AWS DoubleHorn Whitepaper for Disaster Recovery/ Continuity of Operations and Backup

Similar documents
10 Considerations for a Cloud Procurement. March 2017

Introduction: Is Amazon Web Service (AWS) cloud supports best cost effective & high performance modern disaster recovery.

Intermedia s Private Cloud Exchange

Accelerating the HCLS Industry Through Cloud Computing

Accelerate Your Enterprise Private Cloud Initiative

Security & Compliance in the AWS Cloud. Amazon Web Services

Security & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

2013 AWS Worldwide Public Sector Summit Washington, D.C.

Choosing the Right Cloud. ebook

Introduction to Cloud Computing

Total Cost of Ownership: Benefits of the OpenText Cloud

Introduction to AWS GoldBase

AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

IT your way - Hybrid IT FAQs

Total Cost of Ownership: Benefits of ECM in the OpenText Cloud

VMware vcloud Air Network Service Providers Ensure Smooth Cloud Deployment

Benefits of Extending your Datacenters with Amazon Web Services

NS2 Cloud Overview The Cloud Built for Federal Security and Export Controlled Environments. Hunter Downey, Cloud Solution Director

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

TOP 7 REASONS to Migrate Your Data Center to the Cloud

Cloud Computing: Making the Right Choice for Your Organization

Government IT Modernization and the Adoption of Hybrid Cloud

Most likely, your organization is not in the business of running data centers, yet a significant amount of time & money is spent doing just that.

Getting Hybrid IT Right. A Softchoice Guide to Hybrid Cloud Adoption

Go Cloud. VMware vcloud Datacenter Services by BIOS

TRACKVIA SECURITY OVERVIEW

Cloud First Policy General Directorate of Governance and Operations Version April 2017

INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE

Accelerate Your Cloud Journey

Cloud Affinity Water Peter Rowland - CIO

Choosing the Right Cloud Computing Model for Data Center Management

Service Provider Consulting

Cloud Services. Infrastructure-as-a-Service

Government Data Center Modernization

Understanding As-a-service: Teradata IntelliCloud

Amazon Web Services. For Government, Education, and Nonprofit Organizations

Cloud Transformation and Significance of Security

CLOUD ECONOMICS: HOW TO QUANTIFY THE BENEFITS OF MOVING TO THE CLOUD

Security and Compliance at Mavenlink

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

Hyper-Converged Infrastructure: Providing New Opportunities for Improved Availability

Matrix IT work Copyright Do not remove source or Attribution from any graphic or portion of graphic

NC Education Cloud Feasibility Report

CASE STUDY: USING THE HYBRID CLOUD TO INCREASE CORPORATE VALUE AND ADAPT TO COMPETITIVE WORLD TRENDS

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

EXECUTIVE REPORT. 4 Critical Steps Financial Firms Must Take for IT Uptime, Security, and Connectivity

Accelerate your Azure Hybrid Cloud Business with HPE. Ken Won, HPE Director, Cloud Product Marketing

Cloud Computing Introduction & Offerings from IBM

IT Enterprise Services. Capita Private Cloud. Cloud potential unleashed

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

White Paper. Platform9 ROI for Hybrid Clouds

An introductory look. cloud computing in education

Governance for the Public Sector Cloud

White Paper. How to select a cloud disaster recovery method that meets your requirements.

WHITE PAPER. Header Title. Side Bar Copy. Header Title 5 Reasons to Consider Disaster Recovery as a Service for IBM i WHITEPAPER

Why the Cloud is Changing the Face of DR

7 Things ISVs Must Know About Virtualization

THE JOURNEY OVERVIEW THREE PHASES TO A SUCCESSFUL MIGRATION ADOPTION ACCENTURE IS 80% IN THE CLOUD

Supporting the Cloud Transformation of Agencies across the Public Sector

Tieto s itap Offering

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

Hyperconverged Infrastructure: Cost-effectively Simplifying IT to Improve Business Agility at Scale

SOFTWARE PLATFORM INFRASTRUCTURE. as a Service. as a Service. as a Service. Empower Users. Develop Apps. Manage Machines

Awareness Technologies Systems Security. PHONE: (888)

Cloud for Government: A Transformative Digital Tool to Better Serve Communities

Cloud Computing Briefing Presentation. DANU

Advanced Architectures for Oracle Database on Amazon EC2

CLOUD COMPUTING ABSTRACT

AWS Storage Gateway. Amazon S3. Amazon EFS. Amazon Glacier. Amazon EBS. Amazon EC2 Instance. storage. File Block Object. Hybrid integrated.

CLOUD COMPUTING PRIMER

FEDERALLY COMPLIANT HYBRID IT QTS GOVERNMENT SOLUTIONS

Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect. Amazon.com, Inc. and its affiliates. All rights reserved.

Cloud Computing Overview. The Business and Technology Impact. October 2013

Future Shifts in Enterprise Architecture Evolution. IPMA Marlyn Zelkowitz, SAP Industry Business Solutions May 22 nd, 2013

Shaping the Cloud for the Healthcare Industry

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

The Cloud Changes Nothing and Everything! Amazon.com, Inc. and its affiliates. All rights reserved.

Agenda. What is Cloud/Azure Azure Services & Scenarios Security Pricing

The Business Case for Virtualization

Cloud Confidence: Simple Seamless Secure. Dell EMC Data Protection for VMware Cloud on AWS

Perfect Balance of Public and Private Cloud

Executive Brief CHOOSING THE RIGHT MODEL FOR ENTERPRISE BACKUP & RECOVERY. The Executive Guide Q417-CON-10681

About the DISA Cloud Playbook

Business Resiliency in the Cloud: Reality or Hype?

VMware Cloud on AWS The Next Generation Hybrid Cloud Architecture

CIO Forum Maximize the value of IT in today s economy

Engage with ESRI in the AWS Cloud. Teresa Carlson, VP of Global Public Sector

Introduction to Amazon Cloud & EC2 Overview

REALIZE YOUR. DIGITAL VISION with Digital Private Cloud from Atos and VMware

The Technology Behind Datrium Cloud DVX

Cisco CloudCenter Solution Use Case: Application Migration and Management

AtoS IT Solutions and Services. Microsoft Solutions Summit 2012

What is milcloud 2.0?

Digital Renewable Ecosystem on Predix Platform from GE Renewable Energy

CenturyLink for Microsoft

Cloud Computing and Its Impact on Software Licensing

Transcription:

AWS DoubleHorn Whitepaper for Disaster Recovery/ Continuity of Operations and Backup March 2016 Amazon Web Services, Inc. 410 Terry Avenue North Seattle, WA 98109-5210 Cage Code: 66EB1 DUNS Number: 965048981 NAICS: 518210 DoubleHorn 1802 W 6 th St Austin, TX 78703 Texas DIR Cloud Services Contract: DIR-TSO-2518

Table of Contents 1.0 Introduction... 1 2.0 How AWS Can Help with Disaster Recovery/Continuity of Operations and Backup... 2 2.1 DR/COOP and Backup... 2 2.1.1 General DR/COOP and Backup Requirements and Issues... 2 2.1.2 AWS Capabilities for DR/COOP and Backup Solutions... 2 2.1.3 Solution Use Cases... 3 2.1.4 Next Steps... 4 3.0 AWS Features and Services... 5 4.0 AWS vs. On-Premises... 6 5.0 AWS Pricing... 7 6.0 How Can DoubleHorn Help?... 8 7.0 AWS Case Studies and Analyst Reports... 9 7.1 DR/COOP and Backup... 9 7.2 Analyst Reports... 9 8.0 AWS Security and Compliance... 11 9.0 AWS Cloud Migration Considerations... 12 9.1 AWS Marketplace... 12 9.2 AWS Training... 12 10.0 DoubleHorn - AWS Contract Vehicle Options... 13 March 2016 Page i

1.0 Introduction Disaster Recovery/Continuity of Operations and Backup Amazon Web Services, Inc. (AWS) is pleased to provide this paper detailing the value and benefits of using the AWS cloud platform for Disaster Recovery (DR)/Continuity of Operations (COOP) and backup. The purpose of this paper is to describe how AWS can not only be used to meet existing needs, but can extend IT capabilities with our extensive range of flexible and low-cost IT resources. In addition to new capabilities, AWS also offers substantial cost savings, without the need for up-front expenses or long-term commitments. This paper also provides one page summaries of some key AWS information and benefits: AWS Features and Services: With AWS, customers can requisition compute power, storage, and other cloud services in minutes. AWS vs. On-Premises: Benefit from AWS s massive scale, rapid innovation, utility pricing, and on-demand delivery. AWS Pricing: AWS can help customers reduce overall IT costs in a number of ways, replacing up-front capital expense with low variable cost. AWS Case Studies and Analyst Reports: Over 900 government agencies and 3,400 educational institutions are already using AWS to lower costs, meet mandates, and address a diverse set of use cases. AWS Security and Compliance: The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. AWS Cloud Migration Considerations: There are many resources available to help organizations design, architect, build, migrate, and manage workloads and applications on AWS. AWS Contract Vehicle Options: Choose the right contract vehicle that will enable you to take advantage of AWS s rapid, on-demand delivery. AWS provides a leading-edge cloud platform that is unique in maturity and scale. Getting started on AWS is fast and easy, and we welcome the opportunity to address any questions or concerns about transitioning to the cloud. March 2016 Page 1

2.0 How AWS Can Help with Disaster Recovery/Continuity of Operations and Backup AWS offers a simple and cost-effective way to access servers, storage, databases, and a broad set of application services over the Internet. AWS s cloud platform enables organizations to build dynamic and scalable IT environments that provide agility, innovation, sustainability, and increased cost efficiency. 2.1 DR/COOP and Backup Public sector organizations are using the AWS cloud to enable faster DR of their critical IT systems without incurring the infrastructure expense of a second physical site. The AWS cloud supports many popular DR architectures from pilot light environments that are ready to scale up at a moment s notice to hot standby environments that enable rapid failover. With data centers in 11 regions around the world (4 in the United States), AWS provides a set of cloud-based DR services that enable rapid recovery of your IT infrastructure and data. 2.1.1 General DR/COOP and Backup Requirements and Issues Some of the minimum needs and requirements in a traditional DR approach are: Facilities to house additional infrastructure, including power and cooling. Security to ensure the physical protection of assets. Suitable capacity to scale the environment. Support for repairing, replacing, and refreshing the infrastructure. Contractual agreements with an Internet Service Provider (ISP) to provide Internet connectivity that can sustain bandwidth utilization for the environment under a full load. Network infrastructure such as firewalls, routers, switches, and load balancers. Enough server capacity to run all mission-critical services, including storage appliances for the supporting data, and servers to run applications and back-end services such as user authentication, Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), monitoring, and alerting. 2.1.2 AWS Capabilities for DR/COOP and Backup Solutions With AWS, customers can eliminate the need for additional physical infrastructure, offsite data replication, and upkeep of spare capacity. AWS uses distinct and geographically diverse Availability Zones (AZs) that are engineered to be isolated from failures in other AZs. This innovative and unique AWS feature enables customers to protect applications from the failure of a single location, resulting in significant cost savings and increased agility to change and optimize resources during a DR scenario. AWS offers the following high-level capabilities for your DR needs: Fast Performance: Fast, disk-based storage and retrieval of files. March 2016 Page 2

No Tape: Eliminate costs associated with transporting, storing, and retrieving tape media and associated tape backup software. Compliance: Minimize downtime to avoid breaching Service Level Agreements (SLAs). Elasticity: Add any amount of data, quickly. Easily expire and delete without handling media. Security: Secure and durable cloud DR platform with industry-recognized certifications and audits. See section 7.0 for information on AWS s compliance posture. Partners: AWS solution providers and system integration partners to help with your deployment. 2.1.3 Solution Use Cases AWS can enable customers to cost-effectively operate multiple DR strategies. Figure 1 shows a spectrum of scenarios backup & restore, pilot light, warm standby, and multi-site arranged by how quickly a system can be available to users after a DR event. Figure 1 Spectrum of DR Options. Each option is depicted by level of availability, from a basic backup & restore DR scenario, to a fully available multi-site solution. Each DR option is discussed in more detail below: Backup and Restore: In most traditional environments, data is backed up to tape and sent off-site regularly. Recovery time will be the longest using this method, and lack of automation leads to increased costs. Using Amazon Simple Storage Service (Amazon S3) is ideal for backup data, as it is designed to provide 99.999999999% durability of objects over Amazon S3 is designed to provide 99.999999999% durability of objects over a given year. This durability level corresponds to an average annual expected loss of 0.000000001% of objects. a given year. Transferring data to and from Amazon S3 is typically done via the network, and it is therefore accessible from any location. Also, with AWS Storage Gateway, you can automatically back up on-premises data to Amazon S3. Pilot Light for Simple Recovery into AWS Warm Standby Solution: The idea of the pilot light is an analogy that comes from the gas heater. In a gas heater, a small idle flame that s always on can quickly ignite the entire furnace to heat up a March 2016 Page 3

house as needed. This scenario is analogous to a backup and restore scenario; however, you must ensure that you have the most critical core elements of your system already configured and running in AWS (the pilot light). When the time comes for recovery, you would then rapidly provision a full-scale production environment around the critical core. Warm Standby Solution in AWS: The term warm standby is used to describe a DR scenario in which a scaled-down version of a fully functional environment is always running in the cloud. It further decreases recovery time because, in this case, some services are always running. By identifying your business-critical systems, you would fully duplicate these systems on AWS and have them always on. Multi-Site Solution Deployed on AWS and On-Site: A multi-site solution runs in AWS as well as on your existing on-site infrastructure in an active-active configuration. During a disaster situation, you can simply send all traffic to AWS servers, which can scale to handle your full production load. 2.1.4 Next Steps There are multiple resources to help customers start using AWS for a DR/COOP and backup solution: Read the AWS whitepaper, Using AWS for Disaster Recovery : http://d36cz9buwru1tt.cloudfront.net/aws_disaster_recovery.pdf. Read the Forrester whitepaper, "File Storage Costs Less In The Cloud Than In- House": http://media.amazonwebservices.com/forrester_file_storage_costs_less_in_t he_cloud.pdf. Review a sample AWS DR architecture: http://media.amazonwebservices.com/architecturecenter/aws_ac_ra_disasterre covery_07.pdf. More information on AWS DR capabilities and approaches can be found here: http://aws.amazon.com/disaster-recovery/. March 2016 Page 4

3.0 AWS Features and Services AWS offers a broad set of global compute, storage, database, analytics, application, and deployment services, all of which are listed at: http://aws.amazon.com/products/. Figure 2 is a simple view of AWS s cloud platform. AWS offerings are provided with a range of supporting components like management tools, networking services, and application augmentation services, with multiple interfaces to AWS API-based services, including SDKs, IDE Toolkits, and Command Line Tools. All of this is hosted within our global data center footprint that allows you to consume services without having to build or manage facilities or equipment. Figure 2 AWS Cloud Services A core AWS offering is Amazon Elastic Compute Cloud (Amazon EC2), a web service that provides resizable compute capacity in the cloud. Its simple interface allows customers to obtain and configure capacity with minimal friction, providing complete control of computing resources. AWS is a language- and operating system-agnostic platform and customers receive a virtual environment with the choice of operating system, programming language, web application platform, database, and other services needed. AWS Regions and Availability Zones All of AWS s cloud services are hosted within our global data center footprint, which allows customers to utilize reliable IT infrastructure services without having to build or manage facilities or equipment. AWS cloud services are offered in separate regions in a number of separate geographic areas. Each region has multiple, isolated locations known as Availability Zones (AZs) that are engineered to be isolated from failures in other AZs. Currently, AWS offers 11 global regions, four or which are located in the US: US East (N. Virginia) Region US West (N. California) Region US West (Oregon) Region AWS GovCloud (US) Region AWS GovCloud (US) is an isolated AWS region designed to allow US government agencies and U.S.-based customers to move sensitive workloads into the cloud. The AWS GovCloud (US) framework adheres to US International Traffic in Arms Regulations (ITAR) as well as Federal Risk and Authorization Management Program (FedRAMP) requirements. March 2016 Page 5

4.0 AWS vs. On-Premises Disaster Recovery/Continuity of Operations and Backup Cloud computing allows customers to focus on projects that differentiate their organization, free from the burden of data center investments and IT infrastructure operations. Below are some of the key benefits of AWS s cloud platform over onpremises IT solutions: Trade Capital Expense for Variable Expense: Instead of having to invest heavily in data centers and servers before you know how you re going to use them, you can use cloud computing and only pay for the resources you consume. Benefit from Massive Economies of Scale: By using cloud computing, you can achieve a low variable cost. Because usage from over one million active customers is aggregated in the Figure 3 Capex vs. Opex cloud, AWS can achieve higher economies of scale, which translates into lower, pay-as-you-go prices. Increase Speed and Agility: In a cloud computing environment, new IT resources are only ever a click away, reducing the time it takes to make those resources available to your developers from weeks (if not longer) to just minutes. This results in an increase in agility for the organization, since the cost and time it takes to experiment and develop is likely to be significantly lower. Stop Spending Money on Running and Maintaining Data Centers: Focus on projects that are core to your organization, not the infrastructure. As shown in Figure 3, cloud computing lets you focus on your own customers, rather than on the heavy lifting of racking, stacking, and powering servers. Stop Guessing at Capacity: Eliminate guessing at your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often either end up sitting on expensive idle resources or dealing with limited capacity. As illustrated in Figure 4, with cloud computing these problems are minimized. You can access as much or as little as you need, and scale up and down as required within minutes. Figure 4 Benefits of Pay-As-You-Go Relentless IT Innovation: AWS launched 516 new services and features in 2014. Our pace of innovation is funded and sustained through our economies of scale and commitment to delivering the products and services that matter most to our customers. March 2016 Page 6

5.0 AWS Pricing Disaster Recovery/Continuity of Operations and Backup With AWS, customers can incorporate a utility-style pricing model, only paying for the resources consumed. AWS s utility-style pricing model is explained below: Pay as you go: No minimum commitment or long-term contract is required. Customers can turn off cloud resources and stop paying for them when they are not needed, maximizing Return on Investment (ROI) through full utilization. Pay less when you reserve: For certain AWS products, customers can invest in reserved capacity, paying a low up-front fee to receive a significant discount. This results in overall savings of up to 60% (depending on the type of instance reserved) over equivalent on-demand capacity. Pay even less per unit by using more: AWS pricing is tiered for storage and data transfer, so the more you use, the less you pay per gigabyte. Pay even less as AWS grows: We continually focus on reducing our data center hardware costs, improving our operational efficiencies, lowering our power consumption, and passing savings back to customers (AWS has lowered prices 47 times in the last six years: http://aws.amazon.com/pricing/). Transparency: AWS provides transparent and publicly available up-to-date pricing, and tools that allow customers to evaluate AWS pricing against other Cloud Service Providers (CSPs): http://calculator.s3.amazonaws.com/index.html. Governance. AWS provides tools to generate detailed and customizable billing reports to meet customer business and compliance needs. Additionally, AWS Partner Network (APN) Consulting Partners can help customers manage and control cost utilization/tracking tools in order to provide customized billing reports. TCO. In 2012, AWS commissioned the International Data Corporation (IDC) to interview 11 organizations that deployed applications on AWS. The IDC report analyzed the five-year TCO of developing, deploying, and managing critical applications in AWS. Business value highlights of the IDC report include: Five-year ROI: 626% Payback period: 7.1 months Software development productivity increase: 507% Average savings per application: $518,990 IT productivity increase: 52% Five-year TCO savings: 72% The AWS TCO Calculator (http://aws.amazon.com/tco-calculator/) allows organizations to compare AWS to the cost of running applications in an on-premises or traditional hosting environment. The AWS Whitepaper The Total Cost of (Non) Ownership of Web Applications in the Cloud (http://media.amazonwebservices.com/aws_tco_web_applications.pdf) also helps customers understand the different cost factors involved in moving to AWS. Our analysis shows that AWS offers significant cost savings (up to 80%) compared to equivalent on-premises deployments. March 2016 Page 7

6.0 How Can DoubleHorn Help? With DoubleHorn s Texas Department of Information Resources - Cloud Services Contract - DIR-TSO-2518, Texas State agencies, local governments, school districts, higher education, non-profit organizations and even other States can now move their technology to the cloud where they can customize and tailor service packages to specifically meet their needs. When you have additional requirements, DoubleHorn can also provide cloud brokerage services of large multi-national cloud providers for other needs. By using DoubleHorn as your cloud services broker, you can: Leverage the DIR Contract without having to go to a sole-source or undertake an RFO process Be guaranteed pricing that is at least 6% below MSRP Be assured that DoubleHorn has met stringent qualification and delivery agreements through DIR Receive services in usually no more than 1-5 business days Receive a single, consolidated bill across multiple underlying providers Have a single point of contact for Service Level Agreements Access to a knowledgeable and independent technology intermediary as needed Access to 24x7 Tier 1 and Tier 2 support for Cloud Services March 2016 Page 8

7.0 AWS Case Studies and Analyst Reports The AWS website contains case studies detailing AWS customer success stories in the public sector: http://aws.amazon.com/solutions/case-studies/government-education/. 7.1 DR/COOP and Backup The City of Asheville, NC, attracts both tourists and businesses. Recent disasters like Hurricane Sandy led the city s IT department to search for an offsite DR solution. Working with AWS partner, Echo Systems, the city used AWS to build an agile DR solution without the time and cost of investing in an onpremises data center: http://aws.amazon.com/solutions/case-studies/city-ofasheville/. Haven Power is an energy company based in Ipswich, UK. Haven built a replica of its infrastructure and launched it in the AWS cloud. "The natural choice for us was to leverage AWS durable and secure global infrastructure for a comprehensive disaster recovery environment. says Paul Armstrong, Haven Power Business Systems Manager. The company has realized up-front cost savings of at least 250,000 by using AWS instead of investing in a traditional hardware-based infrastructure. We couldn t have migrated our billing system so efficiently or so inexpensively without AWS, Armstrong says. Using AWS helps reduce our costs, increases our agility, and significantly improves our capacity : http://aws.amazon.com/solutions/case-studies/haven-power/. St Luke's Anglican School caters to 820 students from kindergarten to Year 12 near Bundaberg in the Australian state of Queensland. By migrating its website to the AWS cloud, St Luke s has achieved near 100 percent infrastructure availability. The school expects to achieve considerable savings when the transition to the AWS cloud is fully complete in 18 months. We estimate reducing capital costs by 75 percent and data center operating costs by about 40 percent once we complete the move to AWS, says Miller: http://aws.amazon.com/solutions/case-studies/st-lukes-anglican-school/. 7.2 Analyst Reports Gartner, Inc., a leading information technology research company, reported that AWS is a thought leader; it is extraordinarily innovative, exceptionally agile and very responsive to the market. It has the richest array of features and capabilities, and continues to rapidly expand its service offerings. It is the provider most commonly chosen for strategic adoption. The Gartner Magic Quadrant for Cloud Infrastructure as a Service (May 2015) (Figure 5) depicts AWS in the Leaders Quadrant. March 2016 Page 9

Figure 5 2015 Gartner Magic Quadrant for Cloud Infrastructure as a Service Additionally, Gartner positions AWS in the Leaders Quadrant of the new Magic Quadrant for Public Cloud Storage Services. Gartner defines leaders as offering innovative storage offerings built on a hardened platform, with global data centers and established credibility as a business. Additionally, the Forrester Wave: Public Cloud Platform Service Providers Security, Q4 2014 report evaluated four of the leading public clouds along 15 key security criteria, detailing the findings about how well each vendor fulfilled their criteria and where they stand in relation to each other. Forrester's evaluation stated that "AWS leads the pack. March 2016 Page 10

8.0 AWS Security and Compliance As cloud computing customers are building systems on top of cloud infrastructure, the security and compliance responsibilities are shared between the CSP and cloud customers. In an Infrastructure as a Service (IaaS) model, customers control how they architect and secure their applications and data put on the infrastructure, while CSPs are responsible for providing services on a highly secure and controlled platform, providing a wide array of additional security features. The level of CSP and customer responsibilities in this shared responsibility model depends on the cloud deployment model (see the National Institute of Standards and Technology (NIST) definitions of the various cloud models at http://www.nist.gov/itl/cloud/), and customers should be clear as to what responsibilities fall within their obligation in each model. Figure 6 displays AWS s shared model. AWS Responsibility: AWS operates, manages, and controls the infrastructure components, from the host operating system and virtualization layer, down to the physical security of the facilities in which the services operate. Customer/Partner Responsibility: Customers/partners assume responsibility and management of the guest operating system (including updates and security patches), other Figure 6 AWS Shared Security/ associated application software, and the Responsibility Model configuration of the AWS-provided security group firewalls and other security, change management, and logging features. We recommend leveraging industry best practices regarding security, privacy, and audit to provide assurance that effective physical and logical security controls are in place. The AWS cloud infrastructure has been designed and managed in alignment with the following regulations, standards, and best practices: HIPAA SOC 1/SSAE 16/ISAE 3402 (formerly SAS70) SOC 2 SOC 3 PCI DSS Level 1 ISO 27001 DoD CSM Levels 1-2, 3-5 IRAP FedRAMP DIACAP and FISMA ITAR FIPS 140-2 CSA MPAA ISO9001 MTCS Tier 3 Certification March 2016 Page 11

9.0 AWS Cloud Migration Considerations As a commercial technology infrastructure services provider, AWS does not provide labor to support customers. We recommend DoubleHorn for the managed services as they are our APN Standard Consulting partner. They also provide access to several strong and growing community of companies that offer a wide range of products and services on the AWS platform. The APN provides access to qualified partners who resell AWS cloud services and/or provide technical services to design, architect, build, migrate, and manage workloads and applications on AWS. The APN is comprised of an extensive ecosystem of consulting and technology partners like DoubleHorn that provide the skills and experience needed to ensure a seamless migration to the cloud. APN Consulting Partners APN Consulting Partners are professional services firms that help customers design, architect, build, migrate, and manage their workloads and applications on AWS. Consulting Partners include System Integrators (SIs), strategic consultancies, agencies, Managed Service Providers (MSPs), and Value-Added Resellers (VARs). APN Technology Partners In addition to consulting services, customers can work with APN Technology Partners who provide software solutions that are either hosted on, or integrated with, the AWS platform. Technology Partners include Independent Software Vendors (ISVs), Software as a Service (SaaS), Platform as a Service (PaaS), developer tools, management, and security vendors. 9.1 AWS Marketplace Customers can leverage AWS Marketplace in a self-service manner. AWS Marketplace is an online store that helps customers find, buy, and immediately start using software that runs on the AWS cloud. 9.2 AWS Training Customers should evaluate employee skill sets in advance of migrating applications and workloads to the cloud, leveraging AWS Training to ensure all staff are equipped for their evolving roles and responsibilities. This will enable the customer s team to determine how much of the implementation can be performed in-house, and how much requires an APN partner. In addition, working with cloud services will provide existing customer staff with a new, cutting-edge skill set and a better understanding of how to manage their implementation effort. March 2016 Page 12

10.0 DoubleHorn - AWS Contract Vehicle Options Having the right contract vehicle in place is the key to taking advantage of the cloud s rapid, on-demand delivery. There are multiple options for customers to quickly procure AWS cloud services. Leveraging DoubleHorn s Texas Department of Information Resources - Cloud Services Contract - DIR-TSO-2518 For public entities outside the State of Texas that would like to utilize the direct agreement, the State of Texas Interlocal Agreement provides a cooperative purchasing program for technology products and services operated by the Texas Department of Resources (DIR) (http://www2.dir.state.tx.us/ict/overview/pages/customersoutsidetexas.aspx). March 2016 Page 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback