management system. Resource management system This is a mechanism that is used to coordinate the use of cloud-based IT resources as per the actions of the cloud providers and cloud consumers. The resource management system incorporates a virtual infrastructure manager (VIM) which is the most important part of the system. The VIM coordinates the organizations server hardware and creates virtual server instances. It is basically used to manage different virtual IT resources over multiple physical servers (Patel, P., Ranabahu, Sheth, 2009, p.123). The resource management system will help in automating and implementing the following tasks; It will help in the management of virtual IT resource templates The system will also help in the allocation and release of various virtual IT resources such as pausing, resume, and termination Resource management system helps in the coordination of the different IT resources that may involve mechanisms such as resource replication, load balancer, and failover system. The system is also important in enforcing the usage and security policies The system will also help in monitoring different operational conditions of the IT resources on the cloud computing platform. It is, therefore, necessary for DSI to consider implementing an effective resource management system before launching the OSDS application on the cloud computing platform. Service Level Agreement (SLA) Management SLA is used to define the terms of the contract between the cloud provider and the cloud user (client). For cloud providers and users, there is a provision of the SLA management system which covers cloud management products with the following features; administration, collection, storage, reporting, and runtime notification of the SLA data. An SLA management system includes a repository used to store and retrieve data depending on the performance measures. It is necessary to develop an SLA to be able to evaluate the performance and quality of services provided by a vendor. The performance of a cloud computing vendor may be measured in terms of; how available is the system, and the response time of the system. Therefore, DSI should clearly evaluate the SLA provisions of its chosen vendor before considering the launching of their IT services on their cloud platform (Buyya, Yeo, Venugopal, 2008, p.145). Backup and Disaster Recovery Actually, backup and disaster recovery are concerned with methods of preventing loss of data which may occur accidentally either by deletion or even by the corruption of files. These are necessary requirements by a cloud computing service vendor to prevent loss of very important data or information. Application Resilience Generally, application resilience refers to the ability of a given application from a given cloud vendor to react to problems that haves occurred due to one of its components and still manage to provide the best services. The resiliency of an application is, therefore, necessary to test. This testing is usually important in assessing the following; By carrying out this test, one is able to know if the application conforms to the application resiliency standards. One is able to establish the scalability of such applications. Scalability refers to the ability of the application to respond or fluctuate with the technological changes. This test also enables one to establish the risk that failure of such an application would cause to the business (Younis, Kifayat, 2013, p.114). Carrying out such test may also provide the security and private issues that are associated with such applications. There are cases where testing for resiliency is automated. Automated Resiliency Testing offers methods that have been depended on in assessment of software. Therefore, DSI should consider checking whether the Online Service Delivery system is resilient enough before deploying it on the cloud platform. To achieve high availability (HA), the DSI application resilience strategy should include; the use of various availability zones within a given location, implementation of instance redundancy, and monitoring and recovery among other considerations. OSDS should be able to identify existing points of system failure. Backup Plan Backup in IT, simply refers to the process of copying and archiving data so as to enable usage of such data in restoring the original data after an event of data loss. Its primary objective is to reduce chances of losing data or information that is considered material. A backup plan can be defined as strategies that have been in place to monitor data by continuously archiving them so as to restore such data in an event of data loss. Information that is held by cloud computing service vendors is equally important. This facilitates the need to set up a backup plan that will monitor all important data and ensure that such data is archived so that it can be helpful in the event of data loss (Casalicchio, Silvestri, 2013, p.254). Cloud backup, also known as online backup, is strategized to copy data to a server/ host or central data point so that this data will be archived in case of failure or any other phenomenon. Off-site servers may be hosted in either by a public cloud service provider or a private cloud service provider. Public cloud service providers will charge their customers for storing and maintaining the backup. Online backup or cloud backup usually operates on schedules determinable by the level of service purchased by the customer. For instance, if a customer subscribes for the backup daily, the application will gather, compress and encrypt and send data to the servers or hosts of the service providers after every 24hrs. It is, therefore, a recommendation for the corporations to rely on cloud computing backup service irrespective of their sizes. Such information is important for their continuity of business, projects or transactions. Disaster Recovery Plan Disaster Recovery (DR) in a cloud computing service involves procedural policies and strategies that ensure continuity or recovery of vital information and systems that may occur due to human-induced or natural disaster. Disaster Recovery (DR) owes its development to the late 1970s when computer center managers realized the dependence the organization had on the computer system. A critical path in disaster in Disaster Recovery is networking. For a cloud computing service to offer the best methods of disaster recovery, replication of the network is required. Disaster Recovery (DR) in cloud computing service is often associated with various benefits. Some of the benefits associated with DR in cloud computing may include; Fast Recovery The difference in RPO and RTO distinguishes cloud-based disaster recovery from the traditional recovery. When operating on a cloud-based DR, your site is capable of recovering from a warm site immediately, thus, reducing RPO and RTO times from days or weeks down to hours. Traditional disaster recovery involves booting from a cold site. Security Myths have been there in contrary to the security systems of a disaster recovery plan that are opposing their success. Despite such myths, disaster recovery plan that is cloud-based is usually secure with the right provider. Chances are therefore not to be taken when it comes to business disaster recovery. Cloud-based disaster recovery plan is considered more secure compared to the traditional recovery systems. Scalability A disaster recovery plan operating on a cloud computing platform is usually flexible. The users will easily be able to increase or decrease storage capacity as the business demands. This makes it easier than a traditional backup. SLA Assessment using Erls Guidelines Service Level Agreements are usually considered as contracts between service providers and their clients regarding the levels of service that they would. When these agreements are being constituted, standards of SLA that have been set have to be fulfilled. Evaluation of Business Policies This involves the identification of the business that is covered by the relationship. This is usually expressed in terms of projects, activities processes or functions. This provides the SLA should clearly outline the activities processes that the cloud service vendor intends to offer to its esteemed clients. Guarantees A guarantee should be stipulated by the SLA of the company in case they default the agreement. This means the SLA should assure the customers of the company high-performance level. They will need to identify outputs and outcomes that the two parties expect to achieve from such an arrangement. SLA should clearly guarantee the clients a good service level and performance as per their agreement. Services This means that day-to-day activities of the cloud service providers should be aimed at delivery of the service level that is listed in the SLA. An SLO (Service Level Objective), will act as a checklist to ensure the services are provided to the levels agreed. Governance and Versioning This is to deal with the questions of Why?, Who does what?, Who does what? and Who answers for results?. When all these questions are answered in an SLA, governance would not be an issue and thus, the service level promised to the clients would be achieved. Support SLA should, actually, provide designated support hours and support contacts from which the customers can communicate with the cloud service vendors. This enables easy communication between the service providers and the end-users. References Amazon, E. C. (2015). Amazon web services. Buyya, R., Yeo, C. S., Venugopal, S. (2008, September). Market-oriented cloud computing: Vision, hype, and reality for delivering it services as computing utilities. In High Performance Computing and Communications, 2008. HPCC'08. 10th IEEE International Conference on (pp. 5-13). Ieee. Casalicchio, E., Silvestri, L. (2013). Mechanisms for SLA provisioning in cloud-based service providers. Computer Networks, 57(3), 795-810. Liu, Y., Ngu, A. H., Zeng, L. Z. (2004, May). QoS computation and policing in dynamic web service selection. In Proceedings of the 13th international World Wide Web conference on Alternate track papers posters (pp. 66-73). ACM. Ercolani, G. (2013). Cloud Computing Services Potential Analysis. An integrated model for evaluating Software as a Service. Cloud Computing, 77-80. Patel, P., Ranabahu, A. H., Sheth, A. P. (2009). Service level agreement in cloud computing. Raimondi, F., Skene, J., Emmerich, W. (2008, November). Efficient online monitoring of web-service SLAs. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering (pp. 170-180). ACM. Subashini, S., Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of network and computer applications, 34(1), 1-11. Terry, D. B., Prabhakaran, V., Kotla, R., Balakrishnan, M., Aguilera, M. K., Abu-Libdeh, H. (2013, November). Consistency-based service level agreements for cloud storage. In Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles (pp. 309-324). ACM. Younis, M. Y. A., Kifayat, K. (2013). Secure cloud computing for critical infrastructure: A survey. Liverpool John Moores University, United Kingdom, Tech. Rep. Zhang, Q., Cheng, L., Boutaba, R. (2010). Cloud computing: state-of-the-art and research challenges. Journal of internet services and applications, 1(1), 7-18. Zheng, Z., Lyu, M. R. (2012). Optimal fault tolerance strategy selection for web services. Web Service Composition and New Frameworks in Designing Semantics: Innovations: Innovations, 218.