Overview

The Cloud site Security Consulting service is designed to identify specific solutions within the Cloud that will provide benefit to your organization and identify potential Cloud Service Providers (CSPs) that will be able to satisfy the solution's requirements. The Opportunity Assessment will also identify the set of workloads potentially suitable for moving to the Cloud. It provides a weighted review of potential CSPs that helps match and rank potential CSPs that satisfy the future business and technical requirements for the identified workloads.
The objectives of this assessment service are:

• Determine Business Strategy

o Business services provided and delivered by IT
o Business initiatives and scalability of existing services
o Challenges facing the business related to the impact on IT

• Review current IT state at a high level

o Existing infrastructure, facilities, processes and services
o Existing limitations and scalability issues
o IT maturity of processes and controls
o Business applications
o IT tools
o IT supporting services
o Service definitions, measurement of IT services (SLAs) and reporting
o Existing IT limitations and challenges in meeting business demands

• Determine security and compliance issues

o Specific security requirements for data at rest and data in motion o Regulatory and compliance requirements o Auditing and remediation

• Measure value

o Risk vs. reward o High level TCO and ROI: comparison of current state vs. future state o Cost of Cloud solution services vs. anticipated benefits

Key Benefits

We start by understanding your business and current environment.

We recommend specific solutions to move to the Cloud, develop requirements, and demonstrate ROI.

We identify and secure the right resources.

Since we are vendor neutral we pick the best partners who will meet your immediate and long-term needs.

We plan the move to insure no interruption to your business.

We implement the move.

We stay with you each and every step; we are committed to establishing a strategic relationship to ensure you are getting the benefits cloud computing offers and take advantage of additional opportunities as your business grows.

Methodology

Pre-visit Items

Prior to the actual on-site visit, COE Security collects any existing information. This could be the Cloud Strategy and Workshop Report from a Cloud Strategy Workshop, or equivalent information collected by other means. If this information is not already available, that will impact the required length of the Readiness Assessment engagement.

We also hold a Kick-off Call to establish the roles and responsibilities, logistics, schedules and high-level goals for the on-site visit.

During the on-site visit

The on-site session usually starts with:

• A short presentation of your major goals and issues, and your criteria for calling a Cloud engagement a success.
• A review of the initial workloads currently targeted to move to the Cloud first, concentrating on the requirements for security, performance and availability for each workload.
• A short explanation of how we intend to proceed with the data collection
• A scheduling conversation to get the information necessary to satisfy the Objectives listed above based on availability of your personnel.

The majority of the on-site visit is spent in small groups capturing the required information. Each mid-afternoon we have a quick review of what has been covered, what needs to be covered, and list any data collection issues so they can get addressed?

Post-visit

After the on-site visit, we analyze the information provided and prepare the deliverables. We may have a few specific questions which we will ask via a scheduled conference call.

Deliverables

• Cloud site Assessment Executive Summary
• Cloud Site Assessment Report


• Summary Presentation