Steps to Understanding Cloud Computing Presented by: Xvand Technology Corporation - Provider of IsUtility ®

Published byAbraham McGee Modified over 8 years ago

Similar presentations

Presentation on theme: "Steps to Understanding Cloud Computing Presented by: Xvand Technology Corporation - Provider of IsUtility ®"— Presentation transcript:

1 Steps to Understanding Cloud Computing Presented by: Xvand Technology Corporation - Provider of IsUtility ®

2 Evolution of business computing 1 1 Pros & cons of cloud models Takeaways 2 2 Mitigating cloud risks 3 3 Transitioning to the cloud 4 4

3 MISCONCEPTION

4 WHY IT’S TERMED “THE CLOUD”

5 90% of Microsoft employees are working on cloud-related projects - Steve Ballmer, CEO Microsoft Growing Trend… 90%

6 Evolution of Business Computing PC Networking Mainframe Cloud Computing Broadband & Internet

7 PERCEPTION REALITY Largest Threat Data Security

8 Cloud Computing Definition Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

9 Cloud Computing Models Infrastructure as a Service Network, servers, storage, virtual desktop, security, data backup, etc. Infrastructure as a Service Network, servers, storage, virtual desktop, security, data backup, etc. Platform as a Service Operating systems, databases, developmental tools, etc. Platform as a Service Operating systems, databases, developmental tools, etc. Software as a Service ERP, Accounting, CRM, Project Management, Office, etc. Software as a Service ERP, Accounting, CRM, Project Management, Office, etc. Colocation Location, power, broadband, physical security. Colocation Location, power, broadband, physical security. Utility Computing

10 On-premise vs. Cloud Services On-premise Colocation Cloud/SaaS Their Security Their Facility Your Equipment Your Support Your S&T Personnel Their Security Their Facility Their Equipment Your Support Your S Personnel Their Security Their Facility Their Equipment Their Support Your S Personnel Your Security Your Facility Your Equipment Your Support Your S&T Personnel Utility Computing

11 On-premise or in-house model On-premise Your Security Your Facility Your Equipment Your Personnel

12 SaaS Your Security Your Facility Your Equipment Your Personnel E-mail Accounting System

13 Colocation Their Security Their Facility Your Equipment Your Personnel

14 IaaS Their Security Their Facility Their Equipment Less of Your Personnel

15 Utility Computing

16 Finance’s Evolving Role Managing Financial Risk 1 1 Forecasting Financials 2 2 Staying Compliant 3 3 Challenging Status Quo 4 4

17 THE BOTTOM LINE BENEFITS

18 TIME COST Capital Investment Server crash Virus attack System refresh IT guy quits In-house IT

19 TIME COST No capital IT infrastructure costs. 1 1 Cloud Competitive Benefits

20 TIME COST Cloud No capital IT infrastructure costs. 1 1 Adaptability to evolving market conditions 2 2 Lower financial risk 3 3 Freed-up cash flow / internal resources 4 4 Competitive Benefits Improved security and service levels 5 5

21 FORTUNE-500 SMALL BUSINESS CAPABILITIES COST SMALL BUSINESS FORTUNE-500 CLOUD Competitive Benefits

22 PRACTICE AREAS Server Virtualization……... $100,000 Firewall Replacement……...$37,000 Secure FTP…………………$40,000 MS Exchange Upgrade……$90,000 SQL Server Replacement…$30,000 Domain Controller………….$40,000 Datacenter Move………….$107,729 + + + + + + + TOTAL….($344,729) Capital Costs

23 PRACTICE AREAS Server Virtualization……... $100,000 Firewall Replacement……...$37,000 Secure FTP…………………$40,000 MS Exchange Upgrade……$90,000 SQL Server Replacement…$30,000 Domain Controller………….$40,000 Datacenter Move………….$107,729 + + + + + + + TOTAL….($344,729) Cloud Savings: $190,000 Capital Costs

24 Risk Assessment - Example Business Risk Assessment Affected Business Area Impact Probability of Failure Single Event Loss Expectancy Estimated # of Incidents/Year Estimated Cost of Mitigation Note Company-wideHighLow$500,0000.1$10,000 No redundant UPS for phones Shipping Dept.HighLow$100,0000.2$15,000 No backup server Marketing/SalesModerateHigh$3,0002$6,000 CRM not redundant Comments:

25 Client Privacy in the New IT Environment Including the Challenges of Cloud Computing Texas CPA Tax Institute Nov. 12, 13, 2012 William C. Nantz, CPA, CFF, CGMA, RTRP, MBA, JD The Nantz Law Firm 2828 Bammel Lane, Suite 810 Houston, Texas 77098 713.542.5477 bill@nantzlaw.combill@nantzlaw.com

26 William C. Nantz, CPA, CFF, MBA, JD This addresses issues related to privacy because of expanded use of computers and digital processing of accounting and tax data in the Cloud and elsewhere. Privacy Issues are important due to expanded use of computers and the related digital footprint. IRS requires electronic filing of most returns. The tax return preparer must protect taxpayer information regardless of its location.

27 Confusion CPAs in Texas generally do not have to prepare a Privacy Policy for most clients. This is not true for Tax Return Preparers. The Gramm-Leach-Bliley Act ("GLBA"), Texas law, the Texas State Board of Public Accountancy Rules and the Texas Public Accountancy Act exempt a CPA firm from providing a Privacy Policy when performing typical tax or accounting work. CPA firms are only exempt from providing a Privacy Policy to each client but not from other provisions of the law. The confusion this creates is that a CPA firm must still protect and properly dispose of a client's personal identifying information. Also, a CPA firm preparing taxes will have to give certain disclosures to its clients.

28 Privacy Policy Issues CPA license holders and their partners, members, officers, shareholders, or employees are exempted from the requirement to adopt a privacy policy for clients who qualify for the Accountant-Client privilege outlined in the Texas Public Accountancy Act Section 901.457. The trigger permitting avoidance of the privacy policy requirements is a client’s qualification for the Accountant-Client privilege. The Accountant-Client privilege in Texas is based upon an agreement to provide professional accounting services between a CPA and his client. If the CPA collects the client's social security information for purposes outside of an agreement to provide professional accounting services, such as for insurance sales or stockbroker purposes, the exemption probably does not apply and the CPA should adopt a privacy code and make the privacy policy available to the client. If a license holder fails to renew his license, the Accountant-Client privilege will no longer be applicable and the unlicensed CPA would be required to adopt a privacy code and make the privacy policy available to the client.

29 Privacy Policy Issue Some CPAs will need a Privacy Policy. Examples: Recruiting Firms need a privacy policy even if owned by CPAs because there is no professional accounting services being performed upon behalf of a job candidate. Payroll Services are not exempt because there is no accounting relationship with the client’s employee. These are just some examples where a CPA firm may need a privacy policy.

30 Where to find Personal Information Personal Computers Tax Returns Paper files including work papers Digital Fax Machines Copiers Digital files stored in The Cloud. The IRS is pushing for universal electronic filing for everything it receives from tax return prepares and filing from The Cloud creates numerous security issues.

31 Digital Footprints Copiers: http://www.youtube.com/watch?v=6pIFUOav2xE Personal Computers & how to destroy a Hard Drive: http://www.youtube.com/watch?v=dYcPT-xrLBM

32 Cloud Computing Cloud computing is a computing resource deployment and procurement model that enables an organization to obtain its computing resources and applications from any location via an Internet connection. Depending on the cloud solution model an organization adopts, all or part of the organization’s hardware, software, and data might no longer reside on its own technology infrastructure. Instead, all of these resources may reside in a technology center shared with other organizations and managed by a third-party vendor.

33 Cloud Computing Many cloud service providers (“CSPs”)are relatively young companies, or the cloud computing business line is a new one for a well-established company. Hence, the projected longevity and profitability of cloud services are unknown. Some CSPs are curtailing their cloud service offerings because they are not profitable. Some CSPs might eventually go through a consolidation period. As a result, CSP customers might face operational disruptions or incur the time and expense of researching and adopting an alternative solution, such as converting back to in- house hosted solutions. Plans for such need to be included in any Cloud Based Computing plan.

34 Personal Information Collection of sensitive personal identifying information may go beyond the information collected from clients and may include information collected regarding employees, potential employees, information collected about a client’s employees or customers, and any other situation where sensitive personal identifying information is collected. CPAs are not exemption from the state and federal requirements to safeguard and properly dispose of the sensitive personal identifying information they collect, even if the information is stored in The Cloud.

35 What is Personal Identifying Information? Texas law defines sensitive personal identifying information as an individual's first name or initial and last name used in combination with one or more of the following personal identifying information: a. date of birth; b. social security number or other government-issued identification number; c. mother's maiden name; d.unique biometric data, including the individual's fingerprint, voice data, or retina or iris image; e. unique electronic identification number, address, or routing code; f.telecommunication access device as defined by Section 32.51, Penal Code, including debit or credit card information; or g. financial institution account number or any other financial information.

36 What is Personal Identifying Information? The U.S. Dept. of Commerce defines personal identifying information as: Name, such as full name, maiden name, mother’s maiden name, or alias; Personal identification number, such as social security number (SSN), passport number, driver’s, license number, taxpayer identification number, patient identification number, and financial account or credit card; Address information, such as street address or email address; Asset information, such as Internet Protocol (IP) or Media Access Control (MAC) address or other host-specific persistent static identifier that consistently links to a particular person or small, well defined group of people Telephone numbers, including mobile, business, and personal numbers; Personal characteristics, including photographic image (especially of face or other distinguishing characteristic), x-rays, fingerprints, or other biometric image or template data (e.g., retina scan, voice signature, facial geometry) Information identifying personally owned property, such as vehicle registration number or title number and related information Information about an individual that is linked or linkable to one of the above (e.g., date of birth, place of birth, race, religion, weight, activities, geographical indicators, employment information, medical information, education information, financial information).

37 IRS Definition of Personal Identifying Information Safeguarding taxpayer information is a top priority for the Internal Revenue Service. Taxpayer information is any information furnished in any form or manner (e.g. on paper, verbally, electronically, in person, over the telephone, by mail, etc.) by or on behalf of a taxpayer for preparation of their return. It includes but is not limited to a taxpayer’s name, address, identification number, income, receipts, deductions, exemptions, and tax liability. http://www.irs.gov/pub/irs-pdf/p4600.pdf

38 Agencies Enforcing Privacy Rules Federal Trade Commission (“FTC”) FTC Investigation: Fears that modern copy machines may store images on their hard drives indefinitely has prompted the Federal Trade Commission to take action. http://thehill.com/blogs/hillicon- valley/technology/98423-ftc-examining-digital-copier-privacyhttp://thehill.com/blogs/hillicon- valley/technology/98423-ftc-examining-digital-copier-privacy IRS Texas State Board of Public Accountancy Texas Attorney General/District Attorney

39 Penalties for Reveling Personal Information IRS: Internal Revenue Code provides for a fine of up to $1,000.00 and up to one-year in jail per improper disclosure of tax related information under I.R.C. Section 7216. Each occurrence treated separately. FTC under the GLBA makes it a felony to knowingly transfer or use, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, State law or local law.

40 Penalties for Reveling Personal Information Texas State Boar of Public Accountancy: up to a $100,000 fine for violation of a. Public Accountancy Act, Sec. 901.457. ACCOUNTANT-CLIENT PRIVILEGE or b.Texas State Board RULE §501.75 Confidential Client Communications.

41 AICPA/TSBPA Position The AICPA has adopted Generally Accepted Privacy Principals (GAPP) and recommends that a CPA firm publish it Privacy Policy. At this point in time it is not mandatory for AICPA members or other CPAs to publish a privacy policy, it is only recommended that the policy be published. The Texas State Board generally follows AICPA rules as outlined in RULE §501.62, Other Professional Standards http://info.sos.state.tx.us/pls/pub/readtac$ext.TacPage?sl=R&app= 9&p_dir=&p_rloc=&p_tloc=&p_ploc=&pg=1&p_tac=&ti=22&pt=22& ch=501&rl=62 http://info.sos.state.tx.us/pls/pub/readtac$ext.TacPage?sl=R&app= 9&p_dir=&p_rloc=&p_tloc=&p_ploc=&pg=1&p_tac=&ti=22&pt=22& ch=501&rl=62

42 TSBPA Position RULE §501.75 Confidential Client Communications: Except by permission of the client or the authorized representatives of the client, a person or any partner, officer, shareholder, or employee of a person shall not voluntarily disclose information communicated to him by the client relating to, and in connection with, professional accounting services or professional accounting work rendered to the client by the person. http://info.sos.state.tx.us/pls/pub/readtac$ext.TacPage?sl=R&app= 9&p_dir=&p_rloc=&p_tloc=&p_ploc=&pg=1&p_tac=&ti=22&pt=22& ch=501&rl=75 http://info.sos.state.tx.us/pls/pub/readtac$ext.TacPage?sl=R&app= 9&p_dir=&p_rloc=&p_tloc=&p_ploc=&pg=1&p_tac=&ti=22&pt=22& ch=501&rl=75

43 TSBPA Position Sec. 901.457. Accountant-Client Privilege: A license holder or a partner, member, officer, shareholder, or employee of a license holder may not voluntarily disclose information communicated to the license holder or a partner, member, shareholder, or employee of the license holder by a client in connection with services provided to the client by the license holder or a partner, member, shareholder, or employee of the license holder, except with the permission of the client or the client’s representative. http://www.tsbpa.state.tx.us/pdffiles/TSBPAACT.pdf

44 AICPA Privacy Checklist The AICPA at the present time is not requiring its members to follow this checklist and states This checklist provides CPA firms with practical illustrations of selected Generally Accepted Privacy Principles (GAPP) in order to maintain privacy best practices within their organizations. http://www.aicpa.org/InterestAreas/InformationTechnology/Resourc es/Privacy/PrivacyServices/DownloadableDocuments/CPA_Firms_ Privacy_Checklist.pdf

45 IRS Position The Internal Revenue Service also requires CPAs to follow I.R.C. 7216. The AICPA takes the position that: IRC Section 7216 prohibits anyone who is involved in the preparation of tax returns from knowingly or recklessly disclosing or using the tax-related information provided other than in connection with the preparation of such returns. Anyone who violates this provision may be subject to a fine or even imprisonment. The Internal Revenue Code provides for a fine of up to $1,000.00 and up to one-year in jail per improper disclosure of tax related information under I.R.C. Section 7216.

46 Cloud Adds New Parties to the Privacy Party FTC Privacy of Consumer Financial Information Rule (16 CFR Part 313) – This Rule (otherwise known as the Financial Privacy Rule) aims to protect the privacy of the consumer by requiring financial institutions, as defined, which includes professional tax preparers, data processors, affiliates, and service providers to give their customers privacy notices that explain the financial institution’s information collection and sharing practices. In turn, customers have the right to limit some sharing of their information.

47 IRS Position The IRS also requires tax return prepares to follow privacy rules found in IRC Section 6713 – Disclosure or Use of Information by Preparers of Returns. Title 26: Internal Revenue Code (IRC) § 6713 – This provision imposes monetary penalties on the unauthorized disclosures or uses of taxpayer information by any person engaged in the business of preparing or providing services in connection with the preparation of tax returns. If a return preparer “discloses any information furnished to him, or in connection with, the preparation of any such return” or “uses any such information for any other purpose than to prepare, or assisting in the preparing” the return, he or she will be fined $250 per disclosure up to an annual amount of $10,000.

48 IRS Position The Internal Revenue Service takes the following position regarding protection of personal identifying information when preparing a Form 5500: Do not enter social security numbers in response to questions asking for an employer identification number (EIN). Because of privacy concerns, the inclusion of a social security number on the Form 5500 or on a schedule or attachment that is open to public inspection may result in the rejection of the filing. If you discover a filing disclosed on the EFAST2 website that contains a social security number, immediately call the EFAST2 Help Line at 1-866-GO-EFAST (1-866-463-3278). The inclusion of personal identifying information in a public forum is to be avoided.

49 Cloud Computing Considerations Monitor, evaluate, and adjust your security program as your business or circumstances change. The entities handling personal tax information of your clients will be required to provide privacy safeguards and you may be held liable if the safeguards are not performed properly. Encryption is a best business practice for both transmission of taxpayer information as well as storage of personal information. Securely remove all taxpayer information when disposing of computers, diskettes, magnetic tapes, hard drives, or any other electronic media that contain taxpayer information. The FTC Disposal Rule has information on how to dispose of sensitive data. This includes taxpayer information stored in The Cloud.

50 Conclusion Personal information cannot be disclosed improperly regardless of a CPA's exemption from the requirement to have a Privacy Policy. Social Security or Tax Identification Numbers provided to a CPA firm are considered personal information and personal information may also be collected individuals or other entities doing business with the CPA firm or even from third-parties on a client's behalf. Personal information may only be disclosed as directed by a client or as otherwise permitted or required by court order, appropriate taxing authority, SEC or grand jury subpoena, legal process, law, or regulation. Further, Client personal information may be disclosed for the purposes of professional peer-review or Public Company Accounting Oversight Board inspection. A CPA must maintain personal information in a confidential manner and use commercially reasonable safeguards to prevent unauthorized access to personal information.

51 Conclusion Disposal of confidential information needs to follow Business & Commerce Code Section 35.48 Retention and Disposal of Business Records to an Outside Party, and needs to include the appropriate disposal of the hard drives of individual computers. When computers are destroyed, the hard drives need to be removed and destroyed separately. Client personal information will be disposed of by either shredding or obliteration of the personal information. A CPA may also contract with an individual or other entity engaged in the business of disposing of records, which will dispose of Client personal information by either shredding or obliteration.

52 Resources Safeguarding Client Information: http://www.irs.gov/pub/irs-pdf/p4557.pdf Safeguarding Client Information, Quick Reference: http://www.irs.gov/pub/irs-pdf/p4600.pdf Enterprise Risk for Cloud Computing: http://www.coso.org/documents/Cloud%20Computing%20Thought%20Paper.pdf AICPA Privacy Checklist: http://www.aicpa.org/InterestAreas/InformationTechnology/Resources/Privacy/Priva cyServices/DownloadableDocuments/CPA_Firms_Privacy_Checklist.pdf Intel Planning Guide, Cloud Security: http://www.intel.com/content/dam/www/public/us/en/documents/guides/cloud- computing-security-planning-guide2.pdf This PP and the documents listed above can also be located at http://learning.hccs.edu/faculty/william.nantz Under Additional Resources

53 William C. Nantz, CPA, CFF, CGMA, RTRP, MBA, JD, "Bill" is an attorney with the Nantz Law Firm and Board approved to teach the Ethics Course meeting the criteria set forth in Board Rule 511.58 and required in order to apply for the Uniform CPA Exam in Texas at Houston Community College. This powerpoint is published as general information only and should not be construed as legal advice. This article is not intended to be applied to any particular situation as such application requires knowledge and analysis of the specific facts involved. The Nantz Law Firm is not a CPA firm, but William C. Nantz, CPA is a CPA firm licensed by the Texas State Board of Public Accountancy. Bill may be contacted at 713.542.5477, bill@nantzlaw.com or william.nantz@hccs.edu.

54 RECOGNIZING THE ‘SIGNS’

55 Knowing the Signs outgrown our current IT capacity” “We’ve outgrown

56 Knowing the Signs “We need more predictable costs”

57 Knowing the Signs “How do we work under one virtual roof ?”

58 Knowing the Signs “Are we sure client data is secure?”

59 MYTHS vs. FACTS

60 Myth #1: Security “Data is unsafe in the cloud.” FACT MYTH Stricter security & compliance standards Centralized storage Redundant data backups Role based access controls

61

62 Myth #2: Performance “Performance is slower in the cloud.” FACT MYTH The cloud is faster than VPN Faster, enterprise-class architecture Limited only by internet connection

63 Myth #3: Transition “Moving to the cloud is a hassle.” FACT MYTH Quicker than on-premise tech refresh Team of experts help with transition IsUtility® – about 4 weeks

64 Myth #4: No More IT Staff “No room for my IT staff.” FACT MYTH Reduces daily IT maintenance IT focuses on strategic initiatives

65 The most common cloud computing concerns (and how to avoid them!)

66 SECURITY SURVEY: Cloud Computing Obstacles SUPPORT VENDOR LOCK-IN PERFORMANCE CONSUMPTION PRICING Source: CIO Research, Information Week

67 Common Concerns of Cloud Computing Validate Cloud Vendor: 1.IT Certifications 2. Legislative compliance 3.Security sensitive clients Security Tips Security Tips

68 Establish Parameters: 1.Service level agreement 2. Metrics used to monitor f & enforce performance 3.Request guarantee Performance Tips Performance Tips Common Concerns of Cloud Computing

69 Establish upfront pricing: 1.Provider should help forecast future needs 2.Ask: What’s not included? 3.Preferred: Per-user fee Pricing Tips Pricing Tips Common Concerns of Cloud Computing

70 FINDING THE PERFECT PROVIDER

71 Establish Cost Savings 1.Management time discussing IT 2.Recurrent capital costs 3.Hardware break-fix 4.Software updates/maintenance 5.Employee salary/benefits 6.Electrical utilities 7.Consulting services/training 8.Office space/rent 9.Travel expenses

72 10 Questions to Ask Your Cloud Provider Nine questions to ask before trusting your company’s data or computing tasks to an outside provider. 1. What if your bill doesn’t get paid? Will all your data be deleted abruptly if the check gets lost in the mail? 2. What if you choose to discontinue the service? Does your vendor allow you to retain ownership of your data? If you aren’t satisfied with the cloud, are you able to migrate your data from that service and how? What will be the cost involved with the migration? 3. Who will have access to my data? Find out exactly who will have access to your data. Certain industries fall under data privacy regulations that may make the cloud inappropriate. 4. Will the Regulators Approve? You are responsible for the security and integrity of your data – even when it’s in someone else’s hands. Ask the service provider what their process is for ensuring your data is safe and meets your compliance needs.compliance needs. 5. Where Will My Data Be? Find out exactly where your data will be stored. If you’re not diligent, it could wind up in a data center in a country where laws may affect your operations in unexpected ways. 6. How Will It Be Brought Back? If the data center goes out, where is the backup or backups? What redundant sources of storage and networking are being employed? 7. What percentage of downtime can be expected for scheduled maintenance and upgrades? This is a must-ask question for every organization considering cloud software and hosting, along with data availability/access. 8. How does the provider communicate maintenance notices, outage issues, or fixes? Know upfront how your cloud provider will locate you should the system be down, and what forms of communication will be used: email, phone, web, mobile, or all. 9. What If Your Service Provider Goes Out of Business? How will you get your data from the service provider? Will they cover any migration costs. Find out if there is a plan in place and get it in writing. Who owns the data? 1 1 What if I want to discontinue the service? 2 2 What is your uptime record? 3 3 How/are outages communicated? 4 4 Where is the data stored? 5 5

73 10 Questions to Ask Your Cloud Provider Nine questions to ask before trusting your company’s data or computing tasks to an outside provider. 1. What if your bill doesn’t get paid? Will all your data be deleted abruptly if the check gets lost in the mail? 2. What if you choose to discontinue the service? Does your vendor allow you to retain ownership of your data? If you aren’t satisfied with the cloud, are you able to migrate your data from that service and how? What will be the cost involved with the migration? 3. Who will have access to my data? Find out exactly who will have access to your data. Certain industries fall under data privacy regulations that may make the cloud inappropriate. 4. Will the Regulators Approve? You are responsible for the security and integrity of your data – even when it’s in someone else’s hands. Ask the service provider what their process is for ensuring your data is safe and meets your compliance needs.compliance needs. 5. Where Will My Data Be? Find out exactly where your data will be stored. If you’re not diligent, it could wind up in a data center in a country where laws may affect your operations in unexpected ways. 6. How Will It Be Brought Back? If the data center goes out, where is the backup or backups? What redundant sources of storage and networking are being employed? 7. What percentage of downtime can be expected for scheduled maintenance and upgrades? This is a must-ask question for every organization considering cloud software and hosting, along with data availability/access. 8. How does the provider communicate maintenance notices, outage issues, or fixes? Know upfront how your cloud provider will locate you should the system be down, and what forms of communication will be used: email, phone, web, mobile, or all. 9. What If Your Service Provider Goes Out of Business? How will you get your data from the service provider? Will they cover any migration costs. Find out if there is a plan in place and get it in writing. What is your recovery interval? 6 6 Who’s responsible for problem determination? 7 7 Will my software work compatibly? 8 8 What is the average support response time? 9 9 What is the per-employee cost? 10

74 KEYS TO A SMOOTH TRANSITION KEYS TO A SMOOTH TRANSITION

75 MANAGING EXPECTATIONS

76 Consider: The end-user experience

77 (Know before the transition) What will change? 1.Changes in performance? 2.How will security change? 3.How to add/remove users? 4.How to add new software? 5.Video/streaming limitations? 6.Will the interface change? 7.Length of transition process 8.Management: Less control?

78 MITIGATING THE RISKS

79 Review Service Agreement/Contract Notification of Breaches (past/future) Data Protection During Transit Migrating Away (If necessary) Long-term Lock-in?

80 Mitigating The Risks Secure Internet Connection (Redundant lines / WIFI)

81 Mitigating The Risks Assign Access Controls

82 MAKING THE TRANSITION

83 1. Determine Needs/Risks Transition Steps 2. Collect Apps/Data 3. Testing Period 4. Set-up / Migration 5. Onsite / Go Live CLOUD TIME

84 Transition Steps Cost/Risk Analysis All Applications? Hybrid? (Will apps work compatibly?) 1. Determine Needs/Risks

85 Servers Desktops (Keep Backup!) 2. Collect Apps/Data Transition Steps

86 Remote Accessibility Performance Support Response Access Controls Inventory: Data/apps Management Tools 3. Testing Period Transition Steps (What to test)

87 Management Tool (Example)

88 Migration Timeframe Hidden Migration Costs? Network Connection(s)  Redundant lines  WIFI (Keep secure!) Transition Steps 4. Set-up / Migration

89 Training Timeframe Add’l Training Costs? Set Expectations (users) Transition Steps 5. Onsite / Go Live

90 QUESTIONS?

91 Go Beyond The Cloud www.isutility.com 832-204-4848

Download ppt "Steps to Understanding Cloud Computing Presented by: Xvand Technology Corporation - Provider of IsUtility ®"

Similar presentations

Similar presentations

International partnership of law companies Customs & Corporate Lawyers, based on the principles of observance of high professional standards, mutual trust,

International partnership of law companies Customs & Corporate Lawyers, based on the principles of observance of high professional standards, mutual trust,
Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
1 The University of Texas at Tyler Protecting the Confidentiality of Social Security Numbers UTS165 Information Resources Use and Security Policy.

1 The University of Texas at Tyler Protecting the Confidentiality of Social Security Numbers UTS165 Information Resources Use and Security Policy.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
IT PLANNING Enterprise Architecture (EA) & Updates to the Plan.

IT PLANNING Enterprise Architecture (EA) & Updates to the Plan.
Version 6.0 Approved by HIPAA Implementation Team April 14, 2003 1 HIPAA Learning Module The following is an educational Powerpoint presentation on the.

Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
HIPAA Health Insurance Portability & Accountability Act of 1996.

HIPAA Health Insurance Portability & Accountability Act of 1996.
Network security policy: best practices

Network security policy: best practices
Protecting Sensitive Information PA Turnpike Commission.

Protecting Sensitive Information PA Turnpike Commission.
Effectively Explaining the Cloud to Your Colleagues.

Effectively Explaining the Cloud to Your Colleagues.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.
Ads by Google