Cloud Migration and Support
stackArmor engineers have been assisting customers with cloud migration services since 2009, designing and developing AWS based solutions for security-conscious customers that include large US Federal Agencies, Financial Services, Non-profit and Commercial clients. Depending the stage of cloud adoption, we offer cloud advisory services that include system portfolio analysis, migration & modernization pathways and assessments including roadmap development. For customers ready to migrate, our ThreatAlert Cloud Security Framework (CSF) is a security by design approach begins with understanding our customers’ security posture with regard to confidentiality, integrity and availability of data in compliance with NIST SP 800-53 requirements. Based on an understanding of the nature of the data and the potential threat vectors, a customized cloud migration solution is developed that leverages best practices and standards that include:
- Use of landing zone pattern for segregation and segmentation
- FIPS 140-2 compliant network access engineering using VPN, SSH or Dedicated Connection
- Use of industry standards including Center for Internet Security (CIS) Benchmarks, OWASP and FIPS
- Optimal cloud virtual machine selection based on workload to optimize performance & cost
- High-availability design through the use of multiple regions and data center availability zones
- Strong network and access isolation using a multi-zone architecture within a virtual private cloud
- Cost and performance efficiency using auto- scaling, reserved & spot instance strategies
- Technology specific design for Microsoft, Linux, Oracle or SAP based systems and applications
All stackArmor designs are documented and reviewed with clients to ensure that the designed solution performs to client expectations. stackArmor also offers a unique Design Assist and Review where stackArmor Cloud Solution Architects can help review and assist client teams looking to design their own solutions. All of our designs follow AWS Cloud engineering best practices and follow the Well Architected Framework (WAF), FedRAMP and NIST best practices. The diagram below shows a typical landing zone design that is based on standards.
Once the cloud hosting enclave is ready and the application is migrated and operational, it is critical to ensure secure and reliable operations.
stackArmor Well-Managed Cloud Framework
A well-managed cloud is one that operates optimally and securely in alignment with business and security objectives of the organization. The only real way to get to a well-managed cloud is through consistent management oversight using simple metrics. The stackArmor Well-Managed Cloud Framework consists of four anchors and a navigation plan to help navigate the business of cloud. Each one of the anchors are described below.
Security Operations (SecOps)
Security operations (SecOps) cover all operational and tactical activities to ensure confidentiality, integrity and availability of the system. Tracking security activities, time to resolution and continuous monitoring by criticality are key metrics that must be reviewed as part of the cloud operations scrum.
System Operations (SysOps)
System operations includes tracking the optimal consumption and performance of cloud computing services including compute, storage, network and developing meaningful metrics. Cloud computing is not like traditional infrastructure and usage must be actively reviewed.
Financial Operations (FinOps)
Cloud computing offers a pay as you go consumption model. Most organizations perform tactical cost optimization using cost models such as reserved instances, spot instances etc but do not adequately focus and address core measures of consumption and utilization. Cloud financial operations are focused on managing overall cloud product margins and profitability by creating meaningful metrics that empower executive oversight.
UX Operations (UXOps)
Monitoring and managing the user experience is critical to identifying surges and capacity issues that may impact system usage. Monitoring business services, end-points and coming up with easy to discuss metrics that can be used to drive oversight.
Management oversight drives behavior. Effective oversight requires a navigation plan with clear success criteria, metrics and cadence to reach the right destination. Daily scrums, comparative benchmarking, gamification, and incentives amongst other tactics hinge on the using the right metrics and performance indicators.
Please contact us at solutions@stackArmor.com for a Free consultation with a AWS Certified Solution Architect and Managed Services expert.
Learn more about our cloud migration solution accelerators that power our Well-Managed Cloud Framework.