Professional Documents
Culture Documents
Independent University, Bangladesh: Kluuvin Apteekki Pharmacy Case Study
Independent University, Bangladesh: Kluuvin Apteekki Pharmacy Case Study
EXECUTIVE SUMMARY
According to this case study a sole owner of a small pharmacy business who have been suffering
from the workload of all the accounting processes that she have been doing by herself from the
beginning of her business. Even though she is not from business background she have been
doing her accounting related tasks very effectively. Recently she realized that should give more
time on the core of her business. So reducing her workload she thought of using cloud based
accounting information system for her business.
In this case I tried to give answers to some questions that might help the reader to understand
more about cloud computing, its importance in business, benefits, security risks and mitigation of
the risks also whether price is an important factor for choosing cloud system or not. These
answers of case study can help the reader to develop his/her business with effective use of cloud
computing for accounting processes.
Page 2 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
3
(Case Study)
TABLE OF CONTENTS
Executive summary...................................................................................................2
Case Study Questions:...............................................................................................4
1. Which cloud-based accounting information system should Pia select and why?
................................................................................................................................4
2. Should Pia be worried about possible lock-in with either accountant or system
provider?.................................................................................................................5
3. How should Pia mitigate the possible data security risks?.................................5
4. Is price an important factor when choosing the system?....................................6
5. Prepare an approximately one-page summary highlighting the key
ideas/concepts/information in this case study........................................................7
References.................................................................................................................9
Page 3 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
4
(Case Study)
It has high level of efficient interface unlike other two systems. It provides all-the infrastructure
to support web apps, including storage, web and application servers, and networking resources.
Pia can quickly deploy web apps on IaaS and easily scale infrastructure up and down when
demand for the apps is unpredictable, which means she can easily customize the app as she like.
Even though the monthly charge is higher for the third system rather than other two systems,
there are no transaction fees. It is also pay per use.
She was also facing problems with payroll processing since nine out of sixteen employees work
part-time, which means employee turn-over is high, the payroll system can change over time
which makes the payroll process more complex. The third system can also solve the problem. Pia
will be able to work with her accountants from any location through internet connection. She can
also check the status of her business in real time. She can freely choose the tasks she wants to
outsource and at the same time, maintain control over the process.
Page 4 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
5
(Case Study)
There are different deployment models Private, Public and hybrid. The third system provides all
three models. Private cloud is secure expensive and takes time to maintain on the other hand
public cloud is not secure since cloud providers control it. IAAS allows hybrid cloud model. The
idea of a hybrid cloud is to provide control on crucial parts of the process, while allowing public
cloud services to deal with routine and computing intensive tasks. So Pia will be able to easily
apart her intensive tasks so she can have control over those parts of the tasks.
Page 5 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
6
(Case Study)
Data Security and Control: The service providers need to have enough skills to prevent, detect
and react according to various security breaches. Service logs and service agreement terms
inspections are performed in a daily basis. Again there are some validity tests also required for
pia’s business to avoid security breach because of malicious data are in cloud such as: cross-sire
scripting, insecure configuration, SQL injection flaws and weakness in access control inside
companies policies. Service providers should provide transparent services (controls, security and
operations) for pia’s business.
Network Security: For a secure system to prevent unauthorized modification and access to data
by using proper set up or configuration of firewall and authorized access rights. To avoid
hijacking active session and access clients’ credential data, Pia’s service providers need to do
some tests and validate network security by using some prominence security tools such as: SSL,
session management and packet analysis. Some policies should be implemented in router and
layer three switch to secure data traffic. Additionally, an important thing needs to be control
which is interaction between mobile users and cloud services providers.
Data Confidentiality and Integrity: To protect illegal disclose and modification of data proper
authentication and authorization mechanism should implement. Service development and
deployment models (Private, Public and Hybrid) must be clear for a developer to protect and
restrict use of data.
Data and Service Availability: Internet speed (bandwidth) and connectivity should be available
during data and applications transmission over the network. Monitoring of network load or
traffic for proper load balancing and data distribution should be performed by Network service
providers. Data replication and backup policies are also need to be standard and provided
auditable proof for data restore procedures, which includes accuracy and completeness over time.
Access Control: Pia’s service providers should prove that they have proper and accurate security
mechanism to protect unauthorized access. All access or changes in cloud services (resources
and data) provide auditable report whether it is success or fail and it needs to be reviewed along
with monitoring to be performed in a daily basis.
Page 6 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
7
(Case Study)
On the other hand pia can also use the private cloud deployment model so that she can manage
and operate the infrastructure and business data. The primary goal of this deployment model is to
sustain consistent level of security and privacy. Or she can also use hybrid deployment model.
Page 7 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
8
(Case Study)
Page 8 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
9
(Case Study)
based system are that it is centered on scalability, flexibility and accessibility. It also integrates
all the company’s process in the same place and allows access 24/7. The main idea of this case
study is to developing skills and competencies to create a strong business and implementation of
IT –enabled business processes.
Page 9 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
10
(Case Study)
REFERENCES
RoyChowdhury, R. (2014, June). Security in Cloud Computing. In IJCA (Vol. 96, No.
15, pp. 24-30).
Asatiani, A., & Penttinen, E. (2015). Managing the move to the cloud–analyzing the risks
and opportunities of cloud-based accounting information systems. Journal of Information
Technology Teaching Cases, 5(1), 27-34.
Page 10 of 10