Thursday 12 October 2017

Cloud computing Quick Fundamental Checklist - The 57 Questions You Need to ASK To Grow

                  A post by Gerard Blokdijk (via Guest Blogging) on "Cloud computing Quick Fundamental Checklist - The 57 Questions You Need to ASK To Grow". 
                   Go through the following:

This checklist will provide you with the 57 fundamental questions you need to ASK to Grow. For practitioners and their organizations, making sure that all Cloud computing essentials are covered, from every angle, is a challenge.

A Self Assessment is a helpful tool for professionals to get a project started and/or audited. The Art of Service develops Self Assessments that help professionals to do just that.

The Cloud computing Self Assessment covers numerous criteria related to a successful Cloud computing project, read more at

In the Cloud computing Self Assessment, the following questions are the most frequent ones asked.

The Fundamental Cloud Computing Checklist: 57 Cloud Computing Criteria You Need To Know The Answers To In The Cloud Computing Domain Covering: Cloud Computing, Audit log, Cloud management, Cloud service, Cloud storage, Digital object identifier, Disaster recovery, IT infrastructure, Performance metric, Quality of service, Research and Development, Security event, Sensitive data, Service provider, Systems engineering, Utility computing and Virtual machines:

Cloud Computing Critical Criteria:
  • How can a small cloud computing consultancy take advantage of the Federal Cloud Computing Strategy?
  • What are the key business and technical challenges of transitioning to a cloud computing strategy?
  • What is the importance of standards-based cloud computing?
  • Is there any recourses about cloud computing performance?
  • Networks that are flexible, well-performing, and secure?
  • Is the market ready yet for P2P cloud computing?
  • How does BYOD affect security in the cloud?
  • What problems does cloud computing solve?
  • HIPAA and Cloud A Great Match?
  • What is grid computing?

Audit log Critical Criteria:

  • Are audit logs regularly backed up, secured, and retained for at least three months online and one-year offline for all critical systems?
  • Maintain the integrity of audit logs through self-protection and limited auditor access?

Cloud management Critical Criteria:

  • How can you verify that the virtualization platform or cloud management software running on the systems you use, which you did not install and do not control, does not contain malware?
  • Cloud management for  do we really need one?

Cloud service Critical Criteria:

  • How quickly can a cloud service provider scale services and capability and is this quick enough for the requirements of the customer/consumer?
  • Which cloud service model encompasses the complete cloud computing stack?

Cloud storage Critical Criteria:

  • Does cloud storage get affected during a natural disaster how can we ensure a secure disaster recovery for that?
  • What are the ramifications of cloud storage?

Digital object identifier Critical Criteria:

  • Are the data and associated software produced and/or used in the project discoverable (and readily located), identifiable by means of a standard identification mechanism (e.g. digital object identifier)?

Disaster recovery Critical Criteria:

  • Any changes in the status of the location due to the disaster from the local or federal government that should be considered?
  • Will we rebuild to how things were before the disaster, or do we reset and do some things differently?
  • What is the best strategy going forward for data center disaster recovery?
  • What is the current financial position of your business?
  • What is our definition of recovery point objective?
  • How do we create backups for disaster recovery?
  • Postpone purchasing supplies inventory?
  • What are ideal use cases for the cloud?
  • what is post-disaster recovery to us?
  • Equipment in working order?
IT infrastructure Critical Criteria:

  • What IT infrastructure do we have and what do we need to support the future organisation needs?

Performance metric Critical Criteria:

  • Does your company have defined information technology risk performance metrics that are monitored and reported to management on a regular basis?

Quality of service Critical Criteria:

Is the Quality of Service met?

Research and Development Critical Criteria:

A vital question in new product management is: how should the business most effectively invest its research and development (r&d) and new product resources?

Security event Critical Criteria:

Policy compliance is closely related to IT governance. Compliance has much to do with defining, controlling and governing security efforts. How should an organization respond to security events?

Are the procedures and other controls capable of enabling prompt detection of security events and response to security incidents implemented?

Sensitive data Critical Criteria:

The pharmaceutical industry is also taking advantage of digital progress. It is using IoT for supply chain security in packaging and tracking of drugs. There are new companies using computer chips in pills for tracking adherence to drug regimens and associated biometrics. Using this as an example, how will we use and protect this sensitive data?

What measures are in place to protect sensitive data?

Service provider Critical Criteria:

During the last 3 years, have you been the subject of an investigation or action by any regulatory or administrative agency for privacy related violations?

If a back door exit was used to circumvent an attack, do the attackers now know of such a back door, and thus should a new back door be constructed?

Is there an appropriately trained security analyst on staff to assist in identifying and mitigating incidents involving undetected malware?

For the private information collected, is there a process for deleting this information once it is complete or not needed anymore?

Do you publish a bulletin board, chat room or otherwise allow users to upload or post content to your website?

Do you require that sub contractors submit proof of insurance separate from the primary?

Is the product compatible and interoperable with other PKI products/service providers?

Is the service provider eligible for certification under the scheme?

Security Considerations -What?

Who Will Benefit?

Systems engineering Critical Criteria:

is the project using any technologies that have not been widely deployed or that the project team is unfamiliar with?

Does management understand principles and concepts of system engineering?

Why has systems engineering emerged as a distinct discipline?

Are the requirements mapped to one or more user needs?

What priorities are appropriate?

Utility computing Critical Criteria:

When is utility computing preferable to running a private cloud?

Virtual machines Critical Criteria:

Can your application be packaged into a virtual machine (VM) instance and run on cloud infrastructure or does it need specialized hardware and/or special access to hardware that the AWS cloud cannot provide?

Which technique can be used to cluster a virtual machine with a physical machine?

What types of resources (e.g., virtual machines, storage space, development environments) does the provider offer as part of each of its service models?

how many virtual machines are to be protected by the disaster recovery solution?

Next, read more and get started with the Cloud computing Self Assessment:

The Cloud computing Self-Assessment Excel Dashboard shows what needs to be covered to organize the business/project activities and processes so that Cloud computing outcomes are achieved.

The Self-Assessment provides its value in understanding how to ensure that the outcome of any efforts in Cloud computing are maximized.

It does this by securing that responsibilities for Cloud computing criteria get automatically prioritized and assigned; uncovering where progress can be made now.

Gerard Blokdijk
CEO at The Art of Service

Gerard is the CEO at The Art of Service. He has been providing information technology insights, talks, tools and products to organizations in a wide range of industries for over 25 years. Gerard is a widely recognized and respected information expert. Gerard founded The Art of Service consulting business in 2000. Gerard has authored numerous published books to date.

No comments:

Post a Comment