Project 1: Overview of Cloud Technology
Step 4: Define the IT Business Requirements
After considering the economic aspects of the cloud, the next logical step is to narrow the particular requirements of cloud computing for the organization. It is important that your presentation works toward
building a business case for cloud computing
.
Your presentation must address BallotOnline's
business requirements
and
critical IT requirements related to data storage
. Make sure you classify the requirements into functional (behavior) and nonfunctional, as per the requirements definition link.
Take NOTE:
The business requirements should be explicit directives specifying what the solution should deliver for the business, formulated using imperative language (system
should, or
must, or
will do this and that) rather than a general description of cloud solution features.
IT Business Needs
You will need to assess the IT needs or requirements of the business to determine whether cloud computing is a feasible option for the organization. To evaluate what the IT business requirements are, you should look at the company's historical IT needs (current IT infrastructure), future growth areas of the business (new business and expected growth projections), and evaluating financial factors (ROI, TCO, IT budgets, service costs).
Cloud Reference Model
A cloud reference model or architecture helps you to better understand the different parties that perform transactions, processes, or tasks in a cloud computing model, as well as the interactions between these parties.
Source: National Institute of Standards and Technology. (2011).
NIST cloud computing reference architecture. In the public domain.
Cloud Architecture
Cloud architecture is a term referring to the various components required under a cloud computing model. For example, in an infrastructure as a service (IaaS) delivery model, these components might include compute and storage nodes and network connectivity, and it is up to the cloud architect to determine how these components should interact with one another. In a software as a service (SaaS) delivery model, these components might include front-end interfaces (web, mobile), middleware (business-specific applications, application servers), back-end (databases), load balancing, and caching services (Akamai, memcached, Amazon ElastiCache).
Cloud Migration Methods
Organizations moving to cloud computing models need to evaluate how to migrate their existing IT workloads and data. Each organization has to evaluate whether it wishes to hire a third party to help facilitate the migration, or perform the migration using its own IT staff. Different migration methods may be used depending on whether it is an application, database, or infrastructure services.
Current Trends in Cloud Computing
Cloud computing is fast-paced and rapidly evolving, so the current trends today will be different than the trends tomorrow (Boulton, 2016).
· Some organizations may shift away from private clouds, in favor of less expensive public cloud implementations.
· Cloud cost containment is very important, and new cost management tools are being developed to aid in this.
· Applications are being rewritten as native cloud applications.
· Enterprise applications are moving to the public cloud.
Business Requirements
A requirements analysis involves a systematic evaluation of needs derived from a company's business goals and strategy. One approach to determining requirements involves the classification of functional and nonfunctional system requirements.
Functional Requirements
Functional requirements are at the heart of systems or technology development. Functional requirements specify the behavior of a system and determine what the system should do. These requirements are developed well before the acquisition or development of systems. The activity can be performed during the system design and can be application- or architecture-driven. For example, a functional requirement for a calculator would be "must be able to add, subtract, multiply, and divide numbers."
Typical functional requirements are (Eriksson, 2012):
· business rules
· transaction corrections, adjustments, and cancellations
· administrative functions
· authentication
· authorization levels
· audit tracking
· external interfaces
· certification requirements
· reporting requirements
· historical data
· legal or regulatory requirements
These rules determine things such as operations, systems reports, and workflow. These requirements are also the determining factor when evaluating system compliance. Typically, the flow of functional requirements incorporates such things as user request, feature, use case, and business rule.
Examples of Functional Requirements
User request: I need to send secure messages in the new application.
Feature: End-to-end encryption when sending messages.
Use case: This feature will be enabled when the application sends communications to the database.
Business rule: All encryption must be FIPS 140-2 compliant.
Nonfunctional Requirements
Nonfunctional requirements specify how the system will support the functional requirements. They may include ways of verification of functional requirements fulfillment, as well as any remaining requirements that are not covered by the functional requirements.
While functional requirements are necessary to make the system or component work nonfunctional requirements can determine how well the system or component works because they describe the "quality characteristics" or "quality attributes" of the functional requirements (Eriksson, 2012).
Typical nonfunctional requirements include (Eriksson, 2012):
· performance (e.g., response time, throughput, utilization, static, volumetric)
· scalability
· capacity
· availability
· reliability
· recoverability
· maintainability
· serviceability
· security
· regulatory
· manageability
· environmental
· data integrity
· usability
· interoperability
Examples of Nonfunctional Requirements
Availability: The Online Payment System will be available for users between the hours of 5:00 a.m. and 11:00 p.m. EST.
Capacity: Up to 1,000 total users can use the system.
Maintainability: Changes required by law will applied at least 3 months before the law becomes enforceable.
Reliability: Will be available to users 98 percent of normal working hours.
Security: Only users with the role "Administrator" or "Supervisor" can make changes to the system.
Critical IT Requirements Related to Data Storage
Security rules and procedures protect information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. Examples of IT requirements that support secure data storage include the following (Niels, Dempsey, and Pillitteri, 2017):
Data Protection
Encryption of data (at rest and in transit)
· Encryption transforms intelligible data, called plaintext, into an unintelligible form, called ciphertext. This is reversed through the process of decryption.
Appropriate security technologies
· e.g., intrusion detection and protection systems, firewalls, configuration settings
Audit Trails
Records of system activity, including information on system processes, application processes, and all user activities, should be maintained. These records could be used to find security violations, application flaws, and/or understand performance problems within the system.
Separation of Data
Separation of data in this context means that individual clients may require that their data be stored in an environment that is either logically separated using software or physically separated using hardware isolation.
Separation of Duties
Separation of duties is the process by which roles specific to handling sensitive systems and data are segmented so that no single individual has total control of—or access to—a system. Separation of duties can reduce insider threats by limiting the access any one individual has to a system. Such separation can also serve as a checks and balances system for security. This differentiates the individuals who design or test a system from those who conduct security testing or monitoring.
Project 1: Overview of Cloud Technology
Step 5: Prepare a SWOT Analysis
In this step, you will apply the information gathered in the business analysis to assess the benefits and possible drawbacks of adopting cloud infrastructure for BallotOnline.
Take Note
Iamnee/Essentials Collection/iStock
Your supervisor, Sophia, recommends that you include a
SWOT analysis in your presentation, since the BallotOnline company executives will want you to go over both the advantages and disadvantages of cloud adoption and any important internal and external factors that may influence the success of the project.
Take Action
Demonstrate your critical-thinking abilities by identifying the strengths, weaknesses, opportunities, and threats of adopting cloud computing.
First, articulate each of these areas for the SWOT analysis:
1. Identify the key strengths (advantages) of adopting cloud computing.
2. Identify the major weaknesses (disadvantages) of adopting cloud computing.
3. Are there any opportunities that cloud computing enables the organization to take advantage of?
4. What are the threats that an organization considering adopting cloud computing needs to consider?
Next, evaluate how to achieve the following outcomes to add to the SWOT analysis:
1. How can you use strengths to take advantage of opportunities?
2. How can you overcome weaknesses to take advantage of opportunities?
3. How can you use strengths to avoid threats?
4. How can you minimize weaknesses and avoid threats?
Use the
SWOT analysis template to organize your ideas.
When you have completed the SWOT analysis, move to the last step, which is the final
SWOT Analysis Template
STRENGTHS 1. 2. 3. 4. |
WEAKNESSES 1. 2. 3. 4. |
|
OPPORTUNITIES 1. 2. 3. 4. |
Opportunity-Strength (OS) Strategies Use the strengths to take advantage of opportunities 1. 2. |
Opportunity-Weakness (OW) Strategies Overcome weaknesses by taking advantage of opportunities 1. 2. |
THREATS 1. 2. 3. 4. |
Threat-Strength (TS) Strategies Use strengths to avoid threats 1. 2. |
Threat-Weakness (TW) Strategies Minimize weaknesses and avoid threats 1. 2. |