Cloud Computing Architecture

The Company named Regional Gardens Ltd., is considered in this report for which a strategic proposal is required to meet the business requirement. It is a company which runs various gardening enterprises. It wishes to improve its current ICT infrastructure, with respect to data storage, monitoring, data flexibility and responsiveness. It looks forward to have a new manageable cloud based infrastructure.

The objective of this report is to provide a specific cloud computing architecture for meeting the business needs, where various cloud computing architectures will be compared and evaluated. The ICT risk management for the cloud computing delivery plan will be represented. The Information Security assessment will be carried out. Migration plan, its critical points and issues will be discussed. 

The cloud computing environment helps the grid computing to provide physical and virtual servers for running the grid applications, which carry out various small tasks (Rouse, 2018). The cloud computing requires management like, changing requests, provisioning, reimaging, deprovisioning, monitoring and rebalancing of workload. The cloud computing system is divided into front-end and back-end, which are connected with the help of a network i.e., internet. There is a central server which administers the system, by managing tasking like, demands of the clients and traffic monitoring and ensuring everything works smoothly (Sareen, 2013).

For assisting the Regional Gardens for meeting the Board’s strategy, I would employ Hybrid Cloud Architecture.

For a cloud based solution, the Cloud Computing Architecture is used which contains on premise and cloud resources. It ensures to facilitate communication between the stakeholders, and related to high-level design early decisions are documented and can help to reuse the components of the design (“Cloud Computing Architecture”, 2010). 

Today, all the organizations are adopting Hybrid cloud architecture for maintaining control on the privately managed internal cloud, while depending on the public cloud as required (Waite, 2017).

The microservices ensures that the applications become highly resilient, agile and scalable (Ajluni, 2016).

The Hybrid cloud architecture shares both the private and public cloud’s resources. This architecture is an integration of on-premises resources with cloud resources, as shown in the below figure.

Many organizations who have on-premises technology investments, must operate in a hybrid architecture. This is important for adopting the cloud. However, the migrating legacy IT systems takes time. Thus, it is important to choose a trusted cloud provider, for implementing a thoughtful hybrid strategy with less investment on new on-premises hardware and software (Saran, 2018). This helps to simplify the operations and ensures to easily achieve the goals of the business. When it comes to AWS’s close working relation with the enterprises, it has developed the industry’s broadest set of hybrid capabilities in terms of storage, networking, security, application deployment, and management tools, for easy integration with the cloud (“Hybrid Cloud Architectures”, 2018). This acts as a seamless and secure extension the present investments.  

Hybrid Cloud Architecture

5 main considerations considered for the IT organizations while evaluating organization’s future application are presented below (Gracely, Finos & Floyer, 2015):

1. Do Nothing:Certain applications are industry-specific or are delivered on a hardware appliance, which don’t make sense to change, because of software licensing, or have no idea how it is supported by the application.
2. Optimization:According to the perspective of software, most of the existing applications won’t be changed, but the IT organizations surely will try to optimize the environment around the applications.
3. Augmentation: According to the market evolution related to, IoT technologies, Big Data and Mobile various firms are in search of methods for augmenting their Systems to record with the new applications which just are designed keeping the engagement models of new customer in mind. Thus, it is one of the reason that the companies are actively researching on the Cloud Native applications. Most of the firms are employing the in-house developers for building such applications, because these applications can bring new change for the business. Moreover, augmentation is a section where the companies create integrations between SaaS applications and their in-house Systems of Record, to gain the opportunities for effectively aligning the application development team and the operations team.
4. Migrate to Cloud: Despite the IT leaders understanding on the importance of Cloud Computing, still evaluation exists on whether it makes sense to migrate the applications to a Private Cloud or a Public Cloud. On the other hand, with the growth of Public Cloud, most of the IT organizations are still evolving their Cloud Computing skills. For a Private Cloud, the migrating applications permits the IT organizations to maintain the present performance including the characteristics of security, during local access to the application data. However, it is proved that such migrations are highly cost effective. The Private Cloud projects concentrate to deliver automated infrastructure and services which imitates what could be taken from the Public Clouds like, AWS or Azure.

1. Replacing: Since 15 years, the companies utilize technology for increasing their business and productivity of employees. But, as time passes the technologies loses its effectiveness for the business. This increases the company’s interest to replace their previous investment with SaaS equivalents. The applications relate to the following functions and processes like, Email, Collaboration, call-center management, Human Resources and, Sales and Marketing.

The last consideration decides the application’s future portability, for most of the IT architects.   

The utilization of Deep Security quick start template from AWS Marketplace can work as an effective solution component for data security. The other solution components could be as listed below:

1. For high availability and scalability, deployment of a setup of multi-node with co-located Deep Security Relays.
2. AWS RDS can be used for storing Deep Security data.
3. It is optional to utilize two Deep Security Relay Groups to keep the update of local traffic for every single site like, one Relay Group for Azure workloads and one Relay Group for On-Premises workloads.
4. For importing virtual machines in to the Deep Security utilize Deep Security cloud connector for AWS. Additionally, it supports with continuous discovery.

The network connectivity is as follows (“CloudOps: 6 best ways to manage hybrid cloud performance”, 2018):

1. Use Deep Security Manager nodes with Public DNS to make them accessible over the internet.
2. For Manager and agent communication, utilize Agent Initiated communication mode.
3. Network access is not needed from AWS to On-premises.
4. Allow Deep Security Manager, Deep Security Relays and Deep Security Agents internet access for software and security updates.
5. For necessary flow of communication between the components, utilize the rules of VPC Security Group. 

For effective flexibility in deployment for Hybrid cloud, the Deep Security 10 supports with hybrid policy management and auto-scaling. The Deep Security is mainly designed for supporting traditional IT security model and advanced DevSecOps.

The company will be benefited by the help cloud migration support provider, in making smooth transition when adopting a hybrid cloud environment (Long, 2018). 

The benefits of the deployment of the Hybrid cloud architecture includes (“7 benefits of a Hybrid Cloud solution”, 2018) (Tracy, 2016):

• It ensures to have business continuity, in the business operations. Business continuity not just related to back up of data or a recovery plan instead it a capacity of the business to continue its business even while a failure (“TDWI Checklist Report: Data Management Best Practices for Cloud and Hybrid Architectures”, 2018).
• Increased speed for marketing.
• Scalability
• Provides direct accessibility of data.
• Secure systems (Perez, 2018).
• More opportunity for innovation
• It improves the connectivity.
• It ensures risk management.
• It provided network optimization.
• Enables expansion of capacity. 

The issues related to the deployment of the Hybrid cloud architecture includes (Tracy, 2016) (Tran, 2018):

• Cost

Building a private cloud for the enterprise costs more when compared to the public cloud. High usage of the public cloud resources could increase unexpectedly bills of high charges which might not be part of the plan. Thus, it is necessary to outline a specific budget for the hybrid cloud project.

• Security

Cloud computing can surely face some attacks. It requires proper precautions to secure the data correctly and must ensure that it is controlled and maintained by an appropriate person (De Laine, 2017).

• Data and application integration

There is symbolic relationship when it comes to applications and data, where without each other they are of no use. Most of the times both application and data are chained together. While its storage topic is discussed, it is required to enquire about its infrastructure. For instance, if the application is in the private cloud whereas its data is in the on-premise data center, then can the data be accessed remotely in this application? Copy data virtualization technologies could decouple the data from the infrastructure and can make this issue, least problematic.

• Compatibility has bigger issues while developing a hybrid cloud. One of the challenge in building the Hybrid cloud is compatibility across the infrastructure. When there are infrastructures of dual levels, like the private cloud which is controlled by the company and the public cloud which is not controlled by the company, then there are possibilities to run different stacks.
• Networking issues, such as will the cloud have highly active application present in it? The usage of the bandwidth is important to be considered on a network and similarly it is necessary to check whether there might be any issues in bottlenecking the rest of the applications. This is one of the question which should be asked about hybrid integration during network designing. 

Similar to all the IT projects, developing hybrid cloud for an enterprise could bring both advantages and also challenges. If proper planning is done, then the organizations can surely decrease the issues and increase the benefits for the organization. 

The possible risks associated with the Hybrid cloud and microservices strategies are listed below (Tech, 2016) (Shacklett, 2016) (“17 Hybrid Cloud Security Threats and How To Fix Them”, 2018) (Hatter, 2014):

Sl. No.	Possible Risks for Hybrid cloud and microservices	Description	Possible Control For the Risk
1.	IT architecture design	The architecture can be of cloud, private, on-premises must be managed well, for smoothly running the end-to-end infrastructure.
2.	Coordination of cloud procurement with end business users	The Haphazard method is a worst method for entering into a hybrid cloud strategy. Because, the haphazard circumstance is created if the end-user departments and independently contract IT for cloud services. It is necessary to have a mix of public cloud, private cloud, and on-premises IT and no one who is accountable for overall coordination and performance of these investments. This type of practice brings more number of risks along with increased inefficiency.
3.	Management of Data	In the data centers of many organizations, they use storage automation, for routing the data to the tiers of fast, medium, or seldom-used storage, based on the data type and its access requirements. When the data gets tricked by non-data center destinations, in such cases the business rules and stewardship of such data faces more risks and it is necessary to track such data.	Rely on a trusted technology for overcoming the risk of data migration.
4.	Security and privacy	In cloud, data security and privacy is improvising, but it doesn’t transform the fact i.e., on data, the corporate IT contains direct governance, security, and privacy control, which the data center of the organization stores. The data center does not contain any direct control in the cloud. The customer’s data is the responsibility of the organization, where the data is kept safely.	Effective third party solution.
5.	Bandwidth and latency	The cloud can be accessed securely in a private network through internet. This shows that the management of bandwidth and latency risk for the real-time data streams and transfer of bulk data could result in a risky affair, in contrast with the internal network of the firm. The company must perform risk evaluations for data and applications which go to the cloud.	Manage the bandwidth and latency risks.
6.	Disaster recovery and failover	The organizations which move their data and applications can face disaster of data due to the negligence of the cloud providers and their data centers.	Check disaster recovery plans. Before leasing, find the data centers utilized by the cloud provider and its failovers. Moreover proceed with risk assessment.
7.	Switching of vendors	Switching vendors is not easy despite of being a “plug and play” proposition, based on the contractual and cooperation point of view.	Wise decisions will help to choose and select the worthy vendors.
8.	On-premise licenses and contract management	In case of any shifting in applications like from, on-premises to the cloud, there are possibilities of optimal coordination only if the transition are made when the on-premises software licenses expires.	While moving from one vendor to the other, it is necessary to review the contracts and prices.
9.	Vendor SLAs and Poor SLAs	Most of the cloud vendors fail to publish service level agreements (SLAs), and it won’t even be present in their contracts. While moving to the cloud, the customers tend to lose the ability of govern their own data set. This leads to forcibly rely on the service providers for data securing, in the public sector.	The company must take legal guidance and enquire and review the attorney before agreeing to the agreement. Further, ensure the services’ expectation are reasonable. Then, check the permission and protection along with the security measures.
10.	Liability of Vendors and lack of data ownership and risk management.	If the cloud vendor doesn’t own its own data centers and is contracting for them with third parties, this can increase security breach issue.	The organization must check the liabilities of the vendors before agreeing to the agreement. i.e., Check for data ownership along with security. Define the services in the form of SLA for the hybrid IT firm. Enquire who can access the data and know the location of where the data is stored.
11.	Control loss	Even one change in the application could create issues related to integration with the other programs, which can end up with chaos among the critical business applications.	Contact service providers who effectively manage such risks for the organization and make them the partner of the company.
12.	Poor compliance	Compliance is a problem which is related to security challenge. Any businesses should make sure that each part of their cloud strategy must have compliance with all the industry regulations. Thus, it is important to make sure that the data which travels between the private and public cloud environments is secured effectively.	Test for compliance and then proceed.
13.	Cloud Security	Many things are discussed when it comes to the inherent risks related to security. Deploying hybrid clod strategies includes various security challenges for the organization, like security management, risk management and poorly constructed service-level agreements. All of these mentioned issues increases problems from complications, which could increase when both the private and public cloud are utilized in conjunction with each other. However, it is highly difficult to manage two types of deployments for the IT teams.	Make sure the SLA is standard.
14.	Data leakage	Insufficient security protocols by the cloud provider could compromise the data which can be destroyed, corrupted or accessed in appropriately. For instance in, worker-driven BYOD environments.	Prevention of data loss and ensure security measures to encounter malfunctions in the infrastructure, security breaches, and errors in the software.
15.	Weak protection of IP (intellectual Property)	IP requires extra protection. It must have the highest encryption and security protocols in place. IP must be identified and classified to determine potential security risks. A vulnerability assessment and appropriate encryption are needed	Ensure the security of the network infrastructure. Perform third party audits extensively and create permission matrix.
16.	Not enough Security Risk Assessment	The failure of risk identification can harm the IT infrastructure.	Risk prevention and assessment must be performed rigorously along with scanning of IDS/IPS systems for malicious traffic.
17.	Encryption is missing	The network transmission is vulnerable to Man-in-the-Middle (MitM) attacks and eavesdropping, which avoids mutual authentication.	Reliable VPN must be employed with a proxy server which can be relied. Then, the transmission must be shielded from random attacks using the cryptographic protocols which contains endpoint authentication.
18.	Data redundancy is poor.	Absence of redundancy can put the enterprise and the hybrid IT cloud at risk.	Redundancy must be implemented with the use of multiple data centers from a single cloud provider i.e., from various public cloud providers and hybrid cloud.
19.	Absence of API protection	If API are not protected, then the sensitive data is exposed by the endpoints to malicious attacks.	Mange the API keys similar to encryption and code-signing keys.

Benefits of Hybrid Cloud Architecture

Thereore, surveying the risk monitoring, reviewing the events and identifying proper policy adjustments are required for managing the risks in the cloud.

I recommend the Board with the following Information Security steps and controls, for securing the Hybrid cloud (“Hybrid Cloud Security: 5 Key Considerations for your Business”, 2018) (“Hybrid cloud security fundamentals: 4 things to know”, 2018):

• Compliance is suggested:Because the hybrid cloud offers the benefits of private and public cloud for the enterprise. But, it includes unique challenges related to security compliance (Solutions, 2018). I recommend to examine all the policies and regulatory compliance the private cloud, of a public cloud, only then the complete compliance of private and public clouds can be integrated as a single system. Made standard point to regularly check the hybrid cloud compliance, as a whole.
• Protection of Intellectual Property (IP)

Standardize the permission matrix for the enterprise, like which of the internal and external entities must have access to the available sensitive data.

• Ensuring the compatibility of security tool

Make use of firewalls, antivirus software and IPS devices as security tools for the public cloud. The service vendors must integrate the hybrid cloud with a private cloud and public cloud with security product (“SECURITY IN THE HYBRID CLOUD: Putting Rumors to Rest”, 2011) .

• Importance of risk assessment

Impose strict rules to constantly assess the risks for each facet of the enterprise’s hybrid cloud and the complete hybrid cloud system. This helps to secure the cloud.

• Take care of APIs by encryption

Make mandatory measures to carefully monitor all the Application Programming Interfaces for the cloud software, which are developed by the third parties. 

The recommendation included in Regional Gardens’s Business Continuity planning (BCP), due to the adoption of Hybrid Cloud and Microservices approach is presented below (“How Containers, Microservices, and Hybrid Cloud Enable Innovation”, 2018):

• Ensure to rethink on disaster’s definition.

Don’t think disaster management as a normal task, instead give more preference to it because it has higher risks. The risks can be dealt with the implementation of smart approach. Administer and identify the impacts which can decrease the issues.

Avoid even minor issues, because the minor issues leads to bigger and dangerous issues. The issues must be controlled effectively at the right time with the right decision.

• Set up a responsible team for business continuity.

Irrespective of any effective BCP or an effective the disaster recovery plan, effective and trusted team is important for responding to the disaster. The team must be attentive and must actively handle things during disaster situation without panicking.

• Make backup of data mandatory.

Despite of various factors available for a strong disaster recovery plan, data backup system will be the highly significant. It is possible that the downtime event could result in massive data loss, and this is the main reason for storing the data in a secured and accessible place.

• Design disaster recovery plan
• Select effective migration plan for securing the data in the cloud.
• Preplan the risks with risk assessment.
• Overcome the challenges of hybrid cloud adoption.
• According to hybrid cloud strategy, Regional Gardens might need portability between the public cloud services and its own private cloud in the data center, or between multiple public cloud providers. It may need this portability for complete cloud applications or for only pieces of these applications like the microservices.
• Implement solutions for application resilience.
• Implement solution for backup and disaster recovery in a Hybrid Cloud environment.
• Ensure data security and availability.

Make sure that the location of the data is provided.

• Test the designed plan.

After designing the disaster recovery plan, testing is mandatory no matter what. Make sure to test it several times. The business continuity must react to the crisis and stay strong to accomplish the tasks. 

Issues Related to the Deployment of Hybrid Cloud Architecture

One of the issues in the Hybrid cloud security is, “Poorly constructed SLAs” (“Cloud Security”, 2012). Though, the enterprise is confident enough about their public cloud provider for consistently meeting the expectations mentioned in the Service-Level agreement, but how is it possible that the private cloud can live up to the similar SLA is the noted question. In such cases, the SLAs must be created depending on the expectations of the cloud’s lesser who could be private cloud. Thus, gathering data based on the private cloud’s availability and performance, depending on the practical workloads. It is suggested to identify the potential problems for integrating both the public and private clouds, which disrupt the cloud service.

The following are the required requirements for the Regional Gardens for conducting remote server administration, resource management and SLA management for its proposed IaaS and PaaS instances. 

The operations checklist includes the following:

1. General questions on security like, IAM users, Instance Security, Nested security groups and sharing AMIs.
2. Operational use of Amazon EC2 like EBS-backed instances, instance store-backed, dynamic addressing and, separate OS and data volumes.
3. HA, Backup and recovery.
4. Mapping the custom names to AWS.
5. Application Development and opportunities for testing.

SLA Management

The SLA Management for the Hybrid cloud is mentioned below (Gray & Novak, 2015):

• Ensuring to monitor any modern application might be complex and running such application in the hybrid environment could increase the number of complexities. The cloud vendors must provide standard and own tools, APIs and effective SLAs. Therefore, the SLA must define the utilized tools and APIs for more clarity and security.
• With respect to SLAs, the major challenge in the hybrid cloud directs on linking every single hybrid cloud’s components which are underlying with the end-user experiences. Because, the environment which has multiple platforms, can have weak points for the boundaries thus, strict monitoring is necessary.
• It is not easy to monitoring the application data from different platforms, especially if isolating is required for fixing the specific problem. It is required to monitor the data from different sources that are required to be analysed, aggregated and unified.
• After the identification of the issue and its isolation, it is necessary to be administered and managed during its life cycle. Integrating the modern monitoring solutions is very important as it helps to bridge the gaps between various environments. Once this is performed correctly, then the correlation between every single environment’s functionality and application performance, will ensure that all the parties are following the defined SLAs. 

In cloud, at the virtualization level the resource management must be done by the cloud provider and the cloud customers must manage it at the application level (Tchana, Son Tran, Broto, DePalma & Hagimont, 2013).

The IaaS includes low level cloud resource management, whereas PaaS hides this information for the client with the assistance of API/ any kind of automatic application deployment assistance.

Cloud resource administrators is required for assessing the functions of the resource management system.

Whoever works behalf of the cloud provider can have permission to directly access the native console of the resource management system. 

The consolidation policy for the IaaS administrator on sensor includes (Tchana, Son Tran, Broto, DePalma & Hagimont, 2013):

1. In case of saturation of the physical machine, a virtual machine is migrated to the other physical machine, which contains sufficient resources, for accepting it. When every required, the new physical machine can be turned on, which is known as VM

relocation.

1. When the physical machine is under-loaded and when its hosted VMs could be accepted by the other physical machines, in such case migration of these VMs is possible. It is possible to free or turn off these physical machine, which is called as VM collocation. 

The remote server management is an essential segment of data centers. Generally, the resource management systems exposes the APIs which permit the cloud providers for building a remote administration system portals. This could be customized for providing selective resource management controls for the external cloud resource administrators who work on behalf of the cloud consumer organizations through usage and administration portals.

The 2X Remote Application Server is built using cutting edge technology for increasing the hybrid cloud solution’s output. Remote Application Server delivers virtual desktops and applications from a central location, which allows to have continuous availability, resource-based load balancing and complete end-to-end network transparency for the administrators. 

As, the help of the cloud migration support provider facilitates smooth transition when adopting a hybrid cloud environment. It is necessary to implement an effective and feasible migration plan. In concern with cost-effectiveness, the approach of hybrid provides high security, flexibility and accessibility, if the plan is well planned and correctly executed (“Enterprise Hybrid Cloud: Strategy and Cost Considerations”, 2017) (Froehlich, 2017). However, the highly difficult and challenging task is to plan a data migration strategy, with various factors (Long, 2018). 

Risks Associated with Hybrid Cloud and Microservices Strategies

As, for starting the migration process, the Regional Gardens board has decided to move it email instance to the AWS (Amazon Web Service) cloud. Moreover, the board has planned even to test their strategy (“Aws Cloud Architecture”, 2018).

The strategy and execution for migration would be the following assessment (Vonnegut, 2018):

Step 1: The present infrastructure must be assessed.

Step 2: The applications and workloads must be assessed.

Step 3: Assessment of staff skill set along with training requirement depending on pre- and post-migration.

Step 4: Assessing required migration tools.  

Step 5: Assessing the timetables of the projected migration.   

Step 6: Assessing pre- and post-migration.

Therefore, assessment is must as each of the cloud migration will be unique with unexpected changes. 

The Migration plan, for migrating the services is as follows (“An Overview of AWS Cloud Data Migration Services”, 2016) (“5 Steps for a Cost-Efficient Migration to AWS Cloud”, 2018) (“The online portal for Data Migration knowledge”, 2018) (Earls, 2018): 

Step 1: Assessment of cloud

The IT infrastructure and cost is studied, to find the recommendations for a detailed plan. The cost analysis is performed, to estimate the duration of the project and the required resources (Parthasarathy & Mani, 2017).

Step 2: Proof of concept

Each of the critical application are built with POC environment to validate their functionalities. It performs functional and integration testing.

Step 3: Migrate non-mission critical applications

Migrate test or DEV application is performed. Then, the noncritical applications such as Track-it are migrated. Further, the backups are migrated and validated for restoring processes.   

Step 4: Migrate business critical applications

Components of the infrastructure are migrated. For example, monitoring solution and domain controller. The E-business Suite is migrated, then it is tuned, enhanced and optimized.

Step 5: Establishing a dedicated network connection.

Step 6: Selection of right AWS-Managed Migration Tools.

Step 7: Project Initiation Phase

The required policies and communication plan for the stakeholder will be presented in this phase.

Step 8: Pre-preparation Phase

The assessment of pre-migration’s impact takes place in this phase.

Step 9: Planning Phase

The activities are planned, resources, test environment, project management, support documentation

Step 10: Designing Phase

   Here, the design of the solution is developed, which comprises of, Migration procedures, customer migration scripts and back-out procedures are developed.

Step 11: Validation Phase

This validation phase includes preparing test environment, migration procedure for the test, back-out procedure for the test and refining the migration approach.

Step 12: Migration Phase

   It is divided into, Data migration phase and Application migration phase (Barr, 2010).

Conclusion

Preparation takes places where, installation of environment and configuring the supporting systems takes place. Then, implementation takes place where, migrate applications, update DBs, configure environment and validating the migration is done. Finally, bring-up.

Step 13: Risk identification related to data migration.

Step 14: Operating and Optimizing Phase

In this phase, the following areas are taken care, utilization, monitoring, performance, reengineering and efficiency.

Step 15: Executing and Testing Phase

In testing phase, the applications are tested and the performance is tested.

Step 16: Project phase’s time estimates.

Step 17: Avoiding potential data loss.

Step 18: Ensuring to reduce the downtime.

Step 19: Decreasing user disruption.

Step 20: Evaluating the effectiveness of the plan.

Step 21: Monitoring Phase

In this phase, the data quality monitoring environment is carried out. 

The critical points and issues that you see occurring at each of these steps are listed below:

• Security
• budget
• Attempting too much at once
• Fear
• Migration experience 

The explanation for why these points or issues are critical is explained in the below section.

When network transmission takes place, it is vulnerable to various attacks and data security breaches, which avoids mutual authentication and increases various issues. Therefore, data security is the major critical issue which must be considered in migration plan. 

Conclusion

The Company named Regional Gardens Ltd., is projected on meeting the business requirements in a strategic proposal. The company which runs various gardening enterprises is determined to improve its current ICT infrastructure, with respect to data storage, monitoring, data flexibility and responsiveness. Additionally, it looked forward to have a new manageable cloud based infrastructure, which is successfully considered in this report with the Hybrid cloud architecture. This architecture helps to meet the objectives for coinciding with the business needs. Various cloud computing architectures are compared and evaluated. Necessary Information Security Assessment is recommended for the Board. The BCP is provided for Regional Gardens Ltd. The SLA Management for the Hybrid cloud is discussed. The ICT risk management for the cloud computing delivery plan is represented. The Information Security assessment is carried out. Migration plan, its critical points and issues are discussed.

References

17 Hybrid Cloud Security Threats and How To Fix Them. (2018). Retrieved from https://www.pulsesecure.net/lp/hybrid-cloud-security-threats#14

5 Steps for a Cost-Efficient Migration to AWS Cloud. (2018). Retrieved from https://www.logicworks.com/blog/2018/02/5-steps-for-a-cost-efficient-migration-to-aws-cloud/

7 benefits of a Hybrid Cloud solution. (2018). Retrieved from https://www.iseek.com.au/cloud/7-benefits-of-a-hybrid-cloud-solution/

Ajluni, C. (2016). IT Innovators: Are Microservices Enabling the Hybrid Cloud?. Retrieved from https://www.itprotoday.com/business-resources/it-innovators-are-microservices-enabling-hybrid-cloud

An Overview of AWS Cloud Data Migration Services. (2016). Amazon Web Services. Retrieved from https://d1.awsstatic.com/whitepapers/Storage/An_Overview_of_AWS_Cloud_Data_Migration_Services.pdf

Aws Cloud Architecture. (2018). Retrieved from https://donatz.info/aws-cloud-architecture/

Barr, J. (2010). New Whitepapers on Cloud Migration: Migrating Your Existing Applications to the AWS Cloud. Retrieved from https://aws.amazon.com/blogs/aws/new-whitepaper-migrating-your-existing-applications-to-the-aws-cloud/

Cloud Computing Architecture. (2010). Siemens AG. Retrieved from https://resources.sei.cmu.edu/asset_files/Presentation/2010_017_001_23337.pdf

Cloud Security. (2012). Retrieved from https://www.intel.com/content/dam/www/public/us/en/documents/guides/cloud-computing-security-planning-guide2.pdf

CloudOps: 6 best ways to manage hybrid cloud performance. (2018). Retrieved from https://techbeacon.com/cloudops-6-best-ways-manage-hybrid-cloud-performance

De Laine, D. (2017). ?Techniques for securing hybrid clouds and the software defined data centre. Retrieved from https://www.cso.com.au/article/613428/techniques-securing-hybrid-clouds-software-defined-data-centre/

Earls, A. (2018). Cloud migration strategies for a hybrid cloud world. Retrieved from https://searchcloudcomputing.techtarget.com/feature/Cloud-migration-strategies-for-a-hybrid-cloud-world

Enterprise Hybrid Cloud: Strategy and Cost Considerations. (2017). Retrieved from https://platform9.com/blog/enterprise-hybrid-cloud-strategy-cost-considerations/

Froehlich, A. (2017). 5 Security Considerations For The Hybrid Cloud. Retrieved from https://www.informationweek.com/cloud/5-security-considerations-for-the-hybrid-cloud/a/d-id/1328000

Gracely, B., Finos, R., & Floyer, D. (2015). Aligning Application Portfolios with Hybrid Cloud Strategies. Retrieved from https://wikibon.com/aligning-application-portfolios-with-hybrid-cloud-strategies/

Gray, J., & Novak, A. (2015). Hybrid Cloud SLA Challenge. Retrieved from https://blog.newrelic.com/2015/05/18/sla-hybrid-cloud/

Hatter, P. (2014). 4 Best Practices for Managing Risk in the Hybrid Cloud. Retrieved from https://www.csoonline.com/article/3083384/security/4-best-practices-for-managing-risk-in-the-hybrid-cloud.html

Homepage Archives. (2018). Retrieved from https://www.trendmicro.com/azure/category/homepage/

How Containers, Microservices, and Hybrid Cloud Enable Innovation. (2018). Retrieved from https://dzone.com/articles/how-containers-microservices-and-hybrid-cloud-enable-innovation

Hybrid Cloud Architectures. (2018). Retrieved from https://aws.amazon.com/enterprise/hybrid/

Hybrid cloud security fundamentals: 4 things to know. (2018). Retrieved from https://enterprisersproject.com/article/2018/3/hybrid-cloud-security-fundamentals-4-things-know

Hybrid Cloud Security: 5 Key Considerations for your Business. (2018). Retrieved from https://www.tripwire.com/state-of-security/security-data-protection/cloud/hybrid-cloud-security-key-considerations/

Long, L. (2018). Hybrid cloud architecture: What to expect in an AWS migration. Retrieved from https://www.itproportal.com/features/hybrid-cloud-architecture-what-to-expect-in-an-aws-migration/

Parthasarathy, A., & Mani, R. (2017). Enterprise Hybrid Cloud: Strategy and Cost Considerations. Retrieved from https://dzone.com/articles/enterprise-hybrid-cloud-strategy-and-cost

Perez, J. (2018). Securing the Hybrid Cloud: A Guide to Using Security Controls, Tools and Automation. Retrieved from https://blog.qualys.com/news/2018/05/15/securing-the-hybrid-cloud-a-guide-to-using-security-controls-tools-and-automation

Practical Guide to Hybrid Cloud Computing. (2016). Cloud Standards Customer Council. Retrieved from https://www.cloud-council.org/deliverables/CSCC-Practical-Guide-to-Hybrid-Cloud-Computing.pdf

Rouse, M. (2018). What is hybrid IT?. Retrieved from https://searchcloudcomputing.techtarget.com/definition/hybrid-IT

Saran, C. (2018). Hybrid cloud strategy offers best of both worlds. Retrieved from https://www.computerweekly.com/feature/Hybrid-strategy-offers-best-of-both-worlds

Sareen, P. (2013). Cloud Computing: Types, Architecture, Applications, Concerns, Virtualization and Role of IT Governance in Cloud. International Journal Of Advanced Research In Computer Science And Software Engineering, 3(3).

SECURITY IN THE HYBRID CLOUD: Putting Rumors to Rest. (2011). Retrieved from https://ww2.frost.com/files/1614/2113/3098/Whitepaper-VMware_Bluelock_Security_In_The_Hybrid_Cloud.pdf

Shacklett, M. (2016). 10 hybrid cloud risk areas that the enterprise must manage. Retrieved from https://www.techrepublic.com/blog/10-things/10-hybrid-cloud-risk-areas-that-the-enterprise-must-manage/

Solutions, P. (2018). 5 Steps to Better Security in Your Hybrid Cloud. Retrieved from https://www.prescientsolutions.com/blog/5-steps-better-security-hybrid-cloud/

Tchana, A., Son Tran, G., Broto, L., DePalma, N., & Hagimont, D. (2013). Two levels autonomic resource management in virtualized IaaS. Future Generation Computer Systems, 29(6), 1319-1332. doi: 10.1016/j.future.2013.02.002

TDWI Checklist Report: Data Management Best Practices for Cloud and Hybrid Architectures. (2018). Retrieved from https://www.informatica.com/in/lp/tdwi-data-management-best-practices-for-cloud-and-hybrid-architectures_analyst-report_3359.html#fbid=nU0Po9vq5kt

Tech, I. (2016). What are the risks of hybrid cloud?. Retrieved from https://www.isgtech.com/what-are-the-risks-of-hybrid-cloud/

The online portal for Data Migration knowledge. (2018). Retrieved from https://datamigrationpro.com/data-migration-checklist-planner/

Tracy, P. (2016). Explaining the hybrid cloud, its advantages and disadvantages. Retrieved from https://www.rcrwireless.com/20160922/big-data-analytics/hybrid-cloud-iot-tag31-tag99

Tran, E. (2018). Pros & Cons for Building a Hybrid Cloud for Your Enterprise. Retrieved from https://www.actifio.com/company/blog/post/pros-cons-for-building-a-hybrid-cloud-for-your-enterprise/#sthash.vbLnCxbr.UTwz4tKH.dpbs

Vonnegut, S. (2018). Hybrid Cloud Migration: 5 Tips to Creating the Best Migration Strategy. Retrieved from https://www.stratoscale.com/blog/cloud/hybrid-cloud-migration-5-tips-creating-best-migration-strategy/

Waite, A. (2017). Utilizing Hybrid Architectures for Cloud Computing.

Hybrid Cloud. (2018). Retrieved from https://kemptechnologies.com/hybrid-cloud/

Why a Hybrid Cloud/Colocation Strategy Is Here to Stay. (2017). Retrieved from https://www.datafoundry.com/blog/hybrid-cloud-colocation-here-to-stay

<ta