2. What are the NIST essential characteristics of cloud computing? What jurisdiction has adopted a ‘Cloud First’ policy? What the heck is FedRAMP? What is the meaning of the Opus logo?

3. A Green Globe representing the safe, sustainable world we want to realize A Trans-World road recognizing the good in how transportation brings us together

4. What is the cloud? Why the cloud? Will my data be in Russia? Who is going to the cloud? Is going to the cloud secure? Is going to the cloud fool proof?

5. What is the cloud? Why the cloud? Will my data be in Russia? Who is going to the cloud? Is going to the cloud secure? Is going to the cloud fool proof?

6. “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” National Institute of Standards and Technology Special Publication 800-145

7. On-demand self-service Provision your own computing capabilities Broad network access Phones, tablets, laptops, PCs, thin client workstations Resource pooling Shared infrastructure, processing, storage, bandwidth Rapid elasticity Appropriation in any quantity at any time Measured service Resource usage is monitored, controlled and reported

8. IaaS – Infrastructure as a Service ‘rented’ server space, memory, networking, UPS, physical security – e.g. Windows Azure, Amazon Web Services, Rackspace PaaS – Platform as a Service Cloud infrastructure plus operating system, programming languages, libraries, and development tools – e.g. Google App Engine, AppFog, Heroku SaaS – Software as a Service Cloud infrastructure plus end user applications – e.g. Microsoft 365, Google Gmail, Salesforce.com CRM

12. Approximately 15 football fields under roof

13. What is the cloud? Why the cloud? Will my data be in Russia? Who is going to the cloud? Is going to the cloud secure? Is going to the cloud fool proof?

14. Economies of scale via shared infrastructure Continual hardware refresh ●Equipment never hits end of life ●Hardware never obsolete On demand scalability within minutes Scalability is nearly unlimited up or down No capital investment risk

15. World class high availability ●Highly resilient failover via parallel virtual machines and abundant hardware standing by ●Dual power supply redundancy via both battery and diesel generation ●Multi-sourced communication trunks for physical and electronic redundancy ●Multi-tiered physical facility security

16. What is the cloud? Why the cloud? Will my data be in Russia? Who is going to the cloud? Is going to the cloud secure? Is going to the cloud fool proof?

17. AZURE REGIONLOCATION Central USIowa East USVirginia East US 2Virginia US Gov IowaIowa US Gov VirginiaVirginia North Central USIllinois South Central USTexas West USCalifornia North EuropeIreland West EuropeNetherlands East AsiaHong Kong Southeast AsiaSingapore Japan EastSaitama Prefecture Japan WestOsaka Prefecture Brazil SouthSao Paulo State Australia EastNew South Wales Australia SoutheastVictoria

18. AWS Regional Centers ●US East, Northern Virginia ●US West, Northern California ●US West, Oregon ●AWS GovCloud, Not Advertised AWS Edge Centers ●Virginia ●Georgia ●Texas ●California ●Missouri ●Florida ●New York ●New Jersey ●Seattle ●Indiana

19. What is the cloud? Why the cloud? Will my data be in Russia? Who is going to the cloud? Is going to the cloud secure? Is going to the cloud fool proof?

22. TechCrunch News

24. “On December 9, 2010; the Office of Management and Budget (OMB) released the “25 Point Implementation Plan To Reform Federal Information Technology Management”, officially establishing the Cloud First policy and requiring agencies to use cloud-based solutions whenever feasible for any given computer service.” FCC Communications Infrastructure Working Group Report December 2013

25. “Real time data applications that provide 911 operators and first responders with secure access to critical information are being hosted in the cloud to reduce the cost of the system.” FCC Communications Infrastructure Working Group Report December 2013

26. “…the National Security Agency is pursuing its interest in united data archives by taking its information into a cloud environment.” FCC Communications Infrastructure Working Group Report December 2013

27. “…InTech magazine provides several examples of HMI/SCADA solutions hosted in the cloud that provide remote access, any time, any place.” FCC Communications Infrastructure Working Group Report December 2013 Note: HMI/SCADA are industry acronyms referencing control technologies for Critical Infrastructure such as water, power, and sewage. HMI = Human Machine Interface SCADA = Supervisory Control and Data Acquisition

28. What is the cloud? Why the cloud? Will my data be in Russia? Who is going to the cloud? Is going to the cloud secure? Is going to the cloud fool proof?

33. Alert Logic: A leading provider of security and compliance solutions for both cloud and on premises IT infrastructures.

34. Employed “honeypots”: open port decoys to lure and measure attacks Installed in 2,212 customer systems 80/20 split of cloud vs on premises Measure 1 billion plus events/transactions Verified 232,364 security incidents (i.e. 0.02%)

35. 2012 vs 2014 attacks increasing across both cloud and on premises systems Brute force attacks and vulnerability scans are near- equivalent across both Malware, recon, and application attacks more likely for on premises than cloud On premises systems more likely to be targeted but the gap is closing Diversity of threats higher for on premises than for cloud but the gap is closing

36. What is the cloud? Why the cloud? Will my data be in Russia? Who is going to the cloud? Is going to the cloud secure? Is going to the cloud fool proof?

37. ABSOLUTELY NOT! Architect redundancy Employ encryption Continually upgrade virus protection Filter 3 rd party updates Choose cloud providers wisely

38. Information gleaned from GSA June 2013 slide presentation by FedRAMP Program Manager OMB 12/8/11 Policy Memo mandates FedRAMP compliance for all cloud services used by the Federal government that are acquired after June 2012

40. Information excerpted from GSA June 2013 slide presentation by FedRAMP Program Manager (Joint Authorization Board vs Agency)

41. PROVIDERSERVICE NAMETYPE Akamai Content Delivery Services IaaS AT&T Storage as a Service IaaS Autonomic Resources ARC-P IaaS GCI Federal GCI Federal Cloud IaaS Clear Government Solutions FedGRID Government Community Cloud IaaS Concurrent Technologies Unclassified Remote Hosted Desktops SaaS Economic Systems Federal Human Resources Navigator SaaS Hewlett Packard HP Fortify on Demand SaaS Hewlett Packard HP Helion for Public Sector IaaS IBM SmartCloud for Government IaaS Lockheed Martin Solutions as a Service IaaS Microsoft Cloud Infrastructure IaaS & PaaS Microsoft Windows Azure Public Cloud Solution PaaS Oracle Federal Managed Cloud Services PaaS Oracle Oracle Service Cloud SaaS SecureKey Briidge.net Exchange SaaS VMware VMware vCloud Government Service IaaS

42. PROVIDERSERVICE NAMETYPE AINS Inc. eCase PaaS & SaaS Amazon Web Services AWS East/West US Public Cloud IaaS Amazon Web Services AWS Government Community Cloud IaaS Edge Hosting CloudPlus PaaS & SaaS MicroPact MicroPact Product Suite PaaS Microsoft Office 365 Multi-Tenant & Services SaaS OMB MAX General Support Services NA OMB MAX.gov Shared Services PaaS & SaaS Salesforce Salesforce Government Cloud PaaS & SaaS U.S. Dept. of Agriculture USDA National Information Tech. Center PaaS U.S. Dept. of Treasury Workplace.gov Community Cloud NA Verizon Enterprise Cloud Federal Edition IaaS

43. Ubiquitous, convenient, on-demand access to shared pools of configurable computing resources Benefits of cost, scalability, resilience, continual refresh, physical security and specifiable data location Government and private industry inexorably trending to the cloud Security from electronic attack at least as good as ‘on premises’ systems given comparable security measures Not foolproof Requires redundant architecture, encryption, virus protection, careful selection of providers, etc. Federal certifications can serve as a guide

44. Name one of the five NIST essential characteristics of cloud computing? What jurisdiction has adopted a ‘Cloud First’ policy? What the heck is FedRAMP? What is the meaning of the Opus logo?

45. On-demand self-service Provision your own computing capabilities Broad network access Phones, tablets, laptops, PCs, thin client workstations Resource pooling Shared infrastructure, processing, storage, bandwidth Rapid elasticity Appropriation in any quantity at any time Measured service Resource usage is monitored, controlled and reported

46. Name one of the five NIST essential characteristics of cloud computing? What jurisdiction has adopted a ‘Cloud First’ policy? What the heck is FedRAMP? What is the meaning of the Opus logo?

47. “On December 9, 2010; the Office of Management and Budget (OMB) released the “25 Point Implementation Plan To Reform Federal Information Technology Management”, officially establishing the Cloud First policy and requiring agencies to use cloud-based solutions whenever feasible for any given computer service.” FCC Communications Infrastructure Working Group Report December 2013

48. Name one of the five NIST essential characteristics of cloud computing? What jurisdiction has adopted a ‘Cloud First’ policy? What the heck is FedRAMP? What is the meaning of the Opus logo?

49. Information gleaned from GSA June 2013 slide presentation by FedRAMP Program Manager OMB 12/8/11 Policy Memo mandates FedRAMP compliance for all cloud services used by the Federal government that are acquired after June 2012

50. Name one of the five NIST essential characteristics of cloud computing? What jurisdiction has adopted a ‘Cloud First’ policy? What the heck is FedRAMP? What is the meaning of the Opus logo?

51. A Green Globe representing the safe, sustainable world we want to realize A Trans-World road recognizing the good in how transportation brings us together