1. Describe the Cloud architectures you would employ to assist DSI to meet the Board’s multi cloud strategy?
1. Describe each of the architectures that you would use, along with your reasons for deploying it. (10 marks)
2. Describe the benefits, critical points and issues that would be the likely result of the deployment of these architectures. (10 marks)
Assessment item 4 - Cloud Proposal and Design Value: 20% Due Date: 24-May-2020 Return Date: 16-Jun-2020 Submission method options: Alternative submission method TASK The Department of Spatial Information (DSI) is a State Government department. The major function of DSI is to provide accurate and timely spatial information to other Government departments, but also to make some of this spatial information available to the public. In order to provide both the government and public services, DSI has developed a number of web services that deliver this information through a number of internally developed services and applications. This suite of web services and applications is referred to as the DSI Online Spatial Delivery System (OSDS). The OSDS is considered essential by DSI and their users, so these services must be: · Readily available and accessible at all times, · Capable of handling heavy loads in times of peak demand, · Capable of serving downloads to users as required, · Secure from attacks, · Capable of providing detailed reports on usage. DSI is considering the following strategic proposal: · They plan to retain their data centre solely for archival and long-term data storage. This would entail updating their data storage infrastructure, and moving all other infrastructure into the Cloud. · They plan to initially move all their Web Services into the Cloud in order to provide an increased level of HA (High Availability) as well as a better degree of flexibility in supplying data to their customers and employees. · Their web services are running on the current Red Hat Enterprise Linux servers using Apache Tomcat · They plan to change their current web software architecture to take advantage of the flexibility and scalability that can be gained by moving to a Microservices model (this would entail the use of such services as AWS Lambda or Azure Functions, Containers, Data Services, and Cloud Edge capability and monitoring). · All Microservices are to be designed so that they can be easily moved from one cloud to another to suit requirements or to take advantage of price differentials. · They plan to use a multi-cloud approach to provide increased reliability, access, price differentials and avoid vendor lock-in. · They also plan to migrate their Spatial LoB (Line of Business) applications to the cloud in order to increase the application's flexibility and availability. The Spatial LoB application suite will require: · a number of IaaS instances running Windows Server 2019 · a number of PaaS instances for Microsoft SharePoint 2019 Enterprise · DSI are required under State Government legislation to keep spatial data sets in Australia. The DSI Board is contemplating this strategy as a way to increase the company’s flexibility and responsiveness. The Board also expects to achieve significant savings by migrating to a Cloud based ICT infrastructure. They appreciate that this would entail retraining for: · Their existing ICT staff so that they can manage the new Cloud based infrastructure, · Their development staff so that they can start to develop using a Microservices model. DSI has again approached you to advise them on this strategy. You have previously advised DTGOV that this strategic approach will mean that they will need to ultimately design and operate under a multi-cloud methodology, where parts of their data and services are located on and served from one public cloud, while other data and services are located on and served from a different public cloud. DSI also plan to run a Risk and Security Workshop to assess the risks, security issues and possible methods of control that will be required with this Multi Cloud and Microservices approach. You will be required to organise, run and facilitate this workshop. The Board is also concerned about how this strategy will affect their BCP (Business Continuity Plan) and their backup and disaster recovery strategies. Tasks Your team has been engaged to provide a report for DSI in their planned move to a Multi Cloud and Microservices strategy. Team Setup This assignment is a team assignment. The rationale for using a team approach is that most IT risk management assessments are normally done by teams of up to 8-10 people including Infrastructure and Cloud Architects, Information Security experts, Operations staff and Business unit leaders for each problem. You will be assigned to a team and the team, as a whole, will be responsible for the development of the report. Team Member Responsibilities Each team member will be assessed on: · The final report presented by the team; · The individual contributions that they have made to the report. This will be shown by the entries that they have made in the Team forum; · Team members should note that: · A total of 20% of the total marks for this assignment are for individual contributions to the team task; · A team member without any individual contributions in the Team Forum will be regarded as having not contributed to the report. This will result in either reduced or no marks being awarded to that team member for this assignment. The tasks: The team’s task is to prepare a report for DSI that discusses the following: 1. Describe the Cloud architectures you would employ to assist DSI to meet the Board’s multi cloud strategy? 1. Describe each of the architectures that you would use, along with your reasons for deploying it. (10 marks) 2. Describe the benefits, critical points and issues that would be the likely result of the deployment of these architectures. (10 marks) 2. Describe the Information Security risks that you see associated with this new Multi Cloud and Microservices strategy. You should name and describe each risk that you identify, estimate its likelihood and consequence and then describe a possible control for the risk. This should be presented in a tabular form. (20 marks) 3. Describe the general Information Security steps and controls that you would recommend to the Board to secure a Multi Cloud and Microservices architecture. You will need to explain to the Board your reasons for recommending these particular security steps. (20 marks) 4. Discuss briefly what you would recommend should be included in DSI's BCP as a result of their adoption of a Multi Cloud and Microservices approach. You will need to consider, as a minimum, the issues of application resilience, backup and disaster recovery in a Hybrid Cloud environment. This section should be no more than 2 pages. (10 marks) 5. Discuss the requirements that DSI will need to consider in order to conduct remote administration, resource management and SLA management for its proposed Microservices approach. This section should be no more than two to three pages in length. (10 marks) The team is to provide a written report with the following headings: · Proposed Architectures for a Multi Cloud approach · Threat and Risk Assessment report for Multi Cloud and Microservices · Proposed Information Security controls for Multi Cloud and Microservices · BCP changes to meet a Multi Cloud and Microservices approach · Microservices Administration and SLA Management As a rough guide, the report should not be longer than about 8,000 words. RATIONALE SUBJECT LEARNING OUTCOMES This assessment task will assess the following learning outcome/s: · be able to compare and evaluate the ability of different cloud computing architectures to meet a set of given business requirements. · be able to evaluate a set of business requirements to determine suitability for a cloud computing delivery model. · be able to identify and design an ICT Risk Management strategy for a cloud computing delivery plan to meet business requirements. · be able to critically analyse business requirements to plan a migration to a cloud model. · be able to compare and critique Service Level Agreements (SLA) that meet the business requirements for a cloud computing plan GRADUATE LEARNING OUTCOMES This task also contributes to the assessment · Information and Research Literacies (Knowledge) - CSU Graduates demonstrate that disciplinary knowledge is developed through research and evidence. · Information and Research Literacies (Skill) - CSU Graduates demonstrate the skills required to locate, access and critically evaluate existing information and data. · Digital Literacies (Knowledge) - CSU Graduates understand professional, social and cultural implications of the global use of technology. · Digital Literacies (Skill) - CSU Graduates use, create, communicate and share multimodal information in digital environments. · Professional Practice (Knowledge) - CSU Graduates possess the knowledge and understanding of the discipline and the nature of professionalism required for the given profession or discipline in contemporary societies. · Professional Practice (Skill) - CSU Graduates demonstrate discipline-specific technical capabilities and self-appraisal required for a beginning practitioner or professional. MARKING CRITERIA AND STANDARDS Marking Criteria Question Task Marks 1a Describe architectures required 10 1b Benefits and issues 10 2 Risk Assessment 20 3 Information Security assessment 20 4 Changes to BCP 10 5 Microservices Management 10 Forum Individual interaction on Forum 20 Total 100 Assessment Rubric Question HD DI CR PS FL 1a. Architectures Clear and comprehensive description of Cloud architectures needed, benefits and critical points and issues identified & discussed Detailed description of Cloud architectures needed, most benefits, critical points and issues identified & discussed Good description of Cloud architectures needed, many benefits, critical points and issues identified & discussed Adequate description of Cloud architectures needed, some benefits, critical points and issues identified & discussed Inadequate or incomplete description of Cloud architectures needed, few or no benefits, issues or critical points identified & discussed 1b. Benefits and issues Clear and comprehensive evaluation and discussion of the benefits gained and issues associated with Multi Cloud architecture using Microservices Very good evaluation and discussion of the benefits gained and issues associated with Multi Cloud architecture using Microservices Good evaluation and discussion of the benefits gained and issues associated with Multi Cloud architecture using Microservices Good evaluation and discussion of the benefits gained and issues associated with Multi Cloud architecture using Microservices Inadequate or incomplete evaluation with little or no discussion of the benefits gained and issues associated with Multi Cloud architecture using Microservices 2. Risk Assessment Clear, comprehensive description of Risk Management issues, critical points identified & discussed, Detailed description of Risk Management issues, many critical points identified & discussed, Good description of Risk Management issues, many critical points identified & discussed, Adequate description of Risk Management issues, some critical points identified & discussed, Inadequate or incomplete description of Risk Management issues, critical points identified & discussed, 3. Information security Clear, comprehensive assessment of InfoSec issues, critical points identified & discussed, Detailed assessment of InfoSec issues, most critical points identified & discussed, Good assessment of InfoSec issues, many critical points identified & discussed, Adequate assessment of InfoSec issues, some critical points identified & discussed, Inadequate or incomplete assessment of InfoSec issues, few or no critical points identified & discussed, 4. Changes to BCP Clear, comprehensive description of backup and DR plan, critical points identified & discussed, Detailed description of backup and DR plan, critical points identified & discussed, Good description of backup and DR plan, some critical points identified & discussed, Adequate description of backup and DR plan, some critical points identified Inadequate or incomplete description of backup and DR plan, none or few