Cloud computing today is no longer a buzzword associated with universities or advanced technology organisations at the bleeding edge of innovation. It is now a mainstream sourcing model that most organisations are looking to as part of their broader IT strategy.
The shift away from building customised systems specifically for organisational requirements is fast approaching. Global financial scenarios are presenting a funding challenge for IT innovation initiatives, transformation projects and ongoing support services.
One of the greatest shifts was demonstrated and highlighted by a US Government White House Paper titled: "25 Point Implementation Plan to Reform Federal Information Technology Management", in December 2009, and included support for a "Shift to Cloud First Policy". An important point to note is the term "Stand-Up Contract Vehicles" was used for both secure infrastructure-as-a-service (IaaS) and commodity services. Supporting actions were required, alongside the endorsement of the strategy and the guiding "Cloud First" policy.
In all cloud discussions to date, major emphasis is placed on the service types of cloud--Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), or cloud models such as Public Cloud, Private Cloud, Hybrid Cloud and Community Cloud. Very little emphasis or discussion is undertaken about the major vehicle through which these models and services will be utilised and consumed--cloud contracts.
Traditionally contracts have been the realm of procurement, accounting, legal or sourcing functions. Technologists and (more specifically) information security professionals kept a safe distance because, quite frankly, they are boring, however with the advent of cloud computing, this is changing fast.
Concern over service levels, data security, data leakage, data access, scalability and security compliance with organisations' policies and standards are just a few of the issues that require the attention of security and information management prior to cloud computing services being deployed or contracts finalised. Whilst some of these concerns are similar to outsourcing contracts of the past, there are new areas that require consideration.
Once the following statements from leading cloud service providers are examined, the reason for ensuring you truly understand cloud contracts becomes clear.
Cloud Contract -- Facebook
"We may also share information when we have a good faith belief it is necessary to prevent fraud or other illegal activity, to prevent imminent bodily harm, or to protect ourselves and you from people violating our Statement of Rights and Responsibilities. This may include sharing information with other companies, lawyers, courts or other government entities."
Sign up for CIO Asia eNewsletters.