Difference between revisions of "User:Shawndouglas/sandbox/sublevel3"
From LIMSWiki
< User:Shawndouglas | sandbox
Jump to navigationJump to searchShawndouglas (talk | contribs) (Cleared) Tag: Blanking |
Shawndouglas (talk | contribs) Tag: Reverted |
||
| Line 1: | Line 1: | ||
{{Saved book | |||
|title=Choosing and Implementing a Cloud-based Service for Your Laboratory | |||
|subtitle=By Shawn E. Douglas | |||
|cover-image=Cloud-computing-1.gif | |||
|cover-color=#ffffff | |||
| setting-papersize = A4 | |||
| setting-showtoc = 1 | |||
| setting-columns = 1 | |||
}} | |||
'''Title''': ''Choosing and Implementing a Cloud-based Service for Your Laboratory'' | |||
'''Edition''': First edition | |||
'''Author for citation''': Shawn E. Douglas | |||
'''License for content''': [https://creativecommons.org/licenses/by-sa/4.0/ Creative Commons Attribution-ShareAlike 4.0 International] | |||
'''Publication date''': August 2021 | |||
This guide examines the state of [[cloud computing]] and the security mechanisms inherent to it, especially in regards to how it relates to today's [[Laboratory|laboratories]]. While cloud computing and cloud-based applications can enhance the activities of many types of labs, a methodical and meticulous approach to [[cybersecurity]] is required to not only get the most out of a cloud solution but also mitigate future data catastrophes. This means understanding [[risk management]], regulatory considerations, deployment approaches, and the potential value of managed security services in the cloud. Additionally, the essential links between laboratory [[quality assurance]], the shared responsibility model, and cybersecurity in the lab are emphasized. Of course, it's also vital to understand what to look for in cloud providers, as well as how to approach finding them. In that regard, this guide adds value by more closely examining major public/hybrid cloud and managed security service providers (Appendix 1 and 2), as well as providing example request for information (RFI) templates for both provider types (Appendix 3). While this guide can prove useful to even non-laboratory organizations looking to dip into cloud services, it focuses heavily on laboratories implementing and updating information systems in the cloud. | |||
(NOTE: The PDF output of this guide fails to properly list the references. To see the original document, with references, see [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory|here]].) | |||
1. [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory/What is cloud computing?|What is cloud computing?]] | |||
:1.1 History and evolution | |||
:1.2 Cloud computing services and deployment models | |||
::1.2.1 Platform-as-a-service vs. serverless computing | |||
::1.2.2 Hybrid cloud vs. multicloud vs. distributed cloud | |||
:1.3 The relationship between cloud computing and the open source paradigm | |||
2. [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory/Standards and security in the cloud|Standards and security in the cloud]] | |||
:2.1 Standards and regulations influencing cloud computing | |||
:2.2 Security in the cloud | |||
::2.2.1 The shared responsibility model | |||
::2.2.2 Public cloud | |||
::2.2.3 Hybrid cloud and multicloud | |||
::2.2.4 Container security and other concerns | |||
::2.2.5 Software as a service | |||
3. [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory/Organizational cloud computing risk management|Organizational cloud computing risk management]] | |||
:3.1 Five risk categories to consider | |||
:3.2 Risk management and cybersecurity frameworks | |||
:3.3 A brief note on cloud-inclusive cybersecurity insurance | |||
4. [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory/Cloud computing in the laboratory|Cloud computing in the laboratory]] | |||
:4.1 Benefits | |||
:4.2 Regulatory considerations | |||
:4.3 Deployment approaches | |||
::4.3.1 Hybrid cloud, multicloud, and the vendor lock-in conundrum | |||
5. [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory/Managed security services and quality assurance|Managed security services and quality assurance]] | |||
:5.1 The provision of managed security services | |||
::5.1.1 Managed security services in the cloud | |||
:5.2 Managed security services and the laboratory | |||
::5.2.1 The quality assurance officer | |||
::5.2.2 The shared responsibility model in the scope of security management and quality assurance | |||
:5.3 Choosing a provider for managed security services | |||
::5.3.1 Using a request for information (RFI) process | |||
6. [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory/Considerations when choosing and implementing a cloud solution|Considerations when choosing and implementing a cloud solution]] | |||
:6.1 What are the various characteristics of an average cloud provider? | |||
:6.2 What should your lab look for in a cloud provider? | |||
::6.2.1 Service-level agreements | |||
:6.3 What questions should you ask yourself? | |||
:6.4 What questions should be asked of a cloud provider? | |||
::6.4.1 Using a request for information (RFI) process | |||
7. [[LII:Choosing and Implementing a Cloud-based Service for Your Laboratory/Final thoughts and additional resources|Final thoughts and additional resources]] | |||
:7.1 Final thoughts | |||
:7.2 Key reading and reference material | |||
:7.3 Associations, organizations, and interest groups | |||
:7.4 Consultancy and support services | |||
;Appendix 1. Top public and hybrid/mutlicloud services | |||
:[[Alibaba Cloud]] | |||
:[[Amazon Web Services]] | |||
:[[Cisco Cloudcenter and UCS Director]] | |||
:[[Dell Technologies Cloud]] | |||
:[[DigitalOcean]] | |||
:[[Google Cloud]] | |||
:[[HPE GreenLake]] | |||
:[[IBM Cloud]] | |||
:[[Linode]] | |||
:[[Microsoft Azure]] | |||
:[[Oracle Cloud Infrastructure]] | |||
:[[OVHcloud]] | |||
:[[Tencent Cloud]] | |||
:[[VMware Cloud]] | |||
;Appendix 2. Top managed security services | |||
:[[Accenture Security Managed Security]] | |||
:[[AT&T Cуbеrѕесurіtу]] | |||
:[[Atos Managed Security Services]] | |||
:[[BT Cyber Security Platform]] | |||
:[[Cisco Cloudcenter and UCS Director|Cisco Active Threat Analytics]] | |||
:[[Foresite Managed Cybersecurity]] | |||
:[[Herjavec Group Managed Security Services]] | |||
:[[IBM Cloud|IBM Managed Security Services]] | |||
:[[NTT Managed Security Services]] | |||
:[[Orange Cyberdefense]] | |||
:[[Secureworks Managed Security Services]] | |||
:[[Trustwave Managed Security Services]] | |||
:[[Verizon Managed Security Services]] | |||
:[[Wipro Managed Security Services]] | |||
;Appendix 3. RFI questions for cloud providers and MSSPs | |||
:[[Book:Choosing and Implementing a Cloud-based Service for Your Laboratory/RFI questions for cloud providers|RFI questions for cloud providers]] | |||
:[[Book:Choosing and Implementing a Cloud-based Service for Your Laboratory/RFI questions for MSSPs|RFI questions for MSSPs]] | |||
Revision as of 20:34, 9 February 2022
|
This user book is a user-generated collection of LIMSWiki articles that can be easily saved, rendered electronically, and ordered as a printed book. If you are the creator of this book and need help, see Help:Books. |
||||||||
| Edit this book: | Book Creator · Wikitext | ||||||||
| Select format to download: | |||||||||
| Order a printed copy from these publishers: | PediaPress | ||||||||
| [ Start ] [ FAQ ] [ Basic help ] [ Advanced help ] [ Feedback ] [ Recent Changes ] | |||||||||
Title: Choosing and Implementing a Cloud-based Service for Your Laboratory
Edition: First edition
Author for citation: Shawn E. Douglas
License for content: Creative Commons Attribution-ShareAlike 4.0 International
Publication date: August 2021
This guide examines the state of cloud computing and the security mechanisms inherent to it, especially in regards to how it relates to today's laboratories. While cloud computing and cloud-based applications can enhance the activities of many types of labs, a methodical and meticulous approach to cybersecurity is required to not only get the most out of a cloud solution but also mitigate future data catastrophes. This means understanding risk management, regulatory considerations, deployment approaches, and the potential value of managed security services in the cloud. Additionally, the essential links between laboratory quality assurance, the shared responsibility model, and cybersecurity in the lab are emphasized. Of course, it's also vital to understand what to look for in cloud providers, as well as how to approach finding them. In that regard, this guide adds value by more closely examining major public/hybrid cloud and managed security service providers (Appendix 1 and 2), as well as providing example request for information (RFI) templates for both provider types (Appendix 3). While this guide can prove useful to even non-laboratory organizations looking to dip into cloud services, it focuses heavily on laboratories implementing and updating information systems in the cloud.
(NOTE: The PDF output of this guide fails to properly list the references. To see the original document, with references, see here.)
- 1.1 History and evolution
- 1.2 Cloud computing services and deployment models
- 1.2.1 Platform-as-a-service vs. serverless computing
- 1.2.2 Hybrid cloud vs. multicloud vs. distributed cloud
- 1.3 The relationship between cloud computing and the open source paradigm
2. Standards and security in the cloud
- 2.1 Standards and regulations influencing cloud computing
- 2.2 Security in the cloud
- 2.2.1 The shared responsibility model
- 2.2.2 Public cloud
- 2.2.3 Hybrid cloud and multicloud
- 2.2.4 Container security and other concerns
- 2.2.5 Software as a service
3. Organizational cloud computing risk management
- 3.1 Five risk categories to consider
- 3.2 Risk management and cybersecurity frameworks
- 3.3 A brief note on cloud-inclusive cybersecurity insurance
4. Cloud computing in the laboratory
- 4.1 Benefits
- 4.2 Regulatory considerations
- 4.3 Deployment approaches
- 4.3.1 Hybrid cloud, multicloud, and the vendor lock-in conundrum
5. Managed security services and quality assurance
- 5.1 The provision of managed security services
- 5.1.1 Managed security services in the cloud
- 5.2 Managed security services and the laboratory
- 5.2.1 The quality assurance officer
- 5.2.2 The shared responsibility model in the scope of security management and quality assurance
- 5.3 Choosing a provider for managed security services
- 5.3.1 Using a request for information (RFI) process
6. Considerations when choosing and implementing a cloud solution
- 6.1 What are the various characteristics of an average cloud provider?
- 6.2 What should your lab look for in a cloud provider?
- 6.2.1 Service-level agreements
- 6.3 What questions should you ask yourself?
- 6.4 What questions should be asked of a cloud provider?
- 6.4.1 Using a request for information (RFI) process
7. Final thoughts and additional resources
- 7.1 Final thoughts
- 7.2 Key reading and reference material
- 7.3 Associations, organizations, and interest groups
- 7.4 Consultancy and support services
- Appendix 1. Top public and hybrid/mutlicloud services
- Alibaba Cloud
- Amazon Web Services
- Cisco Cloudcenter and UCS Director
- Dell Technologies Cloud
- DigitalOcean
- Google Cloud
- HPE GreenLake
- IBM Cloud
- Linode
- Microsoft Azure
- Oracle Cloud Infrastructure
- OVHcloud
- Tencent Cloud
- VMware Cloud
- Appendix 2. Top managed security services
- Accenture Security Managed Security
- AT&T Cуbеrѕесurіtу
- Atos Managed Security Services
- BT Cyber Security Platform
- Cisco Active Threat Analytics
- Foresite Managed Cybersecurity
- Herjavec Group Managed Security Services
- IBM Managed Security Services
- NTT Managed Security Services
- Orange Cyberdefense
- Secureworks Managed Security Services
- Trustwave Managed Security Services
- Verizon Managed Security Services
- Wipro Managed Security Services
- Appendix 3. RFI questions for cloud providers and MSSPs
- RFI questions for cloud providers
- RFI questions for MSSPs
