Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Cloud Readiness Assessment Tool: An Analytical Review

No description
by

Saira syed

on 18 April 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Cloud Readiness Assessment Tool: An Analytical Review

Cloud Readiness Comprehensive
Self-Assessment Tool: Development and Evaluation

“Cloud is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” – (NIST, USA)
Introduction
Shared

resources

multiple users utilize the same resources.
Elasticity
– to easily utilize both hardware and software resources.
Pay as you go
– to pay only for the resources you are utilizing for the time.
Main drivers to adopt cloud computing
While cloud computing provides lots of benefits to the businesses, it potentially poses challenges.
That's why organizations are apprehensive and sluggish in accepting it.
Therefore, large number of organisations ask themselves a question.
Cloud Computing: The Reality
Are we ready to move?
Organisations should assess their current readiness for cloud migration.
Therefore, it is very important to build a solid strategy by evaluating their existing policies, procedures and compliances.
In this paper I present analytical review of the latest self-assessment tools which promise to help organisations in evaluating their current readiness to adopt cloud services. The aim of this research is to find the gap in current assessment tools in order to propose a tool with extended functions and capabilities.
Research Objectives
In this paper I present analytical review of the latest self-assessment tools which promise to help organisations in evaluating their current readiness to adopt cloud services.
Research Method
Findings
Microsoft’s Cloud Security Readiness Tool (CSRT)
Cloud Security Specialist Tool by – TrendMicro
Cloud Assessment Tool by ACCA Working Group
Cloud Readiness Self-Assessment tool by VMware

CSRT is based on Cloud Security Alliance’s (CSA) Cloud Control Matrix.
It simplifies the process and cuts through the clutter to help organisations take a step-by-step look at cloud adoption based on their environment.
It is an online diagnostic assessment with 27 questions to analyse a company’s security practices and highlight issues.
Focuses on six different issues which are as follows; Policy Design, physical architecture, privacy management, risk management, resilience management and security architecture.


This tool provides organisation an idea of their current business’s security posture with respect to cloud adoption, BYOD program, and targeted attacks.
It is based on 25 yes-or-no questions to assess organisation’s current security posture.
Presents a report with a comparison against industry averages and offers suggestion on how to improve current security practices.


The Tool provides a standard framework that allows IT users to measure their requirements against vendor offerings.
The CAT promises to help organisations in migrating applications to the cloud to weigh benefits against risk, cost and effort and make informed decisions.
As a result, end-users can define and prioritize their assess service providers’ offers effectively.


This tool helps organisations to determine about the starting point. VMware’s tool asks a short series of question on readiness.
Provides a profile of readiness around people and process, which are associated with cloud infrastructure deployment.
As a result, of the short survey, this tool presents a report with specific recommendation and best practices from the VMware cloud team.
Analysis
Recommendation
All Cloud Security Alliance’s CCM domains must be covered as they rest on frameworks such as ISO 27001/27002, ISACA, COBIT, PCI , NIST etc.
Detailed recommendation must be included in the report.
Vendor’s selection recommendation must be included.
This analytical review has illustrated the detailed insight into the current state-of-the art organizations’ readiness self-assessment tools.
This paper reveals a need to understand and evaluate the current IT infrastructure by the potential cloud consumers in order to make informed decision before migrating to cloud.
Conclusion
For future work, I plan to design and develop the self-assessment tool with extended capabilities and functionalities based on industries-accepted standard compliances, policies and procedures.

Furthermore, this tool will be equipped with simulator in order to provide clearer picture to the potential customers.
Future Research
Behl, A. (2011). Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation. 2011 World Congress on Information and Communication Technologies, 217–222.
Kantarcioglu, M., Bensoussan, A., & (Celine) Hoe, S. R. (2011). Impact of security risks on cloud computing adoption. 2011 49th Annual Allerton Conference on Communication, Control, and Computing (Allerton), 670–674. doi:10.1109/Allerton.2011.6120232
CloudToo Launches Cloud Readiness Assessment Scheme For SMEs - ProQuest. (n.d.).
Morsy, M. Al, Grundy, J., & Müller, I. (2010). An Analysis of The Cloud Computing Security Problem.
Motta, G., Sfondrini, N., & Sacco, D. (2012). Cloud Computing: A Business and Economical Perspective. 2012 International Joint Conference on Service Sciences, 18–22. doi:10.1109/IJCSS.2012.36
Objectives, B. (n.d.). Cloud Computing Still Faces. Forecast, 15–17.
Trend Micro Launches Online Security Assessment Tools. (2012,November).Retrieved from http://www.eweek.com/security/trend-micro-launches-online-security-assessment-tools

PRESS RELEASE:Cloud Assessment Tool. (2012,June). Retrieved From http://www.asiacloud.org/index.php/2012-07-17-08-33-19/press-release-2012/2
 
New Cloud Readiness Self-Assessment Tool. (2011,February). Retrieved From http://blogs.vmware.com/rethinkit/2011/02/new-cloud-readiness-self-assessment-tool.html
Sorry, cloud resisters Control does not equal security Cloud Computing – InfoWorld. (2014,July). Retrieved From http:///E:/hdr-paper ref/Sorry-resisters Control does not equal security Cloud Computing/InfoWorld.htm
References

Any Questions


Saira Syed
School of Computing & Mathematics
Sairasyed76@gmail.com

By Saira Syed
Microsoft’s Cloud Security Readiness Tool (CSRT).
Cloud Security Specialist Tool by – TrendMicro
Cloud Assessment Tool by ACCA Working Group
Cloud Readiness Self-Assessment tool by VMware
Different frameworks and tools have already been proposed to evaluate and assess organisations’ current readiness before cloud migration.
However, these frameworks and tools are applied together with a consultant, and this process poses financial burden to organisations.
In order to avoid this burden, organisations either hold or rush to the cloud adoption. As a consequence, they face huge number of security challenges.
Recently, to overcome these issues, a focus has been set on developing and utilising self-assessment tools.
Full transcript