Task 1

1. EXECUTIVE SUMMARY
1.1. SUMMARY OPTION

Option name: Cloud implementation

Brief description: We are going to move all the sever to the cloud, that means that
all the physical structure for the servers are going to be removed. Still is going to
use the router for WIFI. We are going to split by areas and each area is going to
be connected to a switch to prevent security problems. Most of the wire is going
to disappear.
Vendor: Microsoft
Total cost: 2700 AUD per year
Total savings: 7190 AUD per year
Option Lifespan:
Strength Weakness Recommendation
 Cost reduction. You  Your business 1. implement a more
pay for what you use. information may not be restrictive access
 Scalable storage secure. registration system
options according to 2. coordinate and
our need. You can  You can suffer from monitor credit card
expand the storage slow connections if fraud
options to meet the many users are 3. monitor customer
needs without accessing the server traffic for the
problem. simultaneously. detection of possible
 Automatic updates. illegal activities
There is no need for  The programs on the 4. check the public
the IT department to server may not be the blacklists to identify if
have to worry about full version. the IP ranges of the
paying for future infrastructure have
updates.  It is vital that the entered them
 Remote access. platform has a 5. prohibit, through
Employees can access continuous and fast policies, share
information wherever Internet connection. credentials between
they are. users and services
 Ecological service. It 6. apply double factor
uses less energy than authentication
traditional data techniques whenever
centers. possible
 Ease of 7. monitor sessions for
implementation. There unusual activities
is no need to
implement hardware
and components that
may take several
hours to install.

1.2. FINANCIAL SUMMARY

 Year 1 Year 2 Year 3 Year 4 Total
Option 1 Capital 3500 - - - 3.500
Operatio 2300 2700 2700 2700 10.400
nal
Total 5800 2700 2700 2700 13.900

2. CURRENT SITUATION

2.1. POLICY/AGENCY CONTEXT

Values
Danford College is committed to excellence in education. As a
Registered Training Organisation and a CRICOS Provider, we are committed
to creating greater educational value in our community. We are proud of our
diverse staff and student body, and provide support and unique learning
opportunities for students from around the world.

Mission
Danford College seeks the highest quality of education and
greater educational links with industry. We work hard to continually improve
our services, facilities and educational offerings. With qualified trainers
and world-class facilities, we work to attract smart, passionate students
from around the world and help further their careers through education. A
Danford College education is a pathway. We support students looking to
advance their professional skills and knowledge, further their career, or
progress to higher education.

2.2. CURRENT TECHNICAL ENVIRONMENT

ICT Infrastructure
The college count with 3 server which provide WEB, FTP, DHCP, VoIP,
database and authentication services. In addition, the campus network has 1
main router (gateway) 2 switches and several Access points to provide wi-fi
access.
The college provides digital resources to the students in order to help them
with their assessments along with other services such as printing and Wi-Fi
connectivity.

Virtualization
The software used to manage the digital resources is called JobReady and
both students and trainers have access to it.

Workforce
The college staff is comprised by 20 trainers, 10 admin staff, 5 marketing
staff and 3 managers; it also subcontracts the IT services with a third-party
provider.
 2.3. BUSINESS PROBLEM

All the assessments and attendance have been handled manually until now;
however, due to a significant increment in the number of students Danford
college has decided to move from a paper to a paper-less system, this means
that all assessment will be uploaded to a server/s where they will be marked
by the assessors.

In addition, the college is concerned with the low performance in the network
at peak hours (mainly when the students are in the campus) and the lack of
proper security for some of their online services.

2.4. STAKEHOLDERS IMPACT

Administrative:
 More cost in the paper printed and environmental damage
 Cost of maintenance of the servers
 Difficult to work some times
Students:
 Difficult do the work if the servers are not working
 Redoing the job and time spend trying to print several times
 Low internet to make the assessments
Teachers:
 Assessment difficult some times
 Access to the software some times is hard due the internet
 They have to carry a lot of paper to check the assessments

2.5. CURRENT RISK

TECHNICAL RISKS
1. hackers or hackers, that is, the unauthorized access of a third party to all or
part of our information system.
2. Denial of service (in English: Denial of Service or DoS), The attacker does not
obtain access to the company’s computer system, but rather spoils some
strategic components (the mail server, the Web site, etc.).
3. Viruses and their various derivatives (worms, backdoor, Trojan horse), These
are malicious programs that reproduce more or less autonomously. They are
transmitted primarily through mail or file transfers over the Internet
4. Interception of confidential data, even if it does not directly damage the
computer systems, a third party that succeeded in improperly obtaining
confidential data or documents can cause significant damage
BUSSINESS RISKS
1. loss of customers due to problems with the network and the loss of time at
the time of interpreting an assessment
2. environmental problems due to the amount of paper wasted by assessment
correction
3. high network maintenance costs
4. loss of information when a server is damaged
5. loss of money because you can’t work when the network goes down

2.6. CURRENT COST

FEATURE UNIT COST TOTAL COST

General maintenance 38 30 1140
Server maintenance Linux 2 900 1800
advance
Server maintenance windows 1 500 500
Router maintenance 1 200 200
Software windows 30 190 5700
Software Linux 2 250 250
Total 9890

3. PROPOSE RESPONSE
3.1. STRATEGIC ALIGNMENT
Private cloud: The infrastructure of this cloud is operated solely by and for an
organization
Virtualized elements and virtualization elements will be treated the same as the
corresponding physical elements for configuration, maintenance, security rules
and regulatory aspects.
The images of the virtual elements will be treated as data with the same security
requirements as the information and services handled by said virtual elements.
Providers will ensure that the location of each of the physical resources used to
implement the Cloud Computing service, directly or outsourced.

3.2. TECHNICAL ENVIROMENT

This mean that the company is going to use:
 2 routers
 4 switchs
 Several wireless point for students
 Cloud access

3.3. BUSSINES ENVIROMENT

It will be divided into two important administrative and educational areas. in the
administrative part will be the administration, marketing and managers. In
educational it will be divided into students and trainers.
The employees of the organization can work on the same document or application
simultaneously. This allows you to create records and receive comments in real
time, regardless of the physical location of each one.
Employees can work remotely, from anywhere with an Internet connection. This
new concept benefits companies, as it increases productivity and helps staff to
better combine their professional and family life.

3.4. BENEFIST
 Cost reduction. You pay for what you use.
 Scalable storage options according to our need. You can expand the storage
options to meet the needs without problem.
 Automatic updates. There is no need for the IT department to have to worry
about paying for future updates.
 Remote access. Employees can access information wherever they are.
 Ecological service. It uses less energy than traditional data centers.
 Ease of implementation. There is no need to implement hardware and
components that may take several hours to install.
 Qualified sellers. Choose who you prefer to manage and protect your data.
 The response times. A better response time is achieved with the cloud than
most cases compared to a standard server.
  It offers equal conditions for new small businesses, allowing them to compete
more effectively in the market.
 Performance and durability. Run your websites at a much faster pace with the
benefits of using a more durable service.

4. PROPOSAL SUMMARY
We are going to move all the sever to the cloud, that means that all the physical
structure for the servers are going to be removed. Still is going to use the router for
WIFI. We are going to split by areas and each area is going to be connected to a
switch to prevent security problems. Most of the wire is going to disappear.
5. SOLUTION OPTION
5.1. DESIGN CRITERIAL
File Encryption
Taking into account that the files will be hosted on servers that we do not have
located, it is recommended before uploading them to the cloud storage service that
encryption is applied. With this, what is sought is that in a hypothetical case that
the service suffers from a security problem, cybercriminals will not be able to
access our information.
Flexibility: commercial demands on broadband are increasing. Cloud-based services
can take care of these demands, thanks to the enormous capacity of remote service
servers.
Automatic synchronization
The user can install a client on their desktop or mobile device and have in real time
any file that is in the service, thanks to automatic synchronization. Generally it is an
automatic function, being a matter of payment the number of devices to
synchronize with the same account.
Encrypted connection to connect to the service
So important is to encrypt the files, as we have pointed out above, how to access
the service securely.
Collaborative tools
When sharing documents with other users and editing them together, these types
of tools are the best solution.
Accessibility and maintenance
Accessibility can be said to be the most important benefit of cloud services for
maintenance teams. When maintenance systems are hosted in the cloud,
maintenance teams have access to their systems and data from anywhere. They no
longer need to be connected to the network to access critical information. This
positively impacts the way maintenance services are programmed, implemented
and operated.
Speed
Low speed due to increased network traffic into the server connection
Reliable
Routers and switches can be facilitated and configured from the cloud. Centralized
routers can also be managed and monitored virtually, which is still good news. By
facilitating installation and support, you are contributing to making your business
more reliable.
5.2. Identify options

 Maintenance cost
 Benefist
 Requirements
 Savings

6. OPTION ANALYSIS

Requirements Cloud
Benefits 1.- Access from any site and with several devices.
2.- Savings in both software and hardware and in technical
maintenance
Disadvantage 1.- Lack of security and privacy.
2.- Without Internet there is no cloud.
Total cost 2700 AUD
Total saving 7190 AUD
flexibility of the You can make a change of memory capacity layer at any
contract time, you can increase or decrease at any time
Estimate 4 hr
installation
timeframe
Requirements 1 ACCESS PERMITS
The software must have a system that allows assigning
access permissions according to each user. A company
should never allow free access to its folders and files.
Requirements 2 CONTROL OF SHARES OR WORKFLOW
When a company uses some file management software, it
is necessary to know what has happened in the life of those
files. The software has to provide some mechanism of
histories or workflow of the archives.
Requirements 3 MEASURES THAT AVOID LOSSES
The software must have measures that prevent the loss of
stored information. Any user should not be able to delete
company information. Similarly, any user should not be
able to modify the structure of files and folders of the
company.
 Requirements 4 CONTROL OF LINKS AND EMAILS SENT
In the company you have to be very careful with the links
to share files. The systems must allow access control to
those links. They are company files distributed and sent
through links that are not well known where they can end.
Implementation Abuse and misuse of cloud computing
risk Unsecured interfaces and APIs
Internal threat
Loss or leakage of information
Session or service hijacking

7. IMPLEMENTATION APPROACH
Define your project – All the servers are going to move to the cloud
Select the platform – Microsoft Azure Cloud
security policies – section 9
Migration
The first thing is to verify that the “Remote Desktop” option is enabled. Additionally,
it is necessary to allow RDP connections in the Windows Firewall. And it is that
Azure generates a new network interface.
Next you have to create a Virtual Hard Disk. The format is VHD, the one used by
Azure for all its virtual machines.
The next step is to create a storage account in Azure, where you have to upload the
Virtual Hard Disk created in the previous step. In the storage account it is necessary
to generate a container.
Once the disk is uploaded, you must access the virtual machines section and select
the option that allows you to create a new disk from the existing VHD.
The last step is to create a new virtual machine. To do this, simply select the option
from the gallery and select the disc that has just been added.
Monitoring
It is important to have solutions that can report data from different sources on a
single platform, which allows to calculate metrics and uniform results in a
comprehensive view of performance. Another aspect to consider is the need to
monitor the uses and costs of the cloud service. The ability to scale is a key feature
of cloud services, but increased use can lead to increased costs. Robust monitoring
solutions should track what part of your organization's network activity is in the
cloud and how much it costs. A monitoring solution that alerts you when cloud
resources exceed the budget or usage limits can save an organization huge costs.
Organizations should track long-term trends and most monitoring tools provided by
cloud service providers only keep data for a limited time (between 30 and 60 days).
So a monitoring tool must be compatible with maintaining that information to show
trends for at least several months.
You have to configure instant visibility for everyone. The monitoring solution must
support customizable panels that provide instant visibility into what is happening,
what is happening, what is seeing intensive use and what is inactive. This not only
facilitates problem solving, but also allows teams to see problems and solve them
proactively before they affect end users. Finally, it is important to test the tools to
see what happens when there is a data interruption and evaluate the automatic
response systems when certain thresholds are reached.
8. AGENCY CAPABILITY
Stakeholders impact
employees:
 Access from anywhere and device
 Disconnections and offline availability
Administrative
 Payment for use allows the option for companies to grow and adapt to new
changes and requirements, regardless of whether it is a immediate, short or
long term change.
 Low demand for updates and maintenance (less costs)
 Loss of data control
Training
We have to develop a program to train the clients and administrative to use the
new programs and how access to this.
Responsibility
The administrative department have to be monitoring to control the access to
the cloud and how the internet is working.
operational capacity
• A “shared services” governance model
• Supply and acquisition processes that do not compromise your punctuality
• A service infrastructure for the provision of services
• Integrated event management, configuration, changes,releases, capabilities
and service level.
• A catalog of services and a database for the management of the configuration
(CMDB) supported by tools service automation
• Measurement, billing and subscription support
• Bid management
 • Virtualized and standardized infrastructure
• A critical mass of resources that can be grouped to justify the investment
made in the management infrastructure
• Software license acquisition agreements adapted to a cloud consumption
model

9. SECURITY AND INFORMATION ASSURANCE

1) Secure your corporate network. First, make sure that it is possible to protect
and enforce policies consistently across all devices in your network - owned by
the company or employees. With this, you not only have control over web
applications that are accessed from desktops or laptops, but also from mobile
devices.

2) Extend protection against malware on mobile devices. This action must be a

priority; Never leave mobile devices that have access to corporate network
applications exposed to potential threats. Fortunately, employees understand
that protecting mobile devices is critical, regardless of who owns the equipment.

3) Close the security breach in mobile applications. Mobile web applications are
effectively applications within an application - the native browser on a mobile
device and there are thousands of them. While some security solutions offer the
ability to block or allow native applications, they do not provide controls for
mobile web applications, creating a security breach in mobile applications that
leaves users vulnerable to applications at risk or danger on mobile devices.
Closing this gap is a fundamental step on the road to the complete incorporation
of BYOD into the company.

4) Set policies contextually. A “one-of-a-kind approach to all” does not work

because the needs and expectations of users and IT vary dramatically. Security
policies based on the user, their location, the device they are using and the
network must be intelligently applied.

5) Report, adjust and repeat. To maintain effective security and adequate policy
controls, it is essential to adjust corporate policies based on real-time data
obtained from all users and devices. Use reporting tools to understand not only
how policies are impacting users and their network, but also to identify and
resolve issues immediately.

10. RISK

RISK RISK MITIGATION ACTION

RATE
Abuse and misuse of High 8. implement a more restrictive access registration
cloud computing system
9. coordinate and monitor credit card fraud
 10.monitor customer traffic for the detection of
possible illegal activities
11.check the public blacklists to identify if the IP
ranges of the
12.infrastructure have entered them
Unsecured High 1. analyze the security problems of the providers'
interfaces and APIs interfaces of service
2. ensure that authentication and access controls
are implemented taking into account data
encryption
Internal threat Low 1. specify legal and confidentiality clauses in
labor contracts
2. determine possible problems in notification
processes
Loss or leakage of High 1. implement powerful APIs for access control
information 2. protect data transit by encrypting it
Session or service High 1. prohibit, through policies, share credentials
hijacking between users and services
2. apply double factor authentication techniques
whenever possible
3. monitor sessions for unusual activities

11. CRITICAL SUCCES FACTORS

FACTOR DESCRIPTION
Business need the infrastructure of the network would be improved which
facilitates the location of the computers.
the costs would decrease
the customer would be satisfied and the ease of use for
this
Standardized and self-service offers that improve
efficiency
Services provided quickly that provide agility
Availability of flexible prices that facilitate innovation
Strategic fit It would be shown as an eco-friendly educational
company, in addition to presenting a stable structure and
allowing the connection of students from anywhere, it
does not necessarily have to be in the educational center
to access the server
Value for money There would be a 70% benefit by reducing more than
7,000 dollars per year
Achievability Integrator is needed as it is responsible for the cloud
services offered by providers. This role requires some IT
knowledge to communicate and clearly translate the
technical and business requirements to the service
providers. In effect, the integrator is the link between your
organization and all external suppliers
A solid cloud governance infrastructure and strategy It
should be part of any cloud computing strategy. The Cloud
governance includes:
 • Establish decision rights for interest groups, such as
determining the roles with power to acquire solutions and
the level of involvement required of the involved
• Develop decision-making processes for the cloud
• Establish and apply policies to manage suppliers
of cloud services
Supply vendor side We use IasS because compared to SaaS and PaaS, IaaS
users are responsible for managing applications, data,
runtime, middleware, and OSes. Providers still manage
virtualization, servers, hard drives, storage, and
networking. Many IaaS providers now offer databases,
messaging queues, and other services above the
virtualization layer as well. Some tech analysts draw a
distinction here and use the IaaS+ moniker for these other
options. What users gain with IaaS is infrastructure on top
of which they can install any required platform. Users are
responsible for updating these if new versions are
released.