AWS Data Center Locations

The AWS Cloud Data Center locations are spread across the globe with 22 Regions and 69 AZ (Availability Zones), AWS has broadcast plans for 9 new Availability Zones and 3 additional Regions in Cape Town, Jakarta, and Milan.

Image :AWS Data center Location Map

AWS Regions

North America

1. US East Region (Northern Virginia)
   EC2 Availability Zones: 6
   Launched 2006
2. US East Region (Ohio)
   EC2 Availability Zones: 3
   Launched 2016
3. US West Region (Oregon)
   EC2 Availability Zones: 4
   Launched 2011
4. US West (Northern California)
   EC2 Availability Zones: 3*
   Launched 2009
5. GovCloud (US-West)
   EC2 Availability Zones: 3
   Launched 2011
6. GovCloud (US-East)
   EC2 Availability Zones: 3
   Launched 2018
7. Canada (Central) Region**
   EC2 Availability Zones: 2
   Launched 2016

South America

1. South America Region (São Paulo)
   EC2 Availability Zones: 3*
   Launched 2011

Europe /Middle east/Africa

1. Europe Region (London)
   EC2 Availability Zones: 3
2. Europe Region (Stockholm)
   EC2 Availability Zones: 3
3. Europe Region (Frankfurt)
   EC2 Availability Zones: 3
4. Europe Region (Paris)
   EC2 Availability Zones: 3
   Middle East Region(Bahrain)
   EC2 Availability Zones: 3

Asia Pacific

1. Mainland China Region (Beijing)
   EC2 Availability Zones: 2
2. Asia Pacific Region (Sydney)
   EC2 Availability Zones: 3
   Launched 2012
3. Asia Pacific Region (Tokyo)
   EC2 Availability Zones: 4*
   Launched 2011
4. Asia Pacific Region (Seoul)
   EC2 Availability Zones: 3
   Launched 2016
5. Mainland China Region (Ningxia)
   EC2 Availability Zones: 3
6. Asia Pacific Local Region¹(Osaka)
   EC2 Availability Zones: 1
   Launched 2018
7. Asia Pacific Region (Mumbai)
   EC2 Availability Zones: 3
   Launched 2016
8. Asia Pacific Region (Hong Kong)
   EC2 Availability Zones: 3
   Launched 2019

Microsoft Azure Data Center Locations

Cloud data center locations of Microsoft Azure has further extended its reach by having maximum global regions than any other cloud provider in the world. The Azure Data center conserving data placement and contribution inclusive compliance and resiliency options for their client.

They have covered 54 regions across the globe

With 140 available Zones in 140 countries

Image :Azure DC Location Map

Azure Regions

UNITED STATES

Europe

ASIA PACIFIC Region

Middle East and Africa

GOVERNMENT

Google Cloud Data Center Locations – GCP

The Google Cloud data center locations is spread across 61 Availability Zones with 134 Edge Location (Network) across 20 Regions. The Google cloud Data centers are available in 200 countries

Announced Google DC – Google Cloud is expanding its reach into new regions: Seoul (South Korea), Salt Lake City (USA), Las Vegas (USA) and Jakarta (Indonesia).

Image : Google Data Center Location Map

GCP Data Center Regions

AMERICAS

1. OREGON (us-west1)
2. LOS ANGELES (us-west2)
3. IOWA (us-central1)
4. SOUTH CAROLINA (us-east1)
5. N. VIRGINIA (us-east4)
6. MONTRÉAL (northamerica-northeast1)
7. SÃO PAULO (southamerica-east1)

EUROPE

1. LONDON (europe-west2)
2. BELGIUM (europe-west1)
3. NETHERLANDS (europe-west4)
4. ZURICH (europe-west6)
5. FRANKFURT (europe-west3)
6. FINLAND (europe-north1)

ASIA PACIFIC

1. MUMBAI (asia-south1)
2. SINGAPORE (asia-southeast1)
3. HONG KONG (asia-east2)
4. TAIWAN (asia-east1)
5. TOKYO (asia-northeast1)
6. OSAKA (asia-northeast2)
7. SYDNEY (australia-southeast1)

Reference

• AWS – https://aws.amazon.com/about-aws/global-infrastructure/
• Google – https://cloud.google.com/about/locations/?region=asia-pacific#region
• Azure – https://azure.microsoft.com/en-in/global-infrastructure/regions/

Read More:

• Cloud Security – How to Secure Cloud Environment?
• Understanding Cloud Security & Data Protection
•  How to Learn Cloud Computing?

I hope you like this article. Please follow our Facebook page and Twitter handle to get latest updates.

The post Cloud Data Center Locations for Top 3 CSPs (AWS, Azure & Google) appeared first on Techyaz.com.

What is CCSK?

The Cloud Security Alliance (CSA) has established a web-based/online examination for cloud security skills for an individual’s competence in key cloud security controls, policies, compliance & issues. The Certification was launched in 2010 by CSA (Cloud Security Alliance), the CCSK is a widely recognized expertise benchmark for Cloud Security Professionals. It is widely approved catalog of security best practices, the “Security Guidance for Critical Areas of Focus in Cloud Computing V4.0”.

CCSK eases a common understanding of cloud security concepts. This surges the risk analytics of risk decisions that are made in your organization.

What are the benefits of CCSK?

The CCSK is envisioned to provide understanding of security issues and best practices over a broad range of cloud computing domains. The CCSK certification will identify you as an induvial who have knowledge about security issues, policies and compliance of Cloud Environment in all platform and domains.

The CCSK is strongly recommended for IT auditors, and it is even required for portions of the CSA Security, Trust & Assurance Registry (STAR) program.

The CCSK was recognized as the most valuable IT certification in terms of average salary by Certification Magazine.

How to Prepare for CCSK?

CCSK test will have 60 questions to be completed in 90 minutes with no pause. It’s an open book exam however that is a myth if you believe you can complete 80% of questions while searching in book. So better prepare for exam and don’t investigate materials on books while giving exam.

The Test participants will have 2 opportunity to appear for exam in case you cannot score 80% in first attempt, I would recommend you take online course/trainings with vast variety of sample questions which will help you to clear the certification in final attempt. Have a look at below courses that will help you with sample questions.

• CCSK v4.0 – Certificate of Cloud Security Knowledge Tests
• Udemy Courses on CCSK Certification (Certificate of Cloud Security Knowledge)

There are many formal Training course you can buy online before appearing for CSK certification which will make it easy for you to pass the examinations.

However, if you believe in self-learning all you need is to go read and deep understanding of 3 documents which are enough for clearing the exam of CCSK.

• 6% of the questions are based on the ENISA (European Union agency for cyber security) report.
• 87% of the questions are based on the CSA Guidance v4.
• 7% of questions are based on the CSA’s CCM 3.0.1 (Cloud Control Matrix)

What all domain are covered under CCSK course?

I have given below list of topics that anybody can learn from the above attached links in order to take this certification. I will again emphasis all of you to go through the links attached for sample questions and tests in above section. You can find such sample papers here as well.

• Udemy Courses on CCSK Certification (Certificate of Cloud Security Knowledge)

Have a look at the topics from each documents.

CSA Topics

• Domain 1 Cloud Computing Concepts and Architectures
• Domain 2: Governance and Enterprise Risk Management
• Domain 3: Legal Issues, Contracts and Electronic Discovery
• Domain 4: Compliance and Audit Management
• Domain 5: Information Governance
• Domain 6: Management Plane and Business Continuity
• Domain 7: Infrastructure Security
• Domain 8: Virtualization and Containers
• Domain 9: Incident Response
• Domain 10: Application Security
• Domain 11: Data Security and Encryption
• Domain 12: Identity, Entitlement, and Access Management
• Domain 13: Security as a Service
• Domain 14: Related Technologies

ENISA Topics

• ENISA Cloud Computing: Benefits, Risks and Recommendations for
• Information Security
• Isolation failure
• Economic Denial of Service
• Licensing Risks
• VM hopping
• Five key legal issues common across all scenarios
• Top security risks in ENISA research
• OVF
• Underlying vulnerability in Loss of Governance
• User provisioning vulnerability
• Risk concerns of a cloud provider being acquired
• Security benefits of cloud

Cloud Security Alliance – Cloud Controls Matrix

• CCM Domains
• CCM Controls
• Architectural Relevance
• Delivery Model Applicability
• Scope Applicability
• Mapped Standards and Frameworks

Reference links: https://cloudsecurityalliance.org/

Read More:

• Cloud Security – How to Secure Cloud Environment?
• Understanding Cloud Security & Data Protection
• Top 5 Cloud Service Provider Accreditations

I hope you like this article. Please follow our Facebook page and Twitter handle to get latest updates.

The post CCSK Certification Training Material appeared first on Techyaz.com.

Cloud Security Streams / Features

Today we will discuss about cloud security areas which we should consider in scope while designing a security solution for your cloud environment. In Cloud context, security comes as a shared responsibility between the Cloud Service provider (CSP)and its Tenants. All major CSP’s ensure to make available different features, tools and solution options which can be leverage by clients to have a secure cloud environment. The Cloud Security Streams are as follows

1. Physical Security – includes Cloud Data Center protection of hardware, software, networks also data centers are protected by security personnel and electronic devices such as cameras.
2. Network security – Includes data security in transit to and from the public cloud provider. It means designing and building network configuration and its elements allowing a secure access to cloud resources from your on-premise Data centers, Office, Internet etc.
3. System Security- This capability covers operating system hardening, protection and policy control. The host security at PaaS and SaaS Level are transferred to CSP.
4. Application Security – It’s a shared responsibility in cloud context to protect the application running over the cloud. Based on type of cloud model application security is managed, for e.g in SaaS cloud provider will manage the security of the application. While at the PaaS level platform security will be managed by CSP and deployed application will be customer responsibility.
5. Data security – Data security capability includes securing data in transit and at rest it to avoid data loss and exposure.
6. Identity and Access management- This capability evolves around authentication, verification and authorization of cloud resources.
7. Encryptions – as all communications between regions is across public Internet infrastructure; therefore, appropriate encryption methods should be used to protect sensitive data.
8. Security operations- Governance and strategic direction on security policies, risk assessment and its maintenance

How to Secure your Cloud Environment?

Below are simple steps which can be followed to ensure the cloud infrastructure is secured. we must leverage best in market solution while designing a secure and cost-effective solution.

1. Ensure to leverage data and Network security built-in features provided by the cloud Service provider partner solutions.
2. Design an Appropriate Data Backup solution along with Encryption enabled for covering data security.
3. Regular Audit / scan of Test of Application layer and get Quarterly/ yearly scan reports of Cloud infra from CSP.
4. Design Stable and Redundant Backup solution to cover Disaster Recovery and Business Continuity.
5. Design your environment to use layered security by allowing many data access accounts and permissions as possible.

Note: In cloud environment security comes with shared responsibility model. The Hypervisor layer and anything below it which includes hardware and applications & physical security are protected by service provider. The operating system and above layer need to be taken care by the client /User. I would recommend leveraging CSP’s features with combination of Third party tools to ensure having secure environment for Business.   

Today I will share the top best in class Cloud Service provider Microsoft Azure, AWS and Google cloud platform build in features which can be leveraged to design a secure cloud solution for your CSP.

Microsoft Azure Security Built In Security Features

Microsoft is providing numerous tools and features to secure your cloud environment. These tools have their respective cost. Microsoft has also provided broker platform features like monitoring your cloud estate from single plane of glass.  Below is the list of security tools which can be leveraged to design a secure cloud environment:

• Operations Management Suite Security (OMS) and Audit Dashboard
• Azure Resource Manager
• Application Insights
• Azure Monitor
• Log Analytics
• Azure Advisor
• Azure Security Center
• Role-Based Access Control (RBAC)
• Shared Access Signature
• Internal DNS
• Azure DNS
• Log Analytics NSGs
• Enable log categories for NSGs:
  1. Event
  2. Rules counter

Encryption 

Azure supports various encryption models, including server-side encryption that uses service-managed keys, customer-managed keys in Key Vault, or customer-managed keys on customer-controlled hardware. With client-side encryption, client can manage and store keys on-premises or in another secure location. 

• Encryption in Transit
• Encryption at rest
• Storage Service Encryption
• Client-side Encryption
• Azure Disk Encryption (IaaS Virtual Machine Disk)

Applications Security 

This feature provides security micro-segmentation for your virtual networks in Azure.

• Web Application vulnerability scanning
• Penetration Testing
• Web Application firewall
• The web application firewall (WAF)
• Authentication and authorization in Azure App Service
• Layered Security Architecture (providing differing levels of network access for each application tier)
• Web server diagnostics
  • Detailed Error Logging
  • Failed Request Tracing
  • Web Server Logging
  • Application diagnostics
  • All (displays all events)
  • Application Errors (displays exception events)
  • Performance (displays performance events)
  • Storage
  • Storage Analytics (Successful requests, Failed requests, including timeout, throttling, network, authorization, and other errors)
  • Enabling Browser-Based Clients Using CORS
  • Cross-Origin Resource Sharing (CORS)

Network Security

Microsoft Azure provides confidentiality, integrity, and availability of customer data, while also enabling transparent accountability. Available network recommendations by Microsoft are as follows:

1. Add a Next Generation Firewall Recommends that client can add a Next Generation Firewall (NGFW) from a Microsoft partner to increase your security protections
2. Route traffic through NGFW only Recommends that you configure network security group (NSG) rules that force inbound traffic to your VM through your NGFW.
3. Enable Network Security Groups on subnets or virtual machines Recommends that you enable NSGs on subnets or VMs.
4. Restrict access through Internet facing endpoint Recommends that you configure inbound traffic rules for NSGs.

Below are the main components or areas where you should focus to enhance the network security of your cloud environment.

• Network Layer Controls
• Network Security Groups
• A Network Security Group (NSG)
• Route Control and Forced Tunneling
• Forced tunneling
• Virtual Network Security Appliances – Azure partner network security appliance solution.
• Azure Virtual Network
• Azure networking supports various secure remote access scenarios. Some of these include:
• Connect individual workstations to an Azure Virtual Network
• Connect on-premises network to an Azure Virtual Network with a VPN
• Connect on-premises network to an Azure Virtual Network with a dedicated WAN link
• Connect Azure Virtual Networks to each other
• VPN Gateway
• Express Route
• Microsoft Azure ExpressRoute (Dedicated WAN Link -ExpressRoute connections do not go over the public Internet)
• Application Gateway (Layer 7 Load Balancer)
• Web Application Firewall
• Traffic Manager
• Microsoft Azure Traffic Manager
• Azure Load Balancer (Layer 4 Load Balancer) – Internet-facing load balancing.

Compute Security

Unified security management and advanced threat protection across hybrid cloud workloads , there are various tool available by azure for the compute environment.

• Antimalware & Antivirus – Azure IaaS, use antimalware software from security vendors such as (Microsoft, Symantec, Trend Micro, McAfee, and Kaspersky to protect your virtual machines).
• Hardware Security Module (store keys in hardware Security modules (HSMs) certified to FIPS 140-2 Level 2 standards.)
• Virtual machine backup
• Azure Backup (Windows & Linux only)
• Azure Site Recovery (DR & BCP Orchestration)
• SQL VM TDE (Transparent data encryption (TDE) and column level encryption (CLE) are SQL server encryption features. This form of encryption requires customers to manage and store the cryptographic keys you use for encryption.)
• The Azure Key Vault (AKV)
• VM Disk Encryption (Azure Disk Encryption (industry standard BitLocker feature of Windows and the DM-Crypt feature of Linux))
• Virtual networking
• Patch Updates
• Security policy management and reporting
• Identify and access management

Secure Identity (IAM)

Protect application and data at the front gate with Azure Identify and access management solutions.

• Multi-Factor Authentication (Multi-Factor Authentication experience that works with both Microsoft Azure Active Directory and Microsoft accounts, and includes support for wearables and fingerprint-based approvals)
• Password policy enforcement
• Token-based authentication enables authentication via Azure Active Directory.
• Role-based access control (RBAC)
• Integrated identity management (hybrid identity) enables you to maintain control of users’ access across internal data centers and cloud platforms, creating a single user identity for authentication and authorization to all resources. 

AWS Built-in Security Features 

Like other CSP the AWS cloud security solution has also been offering various feature to design cloud security. Below are the list of some of the services that you can use for cloud security.

• AWS Artifact
• AWS Certificate Manager (SSL/TLS Certificates)
• Amazon Cloud Directory
• AWS CloudHSM Key Storage & Management
• Amazon Cognito User Sign Up & Sign In
• AWS Directory Service Directory
• AWS Firewall Manager
• Amazon GuardDuty Threat Detection
• AWS Identity and Access Management (IAM)
• Amazon Inspector
• Security Assessment
• AWS Key Management Service
• Amazon Macie (Sensitive Data Classification)
• AWS Organizations (Multiple Account Management)
• AWS Shield (DDoS Protection)
• AWS Secrets Manager
• AWS Single Sign-On (SSO)
• AWS WAF (Web Application Firewall)

Infrastructure Security

It help identify and protect applications and infrastructure from cyber-attacks and other advanced threats vectors. Infrastructure security is important area to secure cloud environment. Have a look at below tools that is available in AWS market place to secure cloud environment.

Tools Offered in AWS Market Place

• Barracuda
• Check Point
• TM_logo_red_2c_transparent_small
• Alert Logic
• Intel Security
• Symantec
• 600x400_Sophos_logo
• FORTINET_logo
• PaloAlto
• imperva-new
• openvpn
• netgate
• Gigamon-Free-Standing-Orange-Logo

Configuration & Vulnerability Analysis

Tools to help you inspect application deployments for security risks and vulnerabilities, while receiving priorities and advice to assist with remediation.

Stealth

• cloudcheckr- The CloudCheckr CMP offers a single pane of glass view to help modern enterprises manage and optimize their public cloud
• 600x400_Tenable_Logo
• 600x400_EvidentIo

Logging and monitoring

Help maintain visibility and auditability of activity in your application infrastructure and receive policy-driven alerting, and reporting.

• Sumo Logic
• 200x133_Splunk_Logo
• Cisco_600x400

Data Security

Assist with safeguarding your data from unauthorized disclosure and modification, through encryption, key management, and policy-driven controls.

• 300x100_Gemalto_Logo
• hytrust
• townsendsecurity

Google Cloud Platform Build In Security Features

Shielded VMs are virtual machines (VMs) on Google Cloud Platform hardened by a set of security controls that help defend against rootkits and boot kits to secure cloud environment.

• Verifiable integrity with secure and measured boot
• vTPM exfiltration resistance
• Trusted UEFI firmware
• Tamper-evident attestations
• Live migration and patching

Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Kubernetes Engine.

• Policy creation
• Policy verification and enforcement
• Audit logging
• Open source support for Kubernetes
• Break Glass support
• Integration with third-party solutions
• Integrate Binary Authorization with leading container security and CI/CD partners, such as CloudBees and Twistlock.

Google Cloud Load Balancing

Scale your applications on Google Compute Engine from zero to full-throttle with Google Cloud Load Balancing, with no pre-warming needed

• HTTP(S) Load Balancing
• TCP/SSL Load Balancing
• SSL Offload
• Advanced Feature Support
• UDP Load Balancing
• Stackdriver Logging
• Seamless Autoscaling
• High Fidelity Health Checks
• Affinity
• Cloud CDN Integration

Authentication, Integrity, and Encryption

Google employs several security measures to help ensure the authenticity, integrity, and privacy of data in transit.

• Encryption at rest
• Encryption in transit

Encryption in use – protects data when it is being used by servers to run computations, e.g. homomorphic encryption.

ALTS, a mutual authentication and transport encryption system that runs at the application layer, to protect RPC communications. Using application-level security allows applications to have authenticated remote peer identity, which can be used to implement fine-grained authorization policies

Google Key Management Service

Cloud KMS is a cloud-hosted key management service that lets you manage cryptographic keys for your cloud services the same way you do on premises. You can generate, use, rotate, and destroy AES256, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 cryptographic keys. 

• Symmetric and asymmetric key support
• Encrypt and decrypt via API
• Automated and at-will key rotation
• Delay for key destruction
• High global availability
• Application Layer Transport Security

Google Cloud Data Loss Prevention

Automatically discover and redact sensitive data everywhere

• Flexible Classification
• Secure Data Handling
• Custom Detectors
• Easy Workload Integration
• Likelihood Scores
• Pay As You Go Pricing
• Detailed Findings
• Simple and Powerful Redaction
• REST API

Google Cloud HSM

Cloud HSM a cloud-hosted hardware security module (HSM) service on Google Cloud Platform.

• Symmetric and asymmetric key support
• Statement attestation
• Integration with Cloud KMS
• Multi-region support
• G Suite DLP Mail
• G Suite DLP Drive
• G Suite Doc Controls

Google Chrome Browser

Manage centrally employee activity in the cloud, across all devices and platforms, now and in the future

• Advanced malware and phishing protection gives employees a safe cloud experience.
• Regular security updates
• Users are protected from the latest security vulnerabilities — no patching required.
• Sandboxing
• Prevents malware and isolates malicious web pages that try to infect devices, monitor web activity, or steal data.
• Site isolation
• G Suite Device Management

Identity & Access Management

Protect user identities by managing the user lifecycle, authentication and assurance, and managing system and application access.

• Cloud Identity
• Cloud IAM
• Cloud Identity-Aware Proxy
• Security Keys
• Cloud Resource Manager
• Firebase Authentication

Application Security

• Cloud Security Scanner-Automatically scan your App Engine apps for common vulnerabilities
• Apigee-API Management for Visibility and Control Design, secure, analyze, and scale APIs anywhere.

Security Monitoring & Operations

Monitor for malicious activity, handle security incidents, and support operational processes that prevent, detect, and respond to threats.

• Stackdriver Logging
• Cloud Security Command CenterALPHA
• Access Transparency

Cloud Security Command CenterALPHA

• Asset Discovery and Inventory
• Sensitive Data Identification
• Application Vulnerability Detection
• REST API
• Access Control Monitoring
• Anomaly Detection From Google
• Third-party Security Tool Inputs (Integrate output from your existing security tools such as Cloudflare, CrowdStrike, Dome9, Palo Alto Networks, Qualys, and RedLock into Cloud Security Command Center to detect DDoS attacks)
• Real-time Notifications

Google Governance, Risk & Compliance

Support governance and compliance processes, including performing assessments, demonstrating compliance, and achieving certifications. You should read attached Third-party audits and certifications article in given link: https://techyaz.com/cloud/top-5-cloud-service-provider-accreditations-third-party-auditor-reports/

I hope you liked this article. I would recommend you to also read this article about cloud security and data protection: Understanding Cloud Security and Data Protection

The post Cloud Security – How to Secure Cloud Environment? appeared first on Techyaz.com.

Presales Interview Questions

1. Define Executive Summary in a RFP: What points you cover in this section? What is the word limit to it?

Tips: It is brief descriptions of the problem /objective and how our organization can help you achieve you goal and get rid of your problem, it will give background information, brief analysis and main conclusions. it is most important part of the RFP and will cover gist of the document. 

You generally get this information by sales lead, Account manager, Business manager or all of them contribute their share in making it impactful. We generally concise the word limit to 500 max. 

2. Define your Approach/Methodology in a RFP.

Tips: It’s solution Architect’s choice which approach he will follow considering the scope of work. I follow an approach that has entire scope of work followed by solution of every specification with its requirements. We generally include Project Timelines along with every phase or milestones based on different frameworks like waterfall, Lean, SCRUM etc.

For e.g. I generally include below workflow on high level.

• Requirements
• Solution
• Timelines
• Assumptions and Dependencies
• Cost
• Deliverables

3. What all tools you use for costing? Can you give example of any costing you have done in last few deals?

Tips: Generally Microsoft Excel is used for costing but in many organization they have excel based tools  to fix the contingency , margin , other cost  associated with finance to pop out the final pricing.  

4. SDLC – Which one is better Iterative/Waterfall/Lean/Scrum?

Tips: For proposing a tentative timelines, phases and project delivery, Solution Architects always follow an Agile framework in their solution approach. Majorly these frameworks are designed for application development but these days SA’s use these models largely in managing any projects.

Waterfall Framework –  It is traditional approach in which you follow step by step in phases. First complete one phase before moving on to the next phase.

Lean Framework – In this model we follow features/Stages as milestone in project. We plan, build, test and deploy one feature before you do it for next feature.

Scrum Framework – In Scrum Model we need to plan, build, test and Deploy on delivering fully-tested, independent, valuable, small features /stages. 

5. What is your contribution in any RFP?

Tips: Generally, Solution Architects work on many section like:

• Requirement response/ Solution
• Scope of work
• Solution Approach
• Risk and Mitigation
• Governance Model
• Assumptions
• Cost
• Pricing
• Service Levels Assumptions (SLA)

 My contribution for any RFP cover all these areas.

Suggestion: Tell specific contributions that you generally do it for RFPs in your organisation. 

6. Please explain how will you propose ROI in RFP for infrastructure outsourcing?

Tips: ROI means Return on Investment. It is a term that is used to measure performance and cost.  As I have mentioned in all my articles, Solution Architect needs to have a blend of technical and sales skills so that they can work a solution and showcase ROI to the client. It’s all about how you can convince the CTO/CEO and other stakeholders to invest in your project.  We can achieve ROI by re-architecting or redesigning your existing solution that will reduce the existing human’s efforts, Time, and TCO. Let’s take an example.

For example: Suppose we have 1000 database server that needs to be refreshed with new hardware because they are approaching end of life. We can propose database consolidation, Cloud or SaaS to reduce the number of servers from 1000 to 500 based on their potential candidature to qualify for consolidation. Further we can apply Automation to reduce the repetitive tasks that will reduce the total human effort. This way customer need to invest in on-premise to cloud migration with some  one time cost and within 6 months there will be visible ROI in monthly maintenance of services because we have already reduced total no of servers.

7. Explain Onsite Offshore Model in IT industry?

Tips: The Onshore /offshore model is based on client requirement and SA proposed solution. This model is a mixture of onsite, offsite resources. The blend of onsite-offsite of resources provide the cost-effectiveness of the offshore model along with client representation at the onshore. The onsite resources fill in the crucial communication gaps and safeguard projects’ escalations if any.  The hybrid Onsite-offshore model, are very cost effective and popular in IT industry.

8. Please elaborate “Table of contents” for any RFP?

Tips: For any RFI and RFP document building” Table of content” is one of the most important part. It’s always a discrete approach followed by solution architect how he or she prefer to design their response. However, in some cases client RFI and RFP clearly state the response document and strictly define the format, table of content and response which has to be followed by SA’s.

In general Table of content covers the following area:

• Executive Summary
• Company Portfolio
• Competitive Advantage
• Requirement response/ Solution
• Scope of work
• Solution Approach
• Risk and Mitigation
• Governance Model
• Assumptions
• Cost
• Pricing
• Service Levels Assumptions (SLA)
• Appendix

9. Have you been part of Bid Complexity process? What’s was your role?

Tips: It is a team work, all organization spends lots of their energy in Analyzing the contract, the bid process, the margins, the profit and how they have competitive advantage with other bidders. The process is complex as a SA pays a pivotal role and providing optimum price for the contract. The Bid optimization covers rigorous efforts between margins and actual cost and the specified work.

Suggestions: Being in solution architect role I would discuss pricing with all stakeholders (Delivery, Sales , Bid manager , SA’s and Technical Architects )“How can we be more competitive with Margins” and based on our analysis we conclude or bid. Below are the questions which we discuss:

• Are we getting reasonable profit post being competitive?
• If being competitive and we lost money on the initial contract can we assume high possibility of getting follow on work with considerable amount of profit?
• If being into Business (initial contract) with no margin will increase our chances to eliminate other bidders from any associated contract?
• To bid or Not to bid? How it changes the probability of getting future deals?

10. How will you differentiate between Team Structure and Governance Model?

Tips: 

Team Structure – In Organization employees are structured in different projects and category. The set of employees who will work on project together are essentially called as a Team. Based on their respective responsibilities the Team is structured to perform individual task.

Governance Model – Governance Model define power and its accountability in governing or management roles in an organization. The Model designate operatives who will set rules, procedures, and other informational guidelines. In addition, governance frameworks define, guide, and provide for enforcement of these processes.

11. Difference between Incident and Problem in terms of ITIL framework?

Tips: An Incident is an event which could lead disruption of the services or Business.

Any problem which occur during Business Hours is considered as an Incident (ITIL Def.). A problem is the original cause that leads to an incident. For e.g. A website URL is not reachable as Database is down. This issue will be raised as in incident as it has disrupted the Business.

The actual root cause of problem was space issue in database. A problem may be something that could lead to the same incident occurring again, or lead to another incident entirely. A problem is the original cause that leads to an incident. For e.g. During maintenance hours due to some problem database was down, but it did not cause any service disruption hence it was just a problem that needed to be fixed.

12. What is the difference between RFI and RFP?

Tips: Please read my attached article to learn about RFI and RFP.

• Difference between RFI and RFP

I hope you like this article. Please follow our Facebook page and Twitter handle to get latest updates.

Read More:

• Learn Presales Management in IT Solutions
• Is Presales a Good Career Opportunity in IT?
• Presales Interview Questions & Answers – Part 1

The post IT Presales Interview Questions & Answers – Part 2 appeared first on Techyaz.com.

Typically, presales means prepare yourself before selling your services or products. It is imperative to understand pre-sales consultants are technical person who fully understand the domain he or she decided to represent or work upon. However, in most of the cases these consultants choose their domain based on their experience for e.g. Infra Consultant, Platform consultant, product consultant, software consultant in cloud (IaaS, PaaS & SaaS).

As the name pre-sales suggest preparing yourself to present, respond and demonstrate your services in smartest way to win deal for your organization. Essentially Sales and Presales consultant work very closely for any Request for Information (RFI) and Request for Proposal (RFP). Refer to my article on for additional information on RFI and RFP.

• Is Presales a Good Career Opportunity in IT/ITeS? 
• IT Presales Interview Questions & Answers – Part 2

Presales Interview Questions

Question 1 – The very first question in any presales interview will always be “Tell me about yourself”?

Answer: As you introduce yourself to the interviewer you need to understand he/she wish to know lesser about you more about your profile and how you can fulfil their requirements.

Tips:

• Start with your introduction and try rapping it up in a minute.
• In Introduction give brief about your educational qualification.
• Precise introductions about your overall experience in industry or as mentioned in your CV.
• Give 2 minutes to talk about your relevant experience in pre-sales how it started and how you have grown up in this role as a consultant.
• Rap up on positive attitude about your hobbies or interest.

Question 2 – Tell me about your current role in your organization as a presales resource?

Answer: There are many roles in Presales consulting, you need to be specify and talk about your role. You must ensure you choose wisely the profile you mention as it will decide the course of interview session.

• Deal Managers (Could be different abbreviations in your firm)
• Finance Operative (Could be different abbreviations in your firm)
• Solution Architect
• Technical Architect
• Sales Consultant
• Legal Consultants

Tips:

1. Explain your role as a solution Architect and in what stage you get involved.
2. Explain what kinds of deals you have handled so far and you can provide generic details about the deal Size (Number of FTE’s), total deal cost and domains involved but remember never to mention the client name as you need to ensure Data Privacy norms.

Question 3 – What all area you cover in deal scope (e.g. Infra, Software, help desk, support or overall deal)?

Answer: Consider below points while answering this type of questions.

• Here you need to choose the best technical domain of yours and then brief about the same.
• All Scope of work or service catalog of your technical domain or you could provide solution in a deal.
• Explain how you gather the client requirement and how you planned a solution
• Brief on documents you prepared for the solutions. 

Question 4 – Tell me something about your projects, deals which you have worked upon?

Answer: Explain about your past projects where you have contributed as Presales Consultant. Explain your part of contribution.

Tips:

• Brief descriptions on overall experience on projects as per your CV.
• Brief on Distinct deals you handled during the tenure of your service as a presales consultant. 

Question 5 –  What was your role in projects or deals you have worked upon?

Answer: Specify your role as a Solution Architect or whatever suits your profile as described below along with some of your contributions to the deals.

• Deal Managers (Could be different name in your firm)
• Finance Operative (Could be different name in your firm)
• Solution Architect
• Technical Architect
• Sales Consultant
• Legal Consultants 

Questions 6 – What’s all frameworks have you worked upon?

Answer: This is very important question and need to be answered carefully with full knowledge of framework you decided to speak on. See below few frameworks for e.g.

• ITIL
• COBIT

Question 7 – Have you ever designed an operating model for Level 1 Support / Help Desk? Provide a brief description of the same?

Answer: Consider below points while answering this question.

Tips:

• As in presales each client comes with their own set of requirements hence every deal needs different operating model.
• Prepare in advance your well versed operating model which you can explain in few minutes. It should be easy, short and quick to explain best is L1, L2 support or Help desk. You can explain the onsite off shore model here.

Question 10 – How good are you with Microsoft Excel, Microsoft Project, MS Word and Power point?

Answer: Be honest and answer whatever knowledge you have about these applications.

Tips:

• You can rate your skills on the scale of 10 based on your expertise. These are much needed skills in presales so you can say you are well versed with these software’s.
• You can name excel functions for e.g. v-look up, If and else statements, Sum, Average, count, password protection etc.

Question 11- How will you manage Shortfuse deals?

Answer – Shortfuse deals are the ones with short deadline to submit solution. You can take any example where you got < 2 days for providing solution, getting approval, costing etc. and describe its challenges and how did you overcome it. Explain how you planned it.

Example/Tips:

• Get all stakeholders on call to gather requirement / scope and provide solution in power point.
• Send solution deck to all stake holders for approval and suggestions.
• Inform the Finance team in advance about costing request.
• Onboard delivery team to participate in solution approval and cost drill down exercise.
• Divide submission documents among other stake holders to finish the docs on time.
• All documents should be versioned and kept on SharePoint repository and Quick follow calls twice /thrice a day should be scheduled to wind up the short fuse deal on time.

All the above steps will allow you to manage short fuse deals but onboarding stake holders, Quick follow-up calls and Team work is mandatory for successful submission and win.

Question 12– Have you ever presented to client/Client Orals?

Answer: Share your experience by picking any relevant deal where you presented your solution.

Tips:

• Talk about you preparatory work.
• Then describe the audience and Presentation challenges.
• Explain how your presentation provided a positive impact.

Question 13 – Did ever presented to CTO’s or CEO what was your preparation?

Answer: Share your experience if you have ever presented any solution to CTO/CEO.

Tips:

• Talk about you preparatory work.
• Explain how your presentation provided a positive impact.

Questions 14 – Did you ever analyze the lost deals and prepared report for the same and shared with all stakeholders?

Answer:  Yes, every firms do root cause analyses of lost deals. There is various factor which we analyze. Some of the factors are given below.

• Less competitive pricing
• RTO & RPO was not presented
• Lack of experience in domain
• Solution provided was not cost effective
• Solution not fit to the Client requirement

Question 15 – How good are you in handling pressure?

Answer: I hardly feel pressure as presales is my passion and don’t feel weight about it. I get excited about the dynamic which presales brings in my life. I believe if we have technical knowledge with blend of confidence and motivation there is no pressure which can oppress us. 

Question 16 – How did you manage escalation for a short fuse deal?

Answer: The Short fuse deal comes with pressure and panic among all which could lend us to escalation in some cases. However, if I decided to take responsibility I ensure I complete it and I have hardly faced any major escalation in my tenure. I always plan my work in 3-way process.

1. Acknowledge the responsibility / Area of scope which I can provide solution with timelines
2. Address the concern of Sales and delivers teams in my area of scope
3. Timely sending the progress report to stake holders to avoid panic and escalations. 

Question 17 – What all certification have you done on Solution Architect?

Answer: Answer about your certifications or trainings you have done to learn presales role.

Tips:

It’s not mandatory to have Solution Architect certification however if someone wishes to excel in the same. BCS Intermediate level certificate is there or either TOGAF 8 or TOGAF 9 level 2 certificate could be useful.

Question 18 – Do you have any experience in Upsell?

Answer: In case you have any experience, you can talk about it.

Tips:

Basically, in this question you can showcase your sales skills. How did you analyze client requirement and able to convince them to buy proposed solution to solve their concerns. 

Question 19 –  what was your role post you won the deal?

Answer: You can explain about your role post winning the deal and tell about till what stage you were involved.

Tips:

• SOW (scope of work)
• Final contract
• Project Initiation
• Handover to delivery  

Question 20 – How good are you in preparing SOW and what all you cover in the same?

Answer: You can define scope of work providing few major headings below.

• Scope of services
• Cover client requirement
• Terms and condition
• Final deliverables
• Sign off procedure
• Any legal contractual terms and conditions/Governance
• RACI Matrix
• Assumptions & Key Dependencies
• Termination/Exit Plan

Questions 21 – How comfortable are you with travelling on short notice?

Answer: I am comfortable in travelling considering the fact presales /Sales is a Travel job. 

Question 22 – How many deals you can handle in parallel?

Answer: I can work on 3-5 deals in parallel depending on the size of the deal.

Tips:

It is imperative that you speak truth in this question. As it’s like commitment so unrealistic figure can get you in trouble. With Presales as carrier 3 deal at a time is Business as usual so Be Honest here. 

I hope you like this article. Please follow our Facebook page and Twitter handle to get latest updates.

The post Presales Interview Questions & Answers – Part 1 appeared first on Techyaz.com.

Cloud Computing brings best in breed technologies mesh to provide high availability, durability and capacity with minimum time frame. In simple words your traditional data center (DC) would have flew down from on-premise to somewhere with big giants Cloud Service Providers DC like GCP (Google Cloud Platform), AWS (Amazon Web Services), Azure, IBM, Salesforce etc.

Why Should You Learn Cloud Computing?

As i mentioned above, Cloud Computing is growing faster than ever and creating lot of high paying jobs. The reason behind its popularity is its Pay As You Use model.

All cloud services are running on “Pay As You Use” model. You only pay for the services till you are using and can increase/decrease the usage capacity in few hours only. The Cloud Computing takes away hassle of procurement of servers, software’s & resources. It also removes the need of building, managing & maintenance of Data centres that is why most of the organizations are adopting cloud computing these days.

As more organizations will move to cloud, more cloud related jobs or opportunities will arise. So, it is imperative to learn cloud computing technology so that you can make use of it in your IT career. The added advantage of learning cloud is that you can bring value to your organization and its clients.

Prerequisites to Learn Cloud Computing

Today I will brief you about the skills needed to learn cloud and build promising career in it. Cloud can add value to your CV/Resume. Every IT professional need to have some familiarity with cloud. It has become an essential part of Information Technology. We as Digital Users are leveraging cloud Technology every day in our life. The most common example is social media, mails, music, YouTube, Facebook, Instagram, Twitter, News etc. Everything where data is stored in huge size is using cloud technology in the background.

Cloud Computing services falls into three categories:

• Infrastructure as a Service (IaaS),
• Platform as a Service (PaaS)
• Software as a Service (SaaS).

Although this article is very much applicable to all three categories for learning standpoint but primarily we will talk and refer about IaaS (Infrastructure as a Service) model. Infrastructure as a service (IaaS) is a form of cloud computing that provides virtualized compute resources over the internet following pay per use model.

As in earlier days Data center had multiple roles and responsibilities, similarly in cloud you can get similar technology, roles and career. If you belongs to IT Infrastructure services, then you  can pursue your career in IaaS cloud computing.

One can learn cloud as a beginner even if you have very basic skills in computers, prior experience in IT is an added advantage.

To begin with cloud there are three-important area to cover:

• Virtualization concepts
• Networking in virtual environment
• Operating systems (Linux & Windows)

Virtualization

It is important to understand how virtualized environment operates. In cloud context, virtual machines lie over and above hypervisor layer. Multiple VM’s shared same physical hardware and all the network equipment but are isolated or virtually separated from the other client machines using hypervisor technology. Virtualization means every type of application or workload which needed physical machines in past now can run by using shared resources across many clients. For more information refer to

Networking

The most important aspect of cloud is to understand cloud networking. It is very difficult section in cloud, and even those with some robust skills, typically require time to fully understand it.

Operating System (Linux & Windows)

Hands on experience on Linux and Windows is with excellent command lines skills is must before begin journey in cloud computing. One must begin with above three concepts to enter cloud computing.

How to Start Learning Cloud Computing?

The very first thing you need to do is, you need to decide the cloud service provider for which you want to learn and pursue distinct roles. There are many Cloud service providers in the market. You can choose any of them but it’s always wise to choose from top 3 service providers. Currently, Amazon is top cloud service provider in the market followed by Microsoft. Below are the names of some popular cloud service providers.

1. Amazon Web Services (AWS)
2. Microsoft Azure
3. IBM Cloud
4. Google Cloud Platform (GCP)
5. Salesforce

Once you have chosen the right cloud service provider then you should focus on the distinct domains. For example, if you had prior experience in networks you can choose to become Cloud Network Architect role and start focusing on CSP network services. If you are a system administrator then you can pursue Cloud System Administrator role. Below is the list of some cloud computing roles.

You can choose any roles given below as per your choice and are of interest. It would be an added advantage if you choose a domain in which you have some knowledge. The Distinct Technical roles which you can pursue in cloud are given below.

• Cloud Operations Engineer
• Cloud System Administrator
• Cloud Solution Architect
• Cloud Technical Architect
• Cloud Network Architect
• Cloud Security Architect
• Cloud Sales Consultant

I have explained the responsibilities and job profile of each and every role in below points.

• Cloud Operation Engineer – You should have at least 3 years of experience in this role. You need to ensure management of daily operations like adding Virtual machine (VM) to the cloud stack, installing software’s on the VM’s, monitoring cloud usage, controlling access to cloud environment, Identify and Access management for cloud.

• Cloud System Administrator – This job profile is similar to the system administrator job in legacy environment. Here, you need to take care of your cloud deployments and administration.  In cloud context security is shared responsibility however the systems security is client accountability. This role is mainly focus on hardening the Operating system and maintaining it. This will cover antivirus installation, policy control and overall protection services offered by cloud service provider. Strong Linux command line skills are needed.

• Cloud Solution Architect – You should have more than 6 years of experience to pursue a cloud solution architect role. The Cloud Solution Architect roles means to understand client requirement and propose possible design for the cloud IaaS. This comprise of servers, Data storage strategy, location, region, monitoring, security, Disaster Recovery and Business Continuity solution. Cloud SA may need to design a Hosting solution for some website or Data analytics, Data warehousing, Graphics processing solution. The responsibility of cloud SA is to understand all services provided by the Cloud Service Provider (CSP) so that he can design a suitable solution considering all services and their relative cost.

• Cloud Technical Architect – You should be on senior role or at least 7 years of experience to work as cloud Technical Architect. The Technical Architect role is to create the proposed design by the cloud Solution Architect. The responsibility of the Architect is to manage all technical queries in creating the entire cloud stack. Expert in shell, Perl, python compiled code language will be an added advantage. You must have expert level knowledge of Linux and windows operating system. This role demands knowledge of all fields including Networks, Infrastructure, Servers and settings, Identify and Access management. The Architect need to fix any issue which comes under configuring access, or security settings, Roles distribution etc. The hands-on experience on all services provided by CSP is mandatory for this role.

• Cloud Network Architect– The Network Architect need to configure Virtual Private Network(VPC), load balancing in cloud, manage ports, Incoming and outgoing connections, Tunnelling, Internet to cloud connection etc. Deep understanding of TCP/IP, Subnetting, DNS, DHCP, NAT and routing, strong knowledge of layer 2 network protocols, Good knowledge of IP routing, scripting abilities Perl or Shell. CCNA or CCNP preferred certification. The Network Architect need to design, create and maintain any network related issues.

• Cloud Security Architect –The role is most crucial and important in cloud environment considering the fact you can access cloud from anywhere anytime and its security need to be designed by Cloud Security Architect. The data security at rest and in transit, encryptions and descriptions, to avoid data loss and exposure. Good understanding of Internet and hosting from network layer up through the application layer, monitoring tools, clustering and internet security. The cloud security policies, governance, risk assessment, Multi-factor authentication and Authorization. Read attached article if you want to understand the basics of Cloud Security and Data Protection.

• Cloud Sales Consultant – Must be a business administration preferable MBA, Client facing roles, excellent communication skills, building strategic partnership at the C-level. Google knowledge of market leader in cloud in terms of services and costing. Love travel jobs.

Study Materials

There are lot of study materials available on internet to start with. Many portals have free courses that you can register to learn cloud computing. You can also buy a cloud related course on Udemy or Coursera. I have given specific training courses for each cloud providers in below links. You can access as per your choice to learn different cloud courses like AWS, Azure, GCP etc. You can also get practice papers as well if you are preparing for AWS or Azure certifications.

Online Training Courses for Top Cloud Service Providers:

• AWS Certified Solution Architect – Online Training Courses
• Architecting with Google Cloud Platform
• Architecting Microsoft Azure Solutions
• Hands on Google Cloud Platform (GCP) – Cloud Architect

I hope you like this article. Please Like, Comment, Share & Subscribe to this website to get latest articles directly into your inbox. You can also follow our Facebook page and Twitter handle to get latest updates.

Read More:

• Is Presales a Good Career Opportunity in IT Industry?
• Top 5 Cloud Service Provider Accreditations and Third Party Auditor Reports
• Understanding Cloud Computing
• Understanding Cloud Security and Data Protection

The post How to Learn Cloud Computing? appeared first on Techyaz.com.

Here I am going to answer all these questions and explaining about Cloud Security in this context.

Is your data secure in Cloud environment?

Yes, your data will be secured in cloud environment if you can design security solution/configurations leveraging public cloud providers features and third-party tools efficiently.

The amount of security configuration work you must do will varies, depending on what kind of cloud services you select and how sensitive your data is.

Security in Cloud creates a shared responsibility model between the customer and Cloud Service Provider (CSP). CSPs are responsible for securing the infrastructure (hardware, software, networks, and facilities of their Data center) that supports the cloud and you will be responsible for anything you put on the cloud or connect to the cloud (Data, Operating System, softwares, tools, License, Access, Credentials, authentication, encryption etc.)

Is your data in Cloud Hackable?

No, cloud systems are not hackable in terms of technology, hardware and network services provided by cloud provider. However, if security configurations are not done accurately by the user then loopholes in security may lead vulnerability in your cloud environment.

Can your data be disclosed by the Cloud Service Provider?

Your content/data will not be disclosed unless service provider required to do so to comply with the law of the country or a valid and binding order of a governmental or regulatory body. Unless prohibited from doing so or there is clear indication of illegal conduct about the use of CSP’s products or services. CSP notifies customers before disclosing customer content so they can seek protection from disclosure.

To understand all above and similar security related concerns you should first understand Cloud Security. Let’s discuss what is cloud security and how many domains we need to take care from cloud security point of view.

What is Cloud Security?

As every second your information/data travel through cloud and from different locations, networks and regions. We need to ensure it is not leaked in process of transmission from one place to other. Typically, all firms are well verse about physical and technical security of their On-premise data center. Similarly, cloud services and Infrastructure need to be secured to protect the confidentiality, integrity, and availability of your or your client data.

In Cloud context, security is a shared responsibility between the Cloud Service Provider (CSP) and its users/customers. CSPs take care of physical and logical security of its underlying hardware until Hypervisor layer. However, anything above Operating System is Client responsibility because customer owns the data and service provider has no access to it. Although it also varies in each model of Cloud Computing for some services.

Cloud Security is all about leveraging security features and tools to design and build a secure cloud environment to protect the privacy and integrity of cloud customers and their data. Cloud Security is blend of technologies and policies designed to adhere and regulate compliance rules and protect information, data applications and infrastructure associated with Cloud Computing use.

Cloud Security Categories

From cloud security perspective, below are the cloud security domains or categories that needs to be considered while building cloud environment.

1. Physical Security
2. Network security
3. System Security
4. Application Security
5. Data Security
6. Identity and Access management
7. Encryptions
8. Security operations

Each ownership for each type of security in cloud varies in each model of Cloud. You can see who is responsible for  what in each cloud model in below image.

1. Physical Security- is the protection of hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. CSPs are responsible to take care of this security.
2. Network Security – Includes data security in transit to and from the public cloud provider. It means designing and building network configuration and its elements allowing a secure access to cloud resources from your on-premise Data centers, Office, Internet etc. This security is shared responsibility between CSPs & Customer.
3. System Security- This capability covers operating system hardening, protection and policy control. The host security at PaaS and SaaS Level are transferred to CSP.
4. Application Security – It’s a shared responsibility in cloud context to protect the application running over the cloud. Based on type of cloud model application security is managed, for e.g in SaaS cloud provider will manage the security of the application. While at the PaaS level platform security will be managed by CSP and deployed application will be customer responsibility.
5. Data Security – Data security capability includes securing data in transit and at rest it to avoid data loss and exposure.
6. Identity and Access management- This capability evolves around authentication, verification and authorization of cloud resources.
7. Encryptions – As all communications between regions is across public Internet infrastructure; therefore, appropriate encryption methods should be used to protect sensitive data.
8. Security operations- Governance and strategic direction on security policies, risk assessment and its maintenance.

Choose Cloud Service Provider considering Data Security, Information Security and Quality Assurance?

Its depends on data and its criticality in terms of sensitivity, availability & durability requirement. For choosing most reliable cloud service provider we must consider CSP’s accreditations, security certifications and third party audit assessment reports. All major cloud service provider share their policies accreditation on data privacy, security, durability, availability information on their respective portals under valid Non-disclosure agreement. These certifications are global and can be achieved through periodic rigorous external audit accredited certification bodies based on NIST (National Industrial Security Program Operating Manual) global standards.

Some of the Most popular Cloud Service Provider Accreditations and Certification for cloud computing compliance and security are given in attached article. Read it to understand Cloud Accreditations and Certification that will finally help you to choose right Cloud Service Provider.

I hope you like this article. Please follow us on our facebook page and on Twitter handle to get latest updates.

Reference Links: Azure , AWS  ,Google ,IBM

The post Understanding Cloud Security & Data Protection appeared first on Techyaz.com.

Compliance Program provided by Cloud Services Providers

Cloud Service providers ensure robust controls to secure their infrastructure, to protect client data. As virtual systems build over the cloud Infrastructure need also to be secured and it comes with shared responsibility and compliance. Cloud Data center environment comes with audit friendly features and standards to ensure client satisfaction about their data security. The IT infrastructure that CSP provides to its customers is designed and managed in orientation with security best practices and a variety of IT security standards due to economies of scale, including but not limited to the following:

AWS (Amazon) Security Certifications /Accreditation 

• Cloud Computing Compliance Controls Catalogue (C5)
• FedRAMP Partner Package
• Global Financial Services Regulatory Principles IRAP Package
• ISO 27001:2013 Certification and Statement of Applicability (SoA)
• ISO 27017:2015 Certification and Statement of Applicability (SoA)
• ISO 27018:2014 Certification and Statement of Applicability (SoA)
• ISO 9001:2015 Certification
• MAS TRM Guidelines Workbook
• PCI DSS Attestation of Compliance (AOC) and Responsibility Summary
• PSN Connection Compliance Certificate (CoCo)
• PSN Service Provision Compliance Certificate
• Quality Management System Overview
• Service Organization Controls (SOC) 1 Report
• Service Organization Controls (SOC) 2 Report
• Service Organization Controls (SOC) 3 Report
• SOC Continued Operations

 Microsoft Azure Security and Compliance Certifications / Accreditation 

• ISO 27001, FedRAMP, SOC 1 and SOC 2.
• The Content Delivery and Security Association (CDSA)
• Criminal Justice Information Services (CJIS)
• The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) CSACCM
• EU Model Clause
• FDA 21 CFR Part 11(The US Food and Drug Administration (FDA) Code of Federal
• Regulations (CFR) Title 21 Part 11)
• FedRAMP(Federal Risk and Authorization Management Program (FedRAMP)
• The Family Educational Rights and Privacy Act (FERPA)
• FIPS 140-2. Federal Information Processing Standard (FIPS) Publication 140-2
• The Health Insurance Portability and Accountability Act (HIPAA)
• IRAP (Australian Government Information Security Registered Assessors Program)
• ISO/IEC 27001/27002:2013
• Multi-Level Protection Scheme (MLPS) is based on the Chinese state standard issued by the Ministry of Public Security
• Multi-Tier Cloud Security Standard for Singapore (MTCS SS),
• Payment Card Industry (PCI) Data Security Standards (DSS) version 3.0
• TCS CCCPPF Trusted Cloud Service certification developed by the China Cloud Computing Promotion and Policy Forum (CCCPPF)
• UK G-Cloud. 

Google Security and Compliance Certifications / Accreditation

• SSAE16 / ISAE 3402 Type II:
• SOC 1
• SOC 2
• SOC 3 public audit report
• ISO 27017, Cloud Security
• ISO 27018, Cloud Privacy
• FedRAMP ATO for Google App Engine
• PCI DSS v3.2
• HIPAA
• CSA STAR
• MTCS Tier 3 Certification (Singapore)
• Google Cloud Platform and the EU Data Protection Directive 

IBM Security and Compliance Certifications / Accreditation

• FedRAMP
• FISMA
• FFIEC
• SOC Reports
• ISO 27001
• ISO 27017
• ISO 27018
• Cloud Security Alliance
• PCI Compliance
• HIPAA
• HITRUST Assessment
• GSMA (DAL09, PAR01)
• CJIS Standards
• EU Model Clauses
• Privacy Shield
• IBM ISO Management System Certifications

Related Read:

• What is Cloud Computing?
• Understanding Cloud Security & Data Protection in Cloud

I hope you like this article. Please follow our Facebook page and Twitter handle to get latest updates.

Reference Links: Azure , AWS  ,Google ,IBM

The post Top 5 Cloud Service Provider Accreditations and Third-Party Auditor Reports appeared first on Techyaz.com.

Cloud Computing

Cloud Computing atmosphere is all about getting compute for e.g. (Storage, Software, Platform, CPU, RAM, Processor, network, Cluster etc.) using Internet anywhere, anytime and in any size. Cloud provides unlimited compute services with pay as per use model. Cloud bring best in breed technologies mesh to provide high availability, high durability and high capacity with minimum time frame, in simple words your traditional data center (DC) would have flew down from on-premise to somewhere with big giants Cloud Service Providers DC like Google, AWS, Azure etc.

Benefits of Cloud Computing

There are many benefits of Cloud Computing. It is a big shift from the traditional way businesses think about IT resources.

1. Time -Most cloud computing services are provided on demand, so even vast amounts of computing resources can be provisioned in minutes, certainly with just a few mouse clicks, giving businesses a lot of flexibility and taking the pressure off capacity planning
2. Cost – Cloud Computing removes the investment expense of procurement of hardware and software and setting up and running onsite datacenters—the racks of servers, 24/7 electricity for power and cooling, the IT experts for managing the infrastructure, Hardware maintenance, Physical security etc.
3. Scalability -The benefits of cloud computing services include the ability to scale elastically. In cloud speak, that means delivering the right amount of IT resources—for example, computing power, storage, bandwidth—right when it’s needed and from the right geographic location.
4. Productivity-On-site data centers typically requires high maintenance, technology upgrade and heavy investment as it need lot of “racking and stacking”—hardware setup, software patching and other time-consuming IT management tasks. Cloud removes the need for many of these tasks, so IT teams can spend time on achieving business goals. Moving to the cloud gives access to enterprise-class technology, for everyone anywhere anytime.
5. High Performance-The biggest cloud computing services run on a worldwide network of secure datacenters, which are regularly upgraded to the latest generation of fast and efficient computing hardware. This offers several benefits over a single corporate datacenter, including reduced network latency for applications and greater economies of scale. You can increase any amount of storage and processing capacity with pay per use model.
6. High Reliability– Cloud computing makes data backup, disaster recovery and business continuity easier and less expensive, because data can be replicated at multiple redundant locations on the cloud provider’s network.
7. Security – Cloud computing gives you greater security when your hardware like laptop, mobile, tablet etc. are lost, damage or stolen this occurs as your data is stored in the cloud, you can access it no matter what happens to your machine. And you can even remotely wipe data from lost devices so it doesn’t get into the wrong hands. Cloud Ensures minimum disruption to Business.
8. Disaster Recovery – Cloud provides best DR solution for any businesses, cloud-based backup and recovery solutions save time, reduce large upfront investment due to global presence and economies of scale. Cloud service provider features like tiered storage, multiple Availability zones, Data replication etc. can be leveraged to design optimum DR and BCP solutions.

Types of Cloud Offerings

Cloud Computing services majorly  falls into three categories:

• Infrastructure as a Service (IaaS),
• Platform as a Service (PaaS)
• Software as a Service (SaaS).

IaaS – Infrastructure as a Service

Infrastructure as a service (IaaS) is a form of cloud computing that provides virtualized computing resources over the internet following pay per use model . Or we can say traditional on-prem data center services on rent for e.g. IT infrastructure—servers and virtual machines (VMs), storage, networks, operating systems.

Platform as a Service (PaaS)

Platform-as-a-service (PaaS) represents cloud services that provide platform or environment for developing, run, manage testing, delivering and managing applications on-demand online anytime. PaaS ensure ready to use development & testing platform without the complexity of building and maintaining the infrastructure. PaaS is designed to make developers and clients life easy by leveraging pre-configured systems, templates, software’s ready to build mobile or web applications  and with no hassle of setting up or managing the underlying infrastructure of servers, storage, network and databases needed for development.

Software as a Service (SaaS)

Software-as-a-service (SaaS) is a process for delivering software applications over the Internet, on demand and typically on a subscription basis. With SaaS, cloud providers host and manage the software application and underlying infrastructure and handle any maintenance, like software upgrades and security patching. Users connect to the application over the Internet, usually with a web browser on their phone, tablet or PC. To see more on SaaS, refer to Azure

Top Cloud Service Providers

As per Forbes below are the list of top 10 Cloud service providers

1. Microsoft Azure
2. AWS
3. Salesforce
4. SAP
5. IBM
6. Google
7. Oracle
8. Workday
9. Service Now
10. VMware

I hope you like this article. Please follow us on our facebook page and on Twitter handle to get latest updates.

The post What is Cloud Computing? appeared first on Techyaz.com.

Related Article:

• Presales Interview Questions & Answers – Part 1
• IT Presales Interview Questions & Answers – Part 2

What is Presales in IT?

Pre-sales team work hard to accomplish the client requirement which includes Solutioning, Costing, Resourcing, Presentation etc. There are dedicated, passionate and Technical Presales resources behind every deal won by any organization.

These days Presales has been providing very fascinating and promising career prospects in IT/ITes. Maximum beginners are not aware of this career option. It’s not mandate to be an MBA for starting your career as presales consultant but it’s always an added advantage.

Presales resources are individual contributor and work closely with sales teams. The focus of Presales job profile is essentially in gathering requirement, running feasibility checks, design and build solutions.

Effective career as pre-sales consultant is a blend of technology and finance, as an Individual contributor this team is part of CoE (Center of excellence) in many organization.The basic job of pre-sales folks is to understand client requirement from a business standpoint is significant and then leveraging your writing, presenting and designing skills to stich the solution into a proposal.

The nature of the job is so dynamic that every Request for Information (RFI), Request for proposal (RFP) comes with new challenges and set of prerequisite, so need humans to analyze and manage the client requirement. Hence the presales job cannot be automated or done by robots but there is always a scope of automation that can be done at process or task level.

Presales Job Responsibilities

The benefits Pre-Sales resources get in front of client is that they can show actual expertise on the products or solutions they sell. Below are the list of responsibilities an organization expects from a Presales resource:

• Main responsibilities of Pre-Sales executives are to design a cost effective and competent solution that captures client requirement. Showcase your company achievements, experience and position in providing best quality service.
• A Presales consultant need to present customer finest solution which covers their need and future aspects considering market trend and forecast.
• Sales executives generally don’t have the forte in solution, hence Presales Team needs to be vigilant in designing solution which fulfill client requirement as well as  be cost effective and bring profit to their organization. It’s not just about winning deal it’s more about increasing company revenue.
• Presales consultant mostly need to be assertive for a constructive conflict with sales and delivery team both, and at times in some exceptional cases with the customer as well.
• The Pre-Sales must have good content writing skills.
• Presales accountability should be taken very serious as final scope of work(SOW) gets documented by Presales guys that becomes Bible for delivery and customer teams.

Read below article If you are preparing for a Presales Job Interview.

• Presales Interview Questions & Answers

Understanding Terminology used in Pre-Sales

Request for Information (RFI)

This is the first stage of any deal. Many Organization release RFI to understand their vendor eligibility to fulfill their project/deal/job requirement. In RFI documents client/customer may ask any of the following information to decide the eligibility criteria:

1. Technical expertise
2. Financial history
3. Overall User base
4. Credentials
5. Artefacts
6. Certifications
7. Technical Questionnaire
8. Legalities
9. Regional constraints
10. Strategy
11. Best possible Recommendation based on client requirement

It’s Presales Team who respond to RFI’s and make your organization eligible to bid for RFP’s. RFI’s response need to be crisp and to the point so that customer shortlist your company for next stage of bidding which is called Request for proposal (RFP)

Request for Proposal (RFP)

Once client will shortlist your organization during RFI process, you will be qualified for this stage known as Request for Proposal (RFP). Any company who wishes to hire/outsource/contract any piece of job/activity/project leveraging different vendors in market release their requirement in the form of RFP. The RFP contain all information related to client requirement such as:

1. Eligibility criteria for vendors
2. Submission dates
3. Client Requirements
4. Selection procedure
5. Confidentiality, Legal Terms and Conditions
6. Regional constraint
7. Quotations request details
8. Presentation request
9. Submission doc type in word document or Powerpoint presentation

Post successful bidding client will declare the deal Winner and as a final stage of process SOW needs to be signed between the customer and the successful Vendor who had won the deal.

Solutioning

Analyzing client requirement for a deal/job/project/contract to enhance client business so that they can meet market demands, equipped with latest trend & technology. The IT/third party/vendors /outsourcings firms provide optimal, cost effective resolution/ products/services to solve the concerns/hurdles of client. Presales resources analyze client requirements and convert that requirement in to best possible solution. They plan, design and build a layout document or powerpoint presentation to showcase the solution. Solutioning comes under RFP stage.

Costing

Every Deal/project/RFP have some budget. As per the type of deal client ask for quotes to deliver project in certain duration. The outsourcing company will provide cost for the job/activity in which the project would be completed. This includes complete budget plus margin to recover company expenses. Costing is part of RFP stage.

Costing includes the following:

• Travel expenses
• Asset procurement
• Software License cost
• Resources
• Any Trainings
• Governance

Sizing

Sizing means number of resources required to finish the project/job/activity. Sizing is the most crucial part of Pre-Sales, you must identify number of FTE (Full Time Employees) needed for respective technology, their tenure, total numbers and their Trainings need to finish the project on deadlines. In some cases, it also includes additional time for KT (Knowledge Transfer) and Reverse KT if needed.

Governance

For any deal/project/job there is a need of governance layer, who can manage any client escalation, communication along with entire project delivery management. The Governance layers will always be shared resources as they can manage multiple projects at one time. There could be some dedicated project managers depending upon the deal size and complexity.

Scope of Work (SOW)

Final stage of bidding for any contract/outsourcing/project is signing SOW. SOW is detailed document that clearly defines the following

1. Roles and Responsibility between the client and the Vendor
2. Details project plan
3. Project timelines
4. Terms and Condition (Legal)
5. Knowledge transfer plan
6. Project kick off dates
7. Travel plan If any
8. Governance
9. Contract signed as mutually agreed between partner and client

Presales Technical Skills Requirement

Person should have very good knowledge about overall IT infrastructure architecture or about your vertical. Apart from this you should have:

• Domain knowledge
• Ability to understand Client Requirement
• Content writing
• Good communication & presentation skills
• Good Knowledge of Microsoft Office (PowerPoint, Visio, Excel & word)

Presales Training Courses

We live in Internet age so we have lot of options to learn any technology on Internet. These days you don’t need to buy a physical book to learn anything. You can get lot of study materials available over internet that will be helpful to learn any subject.

Udemy is one of the website that promotes digital learning. They have more than 40000 online video courses that anybody can use to learn as per their interest. I have also found one of the very good Presales course on Udemy. You can click on below link to directly access this course.

• Online Training Course on Presales Management – IT Solutions & Service Providers

Who should join Presales?

Presales is very promising field with lucrative remuneration and appreciation from management. You will help generating new business for your organization which will give you all the attention needed. Considering the above-mentioned facts if you really decided to join presales it’s important to be focus on below mentioned points:

• Passionate about Technology to pursue presales as career
• Good listener and reminisce it
• Can work under pressure as mostly they had to deal with short fused deals
• Can deal and manage communication with diverse workforce
• Decent content writer is essential part of presales
• Continuous Skill development and Sound knowledge of emerging trends and technology is must
• Decent knowledge on Costing and Finances
• An Assertive leader to deal with delivery teams
• Positive Attitude to manage success and failure graciously.
• Virtuous negotiator

Who should NOT join Presales?

Presales job will come with lots of responsibility and challenges. If you don’t like new change every day than you may not like the dynamic presales filed. The nature of this job is high pressure on delivering right solution at right time. It’s very crucial how you deal with win and miss deals. So please consider below facts before thinking of presales as career option:

1. Don’t like Dynamic job with multiple skills
2. Don’t enjoy working under pressure
3. Don’t enjoy Writing & making Powerpoint presentations
4. Don’t like sudden change
5. Don’t like travel
6. Don’t enjoy long hours calls
7. Casual Attitude

Experience needed to become Solution Architect (SA) in IT?

Generally, 5+ years in IT industry which includes domain knowledge of at least 2 years. Multi-skills and good learners’ folks can enjoy this challenging role that will give you lucrative salary and Bonus along with recognition among all teams and higher management.  You can consider Presales as your career option if you have all above mentioned skills and qualities.

I hope you like this article. Please follow us on our facebook page and on Twitter handle to get latest updates.

The post Is Presales a Good Career Opportunity in IT? appeared first on Techyaz.com.