Cloud Migration

Migrating resources to the cloud computing environment is a technical and organizational challenge related to mapping and securing the currently used architecture, services, and applications.

A key element of migration is ensuring the continuity of critical business processes and high data availability

Migration scenarios are based on business use cases of cloud computing defined during the operational planning stage. Depending on business requirements, cloud migration may include:

• Microsoft 365 Office applications (Word, Excel, PowerPoint)
• Email and Calendar (Outlook, Exchange, Bookings)

• Meetings and voice communication (Teams)
• Group work and social networks (SharePoint, Yammer, Stream, Sway, Lists)
• Data Storage (OneDrive)
• Servers (applications, web, databases)
• Work and Task Management (Planner, PowerApps, PowerAutomate,Power Virtual Agents)
• User and Device Management (AzureActiveDirectory, Pam, Intune)
• Data Analysis and Reporting (My Analytics, Power BI, Data Warehouse)

01

Operational Planning

he goal of planning is to define specific migration and adaptation scenarios and determine the necessary actions to implement the strategic plan.
During operational planning, we use the methodology and standard defined by the Cloud Security Alliance (CSA), a leading global organization that defines cloud computing security standards.

Operational planning for cloud computing migration and adaptation will include analysis and planned actions considering the following areas:

• Confirmation of compliance of public cloud usage with current legal regulations and obligations towards business partners
• Defining business scenarios for using the public cloud
  • Scope of applications migrated to the cloud
  • Scope of data migrated to the cloud
  • Scope of hardware resources migrated to the cloud
  • Scope of data shared from the cloud
  • Access method to cloud resources
  • Authentication method
  • User group authorized to process data in the cloud
  • Scope of business processes/activities migrated to the cloud
• Choosing the right security model archetype for business process groups moved to the cloud
• Determining the required security level for individual processes, activities moved to the cloud
• Identifying the CSP (Cloud Service Provider) capable of meeting functional and security requirements
• Identifying required security measures to be implemented and determining responsibilities between CSP
• Close cooperation with CSP to implement appropriate controls and integration with security tools
• Standardization, security automation, analysis of the possibility to standardize security "under the cloud" with the rest of the organization
• Prioritization of security measures to be implemented
• Implementation of security measures and cloud security governance

02

Strategic Planning

Strategic planning aims to ensure that the scope and manner of cloud migration and adaptation support the achievement of strategic business objectives.

We use the Business Motivation Model (BMM) methodology maintained by the international consortium Object Management Group. This tool allows for the analysis of business strategies and IT project implementation goals.

Our approach will enable the definition of:

• A vision that defines the main goal resulting from migration to cloud computing resources
• Strategic objectives whose achievement will directly support the realization of the Vision and allow for the verification of whether the assumed benefits of the project have been achieved. Strategic objectives will be defined based on strategic business goals
• Operational objectives whose achievement will enable the realization of strategic objectives. Operational objectives for each strategic goal will be defined based on grouping tactical actions
• Mapping of the Vision coverage through the realization of strategic and operational objectives
• Tactical directions of action constituting a set of initiatives for individual goals. Means to achieve goals, constituting a set of functionalities and security mechanisms necessary to implement identified initiatives